From 6467c01cddf7333ff96de21b9ffe830c0d9bc7e4 Mon Sep 17 00:00:00 2001 From: Mateja Date: Thu, 29 Jul 2021 22:32:34 +0200 Subject: Added status codes to more API endpoints. This should fix login bug on client where it sets empty token when bad password is provided. --- server/controllers/products.js | 6 +++--- server/controllers/user.js | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'server') diff --git a/server/controllers/products.js b/server/controllers/products.js index e039dac..12a2340 100644 --- a/server/controllers/products.js +++ b/server/controllers/products.js @@ -25,7 +25,7 @@ module.exports = { const newProduct = new Product(newProductObj); newProduct.save() .then(() => res.json({status: "Product successfully added!"})) - .catch(error => res.json({ + .catch(error => res.status(400).json({ status: "Couldn't add product!", error })); @@ -44,7 +44,7 @@ module.exports = { Product.findOneAndUpdate({_id: req.params.id}, {$set: updatedProduct}, {new: true}, (error, product) => { if (error) - res.json({status: "Couldn't update product!", error}); + res.status(400).json({status: "Couldn't update product!", error}); else res.json({status: "Successfully updated product!", product}); }); @@ -53,7 +53,7 @@ module.exports = { destroy(req, res) { Product.findByIdAndRemove(req.params.id, (error, product) => { if (error) - res.json({status: "Error when removing product!", error}); + res.status(400).json({status: "Error when removing product!", error}); else res.json({status: "Product successfully removed!", product}) }); diff --git a/server/controllers/user.js b/server/controllers/user.js index 7a2b78a..404aaa2 100644 --- a/server/controllers/user.js +++ b/server/controllers/user.js @@ -8,7 +8,7 @@ module.exports = { register(req, res) { if (req.body.password !== req.body.confirmPassword) - res.json({status: "Passwords do not match!"}); + res.status(400).json({status: "Passwords do not match!"}); else { const newUser = new User({ firstname: req.body.firstname, @@ -32,13 +32,13 @@ module.exports = { login(req, res) { User.findOne({email: req.body.email}, (err, user) => { if (err) - res.json({status: "Database error.", error: err}); + res.status(500).json({status: "Database error.", error: err}); if (!user) return res.status(404).json({status: "No such user found!"}); if (!bcrypt.compareSync(req.body.password, user.password)) - res.json({status: "Wrong credentials!"}); + res.status(401).json({status: "Wrong credentials!"}); else { const payload = {sub: user._id}; const token = jwt.sign(payload, masterKey, {expiresIn: "1d"}); -- cgit v1.2.3