Merge pull request #29 from ADARSHsri2004/feature/auth-flow

feat/Implemented User Registration Endpoint #11
Thanks for contributing!

Author: Somilg11

.env.example

@@ -5,4 +5,4 @@ node_modules
 .env.local
 
 /dist/
-/build/
+/build/

.gitignore

@@ -25,6 +25,7 @@
     "express": "^5.1.0",
     "jsonwebtoken": "^9.0.2",
     "mongoose": "^8.19.1",
-    "nodemon": "^3.1.10"
+    "nodemon": "^3.1.10",
+    "readdirp": "^4.1.2"
   }
 }

package-lock.json

@@ -1,19 +1,21 @@
 import express from "express";
 import cors from "cors"
 import cookieparser from "cookie-parser"
+import authRoutes from "./routes/authRoutes.js"
 
-const app=express()
+const app = express()
 
 app.use(cors({
-    origin:process.env.CORS_URL,
-    credentials:true
+    origin: process.env.CORS_URL,
+    credentials: true
 }))
 
-app.use(express.json({limit:"16kb"}))
-app.use(express.urlencoded({extended:true,limit:"16kb"}))
+app.use(express.json({ limit: "16kb" }))
+app.use(express.urlencoded({ extended: true, limit: "16kb" }))
 app.use(express.static("public"))
 app.use(cookieparser())
 
+// Routes
+app.use("/api/auth", authRoutes)
 
-
-export {app}
+export { app }

package.json

@@ -0,0 +1,25 @@
+import { loginUser } from "../services/authService.js";
+
+export const login = async (req, res) => {
+  try {
+    const { email, password } = req.body;
+
+    if (!email?.trim() || !password?.trim()) {
+      return res.status(400).json({ success: false, message: "Email and password are required" });
+    }
+
+    const { token, refreshToken } = await loginUser(email, password);
+
+    return res.status(200).json({
+      success: true,
+      message: "Login successful",
+      token,
+      refreshToken,
+    });
+  } catch (err) {
+    return res.status(401).json({
+      success: false,
+      message: err.message || "Authentication failed",
+    });
+  }
+};

src/app.js

@@ -1,59 +1,59 @@
-import mongoose ,{Schema} from "mongoose";
+import mongoose, { Schema } from "mongoose";
 import jwt from "jsonwebtoken"
 import bcrypt from "bcryptjs"
 
-const  userschema=new Schema({
-    username:{
-        type:String,
-        required:true,
-        unique:true,
-        lowercase:true,
-        trim:true,
-        index:true
+const userschema = new Schema({
+    username: {
+        type: String,
+        required: true,
+        unique: true,
+        lowercase: true,
+        trim: true,
+        index: true
     },
-    email:{
-        type:String,
-        required:true,
-        unique:true,
-        lowercase:true,
-        trim:true,
+    email: {
+        type: String,
+        required: true,
+        unique: true,
+        lowercase: true,
+        trim: true,
     },
-    fullname:{
-        type:String,
-        required:true,
-        trim:true,
-        index:true
+    fullname: {
+        type: String,
+        required: true,
+        trim: true,
+        index: true
     },
-   password:{
-    type:String,
-    required:[true,"Password is required"]
-   },
-   refreshToken:{
-    type:String
-   },
-   role: {
-    type: mongoose.Schema.Types.ObjectId,
-    ref: "Role",
-    default: null
-  }
-},{
-    timestamps:true
+    password: {
+        type: String,
+        required: [true, "Password is required"]
+    },
+    refreshToken: {
+        type: String
+    },
+    role: {
+        type: mongoose.Schema.Types.ObjectId,
+        ref: "Role",
+        default: null
+    }
+}, {
+    timestamps: true
 })
 
-userschema.pre("save", async function (next){
-    if(!this.isModified("password"))return next();
+userschema.pre("save", async function (next) {
+    if (!this.isModified("password")) return next();
 
-    this.password=await bcrypt.hash(this.password,10)
+    this.password = await bcrypt.hash(this.password, 10)
     next()
 })
 
-userschema.methods.isPasswordCorrect=async function(password){
-    return await bcrypt.compare(password,this.password)
+userschema.methods.isPasswordCorrect = async function (password) {
+    return await bcrypt.compare(password, this.password)
 }
 
-userschema.methods.genrateAccessToken = function () {
+userschema.methods.generateAccessToken = function () {
     try {
-        if (!process.env.JWT_SECRET ) {
+        if (!process.env.JWT_SECRET) {
             throw new Error("Environment variables for token generation are missing");
         }
 
@@ -95,4 +95,4 @@ userschema.methods.refreshAccessToken = function () {
 };
 
 
-export const User=mongoose.model("User",userschema)
+export const User = mongoose.model("User", userschema)

src/controllers/authController.js

@@ -0,0 +1,8 @@
+import express from "express";
+import { login } from "../controllers/authController.js";
+
+const router = express.Router();
+
+router.post("/login", login);
+
+export default router;

src/models/user.model.js

@@ -0,0 +1,22 @@
+import { User } from "../models/user.model.js";
+
+export const loginUser = async (email, password) => {
+  const user = await User.findOne({ email });
+  if (!user) {
+    throw new Error("Invalid credentials");
+  }
+
+  const isValid = await user.isPasswordCorrect(password);
+  if (!isValid) {
+    throw new Error("Invalid credentials");
+  }
+
+  const token = user.generateAccessToken();
+  const refreshToken = user.refreshAccessToken();
+
+  // Update user's refresh token in database
+  user.refreshToken = refreshToken;
+  await user.save({ validateBeforeSave: false });
+
+  return { token, refreshToken };
+};