Login signup backend and protected endpoints

jlaksana commented 1 year ago

Implemented the login and signup routes using JWT and bcrypt. Login validates the user's username and password and responds with a token. Signup takes in all the user required fields, creates a user with those fields, and responds with a token. The token contains the user's id and username. I also implemented the middleware function to validate a token and applied it to all post and patch routes.

Routes added:

/auth/login Takes username and password -> token
/auth/signup Takes username, password, first name, last name, and email -> creates the user and returns a token

To test the login route, use these users: {"username": "JoeMama", "password": "ilovebananas"} {"username": "joebaba", "password": "iloveoranges"}

then use the token, add it to the header, then call one of the protected routes.

For protected routes, add to the request header: Authorization: Bearer {token}

Other notes:

cannot find a way to test the authenticateUser middleware function
see discord chat for TOKEN_SECRET environment variable
test cases uses the test database on atlas