32 lines
775 B
JavaScript
32 lines
775 B
JavaScript
import { db } from '@/server/fake-db/auth'
|
||
|
||
export default defineEventHandler(async event => {
|
||
const { email, password } = await readBody(event)
|
||
if (!email || !password) {
|
||
throw createError({
|
||
statusCode: 403,
|
||
statusMessage: 'Email and Password is required to login',
|
||
data: {
|
||
email: ['Email and Password is required to login'],
|
||
},
|
||
})
|
||
}
|
||
const dbUser = db.users.find(u => u.email === email && u.password === password)
|
||
if (!dbUser) {
|
||
throw createError({
|
||
statusCode: 403,
|
||
statusMessage: 'Invalid email or password',
|
||
data: {
|
||
email: ['Invalid email or password'],
|
||
},
|
||
})
|
||
}
|
||
|
||
// ℹ️ Don't send password in response
|
||
const { password: _, ...user } = dbUser
|
||
|
||
return {
|
||
user,
|
||
}
|
||
})
|