I'm trying to create a login route for my api. The algorithm is as follows:
First check if the user exists in the database(if not, send 404 error). Then I check if the password parameter in the query is the same as in the database(if not, send a 400 error). Finally create a token and send it.
Here is the code:
router.post('/login', function(req, res, next){
User.getUserByNick(req.params.nick,function(err, rows){
if(err){
res.json(err);
}
else if(!f.isEmpty(rows)){
res.status(404);
res.json({
error: 404,
message: 'Authentication failed. User not found.'
});
}
else{
res.json(rows);
if(res.password != req.params.password){
res.status(400);
res.json({
error: 400,
message: 'Authentication failed. Wrong password.'
});
}
else{
var token = jwt.sign(rows, process.env.JWT_SECRET, {
expiresInMinutes: 1440 // expires in 24 hours
});
res.json({
success: true,
message: 'Enjoy your token!',
token: token
});
}
}
});
});
But when I try to use the route node crashes. I get the next error in console
/api/node_modules/mysql/lib/protocol/Parser.js:79
throw err; // Rethrow non-MySQL errors
^
ValidationError: "value" must be an object
I don't know why, getUserByNick works nice and it returns [] when the user is not found. Otherwise it sends the json with the rows. So I think it may be when I make rows.password.
via Carlos Manrique Enguita
No comments:
Post a Comment