282 lines
6.8 KiB
JavaScript
Executable File
282 lines
6.8 KiB
JavaScript
Executable File
const jwt = require('jsonwebtoken');
|
|
const bcrypt = require('bcrypt');
|
|
const crypto = require('crypto');
|
|
const Member = require("../../models").Member;
|
|
const resetPasswordService = require("./resetPassword");
|
|
|
|
module.exports = {
|
|
RESET_START: 100,
|
|
RESET_CONFIRM: 200,
|
|
RESET_COMPLETE: 300,
|
|
async create(req) {
|
|
const { username, password, firstname, lastname, phone, email } = req.body;
|
|
const salt = bcrypt.genSaltSync(10);
|
|
const hashpassword = bcrypt.hashSync(password, salt);
|
|
const user = {
|
|
username: username,
|
|
password: hashpassword,
|
|
firstname: firstname,
|
|
lastname: lastname,
|
|
phone: phone,
|
|
email: email
|
|
}
|
|
|
|
return await Member.create(user);
|
|
},
|
|
|
|
async login(req) {
|
|
try {
|
|
const user = await Member.findOne({
|
|
where: {
|
|
username: req.body.username,
|
|
status: 1
|
|
}
|
|
});
|
|
if (user) {
|
|
const cmp = await bcrypt.compare(req.body.password, user.password);
|
|
|
|
if (cmp) {
|
|
user.last_login = Date.now()
|
|
user.save()
|
|
const token = jwt.sign({
|
|
username: user.username
|
|
},
|
|
process.env.TOKEN_SECRET, { expiresIn: process.env.TOKEN_EXPIRES }
|
|
);
|
|
|
|
return {
|
|
accessToken: token
|
|
};
|
|
} else {
|
|
return "Wrong username or password.";
|
|
}
|
|
} else {
|
|
return "Wrong username or password.";
|
|
}
|
|
} catch (error) {
|
|
console.debug(error)
|
|
return "Internal Server error Occured";
|
|
}
|
|
},
|
|
|
|
async forgotPassword(req) {
|
|
try {
|
|
const user = await Member.findOne({
|
|
where: { username: req.body.username }
|
|
});
|
|
if (user) {
|
|
const cmp = await bcrypt.compare(req.body.password, user.password);
|
|
|
|
if (cmp) {
|
|
user.last_login = Date.now()
|
|
user.save()
|
|
const token = jwt.sign({
|
|
username: user.username
|
|
},
|
|
process.env.TOKEN_SECRET, { expiresIn: process.env.TOKEN_EXPIRES }
|
|
);
|
|
|
|
return {
|
|
accessToken: token
|
|
};
|
|
} else {
|
|
return "Wrong username or password.";
|
|
}
|
|
} else {
|
|
return "Wrong username or password.";
|
|
}
|
|
} catch (error) {
|
|
console.debug(error)
|
|
return "Internal Server error Occured";
|
|
}
|
|
},
|
|
|
|
async resetPassword(req) {
|
|
try {
|
|
const user = await Member.findOne({
|
|
where: {
|
|
email: req.body.email,
|
|
status: 1
|
|
}
|
|
});
|
|
var date = new Date();
|
|
let reset_key = crypto.createHash('md5').update(date.toString()).digest("hex");
|
|
let reset_pin = Math.floor(100000 + Math.random() * 900000)
|
|
|
|
let expired = date.setDate(date.getDate() + 7);
|
|
var status = 3;
|
|
if (user) {
|
|
resetPasswordService.updateStatusExpired(user.id, 7);
|
|
status = 0
|
|
}
|
|
|
|
const resetPasswordData = {
|
|
username: user.username,
|
|
member_id: user.id,
|
|
reset_pin: reset_pin,
|
|
reset_key: reset_key,
|
|
expired: expired,
|
|
status: status
|
|
}
|
|
|
|
return await resetPasswordService.create(resetPasswordData);
|
|
} catch (error) {
|
|
console.debug(error)
|
|
return "Invalid email";
|
|
}
|
|
},
|
|
|
|
async confirmResetPassword(req) {
|
|
try {
|
|
const user = await Member.findOne({
|
|
where: {
|
|
email: req.body.email,
|
|
status: 1
|
|
}
|
|
});
|
|
if (user) {
|
|
const exist = await resetPasswordService.getByCondition({
|
|
member_id: user.id,
|
|
status: 0,
|
|
reset_pin: req.body.resetPin.toString()
|
|
});
|
|
if (exist) {
|
|
resetPasswordService.updateStatusById(exist.id, 1);
|
|
return {
|
|
resetKey: exist.reset_key
|
|
}
|
|
}
|
|
return "invalid PIN";
|
|
} else {
|
|
return "email is not existed";
|
|
}
|
|
} catch (error) {
|
|
console.debug(error)
|
|
return "Invalid email";
|
|
}
|
|
},
|
|
|
|
async completeResetPassword(req) {
|
|
try {
|
|
const user = await Member.findOne({
|
|
where: {
|
|
email: req.body.email,
|
|
status: 1
|
|
}
|
|
});
|
|
if (user) {
|
|
const exist = await resetPasswordService.getByCondition({
|
|
member_id: user.id,
|
|
status: 1,
|
|
reset_key: req.body.resetKey.toString()
|
|
});
|
|
if (exist) {
|
|
const salt = bcrypt.genSaltSync(10);
|
|
const hashpassword = bcrypt.hashSync(req.body.newPassword, salt);
|
|
Member
|
|
.update(
|
|
{
|
|
password: hashpassword
|
|
},
|
|
{
|
|
returning: true,
|
|
where: {
|
|
id: user.id
|
|
}
|
|
}
|
|
)
|
|
.then(([rowsUpdate, [updatedRow]]) => {
|
|
console.log(rowsUpdate)
|
|
})
|
|
.catch(error => {
|
|
console.log(error)
|
|
});
|
|
|
|
resetPasswordService.updateStatusById(exist.id, 5);
|
|
return "Ok"
|
|
}
|
|
return "invalid PIN";
|
|
} else {
|
|
return "email is not existed";
|
|
}
|
|
} catch (error) {
|
|
console.debug(error)
|
|
return "Invalid email";
|
|
}
|
|
},
|
|
|
|
async getProfile(req) {
|
|
const username = req.user.username;
|
|
return await Member.findOne({
|
|
where: { username: username },
|
|
attributes: ['username', 'email', 'phone', 'firstname', 'lastname']
|
|
});
|
|
},
|
|
|
|
updateProfile(username, data) {
|
|
return Member
|
|
.update(data,
|
|
{
|
|
returning: true,
|
|
where: {
|
|
username: username
|
|
}
|
|
}
|
|
)
|
|
.then(([rowsUpdate, [updatedRow]]) => {
|
|
return updatedRow
|
|
})
|
|
.catch(error => {
|
|
console.log(error)
|
|
});
|
|
},
|
|
|
|
async updatePassword(req) {
|
|
const username = req.user.username;
|
|
const user = await Member.findOne({
|
|
where: { username: username},
|
|
attributes: ['password', 'username']
|
|
});
|
|
const cmp = await bcrypt.compare(req.body.oldPassword, user.password);
|
|
|
|
console.log(cmp);
|
|
if (cmp) {
|
|
const salt = bcrypt.genSaltSync(10);
|
|
const hashpassword = bcrypt.hashSync(req.body.newPassword, salt);
|
|
return Member
|
|
.update(
|
|
{
|
|
password: hashpassword
|
|
},
|
|
{
|
|
returning: true,
|
|
where: {
|
|
username: username
|
|
}
|
|
}
|
|
);
|
|
}
|
|
return "Wrong password"
|
|
},
|
|
|
|
async deactivateAccount(req) {
|
|
return Member
|
|
.destroy({
|
|
where: {
|
|
id: req.params.id
|
|
}
|
|
})
|
|
.then(rowDeleted => {
|
|
if (rowDeleted !== 1) {
|
|
throw ({
|
|
"name": "ValidationError",
|
|
"errors": [{
|
|
message: 'Item not found'
|
|
}]
|
|
});
|
|
}
|
|
return res.status(200).json({ message: "Deleted successfully" });
|
|
})
|
|
.catch(error => res.status(400).send(error));
|
|
}
|
|
} |