ADD: Login endpoint

132nd-vWing-website · Sep 2, 2019 · 79c1827 · 79c1827
1 parent d71d9e6
commit 79c1827
Showing 1 changed file with 79 additions and 1 deletion.
diff --git a/routes/api/users-sql.js b/routes/api/users-sql.js
@@ -1,17 +1,21 @@
 const express = require('express');
 const passport = require('passport');
 const bcrypt = require('bcryptjs');
+const jwt = require('jsonwebtoken');
 
 // Load input validation
 const validateRegisterInput = require('../../validation/register');
-// const validateLoginInput = require('../../validation/login');
+const validateLoginInput = require('../../validation/login');
 
 // Initialize the router
 const router = express.Router();
 
 // MySQL Connection
 const sql = require('../../utils/db');
 
+// Get keys
+const keys = require('../../config/keys');
+
 /**
  * @route GET api/v1/users/test
  * @desc Tests the events route
@@ -55,6 +59,8 @@ router.post('/register', (req, res) => {
       if (_err) throw _err;
       newUser.password = hash;
 
+      console.log('Password Hash: %s', hash);
+
       // .. save user to db
       const query = `INSERT INTO users (name, password, email, avatar) VALUES ('${newUser.name}', '${newUser.password}', '${newUser.email}', '${newUser.avatar}')`;
       sql(query).then((data) => {
@@ -68,6 +74,78 @@ router.post('/register', (req, res) => {
   return null;
 });
 
+/**
+ * @route POST api/v1/users/login
+ * @desc Login a user
+ * @access Public
+ */
+router.post('/login', (req, res) => {
+  console.log('LOGIN!!');
+  // Check input validation
+  const { errors, isValid } = validateLoginInput({
+    email: req.body.email,
+    password: req.body.password,
+  });
+
+  if (!isValid) {
+    console.log('INVALID!!');
+    return res.status(400).json(errors);
+  }
+
+  const { email, password } = req.body;
+
+  // Look up user by email
+  const query = `SELECT * from users WHERE email='${email}'`;
+  sql(query).then((data) => {
+    const user = data.rows[0];
+
+    // Throw error if user email is not found
+    if (!user) {
+      errors.email = 'User not found';
+      return res.status(400).json(errors);
+    }
+
+    console.log(password, user.password);
+
+    // .. check password
+    bcrypt.compare(password, user.password).then((isMatch) => {
+      if (isMatch) {
+        // ... user matched! - Create JWT Payload
+        const payload = {
+          id: user.id,
+          name: user.name,
+          avatar: user.avatar,
+          roles: user.roles,
+        };
+
+        // Sign token
+        jwt.sign(
+          payload,
+          keys.secretOrKey,
+          {
+            expiresIn: 3600,
+          },
+          (err, token) => {
+            res.json({
+              success: true,
+              token: `Bearer ${token}`,
+            });
+          },
+        );
+      } else {
+        errors.password = 'Password incorrect';
+        return res.status(400).json(errors);
+      }
+
+      return null;
+    });
+
+    return null;
+  });
+
+  return null;
+});
+
 /**
  * @route GET api/v1/users/user
  * @desc Retrieves a spessific user