From 5465ba4e815e52a24409f32b3153474a93b204da Mon Sep 17 00:00:00 2001 From: unknown Date: Tue, 1 Jul 2025 01:01:12 +0700 Subject: [PATCH] :pencil: (user) docs for user check password --- src/helpers/security/password/compare.ts | 7 ++++--- .../user/controller/checkUserPassword.controller.ts | 5 +++++ src/modules/user/services/checkUserPassword.service.ts | 6 ++++-- .../user/services/findUserByEmailOrUsername.service.ts | 2 +- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/src/helpers/security/password/compare.ts b/src/helpers/security/password/compare.ts index 3b141a3..e737dc6 100644 --- a/src/helpers/security/password/compare.ts +++ b/src/helpers/security/password/compare.ts @@ -2,11 +2,12 @@ import { AppError } from "../../error/instances/app"; import bcrypt from "bcrypt"; export const comparePassword = async ( - passwordInput: string, - passwordRaw: string + providedPassword: string, + storedPassword: string ) => { try { - return bcrypt.compare(passwordInput, passwordRaw); + // Compare the provided password with the stored password + return bcrypt.compare(providedPassword, storedPassword); } catch (error) { throw new AppError(401, "Invalid credentials", error); } diff --git a/src/modules/user/controller/checkUserPassword.controller.ts b/src/modules/user/controller/checkUserPassword.controller.ts index 02183cd..5813d79 100644 --- a/src/modules/user/controller/checkUserPassword.controller.ts +++ b/src/modules/user/controller/checkUserPassword.controller.ts @@ -9,12 +9,17 @@ export const checkUserPasswordController = async ( ctx: Context & { body: { password: string } } ) => { try { + // Get the credentials information from cookies const cookie = getCookie(ctx); const jwtPayload = jwtDecode(cookie.auth_token!); + + // Execute the check user password service const checkUserPassword = await checkUserPasswordService( jwtPayload.user.username, ctx.body.password ); + + // If the password is valid, return a success response return returnWriteResponse( ctx.set, 204, diff --git a/src/modules/user/services/checkUserPassword.service.ts b/src/modules/user/services/checkUserPassword.service.ts index 7b0ae6d..60f20b4 100644 --- a/src/modules/user/services/checkUserPassword.service.ts +++ b/src/modules/user/services/checkUserPassword.service.ts @@ -9,12 +9,14 @@ export const checkUserPasswordService = async ( password: string ) => { try { + // find user by username and get the password const userData = (await findUserByEmailOrUsernameService(username, { verbose: true, })) as User; - const RawPassword = userData.password; + const StoredPassword = userData.password; - const matchingPassword = await comparePassword(password, RawPassword); + // compare the provided password with the stored password + const matchingPassword = await comparePassword(password, StoredPassword); if (!matchingPassword) { throw new AppError(401, "Invalid Credential"); } diff --git a/src/modules/user/services/findUserByEmailOrUsername.service.ts b/src/modules/user/services/findUserByEmailOrUsername.service.ts index c95f097..f4a1b11 100644 --- a/src/modules/user/services/findUserByEmailOrUsername.service.ts +++ b/src/modules/user/services/findUserByEmailOrUsername.service.ts @@ -3,7 +3,7 @@ import { ErrorForwarder } from "../../../helpers/error/instances/forwarder"; import { findUserByEmailOrUsernameRepo } from "../repositories/findUserByEmailOrUsername.repository"; export interface FindUserByEmailOrUsernameOptions { - verbose?: boolean; + verbose?: boolean; // If true, returns the user with all details including sensitive information } export const findUserByEmailOrUsernameService = async (