async login(req: Request, res: Response) {
let email = req.body.email
const user = await User.findOne({ email: email })
if (user) {
if (user.schema.methods.isVerified) {
let password: string = req.body.password
let hashedPassword = user.password
console.log(password, hashedPassword)
console.log(user.schema.methods.checkPassword(password, hashedPassword))
if (user.schema.methods.checkPassword(password, hashedPassword)) {
res.json(dataResponse({ userId: user.id }, 200, 'Login sucess'))
} else {
res.json(dataResponse('', 200, 'Invalid email or password'))
}
} else {
const tokenItem = await Token.findOne({ userId: user.id })
if (tokenItem) {
if (tokenItem.schema.methods.isNotExpired) {
await Token.deleteMany().where({ userId: user._id })
await tokenController.create({ userId: user._id, email: email })
res.json(
dataResponse(null, 406, 'Your'e account is not verified,a new token has been sent to your email')
)
} else {
await Token.deleteMany().where({ userId: user.id })
await User.deleteMany().where({ _id: user.id })
res.json(
dataResponse(
'',
401,
"Your account doesn't exist, please sign up "
)
)
}
} else{
await tokenController.create({ userId: user._id, email: email })
res.json(
dataResponse(null, 406, 'Your'e account is not verified,a new token has been sent to your email')
)
}
}
} else{
res.json(dataResponse('', 401, 'This account doesn't exist, please sign up'))
}
}
async forgotPassword(req: Request, res: Response) {
let email = req.body.email
let password = req.body.password
const user = await User.findOne({email:email})
if(user){
if(user.schema.methods.isVerified){
await user.updateOne({ password })
await user.save()
res.json(dataResponse('', 200, 'Password reset successful'))
} else {
res.json(dataResponse('', 401, 'Your account is not verified please try logging in'))
}
} else {
res.json(dataResponse('', 401, 'This account does not exist.'))
}
}
Above is the login functionality that I created to get the user logged in. I am using mongoose middleware to hash the password and check the hashed password
userSchema.pre('save', function (next) {
this.password = bcrypt.hashSync(this.password, 10)
next()
})
For hashing password
userSchema.methods.checkPassword = function (
password: string,
hashedPassword: string
) {
return bcrypt.compareSync(password, hashedPassword)
}
For updating password. Now the problem is when I register and login, it works. However, when I update the password, then the login function doesn’t work. More specifically the checkPassword method returns false. And, yes the password is changed sucessfully, it is saved in database but the method returns false.
async forgotPassword(req: Request, res: Response) {
let email = req.body.email
let password = req.body.password
const user = await User.findOne({email:email})
if(user){
if(user.schema.methods.isVerified){
await user.updateOne({ password })
await user.save()
res.json(dataResponse('', 200, 'Password reset successful'))
} else {
res.json(dataResponse('', 401, 'Your account is not verified please try logging in'))
}
} else {
res.json(dataResponse('', 401, 'This account does not exist.'))
}
}
That is the method I used to update password.
I wanted the login to be successful but even though the password is changed and is being displayed as change the comparesync on bcrypt returns false. Only while updating but works while registering.