The route that’s sends the token is /token and I thought you need to have a additional route /users/me to receive the currentUser, that what atleast I got from the ESA-Guide. Now, I have the /token route that sends the user-id.
router.post('/token', asyncHandler(async (req, res, next) => {
if (req.body.grant_type === 'password') {
try {
const { username, password } = req.body;
await User.find({ email: username }, async (err, docs) => {
if (docs.length !== 0) {
if (docs[0].password === password) {
res.status(200).send(`{ "access_token": "${docs[0]._id}"}`);
next();
} else {
bcrypt.compare(password, docs[0].password, (error, val) => {
if (error) {
next(error);
}
if (val) {
res.status(200).send(`{ "access_token": "${docs[0]._id}" }`);
next();
} else {
res.status(400).send('{"error": "invalid_grant"}');
next();
}
});
}
} else {
res.status(400).send('{"error": "invalid_grant"}');
next();
}
});
} catch (error) {
next(error);
}
} else {
res.status(400).send('{ "error": "unsupported_grant_type" }');
}
}));
Could it be that this was how it suppose to be in the first place ?