Login endpoint

briankoey · Oct 30, 2019 · 006d34d · 006d34d
1 parent 6685442
commit 006d34d
Show file tree

Hide file tree

Showing 5 changed files with 51 additions and 0 deletions.
diff --git a/src/controllers/auth.controller.js b/src/controllers/auth.controller.js
@@ -12,6 +12,17 @@ const register = catchAsync(async (req, res) => {
   res.status(httpStatus.CREATED).send(response);
 });
 
+const login = catchAsync(async (req, res) => {
+  const user = await authService.loginUser(req.body.email, req.body.password);
+  const tokens = await authService.generateAuthTokens(user.id);
+  const response = {
+    user: user.transform(),
+    tokens,
+  };
+  res.send(response);
+});
+
 module.exports = {
   register,
+  login,
 };
diff --git a/src/routes/v1/auth.route.js b/src/routes/v1/auth.route.js
@@ -6,5 +6,6 @@ const authController = require('../../controllers/auth.controller');
 const router = express.Router();
 
 router.post('/register', validate(authValidation.register), authController.register);
+router.post('/login', validate(authValidation.login), authController.login);
 
 module.exports = router;
diff --git a/src/services/auth.service.js b/src/services/auth.service.js
@@ -1,6 +1,10 @@
 const moment = require('moment');
+const bcrypt = require('bcryptjs');
+const httpStatus = require('http-status');
 const config = require('../config/config');
 const tokenService = require('./token.service');
+const userService = require('./user.service');
+const AppError = require('../utils/AppError');
 
 const generateAuthTokens = async userId => {
   const accessTokenExpires = moment().add(config.jwt.accessExpirationMinutes, 'minutes');
@@ -22,6 +26,24 @@ const generateAuthTokens = async userId => {
   };
 };
 
+const checkPassword = async (password, correctPassword) => {
+  const isPasswordMatch = await bcrypt.compare(password, correctPassword);
+  if (!isPasswordMatch) {
+    throw new AppError(httpStatus.BAD_REQUEST, 'Passwords do not match');
+  }
+};
+
+const loginUser = async (email, password) => {
+  try {
+    const user = await userService.getUserByEmail(email);
+    await checkPassword(password, user.password);
+    return user;
+  } catch (error) {
+    throw new AppError(httpStatus.UNAUTHORIZED, 'Incorrect email or password');
+  }
+};
+
 module.exports = {
   generateAuthTokens,
+  loginUser,
 };
diff --git a/src/services/user.service.js b/src/services/user.service.js
@@ -15,6 +15,15 @@ const createUser = async userBody => {
   return user;
 };
 
+const getUserByEmail = async email => {
+  const user = await User.findOne({ email });
+  if (!user) {
+    throw new AppError(httpStatus.NOT_FOUND, 'No user found with this email');
+  }
+  return user;
+};
+
 module.exports = {
   createUser,
+  getUserByEmail,
 };
diff --git a/src/validations/auth.validation.js b/src/validations/auth.validation.js
@@ -13,6 +13,14 @@ const register = {
   }),
 };
 
+const login = {
+  body: Joi.object().keys({
+    email: Joi.string().required(),
+    password: Joi.string().required(),
+  }),
+};
+
 module.exports = {
   register,
+  login,
 };