it was vulnerable dont use it now
npm install md5
// models/user.js
const mongoose = require('mongoose');
const userSchema = new mongoose.Schema({
username: { type: String, required: true },
password: { type: String, required: true },
});
const User = mongoose.model('User', userSchema);
module.exports = User;
const express = require('express');
const router = express.Router();
const User = require('../models/user');
const md5 = require('md5');
// Signup
router.post('/signup', async (req, res) => {
const { username, password } = req.body;
try {
const hashedPassword = md5(password);
const user = new User({ username, password: hashedPassword });
await user.save();
res.status(201).json({ message: 'User created successfully' });
} catch (error) {
console.error(error);
res.status(500).json({ message: 'Internal server error' });
}
});
// Login
router.post('/login', async (req, res) => {
const { username, password } = req.body;
const hashedPassword = md5(password);
try {
const user = await User.findOne({ username, password: hashedPassword });
if (user) {
res.status(200).json({ message: 'Login successful' });
} else {
res.status(401).json({ message: 'Invalid credentials' });
}
} catch (error) {
console.error(error);
res.status(500).json({ message: 'Internal server error' });
}
});
module.exports = router;