diff --git a/server/src/authLogin.ts b/server/src/authLogin.ts
index 20e43c43c443c5452d96572b5f7ee9b65d093e2b..83f44e305ca4ceb08b721ab818d005888e497d1e 100644
--- a/server/src/authLogin.ts
+++ b/server/src/authLogin.ts
@@ -2,9 +2,9 @@ import bcryptServices from "./db/bcryptFunctions";
import getTokenPayload from "./db/jwtTokenPayload";
import jwt from "jsonwebtoken";
import Worker from "./db/models/Worker";
-import {Request,Response} from "express"
+import { Request, Response } from "express";
-const authLoginController = async (req:Request, res:Response) => {
+const authLoginController = async (req: Request, res: Response) => {
try {
//destructure req.body: -------------------------------
const loginData = {
@@ -12,43 +12,45 @@ const authLoginController = async (req:Request, res:Response) => {
password: req.body.password,
};
- //check email: -------------------------------
- const workerExists = await Worker.findByPk(loginData.email); //get worker according to PrimaryKey Email from DB
- if (!workerExists) {
- // if worker does not exist
+ //get password of worker (if found, using given email)
+ const getPasswordIfWorkerExists = await Worker.findAll({
+ attributes: ["password"],
+ where: {
+ email: loginData.email,
+ },
+ });
+
+ //if not found -> email incorrect or worker not found
+ if (getPasswordIfWorkerExists.length === 0) {
return res.status(401).send("wrong email or email not found!");
}
- //check password: -------------------------------
- await Worker.findOne({
- where: {
- email: loginData.email,
- },
- attributes: ["password"],
- }).then((result) => {
- const hashedPasswordInDB = result.password; //password in DB
- bcryptServices
- .comparePassword(loginData.password, hashedPasswordInDB)
- .then((result) => {
- if (result) {
- //if password is right -> create jwt-token
- getTokenPayload(loginData.email).then((result) => {
- const tokenPayload = {
- email: result[0].email,
- password: result[0].password,
- role: result[0].role,
- };
-
- //give token: -------------------------------
- const token = jwt.sign(tokenPayload, process.env.JWT_SECRET);
- // console.log("token:", token);
- return res.status(200).send(`logged in successfully!\nToken: ${token}`);
- })
- } else return res.status(401).send("invalid password!");
+ //otherwise: if worker found
+ //check given password: -------------------------------
+ const hashedPasswordInDB = getPasswordIfWorkerExists[0].password; //password in DB
+ const compareResult = await bcryptServices.comparePassword(
+ loginData.password,
+ hashedPasswordInDB
+ );
- });
- });
+ //if password is right -> create jwt-token
+ if (compareResult) {
+ const tokenPayload = await getTokenPayload(loginData.email);
+ const payload = {
+ email: tokenPayload[0].email,
+ password: tokenPayload[0].password,
+ role: tokenPayload[0].role,
+ };
+
+ //create and send token: -------------------------------
+ const secret = process.env.JWT_SECRET;
+ const token = jwt.sign(payload, secret);
+ return res.status(200).send({ token });
+ } else {
+ return res.status(401).send("invalid password!");
+ }
} catch (error) {
+ console.error("server error: ", error.message);
return res.status(500).send("server error!");
}
};