diff options
Diffstat (limited to 'backend/src/controllers/loginUser.ts')
| -rw-r--r-- | backend/src/controllers/loginUser.ts | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/backend/src/controllers/loginUser.ts b/backend/src/controllers/loginUser.ts new file mode 100644 index 0000000..860bce2 --- /dev/null +++ b/backend/src/controllers/loginUser.ts @@ -0,0 +1,65 @@ +import bcrypt from "bcrypt"; +import { Request, Response } from "express"; +import jwt from "jsonwebtoken"; +import { QueryResult } from "pg"; +import db from "../database/postgres.js"; +import type { LoginRequest } from "../types/request.js"; +import type { AuthorizedUser, DatabaseUser } from "../types/user.js"; + +async function loginUser(req: Request, res: Response) { + const { email, password } = req.body as LoginRequest; + + if (!email || !password) { + return res.status(400).json({ + message: "E-Mail und Passwort sind erforderlich.", + }); + } + + try { + // Get data for user with login email address + const queryResult: QueryResult<DatabaseUser> = await db.query( + "SELECT id, email, password_hash, created_at FROM users WHERE email = $1;", + [email] + ); + + const user = queryResult.rows[0]; + + if (!user) { + return res.status(401).json({ message: "Login Daten ungültig." }); + } + + // Check if password is correct + const isValidPassword = await bcrypt.compare( + password, + user.password_hash + ); + + if (!isValidPassword) { + return res.status(401).json({ + message: "Das Passwort ist nicht korrekt.", + }); + } + + const userData: AuthorizedUser = { + id: user.id, + email: user.email, + createdAt: user.created_at, + }; + + // Create token for authentication + const token = jwt.sign(userData, process.env.JWT_SECRET!); + + return res.status(200).json({ + message: "Erfolgreiche Anmeldung.", + user: userData, + token, + }); + } catch (error) { + console.error("Fehler beim Login: ", error); + return res + .status(500) + .json({ message: "Interner Serverfehler beim Login.", error }); + } +} + +export default loginUser; |