QkoSad
25 lines
796 B
JavaScript
25 lines
796 B
JavaScript
const loginRouter = require("express").Router();
|
|
const jwt = require("jsonwebtoken");
|
|
const bcrypt = require("bcrypt");
|
|
const User = require("../models/user");
|
|
const config = require("../utils/config");
|
|
|
|
loginRouter.post("", async (req, res) => {
|
|
const { username, password } = req.body;
|
|
|
|
const user = await User.findOne({ username });
|
|
const passwordCorrect =
|
|
user === null ? false : await bcrypt.compare(password, user.password);
|
|
if (!(user && passwordCorrect))
|
|
return res.status(401).json({ error: "invalid username or passowrd" });
|
|
|
|
const userForToken = {
|
|
username: user.username,
|
|
id: user._id,
|
|
};
|
|
const token = jwt.sign(userForToken, config.SECRET);
|
|
res.status(200).send({ token, username: user.username, name: user.name });
|
|
});
|
|
|
|
module.exports = loginRouter;
|