Skip to content

fix done #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

fix done #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1490bb7
updated controllers
ABHINAVGARG05 Feb 16, 2025
420b796
fix
ABHINAVGARG05 Feb 18, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .env → .env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
PORT =5001
CONNECT_STRING= Enter your DB url
ACCESS_TOKEN_SECERT = SOTYBackendHarshitPG
ACCESS_TOKEN_SECERT= SOTYBackendHarshitPG
REFRESH_TOKEN_SECERT= SOTYBackendHarshitPG
2 changes: 1 addition & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ web_modules/
.yarn-integrity

# dotenv environment variable files
# .env
.env
.env.development.local
.env.test.local
.env.production.local
Expand Down
230 changes: 117 additions & 113 deletions controllers/authController.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,150 +1,154 @@
const UserModel = require("../models/userModel");
const jwt = require("jsonwebtoken");
const bcrypt = require("bcrypt");
const crypto = require("crypto");
require("dotenv").config();

//Registering a new user
const generateAccessToken = (user) => {
return jwt.sign(
{ username: user.username, id: user._id, teamname: user.teamname },
process.env.ACCESS_TOKEN_SECRET,
{
expiresIn: process.env.ACCESS_TOKEN_EXPIRY || "45m"
}
);
};

const registerUser = async (req, res) => {
const { username, teamname, password, score } = req.body;
console.log(req.body);
const generateRefreshToken = (user) => {
return jwt.sign(
{ username: user.username, id: user._id },
process.env.REFRESH_TOKEN_SECRET,
{
expiresIn: process.env.REFRESH_TOKEN_EXPIRY || "7d"
}
);
};

const registerUser = async (req, res) => {
try {
const userAvailable = await UserModel.findOne({ username });
if (userAvailable) {
return res.status(400).json({ message: "User already exists" });
const { username, teamname, password, score } = req.body;

if (!username || !teamname || !password) {
return res.status(400).json(
{
message: "All fields are required"
}
);
}

const userExists = await UserModel.findOne({ username });
if (userExists) {
return res.status(400).json(
{
message: "User already exists"
}
);
}
const salt = await bcrypt.genSalt(10);
const hashedPassword = await bcrypt.hash(password, salt);
console.log("Hashed Password: ", hashedPassword);

const hashedPassword = await bcrypt.hash(password, 10);

const newUser = new UserModel({
username: username,
teamname: teamname,
username,
teamname,
password: hashedPassword,
score: score,
// refreshToken: [],
score: score || 0,
});
const user = await newUser.save();

const token = jwt.sign(
{ username: user.username, id: user._id, teamname: user.teamname },
process.env.ACCESS_TOKEN_SECERT,
{ expiresIn: "45m" }
);
const user = await newUser.save();
const token = generateAccessToken(user);

console.log(`User created ${user}`);
console.log(`User token ${token}`);
res.status(200).json({ user });
console.log(`User registered: ${user}`);
res.status(201).json({ user, token });
} catch (error) {
res.status(500).json({ message: error.message });
console.error(error);
res.status(500).json({ message: "Internal server error" });
}
};

//login User

const loginUser = async (req, res) => {
const { username, password } = req.body;
try {
const user = await UserModel.findOne({
username: username,
});
const { username, password } = req.body;
if (!username || !password) {
return res.status(400).json(
{
message: "Username and password required"
}
);
}

if (user) {
// if (user.isBan) {
// const TimeOut = 120 * 60 * 1000;

// const timeElapsed = Date.now() - user.banTime;

// if (timeElapsed < TimeOut) {
// const remainingTime = TimeOut - timeElapsed;
// await UserModel.findByIdAndUpdate(req.params.id, { isBan: true });
// return res.status(403).json({
// message: `User has banned. Please wait for ${remainingTime} milliseconds.`,
// remainingTime: remainingTime,
// isBan: user.isBan,
// });
// }
// }
const validity = await bcrypt.compare(password, user.password);
if (!validity) {
res.send(400).json("Wrong password");
} else {
const token = jwt.sign(
{ username: user.username, id: user._id, isAdmin: user.isAdmin },
process.env.ACCESS_TOKEN_SECERT,
{ expiresIn: "1d" }
);
const user = await UserModel.findOne({ username });
if (!user) {
return res.status(404).json(
{
message: "User not found"
}
);
}

const refreshToken = generateRefreshToken(user);
user.refreshToken = refreshToken;
const isValidPassword = await bcrypt.compare(password, user.password);
if (!isValidPassword) {
return res.status(400).json(
{
message: "Incorrect password"
}
);
}

user.prevAccessToken = user.accessTokens;
user.accessTokens = [];
await user.save();
const accessToken = generateAccessToken(user);
const refreshToken = generateRefreshToken(user);

user.accessTokens.push(token);
await user.save();
user.refreshToken = refreshToken;
await user.save();

console.log(`User created login : ${user}`);
console.log(`User token login: ${token}`);
res.status(200).json({ user, token, refreshToken });
}
} else {
res.status(404).json("User not found");
}
console.log(`User logged in: ${user.username}`);
res.status(200).json({ user, accessToken, refreshToken });
} catch (error) {
res.status(500).json(error.message);
console.error(error);
res.status(500).json(
{
message: "Internal server error"
}
);
}
};

//refreshToken
const refreshToken = async (req, res) => {
const { refreshToken } = req.body;
let token;
let authHeader = req.headers.authorization || req.headers.Authorization;

if (!authHeader || !authHeader.startsWith("Bearer")) {
return res
.status(401)
.json({ message: "User is not authorized or token missing" });
}

token = authHeader.split(" ")[1];

if (!refreshToken) {
return res.status(400).json({ message: "refreshToken is required." });
}
try {
const user = await UserModel.findOne({ refreshToken: refreshToken });
console.log("user refresh:", user);
if (!user) {
return res.status(404).json({ message: "Invalid refreshToken" });
const { refreshToken } = req.body;
if (!refreshToken) {
return res.status(400).json(
{
message: "Refresh token required"
}
);
}
const storeRefeshToken = user.refreshToken;
if (!storeRefeshToken) {
return res.status(400).json({ message: "Invalid refrsh token" });

const user = await UserModel.findOne({ refreshToken });
if (!user) {
return res.status(403).json(
{
message: "Invalid refresh token"
}
);
}
user.tokenVersion += 1;
await user.save();
const newAccessToken = jwt.sign(
{ username: user.username, id: user._id },
process.env.ACCESS_TOKEN_SECERT,
{ expiresIn: "45m" }
);
res.header("Authorization", `Bearer ${newAccessToken}`);
res.status(200).json({ accessToken: newAccessToken });
user.prevAccessToken.push(token);
await user.save();

jwt.verify(refreshToken, process.env.REFRESH_TOKEN_SECRET, async (err, decoded) => {
if (err) return res.status(403).json(
{
message: "Invalid token"
}
);

const newAccessToken = generateAccessToken(user);
res.status(200).json({ accessToken: newAccessToken });
});
} catch (error) {
console.log(error);
res.status(500).json({ error: "Internal server error" });
console.error(error);
res.status(500).json(
{
message: "Internal server error"
}
);
}
};

const generateRefreshToken = (user) => {
return jwt.sign(
{ username: user.username, id: user._id },
process.env.REFRESH_TOKEN_SECERT
);
};
module.exports = { registerUser, loginUser, refreshToken };
Loading