-
Notifications
You must be signed in to change notification settings - Fork 54
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
5a59e0c
commit f4434ed
Showing
2 changed files
with
49 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,62 +1,75 @@ | ||
| const errorHandler = require("../middelwares/errorMiddleware"); | ||
| const errorHandler = require("../middlewares/errorMiddleware"); | ||
| const userModel = require("../models/userModel"); | ||
| const errorResponse = require("../utils/errroResponse"); | ||
| const errorResponse = require("../utils/errorResponse"); | ||
|
|
||
| // JWT TOKEN | ||
| exports.sendToken = (user, statusCode, res) => { | ||
| const sendToken = (user, statusCode, res) => { | ||
| const token = user.getSignedToken(res); | ||
| res.status(statusCode).json({ | ||
| success: true, | ||
| token, | ||
| }); | ||
| }; | ||
|
|
||
| //REGISTER | ||
| exports.registerContoller = async (req, res, next) => { | ||
| // REGISTER | ||
| exports.registerController = async (req, res, next) => { | ||
| try { | ||
| const { username, email, password } = req.body; | ||
| //exisitng user | ||
| const exisitingEmail = await userModel.findOne({ email }); | ||
| if (exisitingEmail) { | ||
| return next(new errorResponse("Email is already register", 500)); | ||
| // Check if email already exists | ||
| const existingEmail = await userModel.findOne({ email }); | ||
|
Check failure Code scanning / CodeQL Database query built from user-controlled sources High
This query object depends on a
user-provided value Error loading related location Loading |
||
| if (existingEmail) { | ||
| return next(new errorResponse("Email is already registered", 400)); | ||
| } | ||
| // Create new user | ||
| const user = await userModel.create({ username, email, password }); | ||
| this.sendToken(user, 201, res); | ||
| sendToken(user, 201, res); | ||
| } catch (error) { | ||
| console.log(error); | ||
| console.error(error); | ||
| next(error); | ||
| } | ||
| }; | ||
|
|
||
| //LOGIN | ||
| // LOGIN | ||
| exports.loginController = async (req, res, next) => { | ||
| try { | ||
| const { email, password } = req.body; | ||
| //validation | ||
| // Validate email and password | ||
| if (!email || !password) { | ||
| return next(new errorResponse("Please provide email or password")); | ||
| return next(new errorResponse("Please provide email and password", 400)); | ||
| } | ||
| // Find user by email | ||
| const user = await userModel.findOne({ email }); | ||
|
Check failure Code scanning / CodeQL Database query built from user-controlled sources High
This query object depends on a
user-provided value Error loading related location Loading |
||
| if (!user) { | ||
| return next(new errorResponse("Invalid Creditial", 401)); | ||
| return next(new errorResponse("Invalid credentials", 401)); | ||
| } | ||
| // Check if password matches | ||
| const isMatch = await user.matchPassword(password); | ||
| if (!isMatch) { | ||
| return next(new errorResponse("Invalid Creditial", 401)); | ||
| return next(new errorResponse("Invalid credentials", 401)); | ||
| } | ||
| //res | ||
| this.sendToken(user, 200, res); | ||
| // Send token | ||
| sendToken(user, 200, res); | ||
| } catch (error) { | ||
| console.log(error); | ||
| console.error(error); | ||
| next(error); | ||
| } | ||
| }; | ||
|
|
||
| //LOGOUT | ||
| exports.logoutController = async (req, res) => { | ||
| res.clearCookie("refreshToken"); | ||
| return res.status(200).json({ | ||
| success: true, | ||
| message: "Logout Succesfully", | ||
| }); | ||
| // LOGOUT | ||
| exports.logoutController = async (req, res, next) => { | ||
| try { | ||
| // Clear refresh token | ||
| res.clearCookie("refreshToken"); | ||
| // Send success response | ||
| res.status(200).json({ | ||
| success: true, | ||
| message: "Logout successfully", | ||
| }); | ||
| } catch (error) { | ||
| console.error(error); | ||
| next(error); | ||
| } | ||
| }; | ||
|
|
||
| // Apply error handler middleware | ||
| exports.errorHandler = errorHandler; | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,21 +1,19 @@ | ||
| const express = require("express"); | ||
| const { | ||
| registerContoller, | ||
| loginController, | ||
| logoutController, | ||
| } = require("../controllers/authController"); | ||
| const { registerController, loginController, logoutController, errorHandler } = require("../controllers/authController"); | ||
|
|
||
| //router object | ||
| // Create router object | ||
| const router = express.Router(); | ||
|
|
||
| //routes | ||
| // REGISTER | ||
| router.post("/register", registerContoller); | ||
| // Register route | ||
| router.post("/register", registerController); | ||
|
Check failure Code scanning / CodeQL Missing rate limiting High
This route handler performs
a database access Error loading related location Loading |
||
|
|
||
| //LOGIN | ||
| // Login route | ||
| router.post("/login", loginController); | ||
|
Check failure Code scanning / CodeQL Missing rate limiting High
This route handler performs
a database access Error loading related location Loading |
||
|
|
||
| //LOGOUT | ||
| router.post("/logout", logoutController); | ||
| // Logout route | ||
| router.get("/logout", logoutController); | ||
|
|
||
| // Error handler middleware | ||
| router.use(errorHandler); | ||
|
|
||
| module.exports = router; | ||