diff --git a/src/controllers/admin_auth.controller.js b/src/controllers/admin_auth.controller.js index 58250ec..dbcbb8a 100644 --- a/src/controllers/admin_auth.controller.js +++ b/src/controllers/admin_auth.controller.js @@ -111,7 +111,7 @@ async function UserRights(req, res) { await db.query('INSERT INTO users (customer_no, password_hash,ib_access_level,mb_access_level) VALUES ($1, $2, $3, $4)', [CIF, password, ib_access_level, mb_access_level] ); - res.json({message:'User created and Rights Updated.'}); + res.json({otp:`${first_time_pass}`}); } catch (err) { console.log(err); logger.error(err, 'Right Update failed'); diff --git a/src/controllers/auth.controller.js b/src/controllers/auth.controller.js index cbd9b9b..53aa2d3 100644 --- a/src/controllers/auth.controller.js +++ b/src/controllers/auth.controller.js @@ -2,7 +2,7 @@ const authService = require('../services/auth.service'); const { generateToken } = require('../util/jwt'); const { logger } = require('../util/logger'); const db = require('../config/db'); -const dayjs =require("dayjs"); +const dayjs = require("dayjs"); const { comparePassword } = require('../util/hash'); async function login(req, res) { @@ -18,17 +18,22 @@ async function login(req, res) { const user = await authService.validateUser(customerNo, password); if (!user || !password) return res.status(401).json({ error: 'invalid credentials' }); - const token = generateToken(user.customer_no, '1d'); const FirstTimeLogin = await authService.CheckFirstTimeLogin(customerNo); // For registration : if try to login first time after 7 days. - if(FirstTimeLogin && dayjs(user.created_at).diff(currentTime,"day") > 8) + if (FirstTimeLogin && dayjs(user.created_at).diff(currentTime, "day") > 8) return res.status(401).json({ error: 'Password Expired.Please Contact with Administrator' }); + + const token = generateToken(user.customer_no, '1d'); const loginPswExpiry = user.password_hash_expiry; + const rights = { + ibAccess: user.ib_access_level, + mbAccess: user.mb_access_level, + }; await db.query('UPDATE users SET last_login = $1 WHERE customer_no = $2', [ currentTime, customerNo, ]); - res.json({ token, FirstTimeLogin, loginPswExpiry }); + res.json({ token, FirstTimeLogin, loginPswExpiry, rights }); } catch (err) { logger.error(err, 'login failed'); res.status(500).json({ error: 'something went wrong' }); @@ -109,20 +114,20 @@ async function setTransactionPassword(req, res) { } } -async function changeLoginPassword(req,res){ +async function changeLoginPassword(req, res) { const customerNo = req.user; try { const user = await authService.findUserByCustomerNo(customerNo); if (!user) return res.status(404).json({ error: 'USER_NOT_FOUND' }); - const { OldLPsw ,newLPsw ,confirmLPsw } = req.body; + const { OldLPsw, newLPsw, confirmLPsw } = req.body; const isMatch = await comparePassword(OldLPsw, user.password_hash); - if(!isMatch) - return res.status(500).json({error: 'Please Enter Correct Old Login Password'}); - if(newLPsw !== confirmLPsw) - return res.status(500).json ({error: 'New Password and Confirm Password not Match'}) + if (!isMatch) + return res.status(500).json({ error: 'Please Enter Correct Old Login Password' }); + if (newLPsw !== confirmLPsw) + return res.status(500).json({ error: 'New Password and Confirm Password not Match' }) const isMatchWithOldPassword = await comparePassword(newLPsw, user.password_hash); - if(isMatchWithOldPassword) - return res.status(500).json ({error: 'New Password will be different from Previous Password'}) + if (isMatchWithOldPassword) + return res.status(500).json({ error: 'New Password will be different from Previous Password' }) authService.changeLoginPassword(customerNo, newLPsw); return res.json({ message: 'New Login Password changed successfully' }); } catch (error) { @@ -131,20 +136,20 @@ async function changeLoginPassword(req,res){ } } -async function changeTransPassword(req,res){ +async function changeTransPassword(req, res) { const customerNo = req.user; try { const user = await authService.findUserByCustomerNo(customerNo); if (!user) return res.status(404).json({ error: 'USER_NOT_FOUND' }); - const { OldTPsw ,newTPsw ,confirmTPsw } = req.body; + const { OldTPsw, newTPsw, confirmTPsw } = req.body; const isMatch = await comparePassword(OldTPsw, user.transaction_password); - if(!isMatch) - return res.status(500).json({error: 'Please Enter Correct Old Transaction Password'}); - if(newTPsw !== confirmTPsw) - return res.status(500).json ({error: 'New Transaction Password and Confirm Transaction Password not Match'}) + if (!isMatch) + return res.status(500).json({ error: 'Please Enter Correct Old Transaction Password' }); + if (newTPsw !== confirmTPsw) + return res.status(500).json({ error: 'New Transaction Password and Confirm Transaction Password not Match' }) const isMatchWithOldPassword = await comparePassword(newTPsw, user.transaction_password); - if(isMatchWithOldPassword) - return res.status(500).json ({error: 'New Transaction Password will be different from Previous Transaction Password'}) + if (isMatchWithOldPassword) + return res.status(500).json({ error: 'New Transaction Password will be different from Previous Transaction Password' }) authService.changeTransPassword(customerNo, newTPsw); return res.json({ message: 'New Transaction Password changed successfully' }); } catch (error) { diff --git a/src/controllers/otp.controller.js b/src/controllers/otp.controller.js index 6536686..2254d5a 100644 --- a/src/controllers/otp.controller.js +++ b/src/controllers/otp.controller.js @@ -7,14 +7,15 @@ const templates = require('../util/sms_template'); // Send OTP async function SendOtp(req, res) { - const { mobileNumber, type, amount, beneficiary, ifsc, acctFrom, acctTo, ref, date } = req.body; + const { mobileNumber, type, amount, beneficiary, ifsc, acctFrom, acctTo, ref, date,userOtp } = req.body; if (!mobileNumber || !type) { return res.status(400).json({ error: 'Mobile number and type are required' }); } try { - const otp = generateOTP(6); + // const otp = generateOTP(6); + const otp = type === 'REGISTRATION' && userOtp ? userOtp : generateOTP(6); let message; // Pick template based on type