Skip to content

deployment cookie options in authcontroller fixes #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
DeveloperChetram merged 1 commit into from
Aug 30, 2025
Merged

deployment cookie options in authcontroller fixes #18

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 22 additions & 21 deletions backend/src/controllers/auth.controllers.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,16 @@
const userModel = require("../models/user.model");
const bcrypt = require('bcryptjs')
const jwt = require('jsonwebtoken')
const registerController = async (req, res)=>{

const {fullName:{firstName, lastName}, email, password } = req.body;
// Define cookie options once
const cookieOptions = {
httpOnly: true,
secure: true,
sameSite: 'None'
};

const registerController = async (req, res)=>{
const {fullName:{firstName, lastName}, email, password } = req.body;
const isUser = await userModel.findOne({email})

if(isUser){
Expand All @@ -23,44 +29,38 @@ const registerController = async (req, res)=>{
passwordHash: await bcrypt.hash(password, 10)
})

const token = jwt.sign({id:user._id}, process.env.JWT_SECRET)
res.cookie('token', token)
res.status(201).json({
message:"user successfully registered",
user
})
const token = jwt.sign({id:user._id}, process.env.JWT_SECRET)
// cookie options
res.cookie('token', token, cookieOptions);
res.status(201).json({
message:"user successfully registered",
user
})
} catch (error) {
console.log(error)
}


}


const loginController = async (req, res)=>{
const {email, password} = req.body;

const user = await userModel.findOne({
email
})

if(!user){
return res.status(404).json({
message:"user not found"
})
}

const isPasswordValid =await bcrypt.compare(password, user.passwordHash);
// console.log(isPasswordValid)
if(!isPasswordValid){
return res.status(401).json({
message: "wrong password"
})
}

try {
const token= jwt.sign({id:user._id}, process.env.JWT_SECRET)
res.cookie('token', token)
// Use defined cookie options
res.cookie('token', token, cookieOptions);
res.status(201).json({
message:'user loged in',
user
Expand All @@ -71,10 +71,11 @@ const loginController = async (req, res)=>{
}

const logoutController = async (req, res)=>{
res.clearCookie("token")
res.status(201).json({
message:"user logged out"
})
// Use the same options when clearing the cookie
res.clearCookie("token", cookieOptions);
res.status(201).json({
message:"user logged out"
})
}

module.exports= {
Expand Down