-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.js
129 lines (107 loc) · 3.67 KB
/
auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
const bcrypt = require("bcrypt");
const { Router } = require("express");
const { toJWT } = require("../auth/jwt");
const authMiddleware = require("../auth/middleware");
const User = require("../models/").user;
const Profile = require("../models").profile;
const Finance = require("../models").finance;
const { SALT_ROUNDS } = require("../config/constants");
const router = new Router();
//signing in (both translator and customer)
router.post("/login", async (req, res, next) => {
try {
const { emailAddress, password } = req.body;
if (!emailAddress || !password) {
return res
.status(400)
.send({ message: "Please provide both email and password" });
}
const user = await User.findOne({ where: { emailAddress } });
if (!user || !bcrypt.compareSync(password, user.password)) {
return res.status(400).send({
message: "User with that email not found or password incorrect",
});
}
delete user.dataValues["password"]; // don't send back the password hash
const token = toJWT({ userId: user.id });
return res.status(200).send({ token, ...user.dataValues });
} catch (error) {
console.log(error);
return res.status(400).send({ message: "Something went wrong, sorry" });
}
});
//signup for customer
router.post("/signup", async (req, res) => {
const { fullName, emailAddress, password } = req.body;
if (!fullName || !emailAddress || !password) {
return res.status(400).send("Please provide an email, password and a name");
}
try {
const newUser = await User.create({
fullName,
emailAddress,
password: bcrypt.hashSync(password, SALT_ROUNDS),
isTranslator: false,
});
delete newUser.dataValues["password"]; // don't send back the password hash
const token = toJWT({ userId: newUser.id });
res.status(201).json({ token, ...newUser.dataValues });
} catch (error) {
if (error.name === "SequelizeUniqueConstraintError") {
return res
.status(400)
.send({ message: "There is an existing account with this email" });
}
return res.status(400).send({ message: "Something went wrong, sorry" });
}
});
//signup for translator
router.post("/signup/translator", async (req, res) => {
const {
fullName,
emailAddress,
password,
imageUrl,
experience,
writingStyle,
} = req.body;
if (!fullName || !emailAddress || !password || !experience || !writingStyle) {
return res.status(400).send("Please fill in all the fields correctly");
}
try {
const newUser = await User.create({
fullName,
emailAddress,
password: bcrypt.hashSync(password, SALT_ROUNDS),
imageUrl,
isTranslator: true,
});
const profile = await Profile.create({
experience,
writingStyle,
userId: newUser.id,
});
await Finance.create({
profileId: profile.dataValues.id,
});
delete newUser.dataValues["password"]; // don't send back the password hash
const token = toJWT({ userId: newUser.id });
res.status(201).json({ token, ...newUser.dataValues });
} catch (error) {
if (error.name === "SequelizeUniqueConstraintError") {
return res
.status(400)
.send({ message: "There is an existing account with this email" });
}
return res.status(400).send({ message: "Something went wrong, sorry" });
}
});
// The /me endpoint can be used to:
// - get the user information using only their token
// - checking if a token is (still) valid
router.get("/me", authMiddleware, async (req, res) => {
// don't send back the password hash
delete req.user.dataValues["password"];
res.status(200).send({ ...req.user.dataValues });
});
module.exports = router;