CSE316/hw4/server/controllers/user-controller.js
2022-05-23 06:22:34 -04:00

134 lines
3.9 KiB
JavaScript

const auth = require('../auth')
const User = require('../models/user-model')
const bcrypt = require('bcryptjs')
getLoggedIn = async (req, res) => {
auth.verify(req, res, async function () {
const loggedInUser = await User.findOne({ _id: req.userId });
return res.status(200).json({
loggedIn: true,
user: {
firstName: loggedInUser.firstName,
lastName: loggedInUser.lastName,
email: loggedInUser.email
}
});
})
}
registerUser = async (req, res) => {
try {
const { firstName, lastName, email, password, passwordVerify } = req.body;
if (!firstName || !lastName || !email || !password || !passwordVerify) {
return res
.status(400)
.json({ errorMessage: "Please enter all required fields." });
}
if (password.length < 8) {
return res
.status(400)
.json({
errorMessage: "Please enter a password of at least 8 characters."
});
}
if (password !== passwordVerify) {
return res
.status(400)
.json({
errorMessage: "Please enter the same password twice."
})
}
const existingUser = await User.findOne({ email: email });
if (existingUser) {
return res
.status(400)
.json({
success: false,
errorMessage: "An account with this email address already exists."
})
}
const saltRounds = 10;
const salt = await bcrypt.genSalt(saltRounds);
const passwordHash = await bcrypt.hash(password, salt);
const newUser = new User({
firstName, lastName, email, passwordHash
});
const savedUser = await newUser.save();
// LOGIN THE USER
const token = auth.signToken(savedUser);
await res.cookie("token", token, {
httpOnly: true,
secure: true,
sameSite: "none"
}).status(200).json({
success: true,
user: {
firstName: savedUser.firstName,
lastName: savedUser.lastName,
email: savedUser.email
}
}).send();
} catch (err) {
console.error(err);
res.status(500).send();
}
}
loginUser = async (req, res) => {
try {
const { email, password } = req.body;
if (!email) {
return res.status(400).json({ errorMessage: "Please enter email."});
}
if (!password) {
return res.status(400).json({ errorMessage: "Please enter password."});
}
const existingUser = await User.findOne({ email: email});
if (!existingUser) {
return res.status(400).json({ errorMessage: "Email address " + email + " does not exists."});
}
let hash = existingUser.passwordHash;
if (! await bcrypt.compare(password, hash)) {
return res.status(400).json({ errorMessage: "Incorrect password."})
}
const token = auth.signToken(existingUser);
await res.cookie("token", token, {
httpOnly: true,
secure: true,
sameSite: "none"
}).status(200).json({
success: true,
user: {
firstName: existingUser.firstName,
lastName: existingUser.lastName,
email: existingUser.email
}
}).send();
} catch (err) {
console.error(err);
res.status(500).send;
}
}
logoutUser = async(req, res) => {
return await res.cookie("token", '', {
httpOnly: true,
secure: true,
sameSite: "none"
}).status(200).json({
success: true
})
}
module.exports = {
getLoggedIn,
registerUser,
loginUser,
logoutUser
}