md.asif5/yume_js
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat : onboarding new CIF by giving rights through admin portal.

Browse Source 
feat : View the user rights and update in admin portal.
chore : Add some template message for OTP
This commit is contained in:
Tomosa Sarkar
2025-09-09 11:15:28 +05:30
parent 445a0f434d
commit 50c375f0ba
6 changed files with 106 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.vscode/settings.json vendored
View File

@@ -1,7 +1,9 @@
{
"cSpell.words": [
"MPIN",
"otpgenerator",
"tpassword",
"tpin"
"tpin",
"TPWORD"
]
}

85
src/controllers/admin_auth.controller.js
View File

@@ -5,7 +5,7 @@ const { logger } = require('../util/logger');
const { hashPassword } = require('../util/hash');
const db = require('../config/db');
const { generateOTP } = require('../otpgenerator');
const dayjs = require("dayjs");
async function login(req, res) {
const { userName, password } = req.body;
@@ -63,61 +63,60 @@ async function getUserDetails(req, res) {
}
}
async function getUserRights(req, res) {
// const { CIF } = req.query;
// if (!CIF) {
// res.status(400).json({
// error: 'CIF number is required',
// });
// }
// try {
// const userDetails = await adminAuthService.getCustomerDetails(CIF);
// if (!userDetails)
// return res.status(401).json({ error: 'invalid CIF number' });
// return res.json(userDetails);
// } catch (error) {
// logger.error('while fetching customer details', error);
// res.status(500).json({ error: 'invalid CIF number'});
// }
}
async function UserRights(req, res) {
const { CIF, ib_access_level, mb_access_level } = req.body;
const first_time_pass = generateOTP(6);
const { CIF } = req.query;
if (!CIF) {
res.status(400).json({
error: 'CIF number is required',
});
}
const userDetails = await adminAuthService.getCustomerDetailsFromDB(CIF);
if (!userDetails)
return res.status(401).json({ error: 'invalid CIF number or No rights is present for the user.' });
return res.json(userDetails);
}
async function UserRights(req, res) {
try {
const { CIF, ib_access_level, mb_access_level } = req.body;
if (!CIF) {
return res.status(400).json({ error: 'CIF number is required' });
}
const currentTime = new Date().toISOString();
const user = await authService.findUserByCustomerNo(CIF);
const first_time_pass = generateOTP(6);
const password = await hashPassword(first_time_pass);
if (user) {
try {
await db.query('UPDATE users SET customer_no = $1,password_hash=$2,updated_at=$5,ib_access_level=$3,mb_access_level=$4 WHERE customer_no = $1', [
CIF,
password,
ib_access_level,
mb_access_level,
currentTime,
]);
res.json({otp:`${first_time_pass}`});
} catch (err) {
console.log(err);
logger.error(err, 'Right Update failed');
res.status(500).json({ error: 'something went wrong' });
const FirstTimeLogin = await authService.CheckFirstTimeLogin(CIF);
// if user did not login within 7 days
if (FirstTimeLogin && dayjs(currentTime).diff(dayjs(user.created_at), 'day') > 8) {
// Password expired, resend
await db.query(
'UPDATE users SET password_hash=$2, updated_at=$5, ib_access_level=$3, mb_access_level=$4 WHERE customer_no=$1',
[CIF, password, ib_access_level, mb_access_level, currentTime]
);
return res.json({ otp: first_time_pass });
}
}
if (!user) {
try {
await db.query('INSERT INTO users (customer_no, password_hash,ib_access_level,mb_access_level) VALUES ($1, $2, $3, $4)',
// Just update access levels and timestamp
await db.query(
'UPDATE users SET updated_at=$4, ib_access_level=$2, mb_access_level=$3 WHERE customer_no=$1',
[CIF, ib_access_level, mb_access_level, currentTime]
);
return res.json({ message: "User updated successfully." });
} else {
// User does not exist, insert
await db.query(
'INSERT INTO users (customer_no, password_hash, ib_access_level, mb_access_level) VALUES ($1, $2, $3, $4)',
[CIF, password, ib_access_level, mb_access_level]
);
res.json({otp:`${first_time_pass}`});
} catch (err) {
console.log(err);
logger.error(err, 'Right Update failed');
res.status(500).json({ error: 'something went wrong' });
return res.json({ otp: first_time_pass });
}
} catch (err) {
console.error(err);
logger.error(err, 'UserRights failed');
return res.status(500).json({ error: 'Something went wrong' });
}
}
module.exports = { login, fetchAdminDetails, getUserDetails,UserRights};
module.exports = { login, fetchAdminDetails, getUserDetails, UserRights, getUserRights };

28
src/controllers/otp.controller.js
View File

@@ -14,22 +14,24 @@ async function SendOtp(req, res) {
}
try {
// const otp = generateOTP(6);
const otp = type === 'REGISTRATION' && userOtp ? userOtp : generateOTP(6);
let message;
let otp = null;
// Pick template based on type
switch (type) {
case 'IMPS':
otp = generateOTP(6);
message = templates.IMPS(otp);
break;
case 'NEFT':
otp = generateOTP(6);
message = templates.NEFT(otp, amount, beneficiary);
break;
case 'RTGS':
otp = generateOTP(6);
message = templates.RTGS(otp, amount, beneficiary);
break;
case 'BENEFICIARY_ADD':
otp = generateOTP(6);
message = templates.BENEFICIARY_ADD(otp, beneficiary, ifsc);
break;
case 'BENEFICIARY_SUCCESS':
@@ -39,10 +41,30 @@ async function SendOtp(req, res) {
message = templates.NOTIFICATION(acctFrom, acctTo, amount, ref, date);
break;
case 'FORGOT_PASSWORD':
otp = generateOTP(6);
message = templates.FORGOT_PASSWORD(otp);
break;
case 'CHANGE_LPWORD':
otp = generateOTP(6);
message = templates.CHANGE_LPWORD(otp);
break;
case 'CHANGE_TPIN':
otp = generateOTP(6);
message = templates.CHANGE_TPIN(otp);
break;
case 'CHANGE_TPWORD':
otp = generateOTP(6);
message = templates.CHANGE_TPWORD(otp);
break;
case 'CHANGE_MPIN':
otp = generateOTP(6);
message = templates.CHANGE_MPIN(otp);
break;
case 'REGISTRATION':
otp = userOtp ? userOtp : generateOTP(6);
message = templates.REGISTRATION(otp);
case 'RIGHT_UPDATE':
message = templates.RIGHT_UPDATE;
break;
default:
return res.status(400).json({ error: 'Invalid OTP type' });

1
src/routes/admin_auth.route.js
View File

@@ -8,4 +8,5 @@ router.post('/login', adminAuthController.login);
router.get('/admin_details', adminAuthenticate, adminAuthController.fetchAdminDetails);
router.get('/fetch/customer_details',adminAuthenticate,adminAuthController.getUserDetails);
router.post('/user/rights',adminAuthenticate,adminAuthController.UserRights);
router.get('/user/rights',adminAuthenticate,adminAuthController.getUserRights);
module.exports = router;

9
src/services/admin.auth.service.js
View File

@@ -37,4 +37,11 @@ async function getCustomerDetails(customerNo) {
}
}
module.exports = { validateAdmin, findAdminByUserName,getCustomerDetails };
async function getCustomerDetailsFromDB(customerNo) {
const result = await db.query('SELECT customer_no,created_at,last_login,is_first_login,ib_access_level,mb_access_level FROM users WHERE customer_no = $1', [
customerNo,
]);
return result.rows[0];
}
module.exports = { validateAdmin, findAdminByUserName, getCustomerDetails,getCustomerDetailsFromDB };

15
src/util/sms_template.js
View File

@@ -19,8 +19,23 @@ const templates = {
FORGOT_PASSWORD: (otp) =>
`Dear Customer, Forgot Password OTP is ${otp} -KCCB`,
CHANGE_LPWORD: (otp) =>
`Dear Customer, Change Login Password OTP is ${otp} -KCCB`,
CHANGE_TPIN: (otp) =>
`Dear Customer, Change Transaction pin OTP is ${otp} -KCCB`,
CHANGE_TPWORD: (otp) =>
`Dear Customer, Change Transaction password OTP is ${otp} -KCCB`,
CHANGE_MPIN: (otp) =>
`Dear Customer, Change M-PIN OTP is ${otp} -KCCB`,
REGISTRATION: (otp) =>
`Dear Customer, Your CIF is enable.First time login password: ${otp} (valid for 7 days).Please login and change your password -KCCB`,
RIGHT_UPDATE:
`Dear Customer, Your CIF rights have been updated. Please log in again to access the features. -KCCB`,
};
module.exports = templates;