add the login and logut functionality in user controller

Wcoder547 · Wcoder547 · commit df3755e37f11 · 2024-07-20T11:38:10.000+05:00
diff --git a/project-backend/public/temp/Screenshot from 2024-07-19 09-52-35.png b/project-backend/public/temp/Screenshot from 2024-07-19 09-52-35.png
diff --git a/project-backend/src/controllers/user.controller.js b/project-backend/src/controllers/user.controller.js
@@ -32,7 +32,11 @@ const userRegister = AsyncHandler(async (req, res) => {
     throw new ApiError(409, "User Already Exsisted.Please Login");
   }
   //   console.log(req.files);
-  const avatarLocalPath = req.files?.avatar[0]?.path;
+  let avatarLocalPath = null;
+  if (req.files && req.files.avatar && req.files.avatar[0]) {
+    avatarLocalPath = req.files.avatar[0].path;
+  }
+
   //   const coverLocalPath = req.files?.coverimage[0]?.path;
   if (!avatarLocalPath) {
     throw new ApiError(400, "Avatar file is required!!");
@@ -67,4 +71,89 @@ const userRegister = AsyncHandler(async (req, res) => {
     .json(new ApiResponse(200, createdUser, "User Registered Successfully"));
 });
 
-export default userRegister;
+const geneareAccessAndRefreshToken = async (userId) => {
+  try {
+    const user = await User.findById(userId);
+    const accessToken = user.generateAccessToken();
+    const refreshToken = user.generateRefreshToken();
+    user.refreshtoken = refreshToken;
+    await user.save({ validateBeforeSave: false });
+    return { accessToken, refreshToken };
+  } catch (error) {
+    throw new ApiError(500, "Error !! cannot produce access and refreshtoken");
+  }
+};
+const userLogin = AsyncHandler(async (req, res) => {
+  //todos
+  //req->body = data
+  // username& email
+  //check the user in database
+  // check the password
+  // access and refresh token
+  // send in cookies
+
+  const { username, email, password } = req.body;
+  if (!username || !email) {
+    throw new ApiError(400, "Username or Email is required");
+  }
+  const user = await User.findOne({
+    $or: [{ username }, { email }],
+  });
+  if (!user) {
+    throw new ApiError(400, "you dont have account.please signup");
+  }
+  const isPasswordMatched = await User.isPasswordCorrect(password);
+  if (!isPasswordMatched) {
+    throw new ApiError(401, "Please provide corrected password");
+  }
+  const { accessToken, refreshToken } = geneareAccessAndRefreshToken(user._id);
+
+  const loggedInUser = await User.findById(user._id).select(
+    "-password -refreshToken"
+  );
+
+  const options = {
+    httpOnly: true,
+    secure: true,
+  };
+  return res
+    .status(200)
+    .cookies("accessToken", accessToken, options)
+    .cookies("refreshToken", refreshToken, options)
+    .json(
+      new ApiResponse(
+        200,
+        {
+          user: loggedInUser,
+          accessToken,
+          refreshToken,
+        },
+        "user Successfully Loggedin"
+      )
+    );
+});
+
+const userLogout = AsyncHandler(async (req, res) => {
+  await User.findByIdAndUpdate(
+    req.user._id,
+    {
+      $set: {
+        refreshtoken: undefined,
+      },
+    },
+    {
+      new: true,
+    }
+  );
+
+  const options = {
+    httpOnly: true,
+    secure: true,
+  };
+
+  return res(200)
+    .clearCookie("accessToken", options)
+    .clearCookie("refreshToken", options)
+    .json(new ApiResponse(200, {}, "Successfully Loggout"));
+});
+export { userRegister, userLogin, userLogout };
diff --git a/project-backend/src/middlewares/auth.middleware.js b/project-backend/src/middlewares/auth.middleware.js
@@ -0,0 +1,31 @@
+import jwt from "json-web-token";
+import { User } from "../models/user.models";
+import { ApiError } from "../utils/ApiError";
+import { AsyncHandler } from "../utils/AsyncHandler";
+
+export const verifyJwt = AsyncHandler(async (req, _, next) => {
+  try {
+    const token =
+      req.cookies?.accessToken ||
+      req.header("Authorization")?.replace("Bearer", " ");
+
+    if (!token) {
+      throw new ApiError(401, "UnAuthorized Request");
+    }
+
+    const decodedToken = jwt.verify(token, process.env.ACCESS_TOKEN_SECRET);
+
+    const user = await User.findById(decodedToken?._id).select(
+      "-password,-refreshToken"
+    );
+
+    if (!user) {
+      //TODOS discuss about front-end
+      throw new ApiError(500, "invalid Access Token");
+    }
+    req.user = user;
+    next();
+  } catch (error) {
+    throw new ApiError(401, error?.message || "invalid accessToken ");
+  }
+});
diff --git a/project-backend/src/models/user.models.js b/project-backend/src/models/user.models.js
@@ -48,10 +48,17 @@ const userSchema = new Schema(
   { timestamps: true }
 );
 
-userSchema.pre("save", function (next) {
+userSchema.pre("save", async function (next) {
+  console.log("hello");
   if (!this.isModified("passowrd")) return next();
-  this.password = bcrypt.hash(this.password, 10);
-  next();
+
+  try {
+    const salt = await bcrypt.genSalt(10);
+    this.password = await bcrypt.hash(this.password, salt);
+    next();
+  } catch (err) {
+    next(err);
+  }
 });
 userSchema.methods.isPasswordCorrect = async function (passowrd) {
   return await bcrypt.compare(passowrd, this.passowrd);
diff --git a/project-backend/src/routes/user.routes.js b/project-backend/src/routes/user.routes.js
@@ -1,11 +1,19 @@
 import { Router } from "express";
-import userRegister from "../controllers/user.controller.js";
+import userRegister, {
+  userLogin,
+  userLogout,
+} from "../controllers/user.controller.js";
 import { upload } from "../middlewares/multer.middleware.js";
+import { verifyJwt } from "../middlewares/auth.middleware.js";
 const router = Router();
 const cpUpload = upload.fields([
   { name: "avatar", maxCount: 1 },
   { name: "coverimage", maxCount: 1 },
 ]); //this will upload only one avatar and one coverimage
 
 router.route("/register").post(cpUpload, userRegister);
+router.route("/login").post(userLogin);
+
+//Secured Routes
+router.route("/logout").post(verifyJwt, userLogout);
 export default router;
diff --git a/project-backend/src/utils/cloudinary.js b/project-backend/src/utils/cloudinary.js
@@ -19,7 +19,7 @@ const uploadOnCloudinary = async function (localFilePath) {
       // height: 500,  // Transform the image: auto-crop to square aspect_ratio
     });
     //console.log("file is uploaded on cloudinary", await response.url);
-    fs.unlink(filePath, (err) => {
+    fs.unlink(localFilePath, (err) => {
       if (err) {
         console.error(`Error deleting file: ${err.message}`);
         return;
