const jwt = require('jsonwebtoken'); const bcrypt = require('bcrypt'); const crypto = require('crypto'); const Member = require("../../models").Member; const resetPasswordService = require("./resetPassword"); module.exports = { RESET_START: 100, RESET_CONFIRM: 200, RESET_COMPLETE: 300, async create(req) { const { username, password, firstname, lastname, phone, email } = req.body; const salt = bcrypt.genSaltSync(10); const hashpassword = bcrypt.hashSync(password, salt); const user = { username: username, password: hashpassword, firstname: firstname, lastname: lastname, phone: phone, email: email } return await Member.create(user); }, async login(req) { try { const user = await Member.findOne({ where: { username: req.body.username, status: 1 } }); if (user) { const cmp = await bcrypt.compare(req.body.password, user.password); if (cmp) { user.last_login = Date.now() user.save() const token = jwt.sign({ username: user.username }, process.env.TOKEN_SECRET, { expiresIn: process.env.TOKEN_EXPIRES } ); return { accessToken: token }; } else { return "Wrong username or password."; } } else { return "Wrong username or password."; } } catch (error) { console.debug(error) return "Internal Server error Occured"; } }, async forgotPassword(req) { try { const user = await Member.findOne({ where: { username: req.body.username } }); if (user) { const cmp = await bcrypt.compare(req.body.password, user.password); if (cmp) { user.last_login = Date.now() user.save() const token = jwt.sign({ username: user.username }, process.env.TOKEN_SECRET, { expiresIn: process.env.TOKEN_EXPIRES } ); return { accessToken: token }; } else { return "Wrong username or password."; } } else { return "Wrong username or password."; } } catch (error) { console.debug(error) return "Internal Server error Occured"; } }, async resetPassword(req) { try { const user = await Member.findOne({ where: { email: req.body.email, status: 1 } }); var date = new Date(); let reset_key = crypto.createHash('md5').update(date.toString()).digest("hex"); let reset_pin = Math.floor(100000 + Math.random() * 900000) let expired = date.setDate(date.getDate() + 7); var status = 3; if (user) { resetPasswordService.updateStatusExpired(user.id, 7); status = 0 } const resetPasswordData = { username: user.username, member_id: user.id, reset_pin: reset_pin, reset_key: reset_key, expired: expired, status: status } return await resetPasswordService.create(resetPasswordData); } catch (error) { console.debug(error) return "Invalid email"; } }, async confirmResetPassword(req) { try { const user = await Member.findOne({ where: { email: req.body.email, status: 1 } }); if (user) { const exist = await resetPasswordService.getByCondition({ member_id: user.id, status: 0, reset_pin: req.body.resetPin.toString() }); if (exist) { resetPasswordService.updateStatusById(exist.id, 1); return { resetKey: exist.reset_key } } return "invalid PIN"; } else { return "email is not existed"; } } catch (error) { console.debug(error) return "Invalid email"; } }, async completeResetPassword(req) { try { const user = await Member.findOne({ where: { email: req.body.email, status: 1 } }); if (user) { const exist = await resetPasswordService.getByCondition({ member_id: user.id, status: 1, reset_key: req.body.resetKey.toString() }); if (exist) { const salt = bcrypt.genSaltSync(10); const hashpassword = bcrypt.hashSync(req.body.newPassword, salt); Member .update( { password: hashpassword }, { returning: true, where: { id: user.id } } ) .then(([rowsUpdate, [updatedRow]]) => { console.log(rowsUpdate) }) .catch(error => { console.log(error) }); resetPasswordService.updateStatusById(exist.id, 5); return "Ok" } return "invalid PIN"; } else { return "email is not existed"; } } catch (error) { console.debug(error) return "Invalid email"; } }, async getProfile(req) { const username = req.user.username; return await Member.findOne({ where: { username: username }, attributes: ['username', 'email', 'phone', 'firstname', 'lastname'] }); }, updateProfile(username, data) { return Member .update(data, { returning: true, where: { username: username } } ) .then(([rowsUpdate, [updatedRow]]) => { return updatedRow }) .catch(error => { console.log(error) }); }, async updatePassword(req) { const username = req.user.username; const user = await Member.findOne({ where: { username: username}, attributes: ['password', 'username'] }); const cmp = await bcrypt.compare(req.body.oldPassword, user.password); console.log(cmp); if (cmp) { const salt = bcrypt.genSaltSync(10); const hashpassword = bcrypt.hashSync(req.body.newPassword, salt); return Member .update( { password: hashpassword }, { returning: true, where: { username: username } } ); } return "Wrong password" }, async deactivateAccount(req) { return Member .destroy({ where: { id: req.params.id } }) .then(rowDeleted => { if (rowDeleted !== 1) { throw ({ "name": "ValidationError", "errors": [{ message: 'Item not found' }] }); } return res.status(200).json({ message: "Deleted successfully" }); }) .catch(error => res.status(400).send(error)); } }