Maxxiim · Maxxiim · Apr 6, 2026 · Apr 7, 2026 · Apr 9, 2026 · Apr 10, 2026
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -14,6 +14,7 @@
     "react": "^19.2.4",
     "react-dom": "^19.2.4",
     "react-hook-form": "^7.72.1",
+    "react-router-dom": "^7.14.0",
     "sass": "^1.99.0",
     "zod": "^4.3.6"
   },

diff --git a/server/package-lock.json b/server/package-lock.json
diff --git a/server/package.json b/server/package.json
@@ -11,8 +11,10 @@
   "license": "ISC",
   "type": "commonjs",
   "dependencies": {
+    "bcrypt": "^6.0.0",
     "bcryptjs": "^3.0.3",
-    "jsonwebtoken": "^9.0.3"
+    "jsonwebtoken": "^9.0.3",
+    "nodemailer": "^8.0.5"
   },
   "devDependencies": {
     "@types/jsonwebtoken": "^9.0.10"

diff --git a/server/server.js b/server/server.js
@@ -1,85 +1,182 @@
-const http = require('http');
+const http = require("http");
 
-const jwt = require('jsonwebtoken');
+const jwt = require("jsonwebtoken");
+const bcrypt = require("bcrypt");
 
-const JWT_SECRET = 'my_super_secret_key';
+const crypto = require("crypto");
+
+const JWT_SECRET = "my_secret_key";
 const PORT = 3000;
 
+const { parseBody } = require("./utils/parsedBody.ts");
+const { sendJSON } = require("./utils/sendJSON.ts");
+
 const users = [
   {
     id: 1,
-    name: 'Alex',
-    password: '123456',
+    name: "Alex",
+    email: "test@mail.ru",
+    password: bcrypt.hashSync("123456", 10),
   },
 ];
 
-console.log(users);
-
-function parseBody(req) {
-  return new Promise((resolve, reject) => {
-    let body = '';
-
-    req.on('data', (chunk) => (body += chunk));
-    req.on('end', () => {
-      try {
-        resolve(body ? JSON.parse(body) : {});
-      } catch (err) {
-        reject(err);
-      }
-    });
-    req.on('error', reject);
-  });
-}
-
-function sendJSON(res, statusCode, data) {
-  res.writeHead(statusCode, { 'Content-type': 'application/json' });
-  res.end(JSON.stringify(data));
-}
+const resetStore = new Map();
 
 const server = http.createServer(async (req, res) => {
-  res.setHeader('Access-Control-Allow-Origin', '*');
-  res.setHeader('Access-Control-Allow-Methods', 'POST,GET, OPTIONS');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
+  res.setHeader("Access-Control-Allow-Origin", "*");
+  res.setHeader("Access-Control-Allow-Methods", "POST,GET, OPTIONS");
+  res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
 
-  if (req.method === 'OPTIONS') {
+  if (req.method === "OPTIONS") {
     res.writeHead(204);
     res.end();
     return;
   }
 
-  if (req.method === 'POST' && req.url === '/login') {
-    const { name, password } = await parseBody(req);
+  if (req.method === "POST" && req.url === "/reset") {
+    const { password, token } = await parseBody(req);
+
+    const record = resetStore.get(token);
+
+    if (!record) {
+      return sendJSON(res, 404, {
+        message: "Неверная ссылка для восстановления",
+      });
+    }
+
+    if (record.expires < Date.now()) {
+      return sendJSON(res, 400, { message: "Срок действия ссылки истек" });
+    }
+
+    const user = users.find((u) => u.email === record.email);
+
+    if (!user) {
+      return sendJSON(res, 404, { message: "Польователь не найден" });
+    }
+
+    const hashPassword = await bcrypt.hash(password, 10);
+
+    user.password = hashPassword;
 
+    resetStore.delete(token);
+    sendJSON(res, 200, { message: "Пароль успешно обновлен" });
+    return;
+  }
+
+  if (req.method === "POST" && req.url === "/restore") {
+    const { email } = await parseBody(req);
+    const user = users.find((u) => u.email === email);
+
+    if (user) {
+      const token = crypto.randomBytes(32).toString("hex");
+      const expires = new Date(Date.now() + 15000);
+      resetStore.set(token, {
+        email,
+        expires,
+      });
+      const resetLink = "http://localhost:5173/reset?token=" + token;
+      console.log("Ссылка для сброса ", resetLink);
+      sendJSON(res, 200, { message: "Письмо отправлено на почту" });
+    } else {
+      sendJSON(res, 401, {
+        message: "Пользователя с таким email не существует",
+      });
+    }
+    return;
+  }
+
+  if (req.method === "POST" && req.url === "/login") {
+    const { name, password } = await parseBody(req);
     const user = users.find((u) => u.name === name);
 
-    if (user && password === user.password) {
+    if (user && (await bcrypt.compare(password, user.password))) {
       const token = jwt.sign({ id: user.id, name: user.name }, JWT_SECRET, {
-        expiresIn: '1h',
+        expiresIn: "1h",
       });
       sendJSON(res, 200, { token });
     } else {
-      sendJSON(res, 401, { message: 'Неверный email or пароль' });
+      sendJSON(res, 401, { message: "Неверное имя пользователя или пароль" });
     }
     return;
   }
 
-  if (req.method === 'GET' && req.url === '/profile') {
+  if (req.method === "POST" && req.url === "/registration") {
+    const { name, email, password } = await parseBody(req);
+
+    if (!name || !email || !password) {
+      return sendJSON(res, 400, { message: "Необходимо заполнить все поля" });
+    }
+
+    const findName = users.find((u) => u.name === name);
+    const findEmail = users.find((u) => u.email === email);
+
+    if (findName && findEmail) {
+      return sendJSON(res, 409, {
+        message: "Пользователь с таким именем и email уже существует",
+        fields: ["name", "email"],
+      });
+    }
+
+    if (findName) {
+      return sendJSON(res, 409, {
+        message: "Пользователь с таким именем уже существует",
+        fields: ["name"],
+      });
+    }
+
+    if (findEmail) {
+      return sendJSON(res, 409, {
+        message: "Пользователь с таким email уже существует",
+        fields: ["email"],
+      });
+    }
+
+    const hashedPassword = await bcrypt.hash(password, 10);
+
+    const newUser = {
+      id: Date.now(),
+      name,
+      email,
+      password: hashedPassword,
+    };
+
+    const token = jwt.sign(
+      {
+        id: newUser.id,
+        name: newUser.name,
+        email: newUser.email,
+      },
+      JWT_SECRET,
+      { expiresIn: "1h" },
+    );
+
+    users.push(newUser);
+
+    sendJSON(res, 201, {
+      message: "Регистрация прошла успешно",
+      token,
+      user: { id: newUser.id, name: newUser.name, email: newUser.email },
+    });
+    return;
+  }
+
+  if (req.method === "GET" && req.url === "/profile") {
     const authHeader = req.headers.authorization;
-    const token = authHeader && authHeader.split(' ')[1];
+    const token = authHeader && authHeader.split(" ")[1];
 
     if (!token) {
-      return sendJSON(res, 401, { message: 'Токен не предоставлен' });
+      return sendJSON(res, 401, { message: "Токен не предоставлен" });
     }
 
     try {
       const decoded = jwt.verify(token, JWT_SECRET);
       sendJSON(res, 200, { id: decoded.id, name: decoded.name });
       return;
     } catch (err) {
-      sendJSON(res, 403, { message: 'Недействительный токен' });
+      sendJSON(res, 403, { message: "Недействительный токен" });
     }
   }
-  sendJSON(res, 404, { message: 'Маршрут не найден' });
+  sendJSON(res, 404, { message: "Маршрут не найден" });
 });
 
 server.listen(PORT, () => {