From cf0421c94b8ca14e819bad45e7db6875b92d547b Mon Sep 17 00:00:00 2001
From: Biswakalyan Bhuyan <biswa@surgot.in>
Date: Thu, 18 Jul 2024 15:49:21 +0530
Subject: added and setup dashboard login auth and many more

---
 server/routes/auth.js | 63 +++++++++++++++++++++------------------------------
 1 file changed, 26 insertions(+), 37 deletions(-)

(limited to 'server/routes')

diff --git a/server/routes/auth.js b/server/routes/auth.js
index 3fb0986..04a9d5b 100644
--- a/server/routes/auth.js
+++ b/server/routes/auth.js
@@ -1,57 +1,46 @@
 const express = require('express');
 const bcrypt = require('bcryptjs');
-const jwt = require('jsonwebtoken');
+const jwt = require('jwt-simple');
 const User = require('../models/User');
+require('dotenv').config();
+
 const router = express.Router();
+const secret = process.env.JWT_SECRET;
 
-// Register
+// Register new user
 router.post('/register', async (req, res) => {
-  const { username, password } = req.body;
+  const { email, password } = req.body;
   try {
-    let user = await User.findOne({ username });
-    if (user) {
-      return res.status(400).json({ msg: 'User already exists' });
-    }
-    user = new User({
-      username,
-      password,
-    });
+    const user = await User.findOne({ email });
+    if (user) return res.status(400).json({ msg: 'User already exists' });
+
+    const newUser = new User({ email, password });
     const salt = await bcrypt.genSalt(10);
-    user.password = await bcrypt.hash(password, salt);
-    await user.save();
-    res.status(200).send('User registered');
+    newUser.password = await bcrypt.hash(password, salt);
+    await newUser.save();
+
+    const payload = { id: newUser.id };
+    const token = jwt.encode(payload, secret);
+    res.json({ token });
   } catch (err) {
     console.error(err.message);
     res.status(500).send('Server error');
   }
 });
 
-// Login
+// Login user
 router.post('/login', async (req, res) => {
-  const { username, password } = req.body;
+  const { email, password } = req.body;
   try {
-    const user = await User.findOne({ username });
-    if (!user) {
-      return res.status(400).json({ msg: 'Invalid credentials' });
-    }
+    const user = await User.findOne({ email });
+    if (!user) return res.status(400).json({ msg: 'Invalid credentials' });
+
     const isMatch = await bcrypt.compare(password, user.password);
-    if (!isMatch) {
-      return res.status(400).json({ msg: 'Invalid credentials' });
-    }
-    const payload = {
-      user: {
-        id: user.id,
-      },
-    };
-    jwt.sign(
-      payload,
-      process.env.JWT_SECRET,
-      { expiresIn: '1h' },
-      (err, token) => {
-        if (err) throw err;
-        res.json({ token });
-      }
-    );
+    if (!isMatch) return res.status(400).json({ msg: 'Invalid credentials' });
+
+    const payload = { id: user.id };
+    const token = jwt.encode(payload, secret);
+    res.json({ token });
   } catch (err) {
     console.error(err.message);
     res.status(500).send('Server error');
-- 
cgit v1.2.3-59-g8ed1b