1- import { GoogleCallbackInput , LoginInput , RegisterInput , googleCallbackSchema , verifyOtpSchema , resendOtpSchema } from "../validation/authValidation" ;
1+ import { GoogleCallbackInput , LoginInput , RegisterInput , googleCallbackSchema , verifyOtpSchema , resendOtpSchema , loginSchema , registerSchema } from "../validation/authValidation" ;
2+
23import { AuthRequest } from "../middleware/authMiddleware" ;
34import { Response , NextFunction } from "express" ;
45import z from "zod" ;
@@ -13,7 +14,7 @@ import { prisma } from "../utils/prisma";
1314export class AuthController {
1415 static async register ( req : AuthRequest , res : Response , next : NextFunction ) {
1516 try {
16- const { name, email, password } = req . body as RegisterInput ;
17+ const { name, email, password } = registerSchema . parse ( req . body ) ;
1718 const emailLower = email . trim ( ) . toLowerCase ( ) ;
1819
1920 const existingUser = await prisma . user . findUnique ( { where : { email : emailLower } } ) ;
@@ -54,32 +55,16 @@ export class AuthController {
5455
5556 static async login ( req : AuthRequest , res : Response , next : NextFunction ) {
5657 try {
57- const { email, password } = req . body as LoginInput ;
58+ const { email, password } = loginSchema . parse ( req . body ) ;
5859 const emailLower = email . trim ( ) . toLowerCase ( ) ;
5960
6061 console . log ( `[Auth] Login attempt for ${ emailLower } ` ) ;
6162
62- let user = await prisma . user . findUnique ( { where : { email : emailLower } } ) ;
63+ const user = await prisma . user . findUnique ( { where : { email : emailLower } } ) ;
6364
6465 if ( ! user ) {
65- console . log ( `[Auth] No existing user for ${ emailLower } . Creating new user.` ) ;
66- const hashed = await hashPassword ( password ) ;
67- user = await prisma . user . create ( {
68- data : {
69- id : crypto . randomUUID ( ) ,
70- name : emailLower . split ( "@" ) [ 0 ] ,
71- email : emailLower ,
72- password : hashed ,
73- credits : 5 ,
74- tier : "free" ,
75- dailyCreditsLimit : 5 ,
76- lastCreditReset : new Date ( ) ,
77- subscriptionStatus : "inactive" ,
78- } ,
79- } ) ;
80- console . log ( `[Auth] User created with id ${ user . id } ` ) ;
81- } else {
82- console . log ( `[Auth] Existing user ${ user . id } found for ${ emailLower } ` ) ;
66+ console . warn ( `[Auth] Login failed - user not found for ${ emailLower } ` ) ;
67+ return sendError ( res , "Invalid credentials" , 401 ) ;
8368 }
8469
8570 const isPasswordValid = await verifyPassword ( password , user . password ) ;
0 commit comments