Authentication: Hashing password

apps/backend/package.json

@@ -27,6 +27,8 @@
 		"@team8/constants": "*",
 		"@team8/types": "*",
 		"@team8/utils": "*",
+		"bcrypt": "^5.1.1",
+		"i": "^0.3.7",
 		"mysql2": "^3.9.1",
 		"reflect-metadata": "^0.1.13",
 		"rxjs": "^7.8.1",
@@ -38,9 +40,11 @@
 		"@nestjs/testing": "^10.0.0",
 		"@swc/cli": "^0.1.62",
 		"@swc/core": "^1.3.64",
+		"@types/bcrypt": "^5.0.2",
 		"@types/express": "^4.17.17",
 		"@types/supertest": "^2.0.12",
 		"eslint-config-team8": "*",
+		"i": "^0.3.7",
 		"source-map-support": "^0.5.21",
 		"supertest": "^6.3.3"
 	}

apps/backend/src/auth/auth.controller.ts

@@ -1,4 +1,4 @@
-import { Body, Controller, Post } from '@nestjs/common';
+import { Body, Controller, Post, HttpCode, HttpStatus } from '@nestjs/common';
 import { AuthService } from './auth.service';
 import { LogInDto } from '@team8/types/dtos/auth/login.dto';
 import { SignUpDto } from '@team8/types/dtos/auth/signup.dto';
@@ -12,6 +12,7 @@ export class AuthController {
 		return this.authService.signUp(signupDto);
 	}
 
+	@HttpCode(HttpStatus.OK)
 	@Post('login')
 	logIn(@Body() logInDto: LogInDto) {
 		return this.authService.logIn(logInDto);

apps/backend/src/auth/auth.service.ts

@@ -6,14 +6,18 @@ import {
 	LogInRetDto,
 	SignUpRetDto,
 } from '@team8/types/dtos/auth';
+import * as bcrypt from 'bcrypt';
+import { CreateUserDto } from './createUser.dto';
 
 @Injectable()
 export class AuthService {
 	constructor(private usersService: UsersService) {}
 
 	async signUp(dto: SignUpDto): Promise<SignUpRetDto> {
-		//TODO: Hash the password
-		const user = await this.usersService.create(dto);
+		const saltOrRounds = 10;
+		const userDto = new CreateUserDto(dto);
+		userDto.hashPassword = await bcrypt.hash(dto.password, saltOrRounds);
+		const user = await this.usersService.create(userDto);
 		const result = new SignUpRetDto();
 		result.username = user.username;
 		return result;
@@ -22,7 +26,7 @@ export class AuthService {
 	async logIn(dto: LogInDto): Promise<LogInRetDto> {
 		//TODO: Return message according to error
 		const user = await this.usersService.findOneByUsername(dto.username);
-		if (user?.hashPassword !== dto.hashPassword) {
+		if (!(await bcrypt.compare(dto.password, user.hashPassword))) {
 			throw new UnauthorizedException();
 		}
 		const result = new LogInRetDto();

apps/backend/src/auth/createUser.dto.ts

@@ -0,0 +1,19 @@
+import { IsNotEmpty, IsString } from 'class-validator';
+
+export class CreateUserDto {
+	@IsString()
+	@IsNotEmpty()
+	username: string;
+
+	@IsString()
+	@IsNotEmpty()
+	fullName: string;
+
+	@IsString()
+	@IsNotEmpty()
+	hashPassword: string;
+
+	constructor(dto: Partial<CreateUserDto>) {
+		Object.assign(this, dto);
+	}
+}

apps/backend/src/profile/profile.controller.ts

@@ -1,4 +1,4 @@
-import { Body, Controller, Post } from '@nestjs/common';
+import { Body, Controller, Post, HttpCode, HttpStatus } from '@nestjs/common';
 import { ProfileService } from './profile.service';
 import { UpdateDto } from '@team8/types/dtos/profile/update.dto';
 
@@ -7,6 +7,7 @@ export class ProfileController {
 	constructor(private profileService: ProfileService) {}
 
 	//TODO: Create update function for each field of user profile
+	@HttpCode(HttpStatus.OK)
 	@Post()
 	update(@Body() updateDto: UpdateDto) {
 		return this.profileService.update(updateDto);

apps/backend/src/users/users.service.ts

@@ -4,6 +4,7 @@ import { Repository, QueryFailedError } from 'typeorm';
 import { User } from '../entities/user.entity';
 import { InjectRepository } from '@nestjs/typeorm';
 import { UpdateDto } from '@team8/types/dtos/profile/update.dto';
+import { CreateUserDto } from '../auth/createUser.dto';
 
 @Injectable()
 export class UsersService {
@@ -12,7 +13,7 @@ export class UsersService {
 		private readonly usersRepository: Repository<User>,
 	) {}
 
-	async create(dto: SignUpDto) {
+	async create(dto: CreateUserDto) {
 		try {
 			await this.usersRepository.save(dto);
 			return await this.findOneByUsername(dto.username);