Fix hash password

Took 30 minutes

src/components/form/RegisterForm.tsx

@@ -25,18 +25,16 @@ export default function RegisterForm() {
   };
 
   const handleSubmit = () => {
-    const {password, confirmPassword} = registerData;
+    let {email, firstName, lastName, password, confirmPassword} = registerData;
     if (password !== confirmPassword) setInvalidInput(true);
 
     fetch('/api/user', {
       method: 'PUT',
       headers: {'Content-Type': 'application/json'},
-      body: JSON.stringify(registerData),
+      body: JSON.stringify({email, firstName, lastName, password}),
     }).then(() => {
-      const {email, password} = registerData;
-
-      signIn('credentials',
-          {email, password, redirect: false}).then((res) => {
+      signIn('credentials', {email, password, redirect: false})
+      .then((res) => {
         const {ok: connexionSuccess} = res as SignInResponse;
 
         // TODO If success -> goto interactive form else login

src/lib/PasswordTools.ts

@@ -0,0 +1,13 @@
+import bcrypt from "bcrypt";
+
+export async function hashPassword(unHashedPassword: string): Promise<string> {
+  return await bcrypt.hash(unHashedPassword, 10).then((hash: string) => hash);
+}
+
+export async function isSamePassword(
+    unHashedPassword: string,
+    hashedPassword: string
+): Promise<boolean> {
+  return await bcrypt.compare(unHashedPassword, hashedPassword).
+      then((result: boolean) => result);
+}

src/pages/api/auth/[...nextauth].ts

@@ -3,6 +3,7 @@ import CredentialsProvider from "next-auth/providers/credentials";
 import {PrismaClient} from '@prisma/client';
 import {NextApiRequest, NextApiResponse} from 'next';
 import {LoginData} from '@/models/form/LoginData';
+import {isSamePassword} from '@/lib/PasswordTools';
 
 const prisma = new PrismaClient();
 
@@ -24,7 +25,10 @@ export default async function auth(req: NextApiRequest, res: NextApiResponse) {
         });
 
         // Vérification de la connexion
-        if (user && user.password === password) return user;
+        if (user && await isSamePassword(password, user.password)) {
+          return user;
+        }
+
         return null;
       },
     })

src/pages/api/user/index.ts

@@ -2,6 +2,9 @@ import type {NextApiRequest, NextApiResponse} from 'next';
 import CRUD from '@/utils/CRUD';
 import {CreateUserQuery} from '@/models/api/user';
 import {PrismaClient} from '@prisma/client';
+import {LoginData} from '@/models/form/LoginData';
+import {RegisterData} from '@/models/form/RegisterData';
+import {hashPassword} from '@/lib/PasswordTools';
 
 export default function handler(
     req: NextApiRequest,
@@ -10,7 +13,6 @@ export default function handler(
   switch (req.method) {
     case CRUD.CREATE: return createUser(req, res);
     case CRUD.READ: return readUser(req, res);
-    // case CRUD.DELETE: return deleteUser(req, res);
     default: return help(res);
   }
 }
@@ -27,8 +29,10 @@ async function createUser(req: NextApiRequest, res: NextApiResponse) {
   if (!email || !password || !firstName || !lastName)
     return res.status(400).send({message: req.body});
 
+  const hashedPassword = await hashPassword(password)
+
   const newUser = await prisma.user.create({
-    data: {...req.body},
+    data: {...req.body, password: hashedPassword},
   });
 
   return res.status(201).send({message: 'createUser', newUser});