creating an account done, having some errors when trying to log in. will continue to work on it to rectify all errors.

.env

@@ -0,0 +1 @@
+JWT_SECRET= manunitedisthebestteam

Route/OrderRoute.js

@@ -0,0 +1,76 @@
+const moment = require('moment');
+const orderModel= require('../models/orderModel')
+const express = require('express');
+const { modelName } = require('../models/userModel');
+const { model } = require('mongoose');
+
+
+const orderRoute = express.Router()
+
+
+
+orderRoute.post('/', async (req, res) => {
+    const body = req.body;
+console.log(body)
+    const total_price = body.items.reduce((prev, curr) => {
+        prev += curr.price*curr.quantity;
+        return prev
+    }, 0);
+console.log(total_price)
+    const order = await orderModel.create({ 
+        items: body.items,
+        created_at: moment().toDate(),
+        total_price
+    })
+
+    return res.json({ status: true, order })
+})
+
+orderRoute.get('/order/:orderId', async (req, res) => {
+    const { orderId } = req.params;
+    const order = await orderModel.findById(orderId)
+
+    if (!order) {
+        return res.status(404).json({ status: false, order: null })
+    }
+
+    return res.json({ status: true, order })
+})
+
+orderRoute.get('/', async (req, res) => {
+    const orders = await orderModel.find()
+
+    return res.json({ status: true, orders })
+})
+
+orderRoute.patch('/order/:id', async (req, res) => {
+    const { id } = req.params;
+    const { state } = req.body;
+
+    const order = await orderModel.findById(id)
+
+    if (!order) {
+        return res.status(404).json({ status: false, order: null })
+    }
+
+    if (state < order.state) {
+        return res.status(422).json({ status: false, order: null, message: 'Invalid operation' })
+    }
+
+    order.state = state;
+
+    await order.save()
+
+    return res.json({ status: true, order })
+})
+
+orderRoute.delete('/order/:id', async (req, res) => {
+    const { id } = req.params;
+
+    const order = await orderModel.deleteOne({ _id: id})
+
+    return res.json({ status: true, order })
+})
+
+
+module.exports = orderRoute

Route/UserRoute.js

@@ -0,0 +1,56 @@
+const express = require('express');
+const passport = require('passport');
+const jwt = require('jsonwebtoken');
+require('dotenv').config();
+
+const authRouter = express.Router();
+
+authRouter.post(
+    '/signup',
+    passport.authenticate('signup', { session: false }), async (req, res, next) => {
+        res.json({
+            message: 'Signup successful',
+            user: req.user
+        });
+    }
+);
+
+authRouter.post(
+    '/login',
+    async (req, res, next) => {
+        try {
+            passport.authenticate('login', async (err, user, info) => {
+                if (err) {
+                    return next(err);
+                }
+                console.log(user);
+                if (!user) {
+
+                    const error = new Error('Username or password is incorrect');
+                    return next(error);
+                }
+
+                req.login(user, { session: false },
+                    async (error) => {
+                        if (error) return next(error);
+
+                        const body = { _id: user._id, userName: user.userName };
+                        //You store the id and email in the payload of the JWT. 
+                        // You then sign the token with a secret or key (JWT_SECRET), and send back the token to the user.
+                        // DO NOT STORE PASSWORDS IN THE JWT!
+                        const token = jwt.sign({ user: body }, process.env.JWT_SECRET);
+
+                        return res.json({ token });
+                    }
+                );
+            }
+            ) (req, res, next);
+        }
+
+        catch (error) {
+            return next(error);
+        }
+    }
+);
+
+module.exports = authRouter;

auth.js

@@ -0,0 +1,77 @@
+const passport = require('passport');
+const localStrategy = require('passport-local').Strategy;
+const UserModel = require('../pizza_app/models/userModel');
+
+const JWTstrategy = require('passport-jwt').Strategy;
+const ExtractJWT = require('passport-jwt').ExtractJwt;
+require("dotenv").config();
+passport.use(
+    new JWTstrategy(
+        {
+            secretOrKey: process.env.JWT_SECRET,
+            // jwtFromRequest: ExtractJWT.fromUrlQueryParameter('secret_token')
+            jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken() // Use this if you are using Bearer token
+        },
+        async (token, done) => {
+            try {
+                return done(null, token);
+            } catch (error) {
+                done(error);
+            }
+        }
+    )
+);
+
+// This middleware saves the information provided by the user to the database,
+// and then sends the user information to the next middleware if successful.
+// Otherwise, it reports an error.
+passport.use(
+    'signup',
+    new localStrategy(
+        {
+            usernameField: 'username',
+            passwordField: 'password'
+        },
+        async (username, password, done) => {
+            try {
+                const user = await UserModel.create({ username, password });
+
+                return done(null, user);
+            } catch (error) {
+                done(error);
+            }
+        }
+    )
+);
+
+// This middleware authenticates the user based on the email and password provided.
+// If the user is found, it sends the user information to the next middleware.
+// Otherwise, it reports an error.
+passport.use(
+    'login',
+    new localStrategy(
+        {
+            usernameField: 'username',
+            passwordField: 'password'
+        },
+        async (username, password, done) => {
+            try {
+                const user = await UserModel.findOne({ username });
+
+                if (!user) {
+                    return done(null, false, { message: 'User not found' });
+                }
+
+                const validate = await user.isValidPassword(password);
+
+                if (!validate) {
+                    return done(null, false, { message: 'Wrong Password' });
+                }
+
+                return done(null, user, { message: 'Logged in Successfully' });
+            } catch (error) {
+                return done(error);
+            }
+        }
+    )
+);

index.js

@@ -1,92 +1,33 @@
 const express = require('express');
-const moment = require('moment');
 const mongoose = require('mongoose');
-const orderModel = require('./orderModel');
-
+const passport = require('passport');
+const bodypaser = require("body-parser");
+const orderRoute = require('./Route/OrderRoute');
+const userRoute = require('./Route/UserRoute')
+require("dotenv").config
 const PORT = 3334
-
+require("./auth")
 const app = express()
-
+app.use(bodypaser.urlencoded({ extended: false}))
 app.use(express.json());
 
 
 app.get('/', (req, res) => {
     return res.json({ status: true })
 })
 
-
-app.post('/order', async (req, res) => {
-    const body = req.body;
-
-    const total_price = body.items.reduce((prev, curr) => {
-        prev += curr.price
-        return prev
-    }, 0);
-
-    const order = await orderModel.create({ 
-        items: body.items,
-        created_at: moment().toDate(),
-        total_price
-    })
-
-    return res.json({ status: true, order })
-})
-
-app.get('/order/:orderId', async (req, res) => {
-    const { orderId } = req.params;
-    const order = await orderModel.findById(orderId)
-
-    if (!order) {
-        return res.status(404).json({ status: false, order: null })
-    }
-
-    return res.json({ status: true, order })
-})
-
-app.get('/orders', async (req, res) => {
-    const orders = await orderModel.find()
-
-    return res.json({ status: true, orders })
-})
-
-app.patch('/order/:id', async (req, res) => {
-    const { id } = req.params;
-    const { state } = req.body;
-
-    const order = await orderModel.findById(id)
-
-    if (!order) {
-        return res.status(404).json({ status: false, order: null })
-    }
-
-    if (state < order.state) {
-        return res.status(422).json({ status: false, order: null, message: 'Invalid operation' })
-    }
-
-    order.state = state;
-
-    await order.save()
-
-    return res.json({ status: true, order })
-})
-
-app.delete('/order/:id', async (req, res) => {
-    const { id } = req.params;
-
-    const order = await orderModel.deleteOne({ _id: id})
-
-    return res.json({ status: true, order })
-})
+app.use('/', userRoute);
+app.use('/order', passport.authenticate('jwt', { session: false }), orderRoute);
 
 
-mongoose.connect('mongodb://localhost:27017')
+mongoose.connect('mongodb://localhost:27017/pizza_app')
 
 mongoose.connection.on("connected", () => {
 	console.log("Connected to MongoDB Successfully");
 });
 
 mongoose.connection.on("error", (err) => {
-	console.log("An error occurred while connecting to MongoDB");
+	console.log("An error occurred while conn   ecting to MongoDB");
 	console.log(err);
 });
 

orderModel.js → models/orderModel.js

@@ -18,4 +18,4 @@ const OrderSchema = new Schema({
 
 const Order = mongoose.model('Order', OrderSchema);
 
-module.exports = Order;
+module.exports = Order;

models/userModel.js

@@ -0,0 +1,51 @@
+const mongoose = require('mongoose');
+const bcrypt = require('bcrypt');
+
+const Schema = mongoose.Schema;
+const ObjectId = Schema.ObjectId;
+
+const UserSchema = new Schema({
+  id: ObjectId,
+  username: {type: String,required: true},
+  created_at: Date,
+  password: {type: String},
+  // usertype: {type: String, default: "user"},
+  orders: {type: mongoose.Types.ObjectId, ref:"Order"},
+  state: { type: Number, default: 1 },
+  items: [{
+    name: String,
+    price: Number,
+    size: { type: String, enum: ['m', 's', 'l']},
+    quantity: Number,
+  }],
+  total_price: Number,
+});
+
+
+
+UserSchema.pre(
+  'save',
+  async function (next) {
+      const user = this;
+      const hash = await bcrypt.hash(this.password, 10);
+
+      this.password = hash;
+      next();
+  }
+);
+
+// You will also need to make sure that the user trying to log in has the correct credentials. Add the following new method:
+UserSchema.methods.isValidPassword = async function(password) {
+  const user = this;
+  const compare = await bcrypt.compare(password, user.password);
+
+  return compare;
+}
+
+
+
+
+
+const User = mongoose.model('User', UserSchema);
+
+module.exports = User;