Added hashed password bcrypt logic in signup and login functions.

index.js

@@ -1,4 +1,5 @@
 const express = require('express')
+const bcrypt = require('bcrypt');
 const app = express()
 const port = 3001
 
@@ -21,28 +22,64 @@ const SUBMISSION = [
 app.post('/signup', function(req, res) {
   // Add logic to decode body
   // body should have email and password
-
-
-  //Store email and password (as is for now) in the USERS array above (only if the user with the given email doesnt exist)
-
-
-  // return back 200 status code to the client
+  try {
+    const { email, password } = req.body;
+    if(!email || !password) {
+      return res.status(400).send('Email and password are required');
+    }
+    // Check if the user with the given email already exists in the USERS array
+    const user=USERS.findOne(user => user.email === email);
+    if (user) {
+      return res.status(400).send('User already exists');
+    }
+    const salt = bcrypt.genSalt(10);
+    const hashedPassword = bcrypt.hash(password, salt);
+
+    //Store email and password (as is for now) in the USERS array above (only if the user with the given email doesnt exist)
+    const newUser = {
+    email: email,
+    password: hashedPassword
+    };
+    USERS.push(newUser);
+    // return back 200 status code to the client
+    res.status(200).send('User created successfully');
+  }
+  catch (error) {
+    console.error(error);
+    res.status(500).send('Internal Server Error');
+  }
   res.send('Hello World!')
 })
 
 app.post('/login', function(req, res) {
   // Add logic to decode body
   // body should have email and password
-
-  // Check if the user with the given email exists in the USERS array
-  // Also ensure that the password is the same
-
-
-  // If the password is the same, return back 200 status code to the client
-  // Also send back a token (any random string will do for now)
-  // If the password is not the same, return back 401 status code to the client
-
-
+  try {
+    const { email, password } = req.body;
+    if(!email || !password) {
+      return res.status(400).send('Email and password are required');
+    }
+    // Check if the user with the given email exists in the USERS array
+    const user = USERS.find(user => user.email === email);
+    if (!user) {
+      return res.status(401).send('User not found');
+    }
+    // Also ensure that the password is the same
+    const isPasswordValid = bcrypt.compareSync(password, user.password);
+    // If the password is not the same, return back 401 status code to the client
+    if (!isPasswordValid) {
+      return res.status(401).send('Invalid password');
+    }
+    // return back 200 status code to the client
+    // Also send back a token (any random string will do for now)
+    const token = Math.random().toString(36).substring(2); // Generate a random token
+    // If the password is the same, return back 200 status code to the client
+    // Also send back a token (any random string will do for now)
+    res.status(200).json({ message: 'Login successful', token: token });
+  } catch (error) {
+    console.error(error);
+    res.status(500).send('Internal Server Error');
+  }
   res.send('Hello World from route 2!')
 })
 

package.json

@@ -10,6 +10,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "bcrypt": "^6.0.0",
     "express": "^4.18.2"
   }
 }