From 6467c01cddf7333ff96de21b9ffe830c0d9bc7e4 Mon Sep 17 00:00:00 2001
From: Mateja <mail@matejamaric.com>
Date: Thu, 29 Jul 2021 22:32:34 +0200
Subject: Added status codes to more API endpoints.

This should fix login bug on client where it sets empty token when bad
password is provided.
---
 server/controllers/products.js | 6 +++---
 server/controllers/user.js     | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/server/controllers/products.js b/server/controllers/products.js
index e039dac..12a2340 100644
--- a/server/controllers/products.js
+++ b/server/controllers/products.js
@@ -25,7 +25,7 @@ module.exports = {
     const newProduct = new Product(newProductObj);
     newProduct.save()
       .then(() => res.json({status: "Product successfully added!"}))
-      .catch(error => res.json({
+      .catch(error => res.status(400).json({
         status: "Couldn't add product!",
         error
       }));
@@ -44,7 +44,7 @@ module.exports = {
 
     Product.findOneAndUpdate({_id: req.params.id}, {$set: updatedProduct}, {new: true}, (error, product) => {
       if (error)
-        res.json({status: "Couldn't update product!", error});
+        res.status(400).json({status: "Couldn't update product!", error});
       else
         res.json({status: "Successfully updated product!", product});
     });
@@ -53,7 +53,7 @@ module.exports = {
   destroy(req, res) {
     Product.findByIdAndRemove(req.params.id, (error, product) => {
       if (error)
-        res.json({status: "Error when removing product!", error});
+        res.status(400).json({status: "Error when removing product!", error});
       else
         res.json({status: "Product successfully removed!", product})
     });
diff --git a/server/controllers/user.js b/server/controllers/user.js
index 7a2b78a..404aaa2 100644
--- a/server/controllers/user.js
+++ b/server/controllers/user.js
@@ -8,7 +8,7 @@ module.exports = {
 
   register(req, res) {
     if (req.body.password !== req.body.confirmPassword)
-      res.json({status: "Passwords do not match!"});
+      res.status(400).json({status: "Passwords do not match!"});
     else {
       const newUser = new User({
         firstname: req.body.firstname,
@@ -32,13 +32,13 @@ module.exports = {
   login(req, res) {
     User.findOne({email: req.body.email}, (err, user) => {
       if (err)
-        res.json({status: "Database error.", error: err});
+        res.status(500).json({status: "Database error.", error: err});
 
       if (!user)
         return res.status(404).json({status: "No such user found!"});
 
       if (!bcrypt.compareSync(req.body.password, user.password))
-        res.json({status: "Wrong credentials!"});
+        res.status(401).json({status: "Wrong credentials!"});
       else {
         const payload = {sub: user._id};
         const token = jwt.sign(payload, masterKey, {expiresIn: "1d"});
-- 
cgit v1.2.3