|
|
|
|
@ -30,18 +30,18 @@ router.post("/register", async (req, res) => {
|
|
|
|
|
router.post("/login", async (req, res) => { |
|
|
|
|
console.debug("New login attempt:", req.body.email); |
|
|
|
|
const { email, password } = req.body; |
|
|
|
|
const user = await User.findOne({ email }); |
|
|
|
|
const user = await User.query().findOne("email", email); |
|
|
|
|
|
|
|
|
|
if (!user) { |
|
|
|
|
console.debug("User not found"); |
|
|
|
|
return res.status(400).send("Email or password incorrect"); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
const validPass = await bcrypt.compare(password, user.password); |
|
|
|
|
const validPass = await bcrypt.compare(password, user.passwordHash); |
|
|
|
|
if (!validPass) return res.status(400).send("Email or password incorrect"); |
|
|
|
|
|
|
|
|
|
const token = jwt.sign( |
|
|
|
|
{ _id: user.id, name: user.full_name, email: user.email }, |
|
|
|
|
{ _id: user.id, name: user.username, email: user.email }, |
|
|
|
|
process.env.AUTH_SECRET |
|
|
|
|
); |
|
|
|
|
|
|
|
|
|
|
