1. Define a route in auth.route.js –
router.post(‘/signin’, signin)
2. create a signin controller in auth.controller.js.
3. Install a package to generate a sign-in token
npm i jsonwebtoken
4. Define a secret key in .env file –
JWT_SECRET_KEY=’SecretKeyCanbeAnyRandomString’
5. Check User has enter valid email id and password. If not, return a Error.
6. If user has enter email id and password, match user entered email id with the database stored email id. If email id does not match, it means user does not exist, return a error.
6. Match user enterted password with database stored user password, if not macth return a error.
7. Write a code for generate sign-in token.
8. If everything is correct, sign-in is successful.
auth.controller.js:
//Signin Controller
export const signin=async(req, res, next)=>{
const {email, password}=req.body;
if(!email || !password || email===” || password===”){
return next(errorHandler(400, “Please enter valid Details!”))
}
try {
const validUser=await User.findOne({email})
if(!validUser){
return next(errorHandler(400, “Invalid User!”))
}
const validPassword=bcryptjs.compareSync(password, validUser.password)
if(!validPassword){
return next(errorHandler(400, “Invalid Password!”))
}
const token=jwt.sign({id:validUser._id}, process.env.JWT_SECRET_KEY);
const {password:pass, …rest}=validUser._doc;
res.status(200).cookie(‘access_token’, token, {
httpOnly:true
}).json(rest)
} catch (error) {
return next(error)
}
}
API is ready, test it on Postman.
Video Tutorial:
