arshadpatel · arshadpatel · Oct 6, 2024 · Oct 5, 2024 · Oct 5, 2024
diff --git a/backend/.env.example b/backend/.env.example
@@ -1,4 +1,7 @@
 DB_URI=<YOUR MONGO URI>
 PORT=<YOUR PORT>
 
-
+REFRESH_TOKEN_SECRET=<YOUR REFRESH TOKEN SECRET>
+REFRESH_TOKEN_EXPIRY=<YOUR REFRESH TOKEN EXPIRY>
+ACCESS_TOKEN_SECRET=<YOUR ACCESS TOKEN SECRET>
+ACCESS_TOKEN_EXPIRY=<YOUR ACCESS TOKEN EXPIRY>
diff --git a/backend/app.js b/backend/app.js
@@ -2,6 +2,7 @@ import dotenv from 'dotenv';
 import express from 'express';
 import connectDB from './config/db.js';
 import courseRoutes from './routes/courseRoutes.js';
+import userRoutes from './routes/userRoutes.js';
 import morgan from 'morgan';
 dotenv.config();
 const app = express();
@@ -16,9 +17,11 @@ connectDB();
 // Middleware
 app.use(express.json()); // For parsing application/json
 app.use(morgan('dev'));
+app.use(express.urlencoded({ extended: true }));
 
 // API Routes
 app.use('/api', courseRoutes);
+app.use('/api/user', userRoutes);
 
 // Handle 404
 app.use((req, res) => {

diff --git a/backend/controllers/userController.js b/backend/controllers/userController.js
@@ -0,0 +1,100 @@
+import { User } from "../models/user.js";
+import { asyncHandler } from "../middlewares/asyncHandler.js";
+import  {ApiError}  from "../validations/apiErrors.js";
+
+const generateAccessAndRefereshTokens = async (userId) => {
+  try {
+    const user = await User.findById(userId);
+    const accessToken = user.generateAccessToken();
+    const refreshToken = user.generateRefreshToken();
+    user.refreshToken = refreshToken;
+    await user.save({ validateBeforeSave: false });
+
+    return { accessToken, refreshToken };
+  } catch (error) {
+    throw new ApiError(
+      500, "Something went wrong while generating referesh and access token"
+    );
+  }
+};
+
+export const signupUser = asyncHandler(async (req, res) => {
+  const { fullName, email, username, password } = req.body;
+
+  if (
+    [fullName, email, username, password].some((field) => field?.trim() === "")
+  ) {
+    throw new ApiError(400, "All fields are required");
+  }
+
+  const existUser = await User.findOne({
+    $or: [{ email }, { username }],
+  });
+
+  if (existUser) {
+    throw new ApiError(409, "User with email or username already exists")
+  }
+
+
+  const user = await User.create({
+    fullName,
+    email,
+    password,
+    username: username.toLowerCase(),
+  });
+
+  const createdUser = await User.findById(user._id).select(
+    "-password -refreshToken"
+  );
+
+  if (!createdUser) {
+    throw new ApiError(500, "Something went wrong while registering the user")
+  }
+
+  return res.status(200).json({ createdUser });
+});
+
+export const loginUser = asyncHandler(async (req, res) => {
+  const { email, username, password } = req.body;
+
+  if (!username && !email) {
+    throw new ApiError(400, "username or email is required")
+  }
+
+  const user = await User.findOne({
+    $or: [{ username }, { email }],
+  });
+
+  if (!user) {
+    throw new ApiError(404, "User does not exist")
+  }
+
+  const isPasswordValid = await user.isPasswordCorrect(password);
+
+  if (!isPasswordValid) {
+    throw new ApiError(401, "Invalid user credentials")
+  }
+
+  const { accessToken, refreshToken } = await generateAccessAndRefereshTokens(
+    user._id
+  );
+
+  const loggedInUser = await User.findById(user._id).select(
+    "-password -refreshToken"
+  );
+
+  const options = {
+    httpOnly: true,
+    secure: true,
+  };
+
+  return res
+    .status(200)
+    .cookie("accessToken", accessToken, options)
+    .cookie("refreshToken", refreshToken, options)
+    .json({
+      user: loggedInUser,
+      accessToken,
+      refreshToken,
+    });
+});
diff --git a/backend/middlewares/asyncHandler.js b/backend/middlewares/asyncHandler.js
@@ -0,0 +1,13 @@
+const asyncHandler = (fn) => {
+    return async (req, res, next) => {
+        try {
+            await fn(req, res, next);
+        } catch (error) {
+            console.log("asyncHandler error: ", error);
+
+        }
+    }
+
+}
+
+export {asyncHandler};
diff --git a/backend/models/user.js b/backend/models/user.js
@@ -0,0 +1,75 @@
+import mongoose, { Schema } from "mongoose";
+import jwt from "jsonwebtoken";
+import bcrypt from "bcrypt";
+
+const userSchema = new Schema(
+  {
+    username: {
+      type: String,
+      required: true,
+      unique: true,
+      lowercase: true,
+      trim: true,
+    },
+    email: {
+      type: String,
+      required: true,
+      lowercase: true,
+      unique: true,
+      trim: true,
+    },
+    password: {
+      type: String,
+      required: true,
+    },
+    fullName: {
+      type: String,
+      trim: true,
+    },
+    refreshToken: {
+      type: String,
+    },
+  },
+  {
+    timestamps: true,
+  }
+);
+userSchema.pre("save", async function (next) {
+  if (!this.isModified("password")) return next();
+
+  this.password = await bcrypt.hash(this.password, 10);
+  next();
+});
+
+userSchema.methods.isPasswordCorrect = async function (password) {
+  return await bcrypt.compare(password, this.password);
+};
+
+userSchema.methods.generateAccessToken = function () {
+  return jwt.sign(
+    {
+      _id: this._id,
+      username: this.username,
+      email: this.email,
+      fullName: this.fullName,
+    },
+    process.env.ACCESS_TOKEN_SECRET,
+    {
+      expiresIn: process.env.ACCESS_TOKEN_EXPIRY,
+    }
+  );
+};
+
+userSchema.methods.generateRefreshToken =  function () {
+  return jwt.sign(
+    {
+      _id: this._id,
+    },
+    process.env.REFRESH_TOKEN_SECRET,
+    {
+      expiresIn: process.env.REFRESH_TOKEN_EXPIRY,
+    }
+  );
+};
+
+export const User = mongoose.model("User", userSchema);