import bcrypt from "bcrypt"; import { Request, Response } from "express"; import jwt from "jsonwebtoken"; import { QueryResult } from "pg"; import db from "../database/postgres.js"; import { ErrorResponse } from "../types/error.js"; import type { LoginRequest } from "../types/request.js"; import type { AuthorizedUser, DatabaseUser, LoginResponse, } from "../types/user.js"; async function loginUser(req: Request, res: Response) { const { email, password } = req.body as LoginRequest; if (!email || !password) { return res.status(400).json({ message: "E-mail and password are required.", }); } try { // Get data for user with login email address const queryResult: QueryResult = await db.query( "SELECT id, email, password_hash, created_at FROM users WHERE email = $1;", [email] ); const user = queryResult.rows[0]; if (!user) { return res.status(401).json({ message: "Login data invalid." }); } // Check if password is correct const isValidPassword = await bcrypt.compare( password, user.password_hash ); if (!isValidPassword) { return res.status(401).json({ message: "The password is incorrect.", }); } const userData: AuthorizedUser = { id: user.id, email: user.email, createdAt: user.created_at, }; // Create token for authentication const token = jwt.sign(userData, process.env.JWT_SECRET!); const loginResponse: LoginResponse = { message: "Successful login.", user: userData, token, }; return res.status(200).json(loginResponse); } catch (error) { console.error("Error on login attempt: ", error); const errorResponse: ErrorResponse = { message: "Internal server error on login attempt.", error, }; return res.status(500).json(errorResponse); } } export default loginUser;