Now, let’s create routes for user registration and login:
// routes/auth.routes.js
const express = require('express');
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');
const { User } = require('../models');
const router = express.Router();
router.post('/register', async (req, res) => {
try {
const { username, email, password } = req.body;
const hashedPassword = await bcrypt.hash(password, 8);
const user = await User.create({
username,
email,
password: hashedPassword,
});
res.status(201).send({ message: "User registered successfully!", userId: user.id });
} catch (err) {
res.status(500).send({ message: err.message });
}
});
router.post('/login', async (req, res) => {
try {
const { username, password } = req.body;
const user = await User.findOne({ where: { username } });
if (!user) {
return res.status(404).send({ message: "User not found." });
}
const isPasswordValid = await bcrypt.compare(password, user.password);
if (!isPasswordValid) {
return res.status(401).send({ message: "Invalid password!" });
}
const token = jwt.sign({ id: user.id }, process.env.JWT_SECRET, {
expiresIn: 86400, // 24 hours
});
res.status(200).send({
id: user.id,
username: user.username,
email: user.email,
accessToken: token,
});
} catch (err) {
res.status(500).send({ message: err.message });
}
});
module.exports = router;