feat: login IB by two step verification

chore: add message template

src/controllers/auth.controller.js

@@ -4,9 +4,10 @@ const { logger } = require('../util/logger');
 const db = require('../config/db');
 const dayjs = require('dayjs');
 const { comparePassword } = require('../util/hash');
+const customerController = require('../controllers/customer_details.controller.js');
 
 async function login(req, res) {
-  const { customerNo, password } = req.body;
+  const { customerNo, password, otp } = req.body;
   const loginType = req.headers['x-login-type'] || 'standard';
 
   if (!customerNo || !password) {
@@ -30,6 +31,22 @@ async function login(req, res) {
         .status(401)
         .json({ error: 'Password Expired.Please Contact with Administrator' });
 
+    // if present then get his phone number from CBS
+    const userDetails = await customerController.getDetails(customerNo);
+    const singleUserDetail = userDetails[0];
+    if (!singleUserDetail?.mobileno)
+      return res.status(400).json({ error: 'USER_PHONE_NOT_FOUND' });
+    const mobileNumber = singleUserDetail.mobileno;
+
+    // For otp generate in IB
+    if (loginType.toUpperCase() === "IB" && !otp) {
+      logger.info(`credential verified but otp required | Type: ${loginType}`);
+      return res.status(202).json({
+        status: "OTP_REQUIRED",
+        mobile: mobileNumber
+      });
+    }
+
     const token = generateToken(user.customer_no);
     const loginPswExpiry = user.password_hash_expiry;
     const rights = {

src/controllers/otp.controller.js

@@ -10,6 +10,7 @@ const templates = require('../util/sms_template');
 // Send OTP
 async function SendOtp(req, res) {
   const {
+    username,
     mobileNumber,
     type,
     amount,
@@ -33,6 +34,10 @@ async function SendOtp(req, res) {
     let otp = null;
     // Pick template based on type
     switch (type) {
+      case 'LOGIN_OTP':
+        otp = generateOTP(6);
+        message = templates.LOGIN_OTP(otp, username);
+        break;
       case 'IMPS':
         otp = generateOTP(6);
         message = templates.IMPS(otp);
@@ -52,6 +57,10 @@ async function SendOtp(req, res) {
       case 'BENEFICIARY_SUCCESS':
         message = templates.BENEFICIARY_SUCCESS(beneficiary);
         break;
+      case 'BENEFICIARY_DELETE':
+        otp = generateOTP(6);
+        message = templates.BENEFICIARY_DELETE(otp, beneficiary);
+        break;
       case 'NOTIFICATION':
         message = templates.NOTIFICATION(acctFrom, acctTo, amount, ref, date);
         break;
@@ -71,6 +80,10 @@ async function SendOtp(req, res) {
         otp = generateOTP(6);
         message = templates.CHANGE_TPWORD(otp);
         break;
+      case 'SET_TPWORD':
+        otp = generateOTP(6);
+        message = templates.SET_TPWORD(otp);
+        break;
       case 'CHANGE_MPIN':
         otp = generateOTP(6);
         message = templates.CHANGE_MPIN(otp);
@@ -104,10 +117,8 @@ async function SendOtp(req, res) {
       if (message.includes('OTP')) {
         await setJson(`otp:${mobileNumber}`, otp, 300);
       }
-
       logger.info(`Sent OTP [${otp}] for type [${type}] to ${mobileNumber}`);
     }
-
     return res.status(200).json({ message: 'Message sent successfully' });
   } catch (err) {
     logger.error(err, 'Error sending OTP');