Node.js API user request checking function

Issue

my logging API has some problems hard to find that. register API
working correctly and after checking the postman that was shown my
username password and everything but when I tried to check logging
that showed an empty parameter. What’s wrong with my logging function?
I have to install CryptoJS to encrypt the password. please check them.

const router = require("express").Router();
const User = require("../models/User");
const CryptoJS = require("crypto-js");

//Register
router.post("/register", async (req, res) => {
    const newUser = new User({
        username: req.body.username,
        email: req.body.email,
        password: CryptoJS.AES.encrypt(
            req.body.password, 
            process.env.PASS_SEC
            ).toString(),
    });
    try{
        const savedUser = await newUser.save();
        res.status(201).json(savedUser);
       }catch(err){
        res.status(500).json(err);
    }
});

//Login
router.post('/login', async (req, res) => {
    try{
        const user = await User.findOne({ username: req.body.username });
        !user && res.status(401).json("Wrong credentials!");
    
        const hashedPassword = CryptoJS.AES.decrypt(
            user.password,
            process.env.PASS_SEC
        );
        const password = hashedPassword.toString(CryptoJS.enc.Utf8);
        
        password !== req.body.password && 
            res.status(401).json("Wrong credentials!");

            res.status(500).json(err);
    }catch (err){
        res.status(500).json(err);
    }
});

module.exports = router;

This is screenshop in postman

Solution

The last res.status is causing the problem

router.post('/login', async (req, res) => {
    try{
        const user = await User.findOne({ username: req.body.username });
        !user && res.status(401).json("Wrong credentials!");
    
        const hashedPassword = CryptoJS.AES.decrypt(
            user.password,
            process.env.PASS_SEC
        );
        const password = hashedPassword.toString(CryptoJS.enc.Utf8);
        
        password !== req.body.password && 
            res.status(401).json("Wrong credentials!");

            res.status(200).json(user); //This means all the cases are succesfull so you should pass the user(with necessary properties)
    }catch (err){
        res.status(500).json(err);
    }
});

Answered By – Kaneki21

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply

(*) Required, Your email will not be published