1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
import bcrypt from "bcrypt";
import { Request, Response } from "express";
import jwt from "jsonwebtoken";
import { QueryResult } from "pg";
import db from "../database/postgres.js";
import type { LoginRequest } from "../types/request.js";
import type { AuthorizedUser, DatabaseUser } from "../types/user.js";
async function loginUser(req: Request, res: Response) {
const { email, password } = req.body as LoginRequest;
if (!email || !password) {
return res.status(400).json({
message: "E-Mail und Passwort sind erforderlich.",
});
}
try {
// Get data for user with login email address
const queryResult: QueryResult<DatabaseUser> = await db.query(
"SELECT id, email, password_hash, created_at FROM users WHERE email = $1;",
[email]
);
const user = queryResult.rows[0];
if (!user) {
return res.status(401).json({ message: "Login Daten ungültig." });
}
// Check if password is correct
const isValidPassword = await bcrypt.compare(
password,
user.password_hash
);
if (!isValidPassword) {
return res.status(401).json({
message: "Das Passwort ist nicht korrekt.",
});
}
const userData: AuthorizedUser = {
id: user.id,
email: user.email,
createdAt: user.created_at,
};
// Create token for authentication
const token = jwt.sign(userData, process.env.JWT_SECRET!);
return res.status(200).json({
message: "Erfolgreiche Anmeldung.",
user: userData,
token,
});
} catch (error) {
console.error("Fehler beim Login: ", error);
return res
.status(500)
.json({ message: "Interner Serverfehler beim Login.", error });
}
}
export default loginUser;
|
