update back

back/middlewares/loader.js

@@ -3,7 +3,6 @@ const User = require('../models/user');
 module.exports = async (req, res, next) => {
   if (req.get('Authorization')) {
     req.user = await User.findOne({ token: req.get('Authorization')});
-    console.log(req.user);
   }
   next();
 };

back/middlewares/loginChecker.js

 module.exports = (req, res, next) => {
-  console.log(req.url);
   if (!req.user && !['/users', '/users/authenticate'].includes(req.url)) return res.status(401).json({ error: 'Authentication needed'});
   return next();
 };
\ No newline at end of file

back/routes/users.js

@@ -16,8 +16,8 @@ router.post('/', (req, res) => {
     passwordHash,
     token
   }).then(user => {
-    delete user.passwordHash;
-    delete user.token;
+    user.passwordHash = undefined;
+    user.token = undefined;
     return res.status(201).json(user);
   }).catch(err => res.status(400).json({ error: err }));
 });
@@ -27,13 +27,17 @@ router.post('/authenticate', (req, res) => {
   User.findOne({ username: req.body.username }, (err, user) => {
     if (err) return res.status(500).json({ error: err });
     if (!user) return res.status(404).json({ error: "User not found"});
-    if (bcrypt.compareSync(req.body.password, user.passwordHash)) return res.json({ token: user.token });
+    if (bcrypt.compareSync(req.body.password, user.passwordHash)) {
+      user.passwordHash = undefined;
+      return res.json(user);
+    }
     return res.status(400).json({ error: "Bad password" }); 
   });
 });
 
 router.get('/me', (req, res) => {
-  // User required
+  req.user.passwordHash = undefined;
+  req.user.token = undefined;
   return res.json(req.user);
 })