Merge branch 'main' of github.com:CS3219-AY2425S1/cs3219-ay2425s1-project-g16 into PEER-117-Question-Service-Setup

SeeuSim · SeeuSim · commit 8d43c8008257 · 2024-09-21T10:27:34.000+08:00
diff --git a/backend/user/package.json b/backend/user/package.json
@@ -16,14 +16,18 @@
   "license": "ISC",
   "description": "",
   "dependencies": {
+    "bcrypt": "^5.1.1",
     "drizzle-orm": "^0.33.0",
     "express": "^4.21.0",
+    "jsonwebtoken": "^9.0.2",
     "pino": "^9.4.0",
     "pino-http": "^10.3.0",
     "postgres": "^3.4.4"
   },
   "devDependencies": {
+    "@types/bcrypt": "^5.0.2",
     "@types/express": "^4.17.21",
+    "@types/jsonwebtoken": "^9.0.6",
     "@types/node": "^22.5.5",
     "drizzle-kit": "^0.24.2",
     "nodemon": "^3.1.4",
diff --git a/backend/user/src/controllers/auth/auth-controller.ts b/backend/user/src/controllers/auth/auth-controller.ts
@@ -0,0 +1,34 @@
+import { Request, Response } from 'express';
+import { LoginCredentials } from './types/auth-types';
+import { db, users } from '../../lib/db';
+import { eq } from 'drizzle-orm';
+import bcrypt from 'bcrypt';
+import jwt from 'jsonwebtoken';
+
+export async function login(req: Request, res: Response) {
+  const { username, password }: LoginCredentials = req.body;
+  const userArray = await db.select().from(users).where(eq(users.username, username));
+  if (userArray.length === 0) {
+    return res.status(404).json('Account does not exist');
+  }
+
+  const user = userArray[0];
+  const checkPassword = bcrypt.compareSync(password, user.password);
+  if (!checkPassword) {
+    return res.status(401).json('Incorrect Password');
+  }
+
+  const { password: _userPassword, ...userDetails } = user;
+  const jwtToken = jwt.sign({ id: user.id }, 'key');
+  return res.cookie('jwtToken', jwtToken, { httpOnly: true }).status(200).json(userDetails);
+}
+
+export async function logout(_req: Request, res: Response) {
+  return res
+    .clearCookie('jwtToken', {
+      secure: true,
+      sameSite: 'none',
+    })
+    .status(200)
+    .json('User has been logged out.');
+}
diff --git a/backend/user/src/controllers/auth/types/auth-types.ts b/backend/user/src/controllers/auth/types/auth-types.ts
@@ -0,0 +1,4 @@
+export interface LoginCredentials {
+  username: string;
+  password: string;
+}
diff --git a/backend/user/src/routes/auth.ts b/backend/user/src/routes/auth.ts
@@ -0,0 +1,9 @@
+import express from 'express';
+import { login, logout } from '../controllers/auth/auth-controller';
+
+const router = express.Router();
+
+router.post('/login', login);
+router.post('/logout', logout);
+
+export default router;
diff --git a/backend/user/src/server.ts b/backend/user/src/server.ts
@@ -1,11 +1,12 @@
 import express, { json } from 'express';
 import pino from 'pino-http';
 import { db, users } from './lib/db';
+import authRoutes from './routes/auth';
 
 const app = express();
 app.use(pino());
 app.use(json());
-
+app.use('/auth', authRoutes);
 app.get('/', async (_req, res) => {
   res.json({
     message: 'OK',
