feat : onboarding new CIF by giving rights through admin portal.
feat : View the user rights and update in admin portal. chore : Add some template message for OTP
This commit is contained in:
@@ -5,7 +5,7 @@ const { logger } = require('../util/logger');
|
||||
const { hashPassword } = require('../util/hash');
|
||||
const db = require('../config/db');
|
||||
const { generateOTP } = require('../otpgenerator');
|
||||
|
||||
const dayjs = require("dayjs");
|
||||
|
||||
async function login(req, res) {
|
||||
const { userName, password } = req.body;
|
||||
@@ -63,61 +63,60 @@ async function getUserDetails(req, res) {
|
||||
}
|
||||
}
|
||||
async function getUserRights(req, res) {
|
||||
// const { CIF } = req.query;
|
||||
// if (!CIF) {
|
||||
// res.status(400).json({
|
||||
// error: 'CIF number is required',
|
||||
// });
|
||||
// }
|
||||
// try {
|
||||
// const userDetails = await adminAuthService.getCustomerDetails(CIF);
|
||||
// if (!userDetails)
|
||||
// return res.status(401).json({ error: 'invalid CIF number' });
|
||||
// return res.json(userDetails);
|
||||
// } catch (error) {
|
||||
// logger.error('while fetching customer details', error);
|
||||
// res.status(500).json({ error: 'invalid CIF number'});
|
||||
// }
|
||||
}
|
||||
async function UserRights(req, res) {
|
||||
const { CIF, ib_access_level, mb_access_level } = req.body;
|
||||
const first_time_pass = generateOTP(6);
|
||||
const { CIF } = req.query;
|
||||
if (!CIF) {
|
||||
res.status(400).json({
|
||||
error: 'CIF number is required',
|
||||
});
|
||||
}
|
||||
const currentTime = new Date().toISOString();
|
||||
const user = await authService.findUserByCustomerNo(CIF);
|
||||
const password = await hashPassword(first_time_pass);
|
||||
if (user) {
|
||||
try {
|
||||
await db.query('UPDATE users SET customer_no = $1,password_hash=$2,updated_at=$5,ib_access_level=$3,mb_access_level=$4 WHERE customer_no = $1', [
|
||||
CIF,
|
||||
password,
|
||||
ib_access_level,
|
||||
mb_access_level,
|
||||
currentTime,
|
||||
]);
|
||||
res.json({otp:`${first_time_pass}`});
|
||||
} catch (err) {
|
||||
console.log(err);
|
||||
logger.error(err, 'Right Update failed');
|
||||
res.status(500).json({ error: 'something went wrong' });
|
||||
const userDetails = await adminAuthService.getCustomerDetailsFromDB(CIF);
|
||||
if (!userDetails)
|
||||
return res.status(401).json({ error: 'invalid CIF number or No rights is present for the user.' });
|
||||
return res.json(userDetails);
|
||||
}
|
||||
|
||||
async function UserRights(req, res) {
|
||||
try {
|
||||
const { CIF, ib_access_level, mb_access_level } = req.body;
|
||||
|
||||
if (!CIF) {
|
||||
return res.status(400).json({ error: 'CIF number is required' });
|
||||
}
|
||||
}
|
||||
if (!user) {
|
||||
try {
|
||||
await db.query('INSERT INTO users (customer_no, password_hash,ib_access_level,mb_access_level) VALUES ($1, $2, $3, $4)',
|
||||
|
||||
const currentTime = new Date().toISOString();
|
||||
const user = await authService.findUserByCustomerNo(CIF);
|
||||
const first_time_pass = generateOTP(6);
|
||||
const password = await hashPassword(first_time_pass);
|
||||
if (user) {
|
||||
const FirstTimeLogin = await authService.CheckFirstTimeLogin(CIF);
|
||||
// if user did not login within 7 days
|
||||
if (FirstTimeLogin && dayjs(currentTime).diff(dayjs(user.created_at), 'day') > 8) {
|
||||
// Password expired, resend
|
||||
await db.query(
|
||||
'UPDATE users SET password_hash=$2, updated_at=$5, ib_access_level=$3, mb_access_level=$4 WHERE customer_no=$1',
|
||||
[CIF, password, ib_access_level, mb_access_level, currentTime]
|
||||
);
|
||||
return res.json({ otp: first_time_pass });
|
||||
}
|
||||
// Just update access levels and timestamp
|
||||
await db.query(
|
||||
'UPDATE users SET updated_at=$4, ib_access_level=$2, mb_access_level=$3 WHERE customer_no=$1',
|
||||
[CIF, ib_access_level, mb_access_level, currentTime]
|
||||
);
|
||||
return res.json({ message: "User updated successfully." });
|
||||
} else {
|
||||
// User does not exist, insert
|
||||
await db.query(
|
||||
'INSERT INTO users (customer_no, password_hash, ib_access_level, mb_access_level) VALUES ($1, $2, $3, $4)',
|
||||
[CIF, password, ib_access_level, mb_access_level]
|
||||
);
|
||||
res.json({otp:`${first_time_pass}`});
|
||||
} catch (err) {
|
||||
console.log(err);
|
||||
logger.error(err, 'Right Update failed');
|
||||
res.status(500).json({ error: 'something went wrong' });
|
||||
return res.json({ otp: first_time_pass });
|
||||
}
|
||||
} catch (err) {
|
||||
console.error(err);
|
||||
logger.error(err, 'UserRights failed');
|
||||
return res.status(500).json({ error: 'Something went wrong' });
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = { login, fetchAdminDetails, getUserDetails,UserRights};
|
||||
module.exports = { login, fetchAdminDetails, getUserDetails, UserRights, getUserRights };
|
||||
|
||||
Reference in New Issue
Block a user