Adding hashing and retrieving user from db using email.

2025-09-08 17:40:17 +00:00 · 2021-03-07 20:43:02 -08:00 · 2021-03-07 20:43:02 -08:00 · ea41b550ad
commit ea41b550ad
parent dae6e0761a
5 changed files with 86 additions and 7 deletions
--- a/src/accounts/authorize.js
+++ b/src/accounts/authorize.js
@ -0,0 +1,18 @@
+import bcrypt from 'bcryptjs'
+const { compare } = bcrypt
+
+export async function authorizeUser(email, password) {
+  // Import user collection
+  const { user } = await import ("../user/user.js")
+  // Look up user
+  const userData = await user.findOne({
+    'email.address': email,
+  })
+  // Get user password
+  const savedPassword = userData.password
+  // Compare password with one in database
+  const isAuthorized = await compare(password, savedPassword)
+  console.log("isAuthorized", isAuthorized)
+  // Return boolean of if password is correct
+  return isAuthorized
+}
--- a/src/accounts/register.js
+++ b/src/accounts/register.js
@ -2,16 +2,23 @@ import bcrypt from 'bcryptjs'
 const { genSalt, hash } = bcrypt

 export async function registerUser(email, password) {
+  const { user } = await import ("../user/user.js")
+
  // generate salt
  const salt = await genSalt(10)
-  console.log('salt', salt)

  // hash with salt
  const hashedPassword = await hash(password, salt)
-  console.log('hashedPassword', hashedPassword)

  // store in database
+  const result = await user.insertOne({
+    email: {
+      address: email,
+      verified: false,
+    },
+    password: hashedPassword,
+  })

  // return user from database
-
+  return result.insertedId
 }
--- a/src/index.js
+++ b/src/index.js
@ -5,6 +5,7 @@ import path from 'path'
 import { fileURLToPath } from 'url'
 import { connectDb } from './db.js'
 import { registerUser } from './accounts/register.js'
+import { authorizeUser } from './accounts/authorize.js'

 // ESM specific "features"
 const __filename = fileURLToPath(import.meta.url)
@ -20,12 +21,27 @@ async function startApp() {

    app.post('/api/register', {}, async (request, reply) => {
      try {
-        await registerUser(request.body.email, request.body.password)
+        const userId = await registerUser(
+          request.body.email,
+          request.body.password
+        )
      } catch (e) {
        console.error('e', e);
      }
    })

+
+    app.post('/api/authorize', {}, async (request, reply) => {
+      try {
+        console.log(request.body.email, request.body.password)
+        const userId = await authorizeUser(
+          request.body.email,
+          request.body.password
+        )
+      } catch (e) {
+        console.error('e', e);
+      }
+    })
    // app.get("/", {}, (request, reply) => {
    //   reply.send({
    //     data: "hello world",
--- a/src/public/index.html
+++ b/src/public/index.html
@ -14,15 +14,24 @@
    <input type="password" name="password">
    <button type="submit">Register</button>
  </form>
+  <br/>
+  <hr />
+  <br/>
+  <h3>Login Form</h3>
+  <form id="login-form">
+    <input type="email" name="email">
+    <input type="password" name="password">
+    <button type="submit">Login</button>
+  </form>

  <script>
    ;(() => {
-      const form = document.getElementById("register-form")
+      const registerForm = document.getElementById("register-form")

-      form.addEventListener("submit", async (e) => {
+      registerForm.addEventListener("submit", async (e) => {
        e.preventDefault();
        try {
-          const values = Object.values(form).reduce((obj, field) => {
+          const values = Object.values(registerForm).reduce((obj, field) => {
            if (field.name) {
              obj[field.name] = field.value
            }
@ -38,6 +47,31 @@
          console.error(e)
        }
      })
+
+      // Find form element 
+      const loginForm = document.getElementById("login-form")
+      // Wait for event
+      loginForm.addEventListener("submit", async (e) => {
+        e.preventDefault();
+        try {
+          // Get form values
+          const values = Object.values(loginForm).reduce((obj, field) => {
+            if (field.name) {
+              obj[field.name] = field.value
+            }
+            return obj
+          }, {})
+          // Submit
+          const res = await fetch('/api/authorize', {
+            method: "POST",
+            body: JSON.stringify(values),
+            headers: { "Content-type": "application/json; charset=UTF-8"},
+          })
+          console.log("values", values)
+        } catch (e) {
+          console.error(e)
+        }
+      })
    })()
  </script>
 </body>
--- a/src/user/user.js
+++ b/src/user/user.js
@ -0,0 +1,4 @@
+import { client } from '../db.js'
+
+export const user = client.db("test").collection("user")
+