search

boolean-uk / team-dev-server

3 stars 12 forks source link

#37 As an existing user, so that I know I might have mis-typed my login details, I want an error message to be displayed when I'm unable to login. #219

Closed tuesdah closed 2 years ago

tuesdah commented 2 years ago

Backend:

Will use username acquired from login form to search db for matching user, if username isn't found an error message is returned "Invalid Username or Password". If username does match, password hash is compared with the users password on the db using bcrypt. If the password's don't match the error message above is returned.

Will require JWTwebtoken package and bcrypt. 


        where: {
            username: username
        }
    });

    if (!foundUser) {
        return res.status(401).json({ error: 'Invalid username or password.' });
    }

    const passwordsMatch = await bcrypt.compare(password, foundUser.password);

    if (!passwordsMatch) {
        return res.status(401).json({ error: 'Invalid username or password.' });
    }```
vherus commented 2 years ago

Where will you implement this? The app already has authentication, is there a specific area of the code you'll be modifying?