vintage-auth 1.0.2 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +1 -1
- package/package.json +1 -1
- package/routes/auth.js +2 -17
package/index.js
CHANGED
package/package.json
CHANGED
package/routes/auth.js
CHANGED
|
@@ -1,59 +1,44 @@
|
|
|
1
|
-
const express = require('express')
|
|
1
|
+
const express = require('express')
|
|
2
2
|
const bcrypt = require('bcryptjs')
|
|
3
3
|
const jwt = require('jsonwebtoken')
|
|
4
4
|
const User = require('../models/User')
|
|
5
5
|
|
|
6
6
|
const router = express.Router()
|
|
7
|
-
|
|
8
|
-
if (!email || !password)
|
|
9
|
-
return res.status(400).json({ message: 'Email and password required' })
|
|
10
|
-
// POST /auth/register
|
|
7
|
+
|
|
11
8
|
router.post('/register', async (req, res) => {
|
|
12
9
|
try {
|
|
13
10
|
const { email, password } = req.body
|
|
14
|
-
|
|
15
11
|
const existing = await User.findOne({ email })
|
|
16
12
|
if (existing) return res.status(400).json({ message: 'Email already exists' })
|
|
17
|
-
|
|
18
13
|
const hashed = await bcrypt.hash(password, 10)
|
|
19
14
|
const user = await User.create({ email, password: hashed })
|
|
20
|
-
|
|
21
15
|
const token = jwt.sign({ id: user._id }, process.env.VINTAGE_JWT_SECRET, { expiresIn: '7d' })
|
|
22
|
-
|
|
23
16
|
res.json({ token, user: { id: user._id, email } })
|
|
24
17
|
} catch (err) {
|
|
25
18
|
res.status(500).json({ message: 'Server error' })
|
|
26
19
|
}
|
|
27
20
|
})
|
|
28
21
|
|
|
29
|
-
// POST /auth/login
|
|
30
22
|
router.post('/login', async (req, res) => {
|
|
31
23
|
try {
|
|
32
24
|
const { email, password } = req.body
|
|
33
|
-
|
|
34
25
|
const user = await User.findOne({ email })
|
|
35
26
|
if (!user) return res.status(400).json({ message: 'Invalid credentials' })
|
|
36
|
-
|
|
37
27
|
const match = await bcrypt.compare(password, user.password)
|
|
38
28
|
if (!match) return res.status(400).json({ message: 'Invalid credentials' })
|
|
39
|
-
|
|
40
29
|
const token = jwt.sign({ id: user._id }, process.env.VINTAGE_JWT_SECRET, { expiresIn: '7d' })
|
|
41
|
-
|
|
42
30
|
res.json({ token, user: { id: user._id, email } })
|
|
43
31
|
} catch (err) {
|
|
44
32
|
res.status(500).json({ message: 'Server error' })
|
|
45
33
|
}
|
|
46
34
|
})
|
|
47
35
|
|
|
48
|
-
// GET /auth/me
|
|
49
36
|
router.get('/me', async (req, res) => {
|
|
50
37
|
try {
|
|
51
38
|
const token = req.headers.authorization?.split(' ')[1]
|
|
52
39
|
if (!token) return res.status(401).json({ message: 'No token' })
|
|
53
|
-
|
|
54
40
|
const decoded = jwt.verify(token, process.env.VINTAGE_JWT_SECRET)
|
|
55
41
|
const user = await User.findById(decoded.id).select('-password')
|
|
56
|
-
|
|
57
42
|
res.json(user)
|
|
58
43
|
} catch {
|
|
59
44
|
res.status(401).json({ message: 'Invalid token' })
|