server/src/routes/auth.ts

import { Router } from 'express';
import { hashPassword, comparePassword } from '../utils/auth';
import bcrypt from 'bcrypt';
import jwt from 'jsonwebtoken';
// Todo: DB 
export const router = Router();

router.post('/register', async (req, res) => {
    try {
        const { email, password } = req.body

        if (!email) return res.status(400).send('Email is required')
        if (!password || password.length < 6) return res.status(400).send('Password is required and must be at least 6 characters')

        let userExist = await User.findOne({ email }).exec()
        if (userExist) return res.status(400).send('User already exists')

        const hashedPassword = await hashPassword(password)

        // register user
        const user = new User({
            email,
            password: hashedPassword
        })
        await user.save()
        const token = jwt.sign({
            _id: user._id
        }, process.env.JWT_SECRET as string, {
            expiresIn: '3d'
        })
        user.password = undefined
        res.cookie('token', token, {
            httpOnly: true
        })
        res.json(user)
    } catch (error) {
        res.status(500).send(`Could not register user - ${error.message}`)
    }
})

const login = async (req, res) => {
    try {
        const { email, password } = req.body;
        if (!email || !password) return res.status(400).send('Email and password are required')
        if (password.length < 6) return res.status(400).send('Password must be at least 6 characters')

        let user = await User.findOne({ email }).exec()
        const match = await comparePassword(password, user.password)
        if (!match) return res.status(400).send('Invalid email or password')

        // create signed jwt
        const token = jwt.sign({
            _id: user._id
        }, process.env.JWT_SECRET as string, {
            expiresIn: '3d'
        })
        // return user and token to client, exclude hashed password
        user.password = undefined
        res.cookie('token', token, {
            httpOnly: true
        })
        res.json(user)
    } catch (error) {
        res.status(400).send(`Could not login user - ${error.message}`)
    }
}

const logout = async (req, res) => {
    try {
        res.clearCookie('token')
        return res.json({ message: 'Logout successful' })
    } catch (error) {
        res.status(500).send(`Could not logout user - ${error.message}`)
    }
}

const currentUser = async (req, res) => {
    try {
        const user = await User.findById(req.user._id).select('-password').exec();
        return res.status(200).json({ ok: true });
    } catch (error) {
        return res.status(500).send(`Could not fetch current user : ${error.message}.`);
    }
};
feat: register route 2024-09-23 23:57:12 +05:30			`import { Router } from 'express';`
feat: register controller 2024-09-23 23:54:19 +05:30			`import { hashPassword, comparePassword } from '../utils/auth';`
			`import bcrypt from 'bcrypt';`
			`import jwt from 'jsonwebtoken';`
			`// Todo: DB`
feat: register route 2024-09-23 23:57:12 +05:30			`export const router = Router();`
feat: register controller 2024-09-23 23:54:19 +05:30
feat: register route 2024-09-23 23:57:12 +05:30			`router.post('/register', async (req, res) => {`
feat: register controller 2024-09-23 23:54:19 +05:30			`try {`
			`const { email, password } = req.body`

			`if (!email) return res.status(400).send('Email is required')`
			`if (!password \|\| password.length < 6) return res.status(400).send('Password is required and must be at least 6 characters')`

			`let userExist = await User.findOne({ email }).exec()`
			`if (userExist) return res.status(400).send('User already exists')`

			`const hashedPassword = await hashPassword(password)`

			`// register user`
			`const user = new User({`
			`email,`
			`password: hashedPassword`
			`})`
			`await user.save()`
			`const token = jwt.sign({`
			`_id: user._id`
			`}, process.env.JWT_SECRET as string, {`
			`expiresIn: '3d'`
			`})`
			`user.password = undefined`
			`res.cookie('token', token, {`
			`httpOnly: true`
			`})`
			`res.json(user)`
			`} catch (error) {`
			res.status(500).send(`Could not register user - ${error.message}`)
			`}`
feat: register route 2024-09-23 23:57:12 +05:30			`})`
feat: register controller 2024-09-23 23:54:19 +05:30
feat: login controller 2024-09-23 23:55:23 +05:30			`const login = async (req, res) => {`
			`try {`
			`const { email, password } = req.body;`
			`if (!email \|\| !password) return res.status(400).send('Email and password are required')`
			`if (password.length < 6) return res.status(400).send('Password must be at least 6 characters')`

			`let user = await User.findOne({ email }).exec()`
			`const match = await comparePassword(password, user.password)`
			`if (!match) return res.status(400).send('Invalid email or password')`

			`// create signed jwt`
			`const token = jwt.sign({`
			`_id: user._id`
			`}, process.env.JWT_SECRET as string, {`
			`expiresIn: '3d'`
			`})`
			`// return user and token to client, exclude hashed password`
			`user.password = undefined`
			`res.cookie('token', token, {`
			`httpOnly: true`
			`})`
			`res.json(user)`
			`} catch (error) {`
			res.status(400).send(`Could not login user - ${error.message}`)
			`}`
			`}`
feat: logout controller 2024-09-23 23:55:41 +05:30
			`const logout = async (req, res) => {`
			`try {`
			`res.clearCookie('token')`
			`return res.json({ message: 'Logout successful' })`
			`} catch (error) {`
			res.status(500).send(`Could not logout user - ${error.message}`)
			`}`
			`}`
feat: get current user 2024-09-23 23:55:53 +05:30
			`const currentUser = async (req, res) => {`
			`try {`
			`const user = await User.findById(req.user._id).select('-password').exec();`
			`return res.status(200).json({ ok: true });`
			`} catch (error) {`
			return res.status(500).send(`Could not fetch current user : ${error.message}.`);
			`}`
			`};`