Bugfix: Refactor login logic to improve error handling and response structure

src/actions/auth/login/index.ts

@@ -1,4 +1,3 @@
-import crypto from "crypto";
 import jwt from "jsonwebtoken";
 import {
     User
@@ -10,39 +9,38 @@ import {
 
 export const login = async (input: LoginInput): Promise<LoginResult> => {
     const {
-        mail,
-        password
+        password,
+        mail
     } = input;
 
+    if (!mail || !password) {
+        return {
+            message: "Email and password are required",
+            code: 400,
+        };
+    }
+
     const user = await User.findOne({
         mail
     });
 
     if (!user) {
         return {
-            statusCode: 404,
-            success: false,
-            message: "Kullanıcı bulunamadı",
+            message: "User not found",
             code: 404,
         };
     }
 
-    const hashedPassword = crypto.createHash("md5").update(password).digest("hex");
-
-    if (user.password !== hashedPassword) {
+    if (user.password !== password) {
         return {
-            statusCode: 401,
-            success: false,
-            message: "Hatalı şifre",
+            message: "Wrong password",
             code: 401,
         };
     }
 
     if (!user.isMailVerified) {
         return {
-            statusCode: 403,
-            success: false,
-            message: "Lütfen email adresinizi doğrulayın",
+            message: "Please verify your email address.",
             code: 403,
             payload: {
                 isMailVerified: user.isMailVerified,
@@ -53,7 +51,10 @@ export const login = async (input: LoginInput): Promise<LoginResult> => {
 
     const accessToken = jwt.sign(
         {
-            userId: user._id
+            companyName: user.companyName,
+            fullName: user.fullName,
+            userID: user._id,
+            mail: user.mail
         },
         process.env.JWT_SECRET as string,
         {
@@ -63,7 +64,10 @@ export const login = async (input: LoginInput): Promise<LoginResult> => {
 
     const refreshToken = jwt.sign(
         {
-            userId: user._id
+            companyName: user.companyName,
+            fullName: user.fullName,
+            userID: user._id,
+            mail: user.mail
         },
         process.env.JWT_REFRESH_SECRET as string || process.env.JWT_SECRET as string,
         {
@@ -75,21 +79,19 @@ export const login = async (input: LoginInput): Promise<LoginResult> => {
     await user.save();
 
     return {
-        statusCode: 200,
-        success: true,
-        message: "Giriş başarılı",
+        message: "Login successful",
         code: 200,
         payload: {
-            accessToken,
             refreshToken,
+            accessToken,
             user: {
+                phoneNumber: user.phoneNumber,
+                companyName: user.companyName,
                 userID: user._id.toString(),
-                mail: user.mail,
                 firstName: user.firstName,
                 lastName: user.lastName,
                 fullName: user.fullName,
-                phoneNumber: user.phoneNumber,
-                companyName: user.companyName,
+                mail: user.mail,
             },
         },
     };

src/actions/auth/login/types.ts

@@ -2,25 +2,22 @@ export interface LoginInput {
     mail: string;
     password: string;
 }
-
 export interface LoginResult {
-    statusCode: number;
-    success: boolean;
     message: string;
-    code?: number;
+    code: number;
     payload?: {
-        accessToken?: string;
-        refreshToken?: string;
         isMailVerified?: boolean;
+        refreshToken?: string;
+        accessToken?: string;
         mail?: string;
         user?: {
-            userID: string;
-            mail: string;
+            phoneNumber: string;
+            companyName: string;
             firstName: string;
             lastName: string;
             fullName: string;
-            phoneNumber: string;
-            companyName: string;
+            userID: string;
+            mail: string;
         };
     };
 }

src/controllers/authController.ts

@@ -1,5 +1,6 @@
 import {
-    Request, Response
+    Response,
+    Request
 } from "express";
 import {
     register as _register
@@ -43,42 +44,29 @@ export const register = async (req: Request, res: Response): Promise<void> => {
 export const login = async (req: Request, res: Response): Promise<void> => {
     try {
         const {
-            mail,
-            password
+            password,
+            mail
         } = req.body;
 
-        if (!mail || !password) {
-            res.status(400)
-                .json({
-                    statusCode: 400,
-                    message: "Mail ve şifre zorunludur",
-                });
-            return;
-        }
-
         const result = await _login({
-            mail,
-            password
+            password,
+            mail
         });
 
-        res.status(result.statusCode)
-            .json({
-                statusCode: result.statusCode,
-                message: result.message,
-                ...(result.code && {
-                    code: result.code
-                }),
-                ...(result.payload && {
-                    payload: result.payload
-                }),
-            });
+        res.status(result.code).json({
+            message: result.message,
+            code: result.code,
+            ...(result.payload && {
+                payload: result.payload
+            }),
+        });
 
     } catch (error) {
         console.error("Login error:", error);
         res.status(500)
             .json({
-                statusCode: 500,
-                message: "Sunucu hatası",
+                message: "Server error",
+                code: 500,
             });
     }
 };