Add salt to password hashing and improve security

client/package.json

@@ -2,7 +2,7 @@
   "name": "client",
   "version": "0.1.0",
   "private": true,
-  "homepage": "/BlogApp/Client",
+  "homepage": "/",
   "dependencies": {
     "@emotion/react": "^11.9.0",
     "@emotion/styled": "^11.8.1",

client/src/index.js

@@ -9,7 +9,7 @@ import { store } from './store';
 const root = ReactDOM.createRoot(document.getElementById('root'));
 root.render(
   <React.StrictMode>
-    <BrowserRouter basename="/BlogApp/Client">
+    <BrowserRouter basename="/">
       <Provider store={store}>
         <App />
       </Provider>

server/controller/user-contoller.js

@@ -1,71 +1,74 @@
 const User = require("../model/User");
 const bcrypt = require("bcryptjs");
 
-const getAllUser = async(req,res,next) =>{
+const getAllUser = async (req, res, next) => {
     let users;
 
-    try{
+    try {
         users = await User.find();
     }
-    catch(err){
+    catch (err) {
         console.log(err);
     }
-    if(!users){
-        return res.status(404).json({ message : "users are not found"})
+    if (!users) {
+        return res.status(404).json({ message: "users are not found" })
     }
 
-    return res.status(200).json({users});
+    return res.status(200).json({ users });
 }
 
-const signUp = async(req,res,next) =>{
-   const { name , email , password } = req.body;
-
-   let existingUser;
-
-   try{
-    existingUser = await User.findOne({email})
-   }catch(err){
-    console.log(err);
-   }
-
-   if(existingUser){
-       return res.status(400).json({message : "User is already exists!"})
-   }
-   const hashedPassword = bcrypt.hashSync(password);
-   const user = new User({
-       name,email,
-       password: hashedPassword,
-       blogs: []
-   });
-
-   try{
-       user.save();
-       return res.status(201).json({ user })
-   }
-   catch(e){console.log(e);}
+const signUp = async (req, res, next) => {
+    const { name, email, password } = req.body;
+
+    let existingUser;
+
+    try {
+        existingUser = await User.findOne({ email })
+    } catch (err) {
+        console.log(err);
+    }
+
+    if (existingUser) {
+        return res.status(400).json({ message: "User is already exists!" })
+    }
+    // Generate salt
+    const salt = bcrypt.genSaltSync(10);
+    const hashedPassword = bcrypt.hashSync(password, salt);
+
+    const user = new User({
+        name, email,
+        password: hashedPassword,
+        blogs: []
+    });
+
+    try {
+        await user.save();
+        return res.status(201).json({ user })
+    }
+    catch (e) { console.log(e); }
 }
 
-const logIn = async(req,res,next) => {
-    const {email , password} = req.body;
-    
+const logIn = async (req, res, next) => {
+    const { email, password } = req.body;
+
     let existingUser;
 
-    try{
-     existingUser = await User.findOne({email})
-    }catch(err){
-     console.log(err);
+    try {
+        existingUser = await User.findOne({ email })
+    } catch (err) {
+        console.log(err);
     }
-    if(!existingUser){
-        return res.status(404).json({message : "User is not found"})
+    if (!existingUser) {
+        return res.status(404).json({ message: "User is not found" })
     }
 
-    const isPasswordCorrect = bcrypt.compareSync(password,existingUser.password);
+    const isPasswordCorrect = bcrypt.compareSync(password, existingUser.password);
 
-    if(!isPasswordCorrect){
-        return res.status(400).json({message: "Incorrect Password!"});
+    if (!isPasswordCorrect) {
+        return res.status(400).json({ message: "Incorrect Password!" });
     }
 
-    return res.status(200).json({user: existingUser});
+    return res.status(200).json({ user: existingUser });
 }
 
-module.exports = { getAllUser, signUp , logIn};
+module.exports = { getAllUser, signUp, logIn };