enchance the encrytion level and store the user data in database with…

models/User.js

@@ -1,4 +1,4 @@
-import mongoose from 'mongoose';
+const mongoose = require("mongoose");
 
 const UserSchema = new mongoose.Schema({
   name: { type: String, required: true },

package.json

@@ -11,6 +11,7 @@
   "dependencies": {
     "@next/font": "13.2.3",
     "@reduxjs/toolkit": "^1.9.3",
+    "argon2": "^0.41.1",
     "bcryptjs": "^2.4.3",
     "crypto": "^1.0.1",
     "eslint": "8.35.0",

pages/api/auth/login.js

@@ -1,18 +1,14 @@
 import ConnectDB from '@/DB/connectDB';
 import User from '@/models/User';
 import Joi from 'joi';
-import { compare } from 'bcryptjs';
+import argon2 from 'argon2'; // Import Argon2 for password hashing
 import jwt from 'jsonwebtoken';
 
-
 const schema = Joi.object({
     email: Joi.string().email().required(),
     password: Joi.string().required(),
 });
 
-
-
-
 export default async (req, res) => {
     await ConnectDB();
 
@@ -25,15 +21,16 @@ export default async (req, res) => {
         const checkUser = await User.findOne({ email });
         if (!checkUser) return res.status(401).json({ success: false, message: "Account not Found" });
 
-        const isMatch = await compare(password, checkUser.password);
+        // Use Argon2 to verify the password
+        const isMatch = await argon2.verify(checkUser.password, password);
         if (!isMatch) return res.status(401).json({ success: false, message: "Incorrect Password" });
 
-        const token = jwt.sign({ id: checkUser._id, email: checkUser.email }, process.env.JWT_SECREAT, { expiresIn: '1d' });
-        const finalData = {token , user : checkUser}
-        return res.status(200).json({ success: true, message: "Login Successfull",  finalData})
+        const token = jwt.sign({ id: checkUser._id, email: checkUser.email }, process.env.JWT_SECRET, { expiresIn: '1d' });
+        const finalData = { token, user: checkUser };
+        return res.status(200).json({ success: true, message: "Login Successful", finalData });
 
     } catch (error) {
-        console.log('Error in register (server) => ', error);
-        return res.status(500).json({ success: false, message: "Something Went Wrong Please Retry Later !" })
+        console.error('Error in login (server) => ', error); // Log the error
+        return res.status(500).json({ success: false, message: "Something Went Wrong Please Retry Later !" });
     }
 }

pages/api/auth/register.js

@@ -1,7 +1,7 @@
 import ConnectDB from '@/DB/connectDB';
 import User from '@/models/User';
 import Joi from 'joi';
-import { hash } from 'bcryptjs';
+import argon2 from 'argon2';
 
 
 const schema = Joi.object({
@@ -27,13 +27,21 @@ export default async (req, res) => {
         }
 
         else {
-            const hashedPassword = await hash(password, 12)
+            // Use Argon2 to hash the password
+            const hashedPassword = await argon2.hash(password, {
+                type: argon2.argon2id,
+                memoryCost: 2 ** 16,  // 64MB
+                timeCost: 5,  // iterations
+                parallelism: 1  // Number of threads (1 in this case)
+            });
+
             const createUser = await User.create({ email, name, password: hashedPassword });
             return res.status(201).json({ success: true, message: "Account created successfully" });
         }
     } catch (error) {
         console.log('Error in register (server) => ', error);
-        return res.status(500).json({ success: false, message: "Something Went Wrong Please Retry Later !" })
+        return res.status(500).json({ success: false, message: "Something Went Wrong Please Retry Later !" });
     }
 }
 
+