Hugging Face's logo

Spaces:
rohanshaw
/
Brutale-api
Sleeping

App Files Community
Brutale-api
File size: 2,163 Bytes 
e557560
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
// src/controllers/auth.controller.js
const User = require('../models/User');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcryptjs');

// Helper: Generate JWT Token
const generateToken = (id) => {
  return jwt.sign({ id }, process.env.JWT_SECRET, {
    expiresIn: '30d', // Keep them logged in for 30 days
  });
};

// --- 1. REGISTER ---
exports.register = async (req, res) => {
  try {
    const { username, email, password } = req.body;

    // Validation
    if (!username || !email || !password) {
      return res.status(400).json({ error: 'Fill everything.' });
    }

    // Check existing
    const userExists = await User.findOne({ email });
    if (userExists) {
      return res.status(400).json({ error: 'Email already used.' });
    }

    // Create User (Password hashing happens in User Model pre-save hook)
    const user = await User.create({
      username,
      email,
      password,
    });

    // Respond with Token
    res.status(201).json({
      _id: user._id,
      username: user.username,
      token: generateToken(user._id),
      honestyScore: user.honestyScore
    });

  } catch (error) {
    console.error(error);
    res.status(500).json({ error: 'Registration failed.' });
  }
};

// --- 2. LOGIN ---
exports.login = async (req, res) => {
  try {
    const { email, password } = req.body;

    // Find User (Explicitly select password because we hid it in Schema)
    const user = await User.findOne({ email }).select('+password');

    if (user && (await user.comparePassword(password))) {
      res.json({
        _id: user._id,
        username: user.username,
        token: generateToken(user._id),
        honestyScore: user.honestyScore,
        badges: user.badges
      });
    } else {
      res.status(401).json({ error: 'Invalid credentials.' });
    }

  } catch (error) {
    res.status(500).json({ error: 'Login failed.' });
  }
};

// --- 3. GET CURRENT USER ---
exports.getMe = async (req, res) => {
  // req.user is set by middleware
  const user = await User.findById(req.user.id);
  if (user) {
    res.json(user);
  } else {
    res.status(404).json({ error: 'User not found' });
  }
};