initial commit of the branch

api/.env

@@ -0,0 +1,5 @@
+MONGO = mongodb+srv://faizan:faizan@fiverr.2uzurkz.mongodb.net/?retryWrites=true&w=majority&dbname='fiverr'
+
+JWT_KEY = 586ab63d048a1d69a43ba9d1a4c4693a
+
+STRIPE = sk_test_51Mo4ndSHBEn9n1RNdYtcvNwiXp3Y66u8MZ0DWn5OErt3K3U0nW3DWUuDFx3oFbLEBNpldHmlMKbBTp7L3OvDl3Fl00i4Ds8H8r

api/controllers/auth.controller.js

@@ -0,0 +1,58 @@
+import User from "../models/user.model.js";
+import createError from "../utils/createError.js";
+import bcrypt from "bcrypt";
+import jwt from "jsonwebtoken";
+
+export const register = async (req, res, next) => {
+  try {
+    const hash = bcrypt.hashSync(req.body.password, 5);
+    const newUser = new User({
+      ...req.body,
+      password: hash,
+    });
+
+    await newUser.save();
+    res.status(201).send("User has been created.");
+  } catch (err) {
+    next(err);
+  }
+};
+export const login = async (req, res, next) => {
+  try {
+    const user = await User.findOne({ username: req.body.username });
+
+    if (!user) return next(createError(404, "User not found!"));
+
+    const isCorrect = bcrypt.compareSync(req.body.password, user.password);
+    if (!isCorrect)
+      return next(createError(400, "Wrong password or username!"));
+
+    const token = jwt.sign(
+      {
+        id: user._id,
+        isSeller: user.isSeller,
+      },
+      process.env.JWT_KEY
+    );
+
+    const { password, ...info } = user._doc;
+    res
+      .cookie("accessToken", token, {
+        httpOnly: true,
+      })
+      .status(200)
+      .send(info);
+  } catch (err) {
+    next(err);
+  }
+};
+
+export const logout = async (req, res) => {
+  res
+    .clearCookie("accessToken", {
+      sameSite: "none",
+      secure: true,
+    })
+    .status(200)
+    .send("User has been logged out.");
+};

api/controllers/conversation.controller.js

@@ -0,0 +1,60 @@
+import createError from "../utils/createError.js";
+import Conversation from "../models/conversation.model.js";
+
+export const createConversation = async (req, res, next) => {
+  const newConversation = new Conversation({
+    id: req.isSeller ? req.userId + req.body.to : req.body.to + req.userId,
+    sellerId: req.isSeller ? req.userId : req.body.to,
+    buyerId: req.isSeller ? req.body.to : req.userId,
+    readBySeller: req.isSeller,
+    readByBuyer: !req.isSeller,
+  });
+
+  try {
+    const savedConversation = await newConversation.save();
+    res.status(201).send(savedConversation);
+  } catch (err) {
+    next(err);
+  }
+};
+
+export const updateConversation = async (req, res, next) => {
+  try {
+    const updatedConversation = await Conversation.findOneAndUpdate(
+      { id: req.params.id },
+      {
+        $set: {
+          // readBySeller: true,
+          // readByBuyer: true,
+          ...(req.isSeller ? { readBySeller: true } : { readByBuyer: true }),
+        },
+      },
+      { new: true }
+    );
+
+    res.status(200).send(updatedConversation);
+  } catch (err) {
+    next(err);
+  }
+};
+
+export const getSingleConversation = async (req, res, next) => {
+  try {
+    const conversation = await Conversation.findOne({ id: req.params.id });
+    if (!conversation) return next(createError(404, "Not found!"));
+    res.status(200).send(conversation);
+  } catch (err) {
+    next(err);
+  }
+};
+
+export const getConversations = async (req, res, next) => {
+  try {
+    const conversations = await Conversation.find(
+      req.isSeller ? { sellerId: req.userId } : { buyerId: req.userId }
+    ).sort({ updatedAt: -1 });
+    res.status(200).send(conversations);
+  } catch (err) {
+    next(err);
+  }
+};

api/controllers/gig.controller.js

@@ -0,0 +1,60 @@
+import Gig from "../models/gig.model.js";
+import createError from "../utils/createError.js";
+
+export const createGig = async (req, res, next) => {
+  if (!req.isSeller)
+    return next(createError(403, "Only sellers can create a gig!"));
+
+  const newGig = new Gig({
+    userId: req.userId,
+    ...req.body,
+  });
+
+  try {
+    const savedGig = await newGig.save();
+    res.status(201).json(savedGig);
+  } catch (err) {
+    next(err);
+  }
+};
+export const deleteGig = async (req, res, next) => {
+  try {
+    const gig = await Gig.findById(req.params.id);
+    if (gig.userId !== req.userId)
+      return next(createError(403, "You can delete only your gig!"));
+
+    await Gig.findByIdAndDelete(req.params.id);
+    res.status(200).send("Gig has been deleted!");
+  } catch (err) {
+    next(err);
+  }
+};
+export const getGig = async (req, res, next) => {
+  try {
+    const gig = await Gig.findById(req.params.id);
+    if (!gig) next(createError(404, "Gig not found!"));
+    res.status(200).send(gig);
+  } catch (err) {
+    next(err);
+  }
+};
+export const getGigs = async (req, res, next) => {
+  const q = req.query;
+  const filters = {
+    ...(q.userId && { userId: q.userId }),
+    ...(q.cat && { cat: q.cat }),
+    ...((q.min || q.max) && {
+      price: {
+        ...(q.min && { $gt: q.min }),
+        ...(q.max && { $lt: q.max }),
+      },
+    }),
+    ...(q.search && { title: { $regex: q.search, $options: "i" } }),
+  };
+  try {
+    const gigs = await Gig.find(filters).sort({ [q.sort]: -1 });
+    res.status(200).send(gigs);
+  } catch (err) {
+    next(err);
+  }
+};

api/controllers/message.controller.js

@@ -0,0 +1,37 @@
+import createError from "../utils/createError.js";
+import Message from "../models/message.model.js";
+import Conversation from "../models/conversation.model.js";
+
+export const createMessage = async (req, res, next) => {
+  const newMessage = new Message({
+    conversationId: req.body.conversationId,
+    userId: req.userId,
+    desc: req.body.desc,
+  });
+  try {
+    const savedMessage = await newMessage.save();
+    await Conversation.findOneAndUpdate(
+      { id: req.body.conversationId },
+      {
+        $set: {
+          readBySeller: req.isSeller,
+          readByBuyer: !req.isSeller,
+          lastMessage: req.body.desc,
+        },
+      },
+      { new: true }
+    );
+
+    res.status(201).send(savedMessage);
+  } catch (err) {
+    next(err);
+  }
+};
+export const getMessages = async (req, res, next) => {
+  try {
+    const messages = await Message.find({ conversationId: req.params.id });
+    res.status(200).send(messages);
+  } catch (err) {
+    next(err);
+  }
+};

api/controllers/order.controller.js

@@ -0,0 +1,64 @@
+import createError from "../utils/createError.js";
+import Order from "../models/order.model.js";
+import Gig from "../models/gig.model.js";
+import Stripe from "stripe";
+export const intent = async (req, res, next) => {
+  const stripe = new Stripe(process.env.STRIPE);
+
+  const gig = await Gig.findById(req.params.id);
+
+  const paymentIntent = await stripe.paymentIntents.create({
+    amount: gig.price * 100,
+    currency: "usd",
+    automatic_payment_methods: {
+      enabled: true,
+    },
+  });
+
+  const newOrder = new Order({
+    gigId: gig._id,
+    img: gig.cover,
+    title: gig.title,
+    buyerId: req.userId,
+    sellerId: gig.userId,
+    price: gig.price,
+    payment_intent: paymentIntent.id,
+  });
+
+  await newOrder.save();
+
+  res.status(200).send({
+    clientSecret: paymentIntent.client_secret,
+  });
+};
+
+export const getOrders = async (req, res, next) => {
+  try {
+    const orders = await Order.find({
+      ...(req.isSeller ? { sellerId: req.userId } : { buyerId: req.userId }),
+      isCompleted: true,
+    });
+
+    res.status(200).send(orders);
+  } catch (err) {
+    next(err);
+  }
+};
+export const confirm = async (req, res, next) => {
+  try {
+    const orders = await Order.findOneAndUpdate(
+      {
+        payment_intent: req.body.payment_intent,
+      },
+      {
+        $set: {
+          isCompleted: true,
+        },
+      }
+    );
+
+    res.status(200).send("Order has been confirmed.");
+  } catch (err) {
+    next(err);
+  }
+};

api/controllers/review.controller.js

@@ -0,0 +1,53 @@
+import createError from "../utils/createError.js";
+import Review from "../models/review.model.js";
+import Gig from "../models/gig.model.js";
+
+export const createReview = async (req, res, next) => {
+  if (req.isSeller)
+    return next(createError(403, "Sellers can't create a review!"));
+
+  const newReview = new Review({
+    userId: req.userId,
+    gigId: req.body.gigId,
+    desc: req.body.desc,
+    star: req.body.star,
+  });
+
+  try {
+    const review = await Review.findOne({
+      gigId: req.body.gigId,
+      userId: req.userId,
+    });
+
+    if (review)
+      return next(
+        createError(403, "You have already created a review for this gig!")
+      );
+
+    //TODO: check if the user purchased the gig.
+
+    const savedReview = await newReview.save();
+
+    await Gig.findByIdAndUpdate(req.body.gigId, {
+      $inc: { totalStars: req.body.star, starNumber: 1 },
+    });
+    res.status(201).send(savedReview);
+  } catch (err) {
+    next(err);
+  }
+};
+
+export const getReviews = async (req, res, next) => {
+  try {
+    const reviews = await Review.find({ gigId: req.params.gigId });
+    res.status(200).send(reviews);
+  } catch (err) {
+    next(err);
+  }
+};
+export const deleteReview = async (req, res, next) => {
+  try {
+  } catch (err) {
+    next(err);
+  }
+};

api/controllers/user.controller.js

@@ -0,0 +1,17 @@
+import User from "../models/user.model.js";
+import createError from "../utils/createError.js";
+
+export const deleteUser = async (req, res, next) => {
+  const user = await User.findById(req.params.id);
+
+  if (req.userId !== user._id.toString()) {
+    return next(createError(403, "You can delete only your account!"));
+  }
+  await User.findByIdAndDelete(req.params.id);
+  res.status(200).send("deleted.");
+};
+export const getUser = async (req, res, next) => {
+  const user = await User.findById(req.params.id);
+
+  res.status(200).send(user);
+};

api/middleware/jwt.js

@@ -0,0 +1,15 @@
+import jwt from "jsonwebtoken";
+import createError from "../utils/createError.js";
+
+export const verifyToken = (req, res, next) => {
+  const token = req.cookies.accessToken;
+  if (!token) return next(createError(401,"You are not authenticated!"))
+
+
+  jwt.verify(token, process.env.JWT_KEY, async (err, payload) => {
+    if (err) return next(createError(403,"Token is not valid!"))
+    req.userId = payload.id;
+    req.isSeller = payload.isSeller;
+    next()
+  });
+};