Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: user login with email and password PR #62

Closed
wants to merge 1 commit into from
Closed

Feat: user login with email and password PR #62

wants to merge 1 commit into from
+906 −75

Conversation

Ndevu12
Copy link
Contributor

@Ndevu12 Ndevu12 commented May 5, 2024

What does this PR do?

This PR introduces a new feature that allows users to log in using their email and password.

Task completed

Task involved:

  • Implemented a user sign-in API endpoint
  • Validated user input (email and password)
  • Retrieved the user record from the database based on the provided email
  • Verified the provided password against the securely stored password hash
  • Generated and returned an authentication token upon successful sign-in
  • Returned appropriate success or error responses
  • Implemented input sanitization routes.

How should this be manually tested?

git clone https://github.com/atlp-rwanda/knights-ecomm-be.git
cd knights-ecomm-be
git checkout feat-signin
npm install
npm run test

@Ndevu12 Ndevu12 added the Ready for reviews Pull request is ready for review label May 5, 2024
@Ndevu12 Ndevu12 added this to the Authentication and RBAC milestone May 5, 2024
@Ndevu12 Ndevu12 requested a review from faid-terence May 5, 2024 23:00
@gitguardian GitGuardian
Copy link

gitguardian bot commented May 5, 2024
edited
Loading

⚠️ GitGuardian has uncovered 5 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
10624400 Triggered Generic Password 21fd82e src/test/signin.test.ts View secret
10624401 Triggered Generic Password 21fd82e src/test/signin.test.ts View secret
10624402 Triggered Generic Password 21fd82e src/test/signin.test.ts View secret
10802115 Triggered Generic Password 21fd82e src/test/signin.test.ts View secret
10811125 Triggered Generic Password 21fd82e src/test/signin.test.ts View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@Ndevu12 Ndevu12 changed the title Feat: login a user with email and password PR Feat: user login with email and password PR May 5, 2024
@maxCastro1 @Ndevu12
This is a combination of 3 commits.
21fd82e 
 This is a combination of 2 commits.

 This is a combination of 3 commits.

Implemented user registration feature with input validation, password hashing, and database integration

user login feature

Implemented user registration feature with input validation, password hashing, and database integration

fix(user registration): resolve registration bug

- ensure that a user provide neccessary inputs
- restructure user entity
- refactor other codes depending on user registration logic

[Fixes #39]

rebasing from develop , adding verifie route and service and send email to the user

rebasing from develop , adding verifie route and service and send email to the user

fix(user registration): resolve registration bug

- ensure that a user provide neccessary inputs
- restructure user entity
- refactor other codes depending on user registration logic

[Fixes #39]

Update README.md

user login feature
@Ndevu12 Ndevu12 requested a review from a team May 6, 2024 06:38
@Ndevu12 Ndevu12 self-assigned this May 6, 2024
@Ndevu12 Ndevu12 added In Progress This Label will be added on pending task and removed Ready for reviews Pull request is ready for review labels May 6, 2024
aimedivin
aimedivin requested changes May 6, 2024
View reviewed changes
src/middlewares/isValide.ts
res.status(401).json({ Message: 'Sorry, Something went wrong' });
return;
}
};
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ndevu12 , in this file, focus on validating the token, fetching user data, and attach it to the request object. no need to verify the user type, it is already handled in the RBAC Issue.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okey thanks

@Ndevu12 Ndevu12 closed this May 6, 2024
@Ndevu12 Ndevu12 deleted the feat-signin branch May 6, 2024 10:15
@Ndevu12 Ndevu12 added backend Good for newcomers and removed In Progress This Label will be added on pending task labels May 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aimedivin aimedivin aimedivin requested changes

@faid-terence faid-terence Awaiting requested review from faid-terence

Assignees

@Ndevu12 Ndevu12

Labels
backend Good for newcomers
Projects
None yet
Milestone
Authentication and RBAC
Development

Successfully merging this pull request may close these issues.
3 participants
@Ndevu12 @aimedivin @maxCastro1