Spaces:
Runtime error
Runtime error
File size: 5,190 Bytes
3d21646 250ca07 3d21646 2c97468 250ca07 a08dcde 3d21646 d747060 3d21646 250ca07 0469ebe 250ca07 6b4f322 250ca07 0469ebe 250ca07 d747060 250ca07 0469ebe 250ca07 d747060 250ca07 a08dcde d747060 a08dcde 6b4f322 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 |
import { Request, Response } from 'express';
import User from '../models/users';
import { comparePassword, hashPassword } from '../utils/passwordUtils';
import { generateToken } from '../utils/jwtUtils';
import { logger } from '../utils/logger';
import { sendMail } from '../utils/mailer';
import { generateResetToken } from '../utils/tokenUtils';
import { Op } from 'sequelize';
import { AuthenticatedRequest } from 'shared/interfaces/user.interface';
export const login = async (req: Request, res: Response) => {
try {
const { email, password } = req.body;
const user = await User.findOne({
where: {
email: email,
},
})
if (!user) {
return res.status(401).json({ error: 'Invalid Credentials' });
}
const passwordMatch = await comparePassword(password, user.password);
if (!passwordMatch) {
return res.status(401).json({ error: 'Invalid Credentials' });
}
if (user.status === 'inactive') {
return res.status(403).json({ error: 'Forbidden' });
}
const payload = {
id: user.id,
name: user.name,
email: user.email,
role_id: user.role_id
}
const token = generateToken(payload);
return res.status(200).json({ token: token });
} catch (error) {
logger.error("Error logging in: ");
logger.error(error);
return res.status(500).json({ error: 'Internal server error' });
}
}
export const forgotPassword = async (req: Request, res: Response) => {
try {
const { email } = req.body;
const user = await User.findOne({
where: { email }
});
if (!user) {
return res.status(404).json({ error: 'User not found' });
}
const resetToken = generateResetToken();
const resetTokenExpiry = new Date(Date.now() + 3600000);
await user.update({
reset_token: resetToken,
reset_token_expiry: resetTokenExpiry
});
const resetLink = `${process.env.APP_URL}reset-password?token=${resetToken}`;
sendMail({
subject: 'Your password reset link',
to: email,
content: `<p><b>Dear ${user.name},</b></p>
<p>Click the link below to reset your password:</p>
<p><a href="${resetLink}">Reset Your Password</a></p>
<p>Link will expire within 1 hour.</p>
<p>Best regards,<br>Team Fusion Bills</p>`
})
return res.status(200).json({ message: 'Password reset email sent successfully' });
} catch (error) {
logger.error("Error in forgot password: ");
logger.error(error);
return res.status(500).json({ error: 'Internal server error' });
}
}
export const resetPassword = async (req: Request, res: Response) => {
try {
const { token, newPassword } = req.body;
const user = await User.findOne({
where: {
reset_token: token,
reset_token_expiry: { [Op.gt]: new Date() }
}
});
if (!user) {
return res.status(400).json({ error: 'Invalid or expired token' });
}
const hashedPassword = await hashPassword(newPassword);
await user.update({
password: hashedPassword,
reset_token: null,
reset_token_expiry: null
});
return res.status(200).json({ message: 'Password reset successfully' });
} catch (error) {
logger.error("Error in reset password: ");
logger.error(error);
return res.status(500).json({ error: 'Internal server error' });
}
}
export const changePassword = async (req: AuthenticatedRequest, res: Response) => {
try {
const { currentPassword, newPassword, confirmPassword } = req.body;
const userId = req.user?.id;
if (!userId) {
return res.status(401).json({ error: 'Unauthorized' });
}
const user = await User.findByPk(userId);
if (!user) {
return res.status(404).json({ error: 'User not found' });
}
const isPasswordCorrect = await comparePassword(currentPassword, user.password);
if (!isPasswordCorrect) {
return res.status(400).json({ error: 'Invalid current password' });
}
if (newPassword !== confirmPassword) {
return res.status(400).json({ error: 'New passwords do not match' });
}
if (newPassword.length < 8) {
return res.status(400).json({ error: 'Password must be at least 8 characters long.' });
}
const hashedPassword = await hashPassword(newPassword);
user.password = hashedPassword;
await user.save();
return res.status(200).json({ message: 'Password changed successfully' });
} catch (error) {
logger.error("Error changing password: ");
logger.error(error);
return res.status(500).json({ error: 'Internal server error' });
}
}
|