/controllers/authController.js

Purpose

Handles authentication-related actions, including login, logout, profile retrieval, and password change. This controller uses JWT tokens for user sessions.

Endpoints

• loginUser

  • Description: Authenticates the user by verifying the provided email and password.

  • Request: Accepts email and password in the request body.

  • Response: Sets a JWT cookie and returns user data on success or an error message on failure.

• logoutUser

  • Description: Clears the JWT token cookie, effectively logging the user out.

  • Response: Returns a message confirming successful logout.

• getProfile

  • Description: Retrieves the user profile based on the JWT token stored in cookies.

  • Response: Returns user profile data excluding the password. If no token is present, responds with null.

• changePassword

  • Description: Allows a logged-in user to update their password. Validates the user via JWT token in cookies.

  • Request: Accepts the new password in the request body.

  • Response: Updates password and marks registration as complete.

Notes

• Dependencies: Uses jsonwebtoken for token management and bcrypt for password hashing.

• JWT Secret: The JWT_SECRET environment variable is required for token signing and verification.

This controller is essential for managing user authentication and session handling across the application.

This entry provides a brief overview with core details for each function.