md.asif5/yume_js
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: login IB by two step verification

Browse Source 
chore: add message template
This commit is contained in:
Tomosa Sarkar
2025-10-10 17:27:00 +05:30
parent edbeca3fd2
commit 2d434b9198
3 changed files with 41 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/controllers/auth.controller.js
View File

@@ -4,9 +4,10 @@ const { logger } = require('../util/logger');
const db = require('../config/db'); const db = require('../config/db');
const dayjs = require('dayjs'); const dayjs = require('dayjs');
const { comparePassword } = require('../util/hash'); const { comparePassword } = require('../util/hash');
const customerController = require('../controllers/customer_details.controller.js');
async function login(req, res) { async function login(req, res) {
const { customerNo, password } = req.body; const { customerNo, password, otp } = req.body;
const loginType = req.headers['x-login-type'] || 'standard'; const loginType = req.headers['x-login-type'] || 'standard';
if (!customerNo || !password) { if (!customerNo || !password) {
@@ -30,6 +31,22 @@ async function login(req, res) {
.status(401) .status(401)
.json({ error: 'Password Expired.Please Contact with Administrator' }); .json({ error: 'Password Expired.Please Contact with Administrator' });
// if present then get his phone number from CBS
const userDetails = await customerController.getDetails(customerNo);
const singleUserDetail = userDetails[0];
if (!singleUserDetail?.mobileno)
return res.status(400).json({ error: 'USER_PHONE_NOT_FOUND' });
const mobileNumber = singleUserDetail.mobileno;
// For otp generate in IB
if (loginType.toUpperCase() === "IB" && !otp) {
logger.info(`credential verified but otp required | Type: ${loginType}`);
return res.status(202).json({
status: "OTP_REQUIRED",
mobile: mobileNumber
});
}
const token = generateToken(user.customer_no); const token = generateToken(user.customer_no);
const loginPswExpiry = user.password_hash_expiry; const loginPswExpiry = user.password_hash_expiry;
const rights = { const rights = {

15
src/controllers/otp.controller.js
View File

@@ -10,6 +10,7 @@ const templates = require('../util/sms_template');
// Send OTP // Send OTP
async function SendOtp(req, res) { async function SendOtp(req, res) {
const { const {
username,
mobileNumber, mobileNumber,
type, type,
amount, amount,
@@ -33,6 +34,10 @@ async function SendOtp(req, res) {
let otp = null; let otp = null;
// Pick template based on type // Pick template based on type
switch (type) { switch (type) {
case 'LOGIN_OTP':
otp = generateOTP(6);
message = templates.LOGIN_OTP(otp, username);
break;
case 'IMPS': case 'IMPS':
otp = generateOTP(6); otp = generateOTP(6);
message = templates.IMPS(otp); message = templates.IMPS(otp);
@@ -52,6 +57,10 @@ async function SendOtp(req, res) {
case 'BENEFICIARY_SUCCESS': case 'BENEFICIARY_SUCCESS':
message = templates.BENEFICIARY_SUCCESS(beneficiary); message = templates.BENEFICIARY_SUCCESS(beneficiary);
break; break;
case 'BENEFICIARY_DELETE':
otp = generateOTP(6);
message = templates.BENEFICIARY_DELETE(otp, beneficiary);
break;
case 'NOTIFICATION': case 'NOTIFICATION':
message = templates.NOTIFICATION(acctFrom, acctTo, amount, ref, date); message = templates.NOTIFICATION(acctFrom, acctTo, amount, ref, date);
break; break;
@@ -71,6 +80,10 @@ async function SendOtp(req, res) {
otp = generateOTP(6); otp = generateOTP(6);
message = templates.CHANGE_TPWORD(otp); message = templates.CHANGE_TPWORD(otp);
break; break;
case 'SET_TPWORD':
otp = generateOTP(6);
message = templates.SET_TPWORD(otp);
break;
case 'CHANGE_MPIN': case 'CHANGE_MPIN':
otp = generateOTP(6); otp = generateOTP(6);
message = templates.CHANGE_MPIN(otp); message = templates.CHANGE_MPIN(otp);
@@ -104,10 +117,8 @@ async function SendOtp(req, res) {
if (message.includes('OTP')) { if (message.includes('OTP')) {
await setJson(`otp:${mobileNumber}`, otp, 300); await setJson(`otp:${mobileNumber}`, otp, 300);
} }
logger.info(`Sent OTP [${otp}] for type [${type}] to ${mobileNumber}`); logger.info(`Sent OTP [${otp}] for type [${type}] to ${mobileNumber}`);
} }
return res.status(200).json({ message: 'Message sent successfully' }); return res.status(200).json({ message: 'Message sent successfully' });
} catch (err) { } catch (err) {
logger.error(err, 'Error sending OTP'); logger.error(err, 'Error sending OTP');

10
src/util/sms_template.js
View File

@@ -1,4 +1,6 @@
const templates = { const templates = {
LOGIN_OTP :(otp,username) =>`Dear Customer, Your username ${username} have been verified. Please enter the OTP: ${otp} to complete your login. -KCCB `,
IMPS: (otp) => `Dear Customer, Please complete the fund transfer with OTP ${otp} -KCCB`, IMPS: (otp) => `Dear Customer, Please complete the fund transfer with OTP ${otp} -KCCB`,
NEFT: (otp, amount, beneficiary) => NEFT: (otp, amount, beneficiary) =>
@@ -8,7 +10,10 @@ const templates = {
`Dear Customer, Please complete the RTGS of Rs.${amount} to ${beneficiary} with OTP:${otp} -KCCB`, `Dear Customer, Please complete the RTGS of Rs.${amount} to ${beneficiary} with OTP:${otp} -KCCB`,
BENEFICIARY_ADD: (otp, beneficiary, ifsc) => BENEFICIARY_ADD: (otp, beneficiary, ifsc) =>
`Dear Customer, You have added beneficiary ${beneficiary} ${ifsc} for NEFT/RTGS. Please endorse the beneficiary with OTP ${otp} -KCCB`, `Dear Customer, You have added beneficiary ${beneficiary} ${ifsc} for IMPS/NEFT/RTGS. Please endorse the beneficiary with OTP ${otp} -KCCB`,
BENEFICIARY_DELETE: (otp, beneficiary) =>
`Dear Customer, you have deleted the beneficiary ${beneficiary} for IMPS/NEFT/RTGS. Please confirm the deletion using OTP ${otp}. - KCCB`,
BENEFICIARY_SUCCESS: (beneficiary) => BENEFICIARY_SUCCESS: (beneficiary) =>
`Dear Customer, Your Beneficiary: ${beneficiary} for Net Banking is added successfully -KCCB`, `Dear Customer, Your Beneficiary: ${beneficiary} for Net Banking is added successfully -KCCB`,
@@ -28,6 +33,9 @@ const templates = {
CHANGE_TPWORD: (otp) => CHANGE_TPWORD: (otp) =>
`Dear Customer, Change Transaction password OTP is ${otp} -KCCB`, `Dear Customer, Change Transaction password OTP is ${otp} -KCCB`,
SET_TPWORD: (otp) =>
`Dear Customer, Your Set New Transaction password OTP is ${otp} -KCCB`,
CHANGE_MPIN: (otp) => CHANGE_MPIN: (otp) =>
`Dear Customer, Change M-PIN OTP is ${otp} -KCCB`, `Dear Customer, Change M-PIN OTP is ${otp} -KCCB`,