Create User and Admin Models with Sign-Up and Login Routes

[samar12-rad]

Describe the feature

Description We need to create MongoDB models for both users and admins to handle user authentication and authorization. The models should differentiate between regular users and admins. The sign-up and login routes will use bcrypt to securely store passwords and authenticate users.

Acceptance Criteria:

User Model: Fields: email: string, unique, required. password: string, required. role: string, default is "user". Hash password before saving using bcrypt.

Admin Model: Can be the same as the User model but with a role field defaulted to "admin". Fields: email: string, unique, required. password: string, required. role: string, default is "admin".

Sign-Up Route (POST /api/signup): Validate user input (e.g., email, password). Hash password with bcrypt before saving to the database. Allow users to sign up with either user or admin roles. Store the user in the database and return a success message.

Login Route (POST /api/login): Validate user credentials (email and password). Compare the entered password with the hashed password using bcrypt.compare(). Return appropriate responses (success, failure, or invalid credentials).

Technical Requirements: Use mongoose for defining the models (or the database being used). Use bcrypt for password hashing and comparison. Ensure error handling for duplicate emails, missing fields, etc. Tasks:

Create the User model with email, password, and role fields. Create the Admin model or handle admin as a role within the User model.

Create /api/signup route: Validate input. Hash password using bcrypt. Save user/admin to the database.

Create /api/login route: Validate user credentials (email and password). Use bcrypt.compare() to check if the entered password matches the hashed password. If valid, return a success response with user details (excluding the password) or token (if you're planning to use JWT later). If invalid, return an appropriate error message (e.g., "Invalid credentials").

Ensure error handling for the following cases: Duplicate email during sign-up. Incorrect password during login. Missing fields (email, password). Proper distinction between regular users and admins based on the role field.

Additional Considerations: Password hashing and comparison should use bcrypt with a proper salt value (consider using a salt rounds value of 10-12).

Tech Stack: Node.js Express Mongoose (for MongoDB) bcrypt

Testing: Test routes using Postman or similar tools. Write unit tests for the routes (optional).

Add ScreenShots

Record

• [X] I agree to follow this project's Code of Conduct
• [X] I'm a gssoc-24-extd contributor
• [X] I want to work on this issue

[github-actions[bot]]

Thank you for creating this issue! 🎉 We'll look into it as soon as possible. In the meantime, please make sure to provide all the necessary details and context. If you have any questions or additional information, feel free to add them here. Your contributions are highly appreciated! 😊

You can also check our CONTRIBUTING.md for guidelines on contributing to this project. for more information join our discord https://discord.gg/Jh3bWQ7FRN