From 3533b39a5b91423fa3cc5594d433793a7fa26fb8 Mon Sep 17 00:00:00 2001
From: florinsilva <121447369+FlorinNatha@users.noreply.github.com>
Date: Sat, 19 Apr 2025 17:58:09 +0530
Subject: [PATCH] completed task7,8,9

---
 final_project/router/auth_users.js | 54 ++++++++++++++++++++++++++----
 1 file changed, 48 insertions(+), 6 deletions(-)

diff --git a/final_project/router/auth_users.js b/final_project/router/auth_users.js
index 8cb6ef6e40..047915b941 100644
--- a/final_project/router/auth_users.js
+++ b/final_project/router/auth_users.js
@@ -5,26 +5,68 @@ const regd_users = express.Router();
 
 let users = [];
 
-const isValid = (username)=>{ //returns boolean
-//write code to check is the username is valid
+const isValid = (username)=>{ 
+  return users.some(user => user.username === username);
 }
 
 const authenticatedUser = (username,password)=>{ //returns boolean
 //write code to check if username and password match the one we have in records.
+  return users.some(user => user.username === username && user.password === password);
 }
 
 //only registered users can login
 regd_users.post("/login", (req,res) => {
-  //Write your code here
-  return res.status(300).json({message: "Yet to be implemented"});
+  const {username, password} = req.body;
+  if(!username || !password){
+    return res.status(400).json({message: "username and password required"});
+  }
+  if(authenticatedUser(username, password)){
+    const token = jwt.sign({username: username}, "secret", {expiresIn: "1h"});
+    req.session.authorization ={
+      token,
+      username,
+    };
+    return res.status(200).json({message: "user logged in successfully"]);
+  }else{
+    return res.status(401).json({message: "Invalid login credentials"});
+  }
+  
 });
 
 // Add a book review
 regd_users.put("/auth/review/:isbn", (req, res) => {
-  //Write your code here
-  return res.status(300).json({message: "Yet to be implemented"});
+  const isbn = req.params.isbn;
+  const review = req.query.review;
+  const username = req.session.authorization?.username;
+  if(!username){
+    return res.status(401).json({message: " User not logged in"});
+  }
+  if(!books[isbn]){
+    return res.status(404).json({message: "Book not found"});
+  }
+  books[isbn].reviews[username] = review;
+  return res.status(200).json({message: "Review added/modified successfully"});
+
 });
 
+//delete a book review
+regd_users.delete("/auth/review/:isbn", (req, res) => {
+  const isbn = req.params.isbn;
+  const username = req.session.authorization?.username;
+  if(!username){
+    return res.status(401).json({message: User not logged in"});
+  }
+  if(!books[isbn]){
+      return res.status(404).json({message: "Book not found"});
+  }
+  const bookReviews = books[isbn].reviews;
+  if(bookReviews[username]){
+    delete bookReviews[username];
+    return res.status(200).json({message: "Review deleted successfully"});
+ }else{
+    return res.status(404).json({message: "Review not found for this user"});
+}); 
+ 
 module.exports.authenticated = regd_users;
 module.exports.isValid = isValid;
 module.exports.users = users;