Authentication (#22)

* Authorization added

* added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized

* added dbinsert script

* turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form

* added middlewares, user model and controller

* JSDoc fix

* wrong password processing fix

* added comments to dbinsert script, moved salt and passHash to singe db doc

* Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc

* Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie

src/controllers/pages.js

@@ -49,7 +49,7 @@ class Pages {
    * @param {string} parent - id of current page
    * @returns {Promise<Page[]>}
    */
-  static async getAllExceptChildrens(parent) {
+  static async getAllExceptChildren(parent) {
     let pagesAvailable = this.removeChildren(await Pages.getAll(), parent);
 
     return pagesAvailable.filter((item) => item !== null);

src/controllers/users.js

@@ -0,0 +1,21 @@
+const Model = require('../models/user');
+
+/**
+ * @class Users
+ * @classdesc Users controller
+ */
+class Users {
+  /**
+   * @static
+   * Find and return user model.
+   *
+   * @returns {Promise<User>}
+   */
+  static async get() {
+    const userDoc = await Model.get();
+
+    return userDoc;
+  }
+}
+
+module.exports = Users;