feat: user can change login password
feat: user can change transaction password wip : Admin feature rights -InProgress
This commit is contained in:
@@ -1,8 +1,11 @@
|
||||
const adminAuthService = require('../services/admin.auth.service');
|
||||
const authService = require('../services/auth.service');
|
||||
const { generateToken } = require('../util/jwt');
|
||||
const { logger } = require('../util/logger');
|
||||
const { hashPassword } = require('../util/hash');
|
||||
const db = require('../config/db');
|
||||
// const authenticate = require('../middlewares/auth.middleware');
|
||||
const { generateOTP } = require('../otpgenerator');
|
||||
|
||||
|
||||
async function login(req, res) {
|
||||
const { userName, password } = req.body;
|
||||
@@ -56,7 +59,65 @@ async function getUserDetails(req, res) {
|
||||
return res.json(userDetails);
|
||||
} catch (error) {
|
||||
logger.error('while fetching customer details', error);
|
||||
res.status(500).json({ error: 'invalid CIF number'});
|
||||
res.status(500).json({ error: 'invalid CIF number' });
|
||||
}
|
||||
}
|
||||
module.exports = { login, fetchAdminDetails, getUserDetails };
|
||||
async function getUserRights(req, res) {
|
||||
// const { CIF } = req.query;
|
||||
// if (!CIF) {
|
||||
// res.status(400).json({
|
||||
// error: 'CIF number is required',
|
||||
// });
|
||||
// }
|
||||
// try {
|
||||
// const userDetails = await adminAuthService.getCustomerDetails(CIF);
|
||||
// if (!userDetails)
|
||||
// return res.status(401).json({ error: 'invalid CIF number' });
|
||||
// return res.json(userDetails);
|
||||
// } catch (error) {
|
||||
// logger.error('while fetching customer details', error);
|
||||
// res.status(500).json({ error: 'invalid CIF number'});
|
||||
// }
|
||||
}
|
||||
async function UserRights(req, res) {
|
||||
const { CIF, ib_access_level, mb_access_level } = req.body;
|
||||
const first_time_pass = generateOTP(6);
|
||||
if (!CIF) {
|
||||
res.status(400).json({
|
||||
error: 'CIF number is required',
|
||||
});
|
||||
}
|
||||
const currentTime = new Date().toISOString();
|
||||
const user = await authService.findUserByCustomerNo(CIF);
|
||||
const password = await hashPassword(first_time_pass);
|
||||
if (user) {
|
||||
try {
|
||||
await db.query('UPDATE users SET customer_no = $1,password_hash=$2,updated_at=$5,ib_access_level=$3,mb_access_level=$4 WHERE customer_no = $1', [
|
||||
CIF,
|
||||
password,
|
||||
ib_access_level,
|
||||
mb_access_level,
|
||||
currentTime,
|
||||
]);
|
||||
res.json({otp:`${first_time_pass}`});
|
||||
} catch (err) {
|
||||
console.log(err);
|
||||
logger.error(err, 'Right Update failed');
|
||||
res.status(500).json({ error: 'something went wrong' });
|
||||
}
|
||||
}
|
||||
if (!user) {
|
||||
try {
|
||||
await db.query('INSERT INTO users (customer_no, password_hash,ib_access_level,mb_access_level) VALUES ($1, $2, $3, $4)',
|
||||
[CIF, password, ib_access_level, mb_access_level]
|
||||
);
|
||||
res.json({message:'User created and Rights Updated.'});
|
||||
} catch (err) {
|
||||
console.log(err);
|
||||
logger.error(err, 'Right Update failed');
|
||||
res.status(500).json({ error: 'something went wrong' });
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = { login, fetchAdminDetails, getUserDetails,UserRights};
|
||||
|
||||
Reference in New Issue
Block a user