node-go/packages/play-node-go/server/controllers/auth.js


const { validationResult } = require('express-validator');

const userQueries = require('../data/queries/user');
const { hashPassword, compareHash } = require('../services/bcrypt');
const signToken = require('../services/signToken');

const checkValidationErrors = (req, res) => {
  const errors = validationResult(req);
  if (!errors.isEmpty()) {
    return res.status(422).json({ errors: errors.array() });
  }
}

const signup = async (req, res, next) => {
  checkValidationErrors(req, res);
  const user = req.body;

  try {
    delete user.confirmPassword;
    const hashedPassword = await hashPassword(user.password);
    const secureUser = { ...user, password: hashedPassword };
    const existingUser = await userQueries.findUserByNameOrEmail(secureUser);

    if (existingUser.length) {
      return res.status(409).json({errors: [{auth: 'User already exists!'}]})
    }

    const newUser = await userQueries.insertUser(secureUser)
    signToken(res, newUser).status(201).json({...newUser});
  } 

  catch (err) {
    res.status(500).json(err);
  }
}

const login = async (req, res, next) => {

  checkValidationErrors(req, res);
  const user = req.body;

  try {
    const queryResults = await userQueries.findUserByNameOrEmail(user);
    const savedUser = queryResults[0] || null;

    if (!savedUser) {
      return res.status(401).json({err: 'bad credentials'});
    }
    
    const hashedPassword = savedUser.password;
    const passwordMatch = await compareHash(user.password, hashedPassword);

    if (!passwordMatch) {
      return res.status(401).json({err: 'bad credentials'});
    }
    
    const authorizedUser = {...savedUser};
    delete authorizedUser.password;
    
    signToken(res, authorizedUser);
    res.send('ok').status(200);
  }
  
  catch (err) {
    res.status(500).json(err);
  }
}

module.exports = {
  signup,
  login
}
add password hash to new user 2020-01-14 22:22:42 +00:00
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00			`const { validationResult } = require('express-validator');`

			`const userQueries = require('../data/queries/user');`
add login verification of user 2020-01-15 07:09:01 +00:00			`const { hashPassword, compareHash } = require('../services/bcrypt');`
add sign jwt function and hook to auth/signup 2020-01-13 22:47:45 +00:00			`const signToken = require('../services/signToken');`
add validation and sanitization for auth/. posts 2020-01-15 21:52:01 +00:00
			`const checkValidationErrors = (req, res) => {`
			`const errors = validationResult(req);`
			`if (!errors.isEmpty()) {`
			`return res.status(422).json({ errors: errors.array() });`
			`}`
			`}`
stub auth routes and controllers 2020-01-10 01:44:58 +00:00
add login verification of user 2020-01-15 07:09:01 +00:00			`const signup = async (req, res, next) => {`
add validation and sanitization for auth/. posts 2020-01-15 21:52:01 +00:00			`checkValidationErrors(req, res);`
add sign jwt function and hook to auth/signup 2020-01-13 22:47:45 +00:00			`const user = req.body;`
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00
add sign jwt function and hook to auth/signup 2020-01-13 22:47:45 +00:00			`try {`
debug password hashing function 2020-01-16 04:04:55 +00:00			`delete user.confirmPassword;`
add password hash to new user 2020-01-14 22:22:42 +00:00			`const hashedPassword = await hashPassword(user.password);`
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00			`const secureUser = { ...user, password: hashedPassword };`
			`const existingUser = await userQueries.findUserByNameOrEmail(secureUser);`

			`if (existingUser.length) {`
			`return res.status(409).json({errors: [{auth: 'User already exists!'}]})`
			`}`
debug password hashing function 2020-01-16 04:04:55 +00:00
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00			`const newUser = await userQueries.insertUser(secureUser)`
			`signToken(res, newUser).status(201).json({...newUser});`
add sign jwt function and hook to auth/signup 2020-01-13 22:47:45 +00:00			`}`
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00
add sign jwt function and hook to auth/signup 2020-01-13 22:47:45 +00:00			`catch (err) {`
debug password hashing function 2020-01-16 04:04:55 +00:00			`res.status(500).json(err);`
add sign jwt function and hook to auth/signup 2020-01-13 22:47:45 +00:00			`}`
stub auth routes and controllers 2020-01-10 01:44:58 +00:00			`}`

add login verification of user 2020-01-15 07:09:01 +00:00			`const login = async (req, res, next) => {`
add validation and sanitization for auth/. posts 2020-01-15 21:52:01 +00:00
			`checkValidationErrors(req, res);`
add login verification of user 2020-01-15 07:09:01 +00:00			`const user = req.body;`

			`try {`
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00			`const queryResults = await userQueries.findUserByNameOrEmail(user);`
add login verification of user 2020-01-15 07:09:01 +00:00			`const savedUser = queryResults[0] \|\| null;`
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00
			`if (!savedUser) {`
			`return res.status(401).json({err: 'bad credentials'});`
			`}`
add login verification of user 2020-01-15 07:09:01 +00:00
			`const hashedPassword = savedUser.password;`
			`const passwordMatch = await compareHash(user.password, hashedPassword);`
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00
			`if (!passwordMatch) {`
			`return res.status(401).json({err: 'bad credentials'});`
			`}`
add login verification of user 2020-01-15 07:09:01 +00:00
			`const authorizedUser = {...savedUser};`
			`delete authorizedUser.password;`

			`signToken(res, authorizedUser);`
			`res.send('ok').status(200);`
			`}`
patch signup post for existing user to return 409 2020-01-17 08:23:18 +00:00
add login verification of user 2020-01-15 07:09:01 +00:00			`catch (err) {`
			`res.status(500).json(err);`
			`}`
stub auth routes and controllers 2020-01-10 01:44:58 +00:00			`}`

			`module.exports = {`
add login verification of user 2020-01-15 07:09:01 +00:00			`signup,`
stub auth routes and controllers 2020-01-10 01:44:58 +00:00			`login`
			`}`