Initial T06 security template

services/users-api/server.js

@@ -0,0 +1,57 @@
+const express = require('express');
+const jwt = require('jsonwebtoken');
+
+const app = express();
+app.use(express.json());
+
+const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret-ne-koristiti-u-produkciji';
+
+const users = [
+  { id: 'u0', username: 'student', password: 'fpmoz2024', name: 'Demo Student', role: 'student' }
+];
+
+function authenticate(req, res, next) {
+  const authHeader = req.headers.authorization || '';
+  const token = authHeader.startsWith('Bearer ') ? authHeader.slice(7) : null;
+
+  if (!token) {
+    return res.status(401).json({ error: 'Missing bearer token' });
+  }
+
+  try {
+    req.user = jwt.verify(token, JWT_SECRET);
+    return next();
+  } catch (error) {
+    return res.status(401).json({ error: 'Invalid token' });
+  }
+}
+
+app.post('/auth/login', (req, res) => {
+  const { username, password } = req.body;
+  const user = users.find((candidate) => candidate.username === username && candidate.password === password);
+
+  if (!user) {
+    return res.status(401).json({ error: 'Invalid username or password' });
+  }
+
+  const token = jwt.sign(
+    { sub: user.id, username: user.username, role: user.role },
+    JWT_SECRET,
+    { algorithm: 'HS256', expiresIn: '15m' }
+  );
+
+  return res.json({ token });
+});
+
+app.get('/api/users', authenticate, (req, res) => {
+  res.setHeader('X-Served-By', 'users-api');
+  return res.json([
+    { id: 'u0', username: 'student', name: 'Demo Student' },
+    { id: 'u1', username: 'student1', name: 'Student Jedan' },
+    { id: 'u2', username: 'student2', name: 'Student Dva' }
+  ]);
+});
+
+app.listen(3001, () => {
+  console.log('users-api na portu 3001');
+});