// login router.post("/", async (req, res) => { const { error } = validate(req.body); if (error) return res.status(400).send(error.details[0].message); let user = await User.findOne({ email: req.body.email }); if (!user) return res.status(400).send({status:400, message: "Invalid Email or Password"}); const validPassword = await bcrypt.compare(req.body.password, user.password); if (!validPassword) return res.status(400).send({status:400, message: "Invalid Email or Password"}); const token = user.generateAuthToken(); res.status(200).send({status:200, data: token, message: "User Loggedin Succesfully"}); });
const validate = (schema, data) => { const response = Joi.object(schema) .validate(data) if (response.error != null) { return { error: true, messages: response.error.details.map(item => getMessage(item.type, item.context.key)) } } else { return { error: false, data: data } } }
// POST API for user to login router.post('/login', async (req, res) => { // Validate request before checking user login const validation = userLoginValidation(req.body); if (validation.error) return res.status(400).send(validation.error.details[0].message);; // Check if email exist const user = await User.findOne({email: req.body.email}); if (!user) return res.status(400).send('Email doesnt exist.'); // Check if password is correct const validPass = await bcrypt.compare(req.body.password, user.password); if (!validPass) return res.status(400).send('Invalid login.'); // Create and assign a token to logged in user const token = jwt.sign({_id: user._id}, process.env.TOKEN_SECRET); res.header('auth-token', token).send({ login: true, message: 'Login successful' }); });
// Signup user const signup = async (req, res) => { const { error } = validateSignup(req.body); if (error) { return res.status(400).send(error.details[0].message); } const encryptedPassword = await encryptPassword(req.body.password); const user = new User({ name: req.body.name, email: req.body.email, password: encryptedPassword, }); try { await user.save(); res.status(201).send({ message: 'User Registered', user: user._id, }); } catch (err) { res.status(500).send(err); } }
// Login const login = async (req, res) => { const logindata = req.body; const { error } = validateLogin(logindata); if (error) { return res.status(400).send(error.details[0].message); } const user = await User.findOne({ email: logindata.email }); if (!user) { return res.status(400).send('Invalid user'); } const isvalidPassword = await comparePassword( logindata.password, user.password ); if (!isvalidPassword) { return res.status(400).send('Invalid credentials'); } var token = acl.token.generate(user._id); res.status(200).send({ token: token, message: 'Success', }); }
router.post("/register", async (req, res) => { const { error } = registerValidation(req.body); if (error) return res.status(400).send(error.details[0].message); // check if user already exists const emailExists = await User.findOne({ email: req.body.email }); if (emailExists) return res.status(400).send("Email already exists"); // Hash the password const salt = await bcrypt.genSalt(10); const hashedPassword = await bcrypt.hash(req.body.password, salt); const user = new User({ name: req.body.name, email: req.body.email, password: hashedPassword, }); try { const savedUser = await user.save(); res.send({ user: savedUser._id }); } catch (error) { res.status(400).send(error); } });
if (validation.error) return res.status(400).send(validation.error.details[0].message);;
return res.status(400).send(validationError.details[0].message);
// Register User router.post("/", async (req, res) => { const { error } = validate(req.body); if (error) return res.status(400).send({status:400, message: error.details[0].message}); let user = await User.findOne({ email: req.body.email }); if (user) return res.status(400).send({status:400, message:"User already registered"}); user = new User({ name: req.body.name, email: req.body.email, password: req.body.password }); const salt = await bcrypt.genSalt(10); user.password = await bcrypt.hash(user.password, salt); await user.save(); const token = user.generateAuthToken(); res.header('x-auth-token',token) .header("access-control-expose-headers","x-auth-token") .status(200) .send({status:200, data: user, message: "User Regesterd Successfully"}); });
// LOGIN router.post("/login", async (req, res) => { // validate the data before we log in a user const { error } = loginValidation(req.body); if (error) return res.status(400).send(error.details[0].message); // check if email doesn't exist in the DB const user = await User.findOne({ email: req.body.email }); if (!user) return res.status(400).send("Email does not exist"); // check if password is correct const validPass = await bcrypt.compare(req.body.password, user.password); if (!validPass) return res.status(400).send("Invalid password"); // create and assign a token, res.header will make our token available in the header const token = jwt.sign({ _id: user._id }, process.env.TOKEN_SECRET); // res.header("authorization", token).send(token); return res.status(200).json({ userName: user.name, email: user.email, token, }); // check verifyToken.js for routes that require token in headers });
// Login router.post('/login', async (req, res) => { // Data Validation before Ops // Data format const { error: validationError } = loginValidation(req.body); if (validationError) { return res.status(400).send(validationError.details[0].message); } // Check if email exists const sameEmailUser = await User.findOne({ email: req.body.email }); if (!sameEmailUser) { return res.status(400).send('Wrong email or password.'); } // Check password const validPass = await bcrypt.compare(req.body.password, sameEmailUser.password); if (!validPass) { return res.status(400).send('Wrong email or password.'); } // Create and assign token // Token can also be generated and saved in cache layer e.g. Redis const token = jwt.sign({ _id: sameEmailUser._id }, env.TOKEN_SECRET); res.header('auth-token', token).send('Logged in.'); });
router.post('/login',async (req, res)=>{ //Validate the data const {error} = loginValidation(req.body); if(error){ return res.status(400).send(error.details[0].message); } //checking if email exist const user= await User.findOne({email: req.body.email}); if(!user){ res.status(404).send({message:'User do not exist'}); } else{ const validPassword= await bcrypt.compare(req.body.password, user.password); if(!validPassword){ return res.status(400).send('Invalid password'); } else{ //create and assign a token const token= jwt.sign({_id: user._id},process.env.TOKEN_SECRET); res.header('auth-token',token).send(token) } } });
return res.status(400).send(error.details[0].message);