Liontix
/
Scheduler-Backend


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102
							import express from 'express';
import {mongoose} from 'mongoose';
import bcrypt from "bcrypt";
import jwt from "jsonwebtoken";
import {SECRET_KEY} from "../passport.js";
import {isValidEmail} from "../utils.js";

const router = express.Router();


const saltRounds = 10;

const userSchema = new mongoose.Schema({
    email: {
        type: String,
        required: true
    },
    password: {
        type: String,
        required: true
    }
})
const User = mongoose.model('User', userSchema, 'users');

// TODO split into different routes (/auth)

function generateToken(user) {
    const payload = { id: user._id };
    return jwt.sign(payload, SECRET_KEY, {expiresIn: '6h'});
}

router.post('/login', function (req, res) {
    const email = req.body.email;
    const password = req.body.password;

    if (!password || !email) {
        return res.status(400).json({ message: 'parameters invalid' });
    }

    if (!isValidEmail(email)) {
        return res.status(400).json({ message: 'email is invalid' });
    }

    User.findOne({ email: email })
        .then(user => {
            if (!user) {
                return res.status(422).json({ message: 'user not found' });
            }

            bcrypt.compare(password, user.password, function (err, result) {
                if (result) {
                    res.json({ token: generateToken(user) });
                } else {
                    res.status(401).json({ error: "Wrong password" });
                }
            });
        })
        .catch(err => {
            console.log(err);
            res.status(500).json({ error: err.message }); // Ensure you send the error message
        });
});


router.post('/register', async function (req, res) {
    const email = req.body.email;
    const password = req.body.password;

    if (!password || !email) {
        return res.status(400).json({ message: 'parameters invalid' });
    }

    if (!isValidEmail(email)) {
        return res.status(400).json({ message: 'email is invalid' });
    }

    try {
        // Check if user already exists
        const existingUser = await User.findOne({ email: email });
        if (existingUser) {
            return res.status(403).json({ message: 'user already exists' });
        }

        // Hash the password
        bcrypt.hash(password, saltRounds, async function (err, hash) {
            if (err) {
                return res.status(500).json({ error: err.message });
            } else if (hash) {
                // Insert user into database and generate token
                const user = await User.collection.insertOne({ email: email, password: hash });
                return res.json({ token: generateToken(user) });
            }
        });
    } catch (err) {
        // Handle errors
        console.error(err);
        return res.status(500).json({ error: 'Internal Server Error' });
    }
});


export { router, User };