write test bloominstituteoftechnology#10 and build out login endpoint to satisfy

Author: aaschuster

api/auth/auth-router.js

@@ -43,8 +43,23 @@ router.post('/register', checkUserAndPass, usernameNotTaken, (req, res, next) =>
   */
 });
 
-router.post('/login', checkUserAndPass, usernameExists, (req, res) => {
-  res.end('implement login, please!');
+router.post('/login', checkUserAndPass, usernameExists, (req, res, next) => {
+  let { username, password } = req.body;
+
+  Users.getBy({username})
+    .then( user => {
+      if(bcrypt.compareSync(password, user.password)) return res.json({
+          message: `welcome, ${username}`,
+          token: buildToken(user)
+        })
+      else next({
+        status: 401,
+        message: "invalid credentials"
+      })
+    })
+    .catch(next);
+
+
   /*
     IMPLEMENT
     You are welcome to build additional middlewares to help with the endpoint's functionality.

api/server.test.js

@@ -200,4 +200,24 @@ describe("[POST] /api/auth/login", () => {
 
     expect(res.body.message).toBe("invalid credentials");
   })
+
+  test(`[10] responds with "invalid credentials" if password doesn't match`, async () => {
+    let res = await request(server)
+      .post("/api/auth/login")
+      .send({username: "aaron", password: "1234"})
+
+    expect(res.body.message).toBe("invalid credentials");
+
+    res = await request(server)
+      .post("/api/auth/login")
+      .send({username: "aaron", password: "aaron"})
+
+    expect(res.body.message).toBe("invalid credentials");
+
+    res = await request(server)
+      .post("/api/auth/login")
+      .send({username: "aaron", password: "password"})
+
+    expect(res.body.message).toBe("invalid credentials");
+  })
 })