module.exports = { index: function (req, res) { var email = req.pa

1. module.exports = {
2. index: function (req, res) {
3. var email = req.param('email');
4. var password = req.param('password');
5.  
6. req.checkBody('email', res.i18n('auth.policy.requiredEmail')).notEmpty();
7. req.checkBody('password', res.i18n('auth.policy.requiredSenha')).notEmpty();
8.  
9. var errors = req.validationErrors();
10.  
11. if (errors) {
12. return res.json(401, {err: errors});
13. }
14.  
15. User.findOne({email: email}, function (err, user) {
16. if (!user) {
17. return res.json(401, {err: 'invalid email or password'});
18. }
19.  
20. User.comparePassword(password, user, function (err, valid) {
21. if (err) {
22. return res.json(403, {err: 'forbidden'});
23. }
24.  
25. if (!valid) {
26. return res.json(401, {err: 'invalid email or password'});
27. } else {
28. res.json({
29. user: user,
30. token: jwToken.issue({id : user.id })
31. });
32. }
33. });
34. })
35. }
36. };