improved auth functionality

truly-indian · Aug 1, 2024 · cc78e0c · cc78e0c
1 parent 8b0afd0
commit cc78e0c
Show file tree

Hide file tree

Showing 10 changed files with 604 additions and 6 deletions.
diff --git a/backend/auth/routes.js b/backend/auth/routes.js
@@ -26,7 +26,6 @@ router.post('/sign_up', async (req, res) => {
 
 router.post('/sign_in', async (req,res) => {
     try {
-        console.log('req: ', req.body)
         const body = req.body;
         const resp = await SignIn(body);
         const token = jwt.sign({email: resp.email}, "secret_key", {expiresIn: '1h'} )

diff --git a/backend/auth/service.js b/backend/auth/service.js
@@ -1,12 +1,18 @@
 const User = require('../models/User/User');
 const { Save, Fetch } = require('./repository')
+const bcrypt = require('bcrypt');
+const saltRounds = 10;
 
 exports.SignIn = async (request) => {
     try {
         const { email, password } = request;
-        const user = await Fetch(User, {email, password});
+        const user = await Fetch(User, {email});
+        const storedPassword = user?.password || ''; 
+        const passwordMatched = await bcrypt.compare(password, storedPassword);
+        if (!passwordMatched) throw {error: 'password did not match', status: '401'}
         return user;
     } catch (error) {
+        console.log('error while signing user in: ', {...error})
         throw error;
     }
 }
@@ -16,7 +22,8 @@ exports.SignUp = async (request) => {
         const { email, password } = request;
         const user =  await Fetch(User, { 'email': email });
         if (user) throw { error: 'user already exists', statusCode: 409 }
-        let newUser = new User({ email, password });
+        const hashedPassword = await bcrypt.hash(password, saltRounds);
+        let newUser = new User({ email, password: hashedPassword });
         await Save(newUser);
     } catch (error) {
         throw error;