diff --git a/Dockerfile.prod b/Dockerfile.prod index 6fb1532..fa8a6c9 100644 --- a/Dockerfile.prod +++ b/Dockerfile.prod @@ -7,12 +7,12 @@ WORKDIR /app # Copy package.json COPY package.json . -# Install production dependencies using Yarn -RUN npm install --production +# Install dependencies (dev deps needed for the build step) +RUN npm install # Copy the rest of the application files COPY . . -# Build the frontend using Yarn +# Build the frontend RUN npm run build # Stage 2: Serve the application with Nginx diff --git a/backend/routes/auth.js b/backend/routes/auth.js index e26c7a9..da60aff 100644 --- a/backend/routes/auth.js +++ b/backend/routes/auth.js @@ -9,15 +9,21 @@ router.post("/signup", async (req, res) => { const { username, email, password } = req.body; try { - const existingUser = await User.findOne( {email} ); + const existingUser = await User.findOne({ + $or: [{ email }, { username }], + }); if (existingUser) - return res.status(400).json( {message: 'User already exists'} ); + return res.status(400).json({ message: 'User already exists' }); - const newUser = new User( {username, email, password} ); + const newUser = new User({ username, email, password }); await newUser.save(); - res.status(201).json( {message: 'User created successfully'} ); + res.status(201).json({ message: 'User created successfully' }); } catch (err) { + if (err && err.code === 11000) { + return res.status(400).json({ message: 'User already exists' }); + } + res.status(500).json({ message: 'Error creating user', error: err.message }); } }); diff --git a/backend/server.js b/backend/server.js index 3f19f00..306d71e 100644 --- a/backend/server.js +++ b/backend/server.js @@ -12,7 +12,15 @@ require('./config/passportConfig'); const app = express(); // CORS configuration -app.use(cors('*')); +const allowedOrigins = (process.env.FRONTEND_URL || 'http://localhost:5173') + .split(',') + .map((origin) => origin.trim()) + .filter(Boolean); + +app.use(cors({ + origin: allowedOrigins, + credentials: true, +})); // Middleware app.use(bodyParser.json()); diff --git a/spec/auth.routes.spec.cjs b/spec/auth.routes.spec.cjs index c5ac003..e8662ce 100644 --- a/spec/auth.routes.spec.cjs +++ b/spec/auth.routes.spec.cjs @@ -57,6 +57,15 @@ describe('Auth Routes', () => { expect(res.body.message).toBe('User already exists'); }); + it('should not sign up a user with existing username', async () => { + await new User({ username: 'testuser', email: 'test@example.com', password: 'password123' }).save(); + const res = await request(app) + .post('/auth/signup') + .send({ username: 'testuser', email: 'test2@example.com', password: 'password456' }); + expect(res.status).toBe(400); + expect(res.body.message).toBe('User already exists'); + }); + it('should login a user with correct credentials', async () => { await request(app) .post('/auth/signup') diff --git a/src/pages/Login/Login.tsx b/src/pages/Login/Login.tsx index d6f21a7..85de642 100644 --- a/src/pages/Login/Login.tsx +++ b/src/pages/Login/Login.tsx @@ -30,7 +30,11 @@ const Login: React.FC = () => { setIsLoading(true); try { - const response = await axios.post(`${backendUrl}/api/auth/login`, formData); + const response = await axios.post( + `${backendUrl}/api/auth/login`, + formData, + { withCredentials: true } + ); setMessage(response.data.message); if (response.data.message === 'Login successful') { diff --git a/src/pages/Signup/Signup.tsx b/src/pages/Signup/Signup.tsx index d03a921..07ee7ec 100644 --- a/src/pages/Signup/Signup.tsx +++ b/src/pages/Signup/Signup.tsx @@ -25,8 +25,10 @@ const navigate = useNavigate(); const handleSubmit = async (e: React.FormEvent) => { e.preventDefault(); try { - const response = await axios.post(`${backendUrl}/api/auth/signup`, - formData // Include cookies for session + const response = await axios.post( + `${backendUrl}/api/auth/signup`, + formData, + { withCredentials: true } ); setMessage(response.data.message); // Show success message from backend