getPassword() function, refactor from .send to .json

client/src/pages/Login.tsx

@@ -9,14 +9,16 @@ type Inputs = {
 };
 
 export default function Login() {
-  const { register, handleSubmit } = useForm<Inputs>();
+  const { register, handleSubmit } = useForm<Inputs>({
+    mode: "onChange",
+  });
+
   const navigate = useNavigate();
   const onSubmit: SubmitHandler<Inputs> = (data) => {
     axios
-      .post("http://localhost:5173/api/auth/login", { data })
+      .post("http://localhost:5173/api/auth/login", data)
       .then(() => {
-        navigate("/lost");
-        console.log("logged in");
+        navigate("/chat");
       })
       .catch((err) => {
         console.error(err);
@@ -43,11 +45,7 @@ export default function Login() {
               </label>
               <div>
                 <input
-                  {...register("username", {
-                    maxLength: 20,
-                    minLength: 4,
-                    pattern: /^[A-Za-z0-9_.]+$/i,
-                  })}
+                  {...register("username")}
                   id="username"
                   name="username"
                   type="username"
@@ -69,7 +67,7 @@ export default function Login() {
               </div>
               <div>
                 <input
-                  {...register("password", { maxLength: 128, minLength: 8 })}
+                  {...register("password")}
                   id="password"
                   name="password"
                   type="password"

server/db/db.js

@@ -94,6 +94,20 @@ async function checkUserExist(username) {
   }
 }
 
+async function getPassword(username) {
+  const query = `
+  SELECT password FROM accounts 
+  WHERE username = $1;
+  `;
+  try {
+    const result = await client.query(query, [username]);
+    console.log(result.rows[0].password);
+    return result.rows[0].password;
+  } catch (e) {
+    console.error("Failed to get user password ", e);
+  }
+}
+
 async function changePassword(username, newPassword) {
   const query = `
   UPDATE accounts
@@ -112,4 +126,5 @@ module.exports = {
   insertMessage,
   checkUserExist,
   changePassword,
+  getPassword,
 };

server/server.js

@@ -6,6 +6,7 @@ const cors = require("cors");
 const server = createServer(app);
 const io = new Server(server);
 const bodyParser = require("body-parser");
+const cookieParser = require("cookie-parser");
 const bcrypt = require("bcrypt");
 const crypto = require("crypto");
 const saltRounds = 10;
@@ -21,6 +22,7 @@ const {
   changePassword,
 } = require("./db/db.js");
 const { generateJwtToken } = require("./auth/jwt");
+const { getPassword } = require("./db/db");
 
 const corsOptions = {
   origin: "http://localhost:5173",
@@ -31,6 +33,7 @@ const corsOptions = {
 app.use("/socket.io", express.static("./node_modules/socket.io/client-dist/"));
 app.use(cors(corsOptions));
 app.use(bodyParser.json());
+app.use(cookieParser());
 
 app.post("/api/auth/signup", async (req, res) => {
   const username = req.body.username;
@@ -41,12 +44,16 @@ app.post("/api/auth/signup", async (req, res) => {
   // Checks if the user already exists in database
   const exist = await checkUserExist(username);
   if (exist) {
-    res.status(409).send("User already exist");
+    res.status(409).json({ message: "User already exist" });
     return;
   }
 
   // Hash password and insert hash and username to database
   bcrypt.hash(password, saltRounds, async (err, hash) => {
+    if (err) {
+      console.error("Failed to hash password ", err);
+      return;
+    }
     await insertUser(username, hash, user_id, created_at);
   });
 
@@ -57,15 +64,32 @@ app.post("/api/auth/signup", async (req, res) => {
     httpOnly: true,
   });
 
-  res.status(200).send("Successfully signed up");
+  res.status(200).json({ message: "Successfully signed up" });
 });
 
-app.post("/api/auth/login", (req, res) => {
+app.post("/api/auth/login", async (req, res) => {
   const username = req.body.username;
   const password = req.body.password;
 
-  res.status(200).send("Successfully logged In");
+  const exist = await checkUserExist(username);
+  if (!exist) {
+    res.status(404).json({ message: "User does not exist" });
+    return;
+  }
+  const hashedPassword = await getPassword(username);
+  bcrypt.compare(password, hashedPassword, (err, result) => {
+    if (err) {
+      console.error("Failed to compare password ", err);
+      return result;
+    }
+    if (result) {
+      res.status(200).json({ message: "Successfully logged In" });
+    } else {
+      res.status(401).json({ message: "Invalid password" });
+    }
+  });
 });
+
 io.on("connection", (socket) => {
   console.log(`User: ${socket.id} just connected`);
 });