Fix create, update and login user

Author: caiofsouza

app.js

@@ -27,9 +27,10 @@ Object.keys(routes).forEach(routeName => {
 })
 
 app.use('*', (req, res) => {
-	res.send('Its Ok :D')
+	res.status(404).json({ message: 'Route not found', status: 404 })
 })
 
+
 const listen = () => {
 	logs(`Database connected at ${connectionURI}`)
   app.listen(PORT, () => {

controllers/Auth.js

@@ -13,16 +13,16 @@ class Auth {
     }
     try {
       let user = await UserModel.findByCredentials(req.body.email, req.body.password)
-      if (user) {
-        logs(`Logged user ${user.email}`)
+      if (user && user._id) {
+        logs(`Logged user [${user.email}]`)
         let token = jwt.sign({ 
           _id: user._id,
           expires: moment().add(7, 'days').valueOf()
         }, secret)
         res.json({ token })
       }
     } catch (e) {
-      logs(`Error on login. ${e.message}`)
+      logs(`Error on login [${e.message}]`)
       res.status(httpStatus.UNAUTHORIZED).json({
         message: e.message,
         status: httpStatus.UNAUTHORIZED

controllers/User.js

@@ -2,7 +2,7 @@ const mongoose = require('mongoose')
 const UserModel = mongoose.model('User')
 const logs = require('../helpers/logs')
 const httpStatus = require('../helpers/httpStatus')
-
+const bcrypt = require('bcryptjs')
 class User {
   create (req, res) {
     if (!req.body) {
@@ -12,17 +12,17 @@ class User {
     try {
       UserModel.create(user, (err, created) => {
         if (err) {
-          logs(`Error on create user ${user.email}. Error: ..:: ${err.message} ::..`, 'error')
+          logs(`Error on create user [${user.email}]. Error: ..:: ${err.message} ::..`, 'error')
           return res.status(httpStatus.INTERNAL_SERVER_ERROR).json({
             status: httpStatus.INTERNAL_SERVER_ERROR,
             error: err.message
           })
         }
-        logs(`Created user ${created}`)
-        res.status(httpStatus.CREATED).send(created)
+        logs(`Created user [${created._id}]`)
+        res.status(httpStatus.CREATED).json(created)
       })
     } catch (e) {
-      logs(`Error on create user ${user.email}. Error: ..:: ${e.message} ::..`, 'error')
+      logs(`Error on create user [${user.email}]. Error: ..:: ${e.message} ::..`, 'error')
       res.status(httpStatus.INTERNAL_SERVER_ERROR).json({
         status: httpStatus.INTERNAL_SERVER_ERROR,
         error: e.message
@@ -38,21 +38,25 @@ class User {
         age: newData.age || userData.age,
       }
       if (newData.password) {
-        updateObj.password = newData.password
+        const salt = bcrypt.genSaltSync(10)
+        const hash = bcrypt.hashSync(newData.password, salt)
+        updateObj.password = hash
       }
-      UserModel.findByIdAndUpdate(userData._id, updateObj, { lean: true }, function (err, updated) {
+      updateObj.updated_at = new Date().getTime()
+      UserModel.findByIdAndUpdate(userData._id, updateObj, function (err, updated) {
         if (err) {
-          logs(`Error on findAndupdate user ${userData.email}. Error: ..:: ${err} ::..`, 'error')
+          logs(`Error on findAndupdate user [${userData.email}]. Error: ..:: ${err} ::..`, 'error')
           return res.status(httpStatus.INTERNAL_SERVER_ERROR).json({
             status: httpStatus.INTERNAL_SERVER_ERROR,
             error: err
           })
         }
-        logs(`Updated user ${updated.email}`)
-        return res.json(updated)
+        UserModel.findById(updated._id, (err, user) => {
+          return res.json(user)
+        })
       })
     } catch (e) {
-      logs(`Error on update user ${userData.email}. Error: ..:: ${e.message} ::..`, 'error')
+      logs(`Error on update user [${userData.email}]. Error: ..:: ${e.message} ::..`, 'error')
       res.status(httpStatus.INTERNAL_SERVER_ERROR).json({
         status: httpStatus.INTERNAL_SERVER_ERROR,
         error: e.message

middlewares/auth.js

@@ -13,9 +13,8 @@ const auth = async (req, res, next) => {
   let token = req.headers.authorization
   try {
     let user = await UserModel.findByToken(token)
-    logs('User id finded ' + user._id)
     if (user) {
-      req.user = user
+      req.user = user.toJSON()
       next()
     } else {
       return res.status(httpStatus.NO_CONTENT).json({
@@ -24,7 +23,7 @@ const auth = async (req, res, next) => {
       })
     }
   } catch (e) {
-    logs('Error :' + e)
+    logs(`Error [${e}]`)
     return res.status(httpStatus.NO_CONTENT).json({
       status: httpStatus.NO_CONTENT,
       message: e

models/User.js

@@ -64,12 +64,10 @@ UserSchema.pre('save', function (next) {
   user.updated_at = new Date().getTime()
 
   if(user.isModified('password')) {
-		bcrypt.genSalt(10, (err, salt) => {
-			bcrypt.hash(user.password, salt, (err, hash) => {
-				user.password = hash
-				next()
-			})
-		})
+    const salt = bcrypt.genSaltSync(10)
+    const hash = bcrypt.hashSync(user.password, salt)
+    user.password = hash
+    next()
 	} else {
 		next()
 	}
@@ -84,28 +82,33 @@ UserSchema.pre('update', function (next) {
 UserSchema.methods.toJSON = function () {
 	const user = this
   const userObject = user.toObject()
-  console.log(returnFilter(userObject))
   return returnFilter(userObject)
 }
 
 UserSchema.statics.returnFilter = returnFilter
 
 UserSchema.statics.findByCredentials = async function (email, password) {
   const user = this
-  const doc = await user.findOne({ email })
-  return new Promise((resolve, reject) => {
-    if(!doc) { 
-      return reject({ status: 404, message: 'Invalid credentials'})
+  return new Promise(async (resolve, reject) => {
+    try {
+      user.findOne({ email }, (err, doc) => {
+        if(err || !doc) { 
+          return reject({ status: 404, message: 'Invalid credentials'})
+        }
+        bcrypt.compare(password, doc.password, (err, didMatch) => {
+          if(err) return reject(err)
+          if(didMatch) {
+            resolve(doc)
+          } else {
+            reject({ message: 'Not authorized'})
+          }
+        })
+      })
+    } catch (e) {
+      reject(e)
     }
-    bcrypt.compare(password, doc.password, (err, didMatch) => {
-      if(err) return reject(err)
-      if(didMatch) {
-        resolve(returnFilter(doc))
-      } else {
-        reject({ message: 'Not authorized'})
-      }
-    })
   })
+
 }
 
 UserSchema.statics.findByToken = function(token) {
@@ -114,9 +117,9 @@ UserSchema.statics.findByToken = function(token) {
     let decodedIdAndToken = jwt.verify(token, secret)
     User.findById(decodedIdAndToken._id, function (err, user) {
       if (err) {
-        reject()
+        return reject(err)
       }
-      resolve(returnFilter(user))
+      resolve(user)
     })
   })
 }