From 2824a66fd185d76b81cf232e68246c2c5b8a20ac Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Sun, 31 Mar 2024 21:52:49 +0530
Subject: [PATCH 01/25] Fix unused next

---
 server/controllers/Authentication.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 5bc3231..87b6015 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -44,7 +44,7 @@ const login = async (req, res) => {
   }
 };
 
-const loginVerify = async (req, res, next) => {
+const loginVerify = async (req, res) => {
   const token = req.headers["x-access-token"];
   if (!token) {
     return res.status(401).send("Unauthorized: Token not provided");

From 98bd2eb64f55ac96e99a92d4c402c9436e7f45c7 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Sun, 31 Mar 2024 22:23:00 +0530
Subject: [PATCH 02/25] Login HTTPS Method Fix

---
 server/controllers/Authentication.js | 9 ++++++++-
 server/routes/Auth.js                | 2 +-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 87b6015..a163f3d 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,7 +32,14 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-        res.status(200).cookie("token", token).send("Login Successful");
+        if (req.secure) {
+          // Set Secure attribute only for HTTPS requests
+          res.cookie("token", token, { secure: true }).send("Login Successful");
+        } else {
+          res.cookie("token", token).send("Login Successful");
+        }
+
+        // res.status(200).cookie("token", token);
       } else {
         res.status(500).send("The Password is incorrect");
       }
diff --git a/server/routes/Auth.js b/server/routes/Auth.js
index 01b9d7a..4404bf5 100644
--- a/server/routes/Auth.js
+++ b/server/routes/Auth.js
@@ -11,7 +11,7 @@ router.post('/register', register);
 router.post('/login',login);
 
 //auth-login-verify
-router.get('/login', verifyUser,loginVerify);
+router.get('/login', verifyUser, loginVerify);
 
 
 module.exports = router;
\ No newline at end of file

From d97d3ae73884ce60952fb4f75191e24ec1a36563 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Sun, 31 Mar 2024 22:34:00 +0530
Subject: [PATCH 03/25] Cross Site Cookie

---
 server/controllers/Authentication.js | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index a163f3d..84673f0 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,14 +32,7 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-        if (req.secure) {
-          // Set Secure attribute only for HTTPS requests
-          res.cookie("token", token, { secure: true }).send("Login Successful");
-        } else {
-          res.cookie("token", token).send("Login Successful");
-        }
-
-        // res.status(200).cookie("token", token);
+        res.status(200).cookie("token", token, { sameSite: 'none', secure: true });
       } else {
         res.status(500).send("The Password is incorrect");
       }

From a25f98586edf4d21a86aa266af5bc7613351fe6e Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Sun, 31 Mar 2024 22:39:38 +0530
Subject: [PATCH 04/25] Req sameSite issue fix

---
 server/controllers/Authentication.js | 44 +++++++++++++++++++++-------
 1 file changed, 34 insertions(+), 10 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 84673f0..55b5f03 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -27,12 +27,32 @@ const login = async (req, res) => {
     if (user) {
       const pswrd = await bcrypt.compare(password, user.password);
       if (pswrd) {
-        const token = jwt.sign({ id : user._id, email: user.email, role: user.role, department: user.
-          department }, key, {
-          expiresIn: "1d",
-        });
+        const token = jwt.sign(
+          {
+            id: user._id,
+            email: user.email,
+            role: user.role,
+            department: user.department,
+          },
+          key,
+          {
+            expiresIn: "1d",
+          }
+        );
 
-        res.status(200).cookie("token", token, { sameSite: 'none', secure: true });
+        if (req.secure) {
+          res
+            .cookie("token", token, {
+              secure: true,
+              httpOnly: true,
+              sameSite: "None",
+            })
+            .send("Login Successful");
+        } else {
+          res
+            .cookie("token", token, { httpOnly: true, sameSite: "None" })
+            .send("Login Successful");
+        }
       } else {
         res.status(500).send("The Password is incorrect");
       }
@@ -52,14 +72,18 @@ const loginVerify = async (req, res) => {
 
   try {
     const d_token = jwt.verify(token, process.env.JWT_TOKEN);
-    if (d_token){
-      const posts = await PostModel.find({isPublished: true}, "date thumbnail updatedAt comments").sort({date: -1}).limit(6);
-      if(posts){
-        return  res.status(200).send({posts});
+    if (d_token) {
+      const posts = await PostModel.find(
+        { isPublished: true },
+        "date thumbnail updatedAt comments"
+      )
+        .sort({ date: -1 })
+        .limit(6);
+      if (posts) {
+        return res.status(200).send({ posts });
       }
       res.status(200).send("Token is valid");
     }
-    
   } catch (error) {
     console.log(error);
     res.status(500).send("Invalid Token");

From 6c82849748548f1655ef1c7d1e0569ba01f1b682 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Sun, 31 Mar 2024 23:05:13 +0530
Subject: [PATCH 05/25] https secure lax fix

---
 server/controllers/Authentication.js | 44 +++++++---------------------
 1 file changed, 10 insertions(+), 34 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 55b5f03..e67757b 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -27,32 +27,12 @@ const login = async (req, res) => {
     if (user) {
       const pswrd = await bcrypt.compare(password, user.password);
       if (pswrd) {
-        const token = jwt.sign(
-          {
-            id: user._id,
-            email: user.email,
-            role: user.role,
-            department: user.department,
-          },
-          key,
-          {
-            expiresIn: "1d",
-          }
-        );
+        const token = jwt.sign({ id : user._id, email: user.email, role: user.role, department: user.
+          department }, key, {
+          expiresIn: "1d",
+        });
 
-        if (req.secure) {
-          res
-            .cookie("token", token, {
-              secure: true,
-              httpOnly: true,
-              sameSite: "None",
-            })
-            .send("Login Successful");
-        } else {
-          res
-            .cookie("token", token, { httpOnly: true, sameSite: "None" })
-            .send("Login Successful");
-        }
+        res.status(200).cookie("token", token, { sameSite: 'Lax', secure: true });
       } else {
         res.status(500).send("The Password is incorrect");
       }
@@ -72,18 +52,14 @@ const loginVerify = async (req, res) => {
 
   try {
     const d_token = jwt.verify(token, process.env.JWT_TOKEN);
-    if (d_token) {
-      const posts = await PostModel.find(
-        { isPublished: true },
-        "date thumbnail updatedAt comments"
-      )
-        .sort({ date: -1 })
-        .limit(6);
-      if (posts) {
-        return res.status(200).send({ posts });
+    if (d_token){
+      const posts = await PostModel.find({isPublished: true}, "date thumbnail updatedAt comments").sort({date: -1}).limit(6);
+      if(posts){
+        return  res.status(200).send({posts});
       }
       res.status(200).send("Token is valid");
     }
+    
   } catch (error) {
     console.log(error);
     res.status(500).send("Invalid Token");

From c4bfe898b164b2caa4c2de9ed5a13f7e1706ac49 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Sun, 31 Mar 2024 23:13:06 +0530
Subject: [PATCH 06/25] Cookie Issue Problem

---
 server/controllers/Authentication.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index e67757b..6538b56 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,7 +32,12 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-        res.status(200).cookie("token", token, { sameSite: 'Lax', secure: true });
+        const cookieOptions = {
+          sameSite: 'None', // Change 'Lax' to 'None' since your frontend and backend are on different origins
+          secure: true, // Set to true since your backend is running over HTTPS
+        };
+        
+        res.status(200).cookie("token", token, cookieOptions).send("Login Successful");
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 4cc39179604078bf9780a04bdd1f20e1a66211f1 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Sun, 31 Mar 2024 23:26:38 +0530
Subject: [PATCH 07/25] Cookie issue

---
 server/controllers/Authentication.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 6538b56..b3886e6 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -34,7 +34,8 @@ const login = async (req, res) => {
 
         const cookieOptions = {
           sameSite: 'None', // Change 'Lax' to 'None' since your frontend and backend are on different origins
-          secure: true, // Set to true since your backend is running over HTTPS
+ // Set to true since your backend is running over HTTPS
+          httpOnly : false
         };
         
         res.status(200).cookie("token", token, cookieOptions).send("Login Successful");

From 23dddf4121bc89896aca04d462904062d810e257 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 10:15:41 +0530
Subject: [PATCH 08/25] Normal Auth

---
 server/controllers/Authentication.js | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index b3886e6..87b6015 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,13 +32,7 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-        const cookieOptions = {
-          sameSite: 'None', // Change 'Lax' to 'None' since your frontend and backend are on different origins
- // Set to true since your backend is running over HTTPS
-          httpOnly : false
-        };
-        
-        res.status(200).cookie("token", token, cookieOptions).send("Login Successful");
+        res.status(200).cookie("token", token).send("Login Successful");
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 7f6b1e444e8e40a67e4b7a87b3319c2c32bdf425 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 10:24:02 +0530
Subject: [PATCH 09/25] Path SameSite Origin Fix

---
 client/src/App.jsx                   |   3 +-
 client/src/pages/auth/Login.jsx      | 103 ++++++++++++++++-----------
 client/src/pages/auth/Register.jsx   |   2 +-
 server/controllers/Authentication.js |  16 ++++-
 4 files changed, 79 insertions(+), 45 deletions(-)

diff --git a/client/src/App.jsx b/client/src/App.jsx
index b08651d..f52cb6c 100644
--- a/client/src/App.jsx
+++ b/client/src/App.jsx
@@ -2,7 +2,8 @@ import { BrowserRouter, Routes, Route } from "react-router-dom";
 import "./App.css";
 
 import axios from "axios";
-axios.defaults.baseURL = 'http://localhost:4000/api';
+// axios.defaults.baseURL = 'http://localhost:4000/api/';
+axios.defaults.baseURL = 'https://ignite-mm4z.onrender.com/api/';
 
 import Register from "./pages/auth/Register";
 import Login from "./pages/auth/Login";
diff --git a/client/src/pages/auth/Login.jsx b/client/src/pages/auth/Login.jsx
index 3e0db5e..9f1ce06 100644
--- a/client/src/pages/auth/Login.jsx
+++ b/client/src/pages/auth/Login.jsx
@@ -1,68 +1,87 @@
-import React, { useEffect, useState } from 'react'
-import Inputs from "../../components/auth/Inputs"
-import { Link, useNavigate } from 'react-router-dom';
-import axios from 'axios';
-import { toast } from 'wc-toast';
-import Cookies from 'js-cookie';
+import React, { useEffect, useState } from "react";
+import Inputs from "../../components/auth/Inputs";
+import { Link, useNavigate } from "react-router-dom";
+import axios from "axios";
+import { toast } from "wc-toast";
+import Cookies from "js-cookie";
 
 function Login() {
-  const [email,setEmail] = useState("");
-  const [password,setPassword] = useState("");
+  const [email, setEmail] = useState("");
+  const [password, setPassword] = useState("");
 
   const nav = useNavigate();
 
   useEffect(() => {
-    const token = Cookies.get('token');
-    if (token){
-      nav('/');
+    const token = Cookies.get("token");
+    if (token) {
+      nav("/");
       return;
     }
-  },[]);
+  }, []);
 
   axios.defaults.withCredentials = true;
 
-
   const handleSubmit = async (e) => {
     e.preventDefault();
-    const tLoader = toast.loading('Authenticating');
+    const tLoader = toast.loading("Authenticating");
 
     try {
-      const result = await axios.post('auth/login', {email, password});
-      console.log(result.data);
-      toast.dismiss(tLoader);
-      toast.success('Login Successful');
-      
-      nav('/');
+      const result = await axios.post("/auth/login", { email, password });
+      if (result) {
+        console.log(result);
+        console.log(result.data);
+        toast.dismiss(tLoader);
+        toast.success("Login Successful");
+        // nav("/");
+      }
     } catch (error) {
       console.log(error);
       toast.dismiss(tLoader);
       toast.error(error.response.data);
       console.error(error.response.data);
     }
-  }
+  };
 
-    return (
-        <div className="registerPg">
-          <div className="mainLayout">
-            <div className="d-flex justify-content-between">
-    
-              <div className="info col-5">
-                <h1 className="mb-4"> Sign In</h1>
-                <form onSubmit={handleSubmit}>
-                <Inputs value={email} label={'Email'} type={'mail'} placeholder={'example@email.com'} onChange={(e) => setEmail(e.target.value)} />
-                <Inputs value={password} label={'Password'} type={'password'} placeholder={'xxxxyyyyyzzz'} onChange={(e) => setPassword(e.target.value)} />
-                <button className="auth-btn my-4" type="submit">Sign In</button>
-                </form>
-                <h6>Don't have an account? <span className="primary-color"><Link className='ref' to='/sign-up'>Sign Up</Link></span></h6>
-              </div>
-    
-              <div className="img col-6 loginWidth">
-                
-              </div>
-            </div>
+  return (
+    <div className="registerPg">
+      <div className="mainLayout">
+        <div className="d-flex justify-content-between">
+          <div className="info col-5">
+            <h1 className="mb-4"> Sign In</h1>
+            <form onSubmit={handleSubmit}>
+              <Inputs
+                value={email}
+                label={"Email"}
+                type={"mail"}
+                placeholder={"example@email.com"}
+                onChange={(e) => setEmail(e.target.value)}
+              />
+              <Inputs
+                value={password}
+                label={"Password"}
+                type={"password"}
+                placeholder={"xxxxyyyyyzzz"}
+                onChange={(e) => setPassword(e.target.value)}
+              />
+              <button className="auth-btn my-4" type="submit">
+                Sign In
+              </button>
+            </form>
+            <h6>
+              Don't have an account?{" "}
+              <span className="primary-color">
+                <Link className="ref" to="/sign-up">
+                  Sign Up
+                </Link>
+              </span>
+            </h6>
           </div>
+
+          <div className="img col-6 loginWidth"></div>
         </div>
-      );
+      </div>
+    </div>
+  );
 }
 
-export default Login
\ No newline at end of file
+export default Login;
diff --git a/client/src/pages/auth/Register.jsx b/client/src/pages/auth/Register.jsx
index 6197994..c85219d 100644
--- a/client/src/pages/auth/Register.jsx
+++ b/client/src/pages/auth/Register.jsx
@@ -26,7 +26,7 @@ function Register() {
     e.preventDefault();
     const tLoader = toast.loading('Creating User...')
     try{
-      const result = await axios.post('auth/register', {name,email,password});
+      const result = await axios.post('/auth/register', {name,email,password});
       console.log(result);
       toast.dismiss(tLoader);
       toast.success('Registration successful...');
diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 87b6015..5e16fe2 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,7 +32,21 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-        res.status(200).cookie("token", token).send("Login Successful");
+
+        res.cookie("token", token, {
+          // can only be accessed by server requests
+          httpOnly: true,
+          // path = where the cookie is valid
+          path: "/",
+          // secure = only send cookie over https
+          secure: true,
+          // sameSite = only send cookie if the request is coming from the same origin
+          sameSite: "none", // "strict" | "lax" | "none" (secure must be true)
+          // maxAge = how long the cookie is valid for in milliseconds
+          maxAge: 3600000, // 1 hour
+        }).send("Login Successful");
+
+        // res.status(200).cookie("token", token).send("Login Successful");
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 085a23bd2916c44aee0fc771a9d5a15a35f771f6 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 10:29:48 +0530
Subject: [PATCH 10/25] Cookie res modified

---
 server/controllers/Authentication.js | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 5e16fe2..5e0a85f 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -34,17 +34,13 @@ const login = async (req, res) => {
 
 
         res.cookie("token", token, {
-          // can only be accessed by server requests
-          httpOnly: true,
-          // path = where the cookie is valid
-          path: "/",
-          // secure = only send cookie over https
-          secure: true,
-          // sameSite = only send cookie if the request is coming from the same origin
-          sameSite: "none", // "strict" | "lax" | "none" (secure must be true)
-          // maxAge = how long the cookie is valid for in milliseconds
-          maxAge: 3600000, // 1 hour
+          httpOnly: true, // Restricts access to server-side requests
+          path: "/",       // Makes the cookie valid for all paths on the domain
+          secure: true,   // Requires HTTPS for transmission (prevents insecure connections)
+          sameSite: "none", // Allows cross-site requests (consider security implications)
+          maxAge: 3600000, // Sets expiration time to 1 hour (3600 seconds * 1000 milliseconds)
         }).send("Login Successful");
+        
 
         // res.status(200).cookie("token", token).send("Login Successful");
       } else {

From f578bcd1e6d6ad5c799835dd6d45d0dff8974cb1 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 10:35:56 +0530
Subject: [PATCH 11/25] Cookie res http Added

---
 server/controllers/Authentication.js | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 5e0a85f..ededafe 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -34,11 +34,8 @@ const login = async (req, res) => {
 
 
         res.cookie("token", token, {
-          httpOnly: true, // Restricts access to server-side requests
-          path: "/",       // Makes the cookie valid for all paths on the domain
-          secure: true,   // Requires HTTPS for transmission (prevents insecure connections)
-          sameSite: "none", // Allows cross-site requests (consider security implications)
-          maxAge: 3600000, // Sets expiration time to 1 hour (3600 seconds * 1000 milliseconds)
+          maxAge: 86400000,
+          httpOnly: true
         }).send("Login Successful");
         
 

From a62945f6c2d997cb6d043458d623867f9cb2fda5 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 10:36:50 +0530
Subject: [PATCH 12/25] Cookie Modifed 10

---
 server/controllers/Authentication.js | 2 --
 1 file changed, 2 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index ededafe..b5ca460 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,12 +32,10 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-
         res.cookie("token", token, {
           maxAge: 86400000,
           httpOnly: true
         }).send("Login Successful");
-        
 
         // res.status(200).cookie("token", token).send("Login Successful");
       } else {

From 848d69c5a30e398c8c6cab294bb0a3075073af55 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 10:48:39 +0530
Subject: [PATCH 13/25] SameSite None added

---
 server/controllers/Authentication.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index b5ca460..623496f 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -33,8 +33,7 @@ const login = async (req, res) => {
         });
 
         res.cookie("token", token, {
-          maxAge: 86400000,
-          httpOnly: true
+          sameSite: 'None'
         }).send("Login Successful");
 
         // res.status(200).cookie("token", token).send("Login Successful");

From 195fe04c32ccb9c646e5af352bd7e7690bc57b96 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 11:04:02 +0530
Subject: [PATCH 14/25] Cookie Header added

---
 server/controllers/Authentication.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 623496f..707474e 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,11 +32,11 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-        res.cookie("token", token, {
-          sameSite: 'None'
-        }).send("Login Successful");
+        // res.cookie("token", token, {
+        //   SameSite: 'None'
+        // }).send("Login Successful");
 
-        // res.status(200).cookie("token", token).send("Login Successful");
+        res.status(200).cookie("token", token, {sameSite: 'none', secure: true}).send("Login Successful");
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 5f2ad2b1b3ec8974ddb6e7cf5e0de305a3198b73 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 11:16:36 +0530
Subject: [PATCH 15/25] Login redirect

---
 client/src/pages/auth/Login.jsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/src/pages/auth/Login.jsx b/client/src/pages/auth/Login.jsx
index 9f1ce06..5430e09 100644
--- a/client/src/pages/auth/Login.jsx
+++ b/client/src/pages/auth/Login.jsx
@@ -32,7 +32,7 @@ function Login() {
         console.log(result.data);
         toast.dismiss(tLoader);
         toast.success("Login Successful");
-        // nav("/");
+        nav("/");
       }
     } catch (error) {
       console.log(error);

From b5e245ca1737275f4c10c5d36d543051932768c8 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 11:28:32 +0530
Subject: [PATCH 16/25] CORS Update

---
 server/server.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/server.js b/server/server.js
index d20692f..36c4462 100644
--- a/server/server.js
+++ b/server/server.js
@@ -21,7 +21,7 @@ const app = express();
 app.use(express.json());
 app.use(
   cors({
-    origin: "http://localhost:5173",
+    origin: "https://dynamic-newsletter-platform.onrender.com/",
     methods: ["GET", "POST", "PATCH"],
     credentials: true,
   })

From bffd0bd409a9906c55b1ddc172502ae707094dda Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 12:39:56 +0530
Subject: [PATCH 17/25] cors update

---
 server/server.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/server.js b/server/server.js
index 36c4462..4345df5 100644
--- a/server/server.js
+++ b/server/server.js
@@ -21,7 +21,7 @@ const app = express();
 app.use(express.json());
 app.use(
   cors({
-    origin: "https://dynamic-newsletter-platform.onrender.com/",
+    origin: "https://dynamic-newsletter-platform.onrender.com",
     methods: ["GET", "POST", "PATCH"],
     credentials: true,
   })

From e03b40981c8c8e8ff745d2cf1ead7d558292c5cd Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 13:04:46 +0530
Subject: [PATCH 18/25] Cookie CORS HTTP Method

---
 server/controllers/Authentication.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 707474e..2e28bf8 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -36,7 +36,7 @@ const login = async (req, res) => {
         //   SameSite: 'None'
         // }).send("Login Successful");
 
-        res.status(200).cookie("token", token, {sameSite: 'none', secure: true}).send("Login Successful");
+        res.status(200).cookie("token", token, {sameSite: 'none', httpOnly: false,secure: true}).send("Login Successful");
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 3c7912a15e850975be8065a058e5e1ed471a83f3 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 1 Apr 2024 13:08:10 +0530
Subject: [PATCH 19/25] HTTP Method

---
 server/controllers/Authentication.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 2e28bf8..9cf2c90 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -36,7 +36,7 @@ const login = async (req, res) => {
         //   SameSite: 'None'
         // }).send("Login Successful");
 
-        res.status(200).cookie("token", token, {sameSite: 'none', httpOnly: false,secure: true}).send("Login Successful");
+        res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 2644b1637ac0ff5270d92f70f6129225a50d4c6b Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Fri, 17 May 2024 20:38:10 +0530
Subject: [PATCH 20/25] Cookie Pref updated

---
 client/src/App.jsx                   |  1 -
 server/controllers/Authentication.js | 12 +++++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/client/src/App.jsx b/client/src/App.jsx
index f52cb6c..317cf64 100644
--- a/client/src/App.jsx
+++ b/client/src/App.jsx
@@ -2,7 +2,6 @@ import { BrowserRouter, Routes, Route } from "react-router-dom";
 import "./App.css";
 
 import axios from "axios";
-// axios.defaults.baseURL = 'http://localhost:4000/api/';
 axios.defaults.baseURL = 'https://ignite-mm4z.onrender.com/api/';
 
 import Register from "./pages/auth/Register";
diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 9cf2c90..1432c2e 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -32,11 +32,13 @@ const login = async (req, res) => {
           expiresIn: "1d",
         });
 
-        // res.cookie("token", token, {
-        //   SameSite: 'None'
-        // }).send("Login Successful");
-
-        res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
+        // res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
+        res.status(200).cookie("token", token, {
+          httpOnly: true, // Protect cookie from client-side scripting
+          secure: true,   // Only send cookie over HTTPS
+          sameSite: 'Lax'  // Allow cross-site requests with top-level navigation
+      }).send("Login Successful");
+      
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 77896120bf87cc41c7a8907fb53130eaf3bb2cb4 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Fri, 17 May 2024 20:50:44 +0530
Subject: [PATCH 21/25] SamSite is Srtict

---
 server/controllers/Authentication.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 1432c2e..18412f2 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -36,7 +36,7 @@ const login = async (req, res) => {
         res.status(200).cookie("token", token, {
           httpOnly: true, // Protect cookie from client-side scripting
           secure: true,   // Only send cookie over HTTPS
-          sameSite: 'Lax'  // Allow cross-site requests with top-level navigation
+          sameSite: 'Strict'  //  Only allows requests from the same site
       }).send("Login Successful");
       
       } else {

From 83e91cbde14d0c82f718ac8d4de374a256d41907 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Fri, 17 May 2024 21:02:12 +0530
Subject: [PATCH 22/25] WithCredentials Update

---
 server/controllers/Authentication.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 18412f2..8b4c993 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -34,9 +34,8 @@ const login = async (req, res) => {
 
         // res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
         res.status(200).cookie("token", token, {
-          httpOnly: true, // Protect cookie from client-side scripting
-          secure: true,   // Only send cookie over HTTPS
-          sameSite: 'Strict'  //  Only allows requests from the same site
+          httpOnly: true, // Protect cookie from client-side scriptingd
+          withCredentials: true,
       }).send("Login Successful");
       
       } else {

From af89587c39026fa5db95220bca63a401544344d3 Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 3 Jun 2024 23:21:17 +0530
Subject: [PATCH 23/25] Cookie Issue Solved

---
 client/src/pages/auth/Login.jsx      | 3 +--
 server/controllers/Authentication.js | 4 ++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/client/src/pages/auth/Login.jsx b/client/src/pages/auth/Login.jsx
index 5430e09..64d10be 100644
--- a/client/src/pages/auth/Login.jsx
+++ b/client/src/pages/auth/Login.jsx
@@ -28,10 +28,9 @@ function Login() {
     try {
       const result = await axios.post("/auth/login", { email, password });
       if (result) {
-        console.log(result);
-        console.log(result.data);
         toast.dismiss(tLoader);
         toast.success("Login Successful");
+        Cookies.set("token", result.data.token);
         nav("/");
       }
     } catch (error) {
diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 9cf2c90..d02fa71 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -35,8 +35,8 @@ const login = async (req, res) => {
         // res.cookie("token", token, {
         //   SameSite: 'None'
         // }).send("Login Successful");
-
-        res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
+        // res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
+        res.status(200).send({token: token});
       } else {
         res.status(500).send("The Password is incorrect");
       }

From b7f7c1de1b711a9df41659e03a8c05945e3d85fd Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Mon, 3 Jun 2024 23:29:10 +0530
Subject: [PATCH 24/25] Auth Cookie fixed

---
 server/controllers/Authentication.js | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/server/controllers/Authentication.js b/server/controllers/Authentication.js
index 38370a6..ee9b681 100644
--- a/server/controllers/Authentication.js
+++ b/server/controllers/Authentication.js
@@ -31,21 +31,7 @@ const login = async (req, res) => {
           department }, key, {
           expiresIn: "1d",
         });
-
-<<<<<<< HEAD
-        // res.cookie("token", token, {
-        //   SameSite: 'None'
-        // }).send("Login Successful");
-        // res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
         res.status(200).send({token: token});
-=======
-        // res.status(200).cookie("token", token, {sameSite: 'none', HttpOnly: false,secure: true}).send("Login Successful");
-        res.status(200).cookie("token", token, {
-          httpOnly: true, // Protect cookie from client-side scriptingd
-          withCredentials: true,
-      }).send("Login Successful");
-      
->>>>>>> 83e91cbde14d0c82f718ac8d4de374a256d41907
       } else {
         res.status(500).send("The Password is incorrect");
       }

From 1fdcbc016cd9c3c1eccaf7f9553c6bc86b7162fe Mon Sep 17 00:00:00 2001
From: halith-smh <mohamedhalith.smh@gmail.com>
Date: Tue, 30 Jul 2024 21:23:55 +0530
Subject: [PATCH 25/25] Preview Added for images - Sample POST Preview

---
 client/src/components/newsletter/SinglePost.jsx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/client/src/components/newsletter/SinglePost.jsx b/client/src/components/newsletter/SinglePost.jsx
index d1d2f42..6d181ba 100644
--- a/client/src/components/newsletter/SinglePost.jsx
+++ b/client/src/components/newsletter/SinglePost.jsx
@@ -21,8 +21,8 @@ function SinglePost({ data, email, mainId, date }) {
         {/* <h4 id="title">{data.title}</h4> */}
         <div className="img-wrapper">
           <img
-            src={`http://localhost:4000/${data.img}`}
-            alt=""
+            src="https://firebasestorage.googleapis.com/v0/b/mohamedhaliths.appspot.com/o/assets%2Fimgs%2FNewsletter%20App.png?alt=media&token=cea32243-e52d-44cc-ac7a-e7a7fc85f398"
+            alt="Sample Post Image"
             className="card-img-post"
             width={500}
             height={380}