Website : rimsha.abasa.com
backdoor
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
var
/
www
/
ah7-backend
/
src
/
controllers
/
Filename :
auth.controller.js
back
Copy
import Usermodel from "../models/user.model.js"; import bcrypt from "bcryptjs"; import jwt from 'jsonwebtoken'; import { SendVerificationCode, WelcomeEmail } from "../services/emailService.js"; import responseHandler from "../utils/ResponseHandler.js"; import generateTokens from "../utils/jwt.helper.js"; import { uploadFileToS3 } from '../services/s3Service.js' const register = async (req, res) => { try { const { email, password, name } = req.body; if (!email || !password || !name) return responseHandler.error(res, "All fields are required"); // const profilePicture = req.file ? `/uploads/${req.file.filename}` : null; // Check if user exists const ExistUser = await Usermodel.findOne({ email }); if (ExistUser) return responseHandler.error(res, "User already exists. Please Login"); const hashPassword = await bcrypt.hash(password, 10); const verificationCode = Math.floor(100000 + Math.random() * 900000).toString(); const otpExpiry = new Date(Date.now() + 2 * 60 * 1000); // 2 minutes from now // Upload Image to S3 & Get Public URL const { publicURL } = await uploadFileToS3(req.file); const user = new Usermodel({ email, password: hashPassword, name, verificationCode, otpExpiry, profilePicture: publicURL, }); await user.save(); SendVerificationCode(user.email, user.verificationCode); return responseHandler.success(res, "User Registered Successfully", user); } catch (error) { console.log(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; // resend otp const resendOtp = async (req, res) => { try { const { email } = req.body; // User email if (!email) return responseHandler.error(res, "Email is required"); const user = await Usermodel.findOne({ email }); if (!user) return responseHandler.error(res, "User not found", 404); if (user.isVerified) return responseHandler.error(res, "User is already verified"); // set new otp and set new otp expiry const newVerificationCode = Math.floor(100000 + Math.random() * 900000).toString(); const newOtpExpiry = new Date(Date.now() + 2 * 60 * 1000); // 2 minutes from now // update User model user.verificationCode = newVerificationCode; user.otpExpiry = newOtpExpiry; await user.save(); // otp send via email await SendVerificationCode(user.email, user.verificationCode); return responseHandler.success(res, "OTP resent successfully"); } catch (error) { console.log(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; const VerifyEmail = async (req, res) => { try { const { code } = req.body; const user = await Usermodel.findOne({ verificationCode: code }); if (!user) return responseHandler.error(res, "Invalid Code"); if (user.otpExpiry && user.otpExpiry < new Date()) return responseHandler.error(res, "OTP has expired"); user.isVerified = true; user.verificationCode = null; // Clear the verification code user.otpExpiry = null; // Clear the OTP expiry await user.save(); await WelcomeEmail(user.email, user.name); return responseHandler.success(res, "Email Verified Successfully"); } catch (error) { console.log(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; const login = async (req, res) => { try { const { email, password } = req.body; if (email && password) { const user = await Usermodel.findOne({ email }); if (user) { const isMatch = await bcrypt.compare(password, user.password); if (isMatch) { const payload = { userID: user._id }; const { accessToken, refreshToken } = generateTokens(payload); user.refreshToken = refreshToken; // Save refresh token in DB await user.save(); return responseHandler.success(res, "Login Successfully", { accessToken, refreshToken, user }); } else { return responseHandler.error(res, "Invalid Email or Password"); } } else { return responseHandler.error(res, "You are not a registered user"); } } else { return responseHandler.error(res, "All fields are required"); } } catch (error) { console.log(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; const forgetPassword = async (req, res) => { try { const { email } = req.body; if (!email) return responseHandler.error(res, "Email is required"); const user = await Usermodel.findOne({ email }); if (!user) return responseHandler.error(res, "User not found", 404); const verificationCode = Math.floor(100000 + Math.random() * 900000).toString(); const otpExpiry = new Date(Date.now() + 2 * 60 * 1000); // 2 minutes from now user.verificationCode = verificationCode; user.otpExpiry = otpExpiry; // Set OTP expiry time await user.save(); await SendVerificationCode(user.email, user.verificationCode); return responseHandler.success(res, "OTP sent to email"); } catch (error) { console.log(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; const verifyOtp = async (req, res) => { try { const { email, otp } = req.body; if (!email || !otp) return responseHandler.error(res, "Email and OTP are required"); const user = await Usermodel.findOne({ email, verificationCode: otp }); if (!user) return responseHandler.error(res, "Invalid OTP or Email"); if (user.otpExpiry && user.otpExpiry < new Date()) return responseHandler.error(res, "OTP has expired"); user.verificationCode = null; // Clear the verification code user.otpExpiry = null; // Clear the OTP expiry await user.save(); return responseHandler.success(res, "OTP verified successfully"); } catch (error) { console.log(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; const updatePassword = async (req, res) => { try { const { email, newPassword } = req.body; if (!email || !newPassword) return responseHandler.error(res, "Email and new password are required"); const user = await Usermodel.findOne({ email }); if (!user) return responseHandler.error(res, "User not found", 404); const hashedPassword = await bcrypt.hash(newPassword, 10); user.password = hashedPassword; await user.save(); return responseHandler.success(res, "Password updated successfully"); } catch (error) { console.log(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; const refreshAccessToken = async (req, res) => { try { // Extract refresh token from Authorization header const authHeader = req.headers.authorization; if (!authHeader || !authHeader.startsWith("Bearer ")) { return responseHandler.error(res, "Authorization token is missing or invalid", 401); } const refreshToken = authHeader.split(" ")[1]; // Extract token after "Bearer" // Check if refresh token exists in the database const user = await Usermodel.findOne({ refreshToken }); if (!user) return responseHandler.error(res, "Invalid refresh token", 401); // Verify the refresh token jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET_KEY, (err, decoded) => { if (err) return responseHandler.error(res, "Invalid or expired refresh token", 401); // Generate new access and refresh tokens const payload = { userID: decoded.userID }; const { accessToken, refreshToken: newRefreshToken } = generateTokens(payload); // Update the refresh token in the database user.refreshToken = newRefreshToken; user.save(); return responseHandler.success(res, "New access token generated", { accessToken, refreshToken: newRefreshToken, }); }); } catch (error) { console.error(error); return responseHandler.error(res, "Internal Server Error", 500, error.message); } }; export { register, resendOtp, VerifyEmail, login, forgetPassword, verifyOtp, updatePassword, refreshAccessToken }; // import Usermodel from "../models/user.model.js"; // import bcrypt from "bcryptjs"; // import jwt from 'jsonwebtoken'; // import { SendVerificationCode, WelcomeEmail } from "../services/emailService.js"; // import responseHandler from "../utils/ResponseHandler.js"; // import generateTokens from "../utils/jwt.helper.js"; // const register = async (req, res) => { // try { // const { email, password, name } = req.body; // if (!email || !password || !name) return responseHandler.error(res, "All fields are required"); // const profilePicture = req.file ? `/uploads/${req.file.filename}` : null; // const ExistUser = await Usermodel.findOne({ email }); // if (ExistUser) return responseHandler.error(res, "User already exists. Please Login"); // const hashPassword = await bcrypt.hash(password, 10); // const verificationCode = Math.floor(100000 + Math.random() * 900000).toString(); // const otpExpiry = new Date(Date.now() + 2 * 60 * 1000); // 2 minutes from now // const user = new Usermodel({ // email, // password: hashPassword, // name, // verificationCode, // otpExpiry, // profilePicture // }); // await user.save(); // SendVerificationCode(user.email, user.verificationCode); // return responseHandler.success(res, "User Registered Successfully", user); // } catch (error) { // console.log(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // // resend otp // const resendOtp = async (req, res) => { // try { // const { email } = req.body; // User email // if (!email) return responseHandler.error(res, "Email is required"); // const user = await Usermodel.findOne({ email }); // if (!user) return responseHandler.error(res, "User not found", 404); // if (user.isVerified) return responseHandler.error(res, "User is already verified"); // // set new otp and set new otp expiry // const newVerificationCode = Math.floor(100000 + Math.random() * 900000).toString(); // const newOtpExpiry = new Date(Date.now() + 2 * 60 * 1000); // 2 minutes from now // // update User model // user.verificationCode = newVerificationCode; // user.otpExpiry = newOtpExpiry; // await user.save(); // // otp send via email // await SendVerificationCode(user.email, user.verificationCode); // return responseHandler.success(res, "OTP resent successfully"); // } catch (error) { // console.log(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // const VerifyEmail = async (req, res) => { // try { // const { code } = req.body; // const user = await Usermodel.findOne({ verificationCode: code }); // if (!user) return responseHandler.error(res, "Invalid Code"); // if (user.otpExpiry && user.otpExpiry < new Date()) return responseHandler.error(res, "OTP has expired"); // user.isVerified = true; // user.verificationCode = null; // Clear the verification code // user.otpExpiry = null; // Clear the OTP expiry // await user.save(); // await WelcomeEmail(user.email, user.name); // return responseHandler.success(res, "Email Verified Successfully"); // } catch (error) { // console.log(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // const login = async (req, res) => { // try { // const { email, password } = req.body; // if (email && password) { // const user = await Usermodel.findOne({ email }); // if (user) { // const isMatch = await bcrypt.compare(password, user.password); // if (isMatch) { // const payload = { userID: user._id }; // const { accessToken, refreshToken } = generateTokens(payload); // user.refreshToken = refreshToken; // Save refresh token in DB // await user.save(); // return responseHandler.success(res, "Login Successfully", { accessToken, refreshToken, user }); // } else { // return responseHandler.error(res, "Invalid Email or Password"); // } // } else { // return responseHandler.error(res, "You are not a registered user"); // } // } else { // return responseHandler.error(res, "All fields are required"); // } // } catch (error) { // console.log(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // const forgetPassword = async (req, res) => { // try { // const { email } = req.body; // if (!email) return responseHandler.error(res, "Email is required"); // const user = await Usermodel.findOne({ email }); // if (!user) return responseHandler.error(res, "User not found", 404); // const verificationCode = Math.floor(100000 + Math.random() * 900000).toString(); // const otpExpiry = new Date(Date.now() + 2 * 60 * 1000); // 2 minutes from now // user.verificationCode = verificationCode; // user.otpExpiry = otpExpiry; // Set OTP expiry time // await user.save(); // await SendVerificationCode(user.email, user.verificationCode); // return responseHandler.success(res, "OTP sent to email"); // } catch (error) { // console.log(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // const verifyOtp = async (req, res) => { // try { // const { email, otp } = req.body; // if (!email || !otp) return responseHandler.error(res, "Email and OTP are required"); // const user = await Usermodel.findOne({ email, verificationCode: otp }); // if (!user) return responseHandler.error(res, "Invalid OTP or Email"); // if (user.otpExpiry && user.otpExpiry < new Date()) return responseHandler.error(res, "OTP has expired"); // user.verificationCode = null; // Clear the verification code // user.otpExpiry = null; // Clear the OTP expiry // await user.save(); // return responseHandler.success(res, "OTP verified successfully"); // } catch (error) { // console.log(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // const updatePassword = async (req, res) => { // try { // const { email, newPassword } = req.body; // if (!email || !newPassword) return responseHandler.error(res, "Email and new password are required"); // const user = await Usermodel.findOne({ email }); // if (!user) return responseHandler.error(res, "User not found", 404); // const hashedPassword = await bcrypt.hash(newPassword, 10); // user.password = hashedPassword; // await user.save(); // return responseHandler.success(res, "Password updated successfully"); // } catch (error) { // console.log(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // const refreshAccessToken = async (req, res) => { // try { // // Extract refresh token from Authorization header // const authHeader = req.headers.authorization; // if (!authHeader || !authHeader.startsWith("Bearer ")) { // return responseHandler.error(res, "Authorization token is missing or invalid", 401); // } // const refreshToken = authHeader.split(" ")[1]; // Extract token after "Bearer" // // Check if refresh token exists in the database // const user = await Usermodel.findOne({ refreshToken }); // if (!user) return responseHandler.error(res, "Invalid refresh token", 401); // // Verify the refresh token // jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET_KEY, (err, decoded) => { // if (err) return responseHandler.error(res, "Invalid or expired refresh token", 401); // // Generate new access and refresh tokens // const payload = { userID: decoded.userID }; // const { accessToken, refreshToken: newRefreshToken } = generateTokens(payload); // // Update the refresh token in the database // user.refreshToken = newRefreshToken; // user.save(); // return responseHandler.success(res, "New access token generated", { // accessToken, // refreshToken: newRefreshToken, // }); // }); // } catch (error) { // console.error(error); // return responseHandler.error(res, "Internal Server Error", 500, error.message); // } // }; // export { // register, // resendOtp, // VerifyEmail, // login, // forgetPassword, // verifyOtp, // updatePassword, // refreshAccessToken // };