From c8efe8d75a6af8bb5c058d37f8899c5a0b4b9e1f Mon Sep 17 00:00:00 2001
From: asif <md.asif5@tcs.com>
Date: Fri, 29 Aug 2025 13:40:57 +0530
Subject: [PATCH] fix: check if password is not null on login req

---
 src/controllers/auth.controller.js | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/controllers/auth.controller.js b/src/controllers/auth.controller.js
index 9a90add..94e23f8 100644
--- a/src/controllers/auth.controller.js
+++ b/src/controllers/auth.controller.js
@@ -14,7 +14,8 @@ async function login(req, res) {
   const currentTime = new Date().toISOString();
   try {
     const user = await authService.validateUser(customerNo, password);
-    if (!user) return res.status(401).json({ error: 'invalid credentials' });
+    if (!user || !password)
+      return res.status(401).json({ error: 'invalid credentials' });
     const token = generateToken(user.customer_no, '1d');
     const FirstTimeLogin = await authService.CheckFirstTimeLogin(customerNo);
     await db.query('UPDATE users SET last_login = $1 WHERE customer_no = $2', [
@@ -34,7 +35,6 @@ async function fetchUserDetails(req, res) {
     const user = await authService.findUserByCustomerNo(customerNo);
     if (!user) return res.status(404).json({ message: 'USER_NOT_FOUND' });
     return res.json(user);
-
   } catch (err) {
     logger.error(err, 'error occured while fetching user details');
     res.status(500).json({ error: 'something went wrong' });
@@ -102,4 +102,11 @@ async function setTransactionPassword(req, res) {
   }
 }
 
-module.exports = { login, tpin, setTpin, setLoginPassword, setTransactionPassword,fetchUserDetails };
+module.exports = {
+  login,
+  tpin,
+  setTpin,
+  setLoginPassword,
+  setTransactionPassword,
+  fetchUserDetails,
+};