I have my Userschema
const userSchema = new mongoose.Schema(
username: {...},
},
name: {
},
email: {
type: String,
trim: true,
required: [true, 'Please add an email'],
unique: true,
lowercase: true,
},
profile: {
type: String,
required: true,
},
role: {
type: String,
enum: ['user', 'admin'],
default: 'user',
},
password: {
type: String,
required: [true, 'Please add a password'],
minlength: 8,
select: false,
},
resetPasswordToken: String,
resetPasswordExpire: Date,
createdAt: {
type: Date,
default: Date.now,
},
},
);
Signup and hash methods
userSchema.pre('save', async function (next) {
if (!this.isModified('password')) {
next();
}
const salt = await bcrypt.genSalt(13);
this.password = await bcrypt.hash(this.password, salt);
});
userSchema.methods.getSignedJwtToken = function () {
return jwt.sign({ id: this._id }, process.env.JWT_SECRET, {
expiresIn: process.env.JWT_EXPIRE,
});
};
userSchema.methods.matchPassword = async function (enteredPassword) {
await bcrypt.compare(enteredPassword, this.password);
};
I can signup without any problems,using POSTMAN
Image from MongoDb Cloud
Now I want to login(Added console.log)
boki#gmail.com boki32300
POST /api/v1/auth/login 401 1146.328 ms - 232
Error: Invalid credentials
at /home/milenko/blog_mongo/backend/controllers/auth.js:46:17
Auth.js
exports.login = asyncHandler(async (req, res, next) => {
const { email, password } = req.body;
if (!email || !password) {
return next(new ErrorResponse('Please provide an email and password', 400));
}
console.log(email, password);
const user = await User.findOne({ email }).select('+password');
if (!user) {
return next(new ErrorResponse('Invalid credentials', 401));
}
const isMatch = await user.matchPassword(password);
if (!isMatch) {
return next(new ErrorResponse('Invalid credentials', 401));
}
sendTokenResponse(user, 200, res);
});
isMatch is false.
Why?
Related
I'm trying to get the current user loggedin using findById() of mongoose, but it always return null. I tried converting the id to mongoose.Types.ObjectId(string id), but i get the same result. How do i get the current user loggedin using findById(). Thanks in advance.
This is my controller
exports.createList = async (req, res, next) => {
const { error } = listValidation(req.body);
if (error) {
return res.status(404).send(error.details[0].message);
}
const list = new List({
title: req.body.title,
description: req.body.description,
createdDate: req.body.createdDate,
endDate: req.body.endDate,
creator: req.user._id,
});
try {
await list.save();
console.log("LIST CREATED");
console.log(req.user);
const user = await User.findById(mongoose.Types.ObjectId(req.user._id));
console.log(user);
user.lists.push(list);
await user.save();
console.log("LIST ADDED TO USER");
res
.status(201)
.json({ creator: { _id: user._id, username: user.username } });
} catch (error) {
res.status(400).send("An error occured");
}
};
This is the User model
const mongoose = require("mongoose");
const Schema = mongoose.Schema;
const userSchema = new Schema(
{
email: {
type: String,
required: true,
min: 6,
max: 255,
},
username: {
type: String,
required: true,
min: 6,
max: 255,
},
password: {
type: String,
required: true,
min: 6,
max: 1024,
},
lists: [
{
type: Schema.Types.ObjectId,
ref: "List",
},
],
},
{ timestamps: true }
);
module.exports = mongoose.model("User", userSchema);
Middleware to verified token and save user id to req.body
const jwt = require("jsonwebtoken");
module.exports = (req, res, next) => {
// Check if there is a token from req.header
const token = req.header("auth-token");
if (!token) {
return res.status(401).send("Access denied");
}
try {
const verified = jwt.verify(token, process.env.TOKEN_SECRET);
req.user = verified;
next();
} catch (error) {
res.status(400).send("Invalid token");
}
};
i am try to inser user data into my database but data is not inserting and it is showing like User already exist with this email
How can solve this one ?
My code is below
i had tried with different email even though it is User already exist with this email and it is not inserting in the database.
server.js
require("dotenv").config();
const express = require("express");
const app = express();
const mongoose = require("mongoose");
const port = process.env.PORT || 3500;
app.use(express.json());
//DB connection
mongoose
.connect(process.env.MONGO_URL)
.then(() => console.log("DB Connection Successful"))
.catch((err) => console.log(err));
//Routes
app.use("/api/auth/", require("./routes/auth"));
app.listen(port, () => {
console.log("Server is running on Port " + port);
});
user.js
const mongoose = require("mongoose");
const bcrypt = require("bcrypt");
const userSchema = new mongoose.Schema(
{
firstName: { type: String, required: true, trim: true, min: 3, max: 30 },
lastName: { type: String, required: true, trim: true, min: 3, max: 30 },
userName: {
type: String,
required: true,
trim: true,
min: 3,
max: 30,
unique: true,
index: true,
lowercase: true,
},
email: {
type: String,
required: true,
trim: true,
unique: true,
lowercase: true,
},
userPassword: { type: String, required: true },
role: { type: String, enum: ["user", "admin"], default: "admin" },
contactNumber: { type: String },
profilePicture: { type: String },
},
{ timestamps: true }
);
userSchema.virtual("password").set(function (password) {
this.userPassword = bcrypt.hashSync(password, 10);
});
userSchema.methods = {
authenticate: function (password) {
return bcrypt.compareSync(password, this.userPassword);
},
};
module.exports = mongoose.model("User", userSchema);
auth.js
const router = require("express").Router();
const User = require("../models/user");
router.post("/signin", (req, res) => {});
router.post("/register", async (req, res) => {
const user = User.findOne({ email: req.body.email });
if (!user) {
const newUser = new User(req.body);
await newUser.save();
res.status(201).json({
user: newUser,
});
} else {
res.status(400).json({
message: "User already exist with this email",
});
}
});
module.exports = router;
please find the attached images
Querying the database is an asynchronous function call.
Here at the auth.js, You're checking asynchronous if the user exits. const user = User.findOne({ email: req.body.email });
You should add await like that: const user = await User.findOne({ email: req.body.email });
Since, its asyncourouns Javascript doesn't wait for the answer and assings undefined to the user variable.
Therefore you end up at your else statement.
I am going through the full stack developer certification and creating an authentication app from devChallenges.io and I want the user to able to edit their profile and pass in the new profile image as well as their name, bio, phone number and password in the form data however, I get the error Missing required parameter - public_id. Here is my code below.
// #route POST /profile/edit/:id
// #desc edit profile
// #access Private
app.put('/profile/edit/:id', upload.single('image'), auth, async (req, res) => {
const { name, bio, phone, password } = req.body;
try {
let user = await AuthUser.findById(req.params.id);
// Delete image from cloudinary
await cloudinary.uploader.destroy(user.cloudinary_id);
// Upload image to cloudinary
let result;
if (req.file) {
result = await cloudinary.uploader.upload(req.file.path);
}
const data = {
name: name || user.name,
avatar: result.secure_url || user.avatar,
bio: bio || user.bio,
phone: phone || user.phone,
password: password || user.password,
cloudinary_id: result.public_id || user.cloudinary_id,
};
// Encrypt password
const salt = await bcrypt.genSalt(10);
data.password = await bcrypt.hash(password, salt);
// Update
user = await User.findByIdAndUpdate(req.params.id, data, { new: true });
return res.json(user);
} catch (err) {
console.error(err.message);
res.status(500).send('Server error');
}
});
models/user.js
const mongoose = require('mongoose');
const UserSchema = new mongoose.Schema({
name: {
type: String,
default: '',
},
email: {
type: String,
unique: true,
required: true,
},
password: {
type: String,
required: true,
},
avatar: {
type: String,
},
bio: {
type: String,
default: '',
},
phone: {
type: String,
default: '',
},
cloudinary_id: {
type: String,
},
});
module.exports = AuthUser = mongoose.model('AuthUser', UserSchema);
According to the error-trace the error occurs in the "validate" method, but as far as i see it my compare call is correct. I hope someone can explain to me why it happens anyways.
POST /user/register 500 23.312 ms - 2235
Error: data and hash arguments required
at Object.compare
at model.user_schema.methods.validate
The mongoose model:
const mongoose = require('mongoose');
const bcrypt = require('bcrypt');
const salty = 10;
const user_schema = new mongoose.Schema({
name: {
type: String,
required: true,
unique: false,
minlength: 3,
maxlength: 32
},
email: {
type: String,
required: true,
unique: true
},
password: {
type: String,
required: true
}
});
user_schema.pre('save', (next) => {
// if the password is not changed, there is no need to hash it again
if (!this.isModified('password')) return next();
// hash the user password
bcrypt.hash(this.password, salty, (err, hash) => {
if (err) return next(err);
this.password = hash;
return next();
});
});
user_schema.methods.validate = (claim, callback) => {
// compare the password to the existing hash from the database
bcrypt.compare(claim, this.password, (err, is_match) => {
if (err) return callback(err);
return callback(null, is_match);
});
}
module.exports = mongoose.model('user', user_schema);
The router with the create call:
router.post('/register', (req, res, next) => {
let new_user = {
name: req.body.name,
email: req.body.email,
password: req.body.password
};
user_model.create(new_user, (err, user) => {
if (err) return next(err);
res.send(user);
});
});
I've been working on a Nodejs+Express+Mongoose API that handles user registration/login, everything works perfectly when a user signs up, but when the user wants to login it says it can't find the user. Let me show you the code:
module.exports.registerUser = (req, res) => {
var user = new User();
user.email = req.body.email;
user.name = req.body.name;
user.setPassword(req.body.password);
user.save((err) => {
var token;
token = user.generateJwt();
res.status(200);
res.json({
'token': token,
'user': user,
});
});
};
When I register (I'm testing this with Postman) I get this message, showing everything it's OK:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0ODg1MDcwNjUsImlhdCI6MTQ4ODQyMDY2NX0.GD0NehQ1EYEnOKx2OJWALpkHB8u5N_9Zjm1dcuEdl7I",
"user": {
"__v": 0,
"name": "Stack Overflow",
"email": "stackoverflow#stackoverflow.com",
"_id": "58b77f39cf5e8d5f3ffdb4ff"
}
}
The password gets hashed, that's why the JSON doesn't contain it.
And this is the code for user login:
module.exports.loginUser = (req, res) => {
var password = req.body.password;
var email = req.body.email;
User.findOne({'email': email}, (err, user) => {
if (err) {
res.status(500).json(err);
}
if (user) {
if (!user.validPassword(password)) {
res.status(401).send({
message: 'Wrong password.'
});
} else {
token = user.generateJwt();
res.status(200);
res.json({
'token': token,
'user': user
});
}
} else {
res.status(404).send({
message: 'No user was found.'
});
}
});
}
But every time I hit the login button on postman with the same password and email, I get this:
{
"message": "No user was found."
}
And this is the user schema:
'use strict'
var mongoose = require('mongoose');
var Schema = mongoose.Schema;
var crypto = require('crypto');
var jwt = require('jsonwebtoken');
var secret = require('../config/secret');
var userSchema = new Schema({
email: {
type: String,
required: true,
unique: true
},
name: {
type: String,
required: true
},
age: {
type: Number,
required: false
},
schoolID: {
type: String,
required: false,
unique: false
},
university: {
type: String,
required: false
},
area: {
type: mongoose.Schema.Types.ObjectId,
ref: 'Area'
},
project: {
type: mongoose.Schema.Types.ObjectId,
ref: 'Project'
},
hash: String,
salt: String
});
userSchema.methods.setPassword = (password) => {
this.salt = crypto.randomBytes(16).toString('hex');
this.hash = crypto.pbkdf2Sync(password, this.salt, 1000, 64, 'sha1').toString('hex');
};
userSchema.methods.validPassword = (password) => {
this.hash = crypto.pbkdf2Sync(password, this.salt, 1000, 64, 'sha1').toString('hex');
return this.hash === hash;
};
userSchema.methods.generateJwt = () => {
var expiry = new Date();
expiry.setDate(expiry.getDate() + 1);
return jwt.sign({
_id: this._id,
email: this.email,
name: this.name,
exp: parseInt(expiry.getTime() / 1000),
}, secret.secret);
};
var User = mongoose.model('User', userSchema);
module.exports = User;
I can't find the solution to this problem, because the way I see it, everything should be working just nice. Any ideas on why this isn't working?
Update:
This is for checking the email is being sent correctly:
{
"message": "No user was found. User: stackoverflow#stackoverflow.com password: stackoverflow"
}