chore: bcrypt hashing (#19)

* chore: init constants

* chore: hash password

* chore: userController :hash check login

* fix: vendorController

constants.js

@@ -0,0 +1 @@
+exports.kSaltRounds = 10;

controllers/userAuth.controller.js

@@ -2,6 +2,8 @@ const User = require("../models/user.model");
 const UserCredentials = require("../models/user.credentials");
 const OTP = require("../models/otp.model");
 const nodemailer = require("nodemailer");
+const bcrypt = require("bcrypt");
+const {kSaltRounds} = require("../constants");
 
 const transporter = nodemailer.createTransport({
   port: 465,
@@ -93,10 +95,12 @@ exports.createNewUser = async (req, res, next) => {
     // save user
     const user = await createUser.save();
 
+    const hashedPassword = await bcrypt.hash(password,kSaltRounds);
+
     const createUserCredentials = new UserCredentials({
       user_id: user._id,
       email,
-      password,
+      password: hashedPassword,
     });
 
     createUserCredentials.save();
@@ -109,18 +113,6 @@ exports.createNewUser = async (req, res, next) => {
       entityModel: "User",
     });
 
-    // await new Promise((resolve, reject) => {
-    //   // verify connection configuration
-    //   transporter.verify(function (error, success) {
-    //     if (error) {
-    //       console.log(error);
-    //       reject(error);
-    //     } else {
-    //       console.log("Server is ready to take our messages");
-    //       resolve(success);
-    //     }
-    //   });
-    // });
 
     let mailData = {
       from: {
@@ -132,7 +124,7 @@ exports.createNewUser = async (req, res, next) => {
       text: `Your Otp is - ${otp}`,
     };
 
-    await new Promise((resolve, reject) => {
+    new Promise((resolve, reject) => {
       // send mail
       transporter.sendMail(mailData, (err, info) => {
         if (err) {
@@ -169,7 +161,7 @@ exports.login = async (req, res, next) => {
       next({ status: 401, message: USER_NOT_VERIFIED });
     }
 
-    const passwordMatch = password === user.password ? 1 : 0;
+    const passwordMatch = await bcrypt.compare(password, user.password);
 
     if (passwordMatch) {
       const token = createJwtToken({ userId: user.user_id });

controllers/vendorAuth.controller.js

@@ -4,6 +4,7 @@ const OTP = require("../models/otp.model");
 
 const nodemailer = require("nodemailer");
 const bcrypt = require("bcrypt");
+const {kSaltRounds} = require('../constants')
 
 const {
   USER_NOT_FOUND_ERR,
@@ -22,7 +23,7 @@ let mailTransporter = nodemailer.createTransport({
   pass: "mxzc acbf revb xcxh",
 });
 
-// --------------------- create new user ---------------------------------
+// --------------------- create new Vendor ---------------------------------
 
 exports.createNewVendor = async (req, res, next) => {
   try {
@@ -42,14 +43,16 @@ exports.createNewVendor = async (req, res, next) => {
 
     console.log(description);
 
-    // let images = [image_url];
+
 
     const emailExist = await Vendor.findOne({ email });
     if (emailExist) {
       next({ status: 400, message: EMAIL_ALREADY_EXISTS_ERR });
       return;
     }
 
+    const hashedPassword = await bcrypt.hash(password, kSaltRounds);
+
     const createVendor = new Vendor({
       ownerName,
       email,
@@ -66,7 +69,7 @@ exports.createNewVendor = async (req, res, next) => {
 
     const createVendorCredentials = new VendorCredentials({
       email,
-      password,
+      password: hashedPassword,
       vendor_id: vendor._id,
     });
     await createVendorCredentials.save();
@@ -77,32 +80,32 @@ exports.createNewVendor = async (req, res, next) => {
     });
     await menu.save();
 
-    const otp = Math.floor(1000 + Math.random() * 9000);
-    const sentOtp = new OTP({
-      code: otp,
-      expiresAt: new Date(new Date().getTime() + 2 * 60 * 1000),
-      entity: vendor._id,
-      entityModel: "Vendor",
-    });
-    await sentOtp.save();
-
-    let mailDetails = {
-      from: "[email protected]",
-      to: email,
-      subject: "Test mail",
-      text: `Your OTP is: ${otp}`,
-    };
-
-    mailTransporter.sendMail(mailDetails, function (err, data) {
-      if (err) {
-        console.log("Error Occurs");
-        console.log(err);
-      } else {
-        console.log("Email sent successfully");
-      }
-    });
-
-    res.status(200).json("OTP send successfully");
+    // const otp = Math.floor(1000 + Math.random() * 9000);
+    // const sentOtp = new OTP({
+    //   code: otp,
+    //   expiresAt: new Date(new Date().getTime() + 2 * 60 * 1000),
+    //   entity: vendor._id,
+    //   entityModel: "Vendor",
+    // });
+    // await sentOtp.save();
+
+    // let mailDetails = {
+    //   from: "[email protected]",
+    //   to: email,
+    //   subject: "Test mail",
+    //   text: `Your OTP is: ${otp}`,
+    // };c
+
+    // mailTransporter.sendMail(mailDetails, function (err, data) {
+    //   if (err) {
+    //     console.log("Error Occurs");
+    //     console.log(err);
+    //   } else {
+    //     console.log("Email sent successfully");
+    //   }
+    // });
+
+    res.status(200).json("Register successfully");
   } catch (error) {
     next(error);
   }
@@ -120,7 +123,7 @@ exports.vendorLogin = async (req, res, next) => {
       return;
     }
 
-    const passwordMatch = vendor.password === password;
+    const passwordMatch = await bcrypt.compare(password, vendor.password);
     if (passwordMatch) {
       // Generate JWT token
       const token = createJwtToken({ userId: vendor.vendor_id });