diff options
author | Mateja <mail@matejamaric.com> | 2021-07-29 22:32:34 +0200 |
---|---|---|
committer | Mateja <mail@matejamaric.com> | 2021-07-29 22:32:34 +0200 |
commit | 6467c01cddf7333ff96de21b9ffe830c0d9bc7e4 (patch) | |
tree | 2f1e7ded2692fa9f1f51e2b6a145ba5edd1f33ca /server/controllers | |
parent | 104948f25ed38ef2ee354b271fb2368dca1b6c4d (diff) | |
download | mevn-ecommerce-6467c01cddf7333ff96de21b9ffe830c0d9bc7e4.tar.gz mevn-ecommerce-6467c01cddf7333ff96de21b9ffe830c0d9bc7e4.zip |
Added status codes to more API endpoints.
This should fix login bug on client where it sets empty token when bad
password is provided.
Diffstat (limited to 'server/controllers')
-rw-r--r-- | server/controllers/products.js | 6 | ||||
-rw-r--r-- | server/controllers/user.js | 6 |
2 files changed, 6 insertions, 6 deletions
diff --git a/server/controllers/products.js b/server/controllers/products.js index e039dac..12a2340 100644 --- a/server/controllers/products.js +++ b/server/controllers/products.js @@ -25,7 +25,7 @@ module.exports = { const newProduct = new Product(newProductObj); newProduct.save() .then(() => res.json({status: "Product successfully added!"})) - .catch(error => res.json({ + .catch(error => res.status(400).json({ status: "Couldn't add product!", error })); @@ -44,7 +44,7 @@ module.exports = { Product.findOneAndUpdate({_id: req.params.id}, {$set: updatedProduct}, {new: true}, (error, product) => { if (error) - res.json({status: "Couldn't update product!", error}); + res.status(400).json({status: "Couldn't update product!", error}); else res.json({status: "Successfully updated product!", product}); }); @@ -53,7 +53,7 @@ module.exports = { destroy(req, res) { Product.findByIdAndRemove(req.params.id, (error, product) => { if (error) - res.json({status: "Error when removing product!", error}); + res.status(400).json({status: "Error when removing product!", error}); else res.json({status: "Product successfully removed!", product}) }); diff --git a/server/controllers/user.js b/server/controllers/user.js index 7a2b78a..404aaa2 100644 --- a/server/controllers/user.js +++ b/server/controllers/user.js @@ -8,7 +8,7 @@ module.exports = { register(req, res) { if (req.body.password !== req.body.confirmPassword) - res.json({status: "Passwords do not match!"}); + res.status(400).json({status: "Passwords do not match!"}); else { const newUser = new User({ firstname: req.body.firstname, @@ -32,13 +32,13 @@ module.exports = { login(req, res) { User.findOne({email: req.body.email}, (err, user) => { if (err) - res.json({status: "Database error.", error: err}); + res.status(500).json({status: "Database error.", error: err}); if (!user) return res.status(404).json({status: "No such user found!"}); if (!bcrypt.compareSync(req.body.password, user.password)) - res.json({status: "Wrong credentials!"}); + res.status(401).json({status: "Wrong credentials!"}); else { const payload = {sub: user._id}; const token = jwt.sign(payload, masterKey, {expiresIn: "1d"}); |