sele-nap/auth.js

## auth.js
const { verifyPassword, findByEmail } = require("../models/user");
const authRouter = require("express").Router();

authRouter.post("/checkCredentials", async (req, res) => {
    const { email, password } = req.body;
    const isEmail = await findByEmail(email);

    if (!isEmail)
      return res.status(401).json("Incorrect email or wrong password");

    const check = await verifyPassword(password, isEmail.hashedPassword);

    if (check) res.status(200).json("ok");
    else res.status(401).json("Wrong password");
  });

  module.exports = authRouter;

## index.js
const moviesRouter = require('./movies');
const usersRouter = require('./users');

const setupRoutes = (app) => {
  // Movie routes
  app.use('/api/movies', moviesRouter);
  // User routes
  // TODO
  app.use('/api/users', usersRouter);
};

module.exports = {
  setupRoutes,
};

## user.js
const connection = require("../db-config");
const Joi = require("joi");
const argon2 = require("argon2");

const db = connection.promise();

const validate = (data, forCreation = true) => {
  const presence = forCreation ? "required" : "optional";
  return Joi.object({
    email: Joi.string().email().max(255).presence(presence),
    firstname: Joi.string().max(255).presence(presence),
    lastname: Joi.string().max(255).presence(presence),
    city: Joi.string().allow(null, "").max(255),
    language: Joi.string().allow(null, "").max(255),
  }).validate(data, { abortEarly: false }).error;
};

const findMany = ({ filters: { language } }) => {
  let sql = "SELECT * FROM users";
  const sqlValues = [];
  if (language) {
    sql += " WHERE language = ?";
    sqlValues.push(language);
  }

  return db.query(sql, sqlValues).then(([results]) => results);
};

const findOne = (id) => {
  return db
    .query("SELECT * FROM users WHERE id = ?", [id])
    .then(([results]) => results[0]);
};

const findByEmail = (email) => {
  return db
    .query("SELECT * FROM users WHERE email = ?", [email])
    .then(([results]) => results[0]);
};

const findByEmailWithDifferentId = (email, id) => {
  return db
    .query("SELECT * FROM users WHERE email = ? AND id <> ?", [email, id])
    .then(([results]) => results[0]);
};

const create = (data) => {
  return db.query("INSERT INTO users SET ?", data).then(([result]) => {
    const id = result.insertId;
    return { ...data, id };
  });
};

const update = (id, newAttributes) => {
  return db.query("UPDATE users SET ? WHERE id = ?", [newAttributes, id]);
};

const destroy = (id) => {
  return db
    .query("DELETE FROM users WHERE id = ?", [id])
    .then(([result]) => result.affectedRows !== 0);
};

const hashingOptions = {
  type: argon2.argon2id,
  memoryCost: 2 ** 16,
  timeCost: 5,
  parallelism: 1,
};

const hashPassword = (plainPassword) => {
  return argon2.hash(plainPassword, hashingOptions);
};

const verifyPassword = (plainPassword, hashedPassword) => {
  return argon2.verify(hashedPassword, plainPassword, hashingOptions);
};

module.exports = {
  findMany,
  findOne,
  validate,
  create,
  update,
  destroy,
  findByEmail,
  findByEmailWithDifferentId,
  hashPassword,
  verifyPassword,
};
	const { verifyPassword, findByEmail } = require("../models/user");
	const authRouter = require("express").Router();

	authRouter.post("/checkCredentials", async (req, res) => {
	const { email, password } = req.body;
	const isEmail = await findByEmail(email);

	if (!isEmail)
	return res.status(401).json("Incorrect email or wrong password");

	const check = await verifyPassword(password, isEmail.hashedPassword);

	if (check) res.status(200).json("ok");
	else res.status(401).json("Wrong password");
	});

	module.exports = authRouter;
	const moviesRouter = require('./movies');
	const usersRouter = require('./users');

	const setupRoutes = (app) => {
	// Movie routes
	app.use('/api/movies', moviesRouter);
	// User routes
	// TODO
	app.use('/api/users', usersRouter);
	};

	module.exports = {
	setupRoutes,
	};
	const connection = require("../db-config");
	const Joi = require("joi");
	const argon2 = require("argon2");

	const db = connection.promise();

	const validate = (data, forCreation = true) => {
	const presence = forCreation ? "required" : "optional";
	return Joi.object({
	email: Joi.string().email().max(255).presence(presence),
	firstname: Joi.string().max(255).presence(presence),
	lastname: Joi.string().max(255).presence(presence),
	city: Joi.string().allow(null, "").max(255),
	language: Joi.string().allow(null, "").max(255),
	}).validate(data, { abortEarly: false }).error;
	};

	const findMany = ({ filters: { language } }) => {
	let sql = "SELECT * FROM users";
	const sqlValues = [];
	if (language) {
	sql += " WHERE language = ?";
	sqlValues.push(language);
	}

	return db.query(sql, sqlValues).then(([results]) => results);
	};

	const findOne = (id) => {
	return db
	.query("SELECT * FROM users WHERE id = ?", [id])
	.then(([results]) => results[0]);
	};

	const findByEmail = (email) => {
	return db
	.query("SELECT * FROM users WHERE email = ?", [email])
	.then(([results]) => results[0]);
	};

	const findByEmailWithDifferentId = (email, id) => {
	return db
	.query("SELECT * FROM users WHERE email = ? AND id <> ?", [email, id])
	.then(([results]) => results[0]);
	};

	const create = (data) => {
	return db.query("INSERT INTO users SET ?", data).then(([result]) => {
	const id = result.insertId;
	return { ...data, id };
	});
	};

	const update = (id, newAttributes) => {
	return db.query("UPDATE users SET ? WHERE id = ?", [newAttributes, id]);
	};

	const destroy = (id) => {
	return db
	.query("DELETE FROM users WHERE id = ?", [id])
	.then(([result]) => result.affectedRows !== 0);
	};

	const hashingOptions = {
	type: argon2.argon2id,
	memoryCost: 2 ** 16,
	timeCost: 5,
	parallelism: 1,
	};

	const hashPassword = (plainPassword) => {
	return argon2.hash(plainPassword, hashingOptions);
	};

	const verifyPassword = (plainPassword, hashedPassword) => {
	return argon2.verify(hashedPassword, plainPassword, hashingOptions);
	};

	module.exports = {
	findMany,
	findOne,
	validate,
	create,
	update,
	destroy,
	findByEmail,
	findByEmailWithDifferentId,
	hashPassword,
	verifyPassword,
	};