fix: E-mandate validation api

merging changes from kangra visit

src/controllers/admin_auth.controller.js

@@ -62,7 +62,6 @@ async function getUserDetails(req, res) {
     res.status(500).json({ error: 'invalid CIF number' });
   }
 }
-
 async function getUserRights(req, res) {
   const { CIF } = req.query;
   if (!CIF) {
@@ -72,13 +71,13 @@ async function getUserRights(req, res) {
   }
   const userDetails = await adminAuthService.getCustomerDetailsFromDB(CIF);
   if (!userDetails)
-    return res.status(404).json({ error: 'invalid CIF number or No rights is present for the user.' });
+    return res.status(401).json({ error: 'invalid CIF number or No rights is present for the user.' });
   return res.json(userDetails);
 }
 
 async function UserRights(req, res) {
   try {
-    const { CIF, ib_access_level, mb_access_level, ib_limit, mb_limit } = req.body;
+    const { CIF, ib_access_level, mb_access_level } = req.body;
 
     if (!CIF) {
       return res.status(400).json({ error: 'CIF number is required' });
@@ -94,26 +93,23 @@ async function UserRights(req, res) {
       if (FirstTimeLogin && dayjs(currentTime).diff(dayjs(user.created_at), 'day') > 8) {
         // Password expired, resend
         await db.query(
-          'UPDATE users SET password_hash=$2, updated_at=$5, ib_access_level=$3, mb_access_level=$4 ,inb_limit_amount=$6,mobile_limit_amount=$7 WHERE customer_no=$1',
+          'UPDATE users SET password_hash=$2, updated_at=$5, ib_access_level=$3, mb_access_level=$4 WHERE customer_no=$1',
-          [CIF, password, ib_access_level, mb_access_level, currentTime, ib_limit, mb_limit]
+          [CIF, password, ib_access_level, mb_access_level, currentTime]
         );
-        logger.info("Admin sended the OTP");
         return res.json({ otp: first_time_pass });
       }
       // Just update access levels and timestamp
       await db.query(
-        'UPDATE users SET updated_at=$4, ib_access_level=$2, mb_access_level=$3 ,inb_limit_amount=$5,mobile_limit_amount=$6 WHERE customer_no=$1',
+        'UPDATE users SET updated_at=$4, ib_access_level=$2, mb_access_level=$3 WHERE customer_no=$1',
-        [CIF, ib_access_level, mb_access_level, currentTime, ib_limit, mb_limit]
+        [CIF, ib_access_level, mb_access_level, currentTime]
       );
-      logger.info("Admin Updated the user.");
       return res.json({ message: "User updated successfully." });
     } else {
       // User does not exist, insert
       await db.query(
-        'INSERT INTO users (customer_no, password_hash, ib_access_level, mb_access_level ,inb_limit_amount,mobile_limit_amount) VALUES ($1, $2, $3, $4 ,$5 ,$6)',
+        'INSERT INTO users (customer_no, password_hash, ib_access_level, mb_access_level) VALUES ($1, $2, $3, $4)',
-        [CIF, password, ib_access_level, mb_access_level, ib_limit, mb_limit]
+        [CIF, password, ib_access_level, mb_access_level]
       );
-      logger.info("New user enroll by admin.");
       return res.json({ otp: first_time_pass });
     }
   } catch (err) {
@@ -123,30 +119,4 @@ async function UserRights(req, res) {
   }
 }
 
-async function handleUnlockUser(req, res) {
+module.exports = { login, fetchAdminDetails, getUserDetails, UserRights, getUserRights };
-  try {
-    const { user, action } = req.body;
-    const adminUserName = req.admin;
-    if (!user) {
-      return res.status(400).json({ error: "CIF or username is required" });
-    }
-    const userDetails = await adminAuthService.getCustomerDetailsFromDB(user);
-    if (!userDetails) {
-      return res
-        .status(404)
-        .json({ error: "Invalid CIF number or username" });
-    }
-    await adminAuthService.updateUserLockStatus(user, action,adminUserName);
-    const statusText = action ? "locked" : "unlocked";
-    logger.info(`User ${user} has been successfully ${statusText}.`);
-
-    return res.json({
-      message: `User ${user} has been successfully ${statusText}.`,
-    });
-  } catch (error) {
-    console.error("Unlock user error:", error);
-    return res.status(500).json({ error: "Internal server error" });
-  }
-}
-
-module.exports = { login, fetchAdminDetails, getUserDetails, UserRights, getUserRights, handleUnlockUser };

src/controllers/otp.controller.js

@@ -117,9 +117,7 @@ async function SendOtp(req, res) {
       default:
         return res.status(400).json({ error: 'Invalid OTP type' });
     }
-    if (message.includes('OTP')) {
+
-      await setJson(`otp:${mobileNumber}`, otp, 300);
-    }
     // Call SMS API
     const response = await axios.post(
       'http://localhost:9999/api/SendtoMessage',
@@ -128,8 +126,12 @@ async function SendOtp(req, res) {
         stMessage: message,
       }
     );
+
     if (response.data) {
       // Save OTP only if it's OTP based (skip notifications without OTP)
+      if (message.includes('OTP')) {
+        await setJson(`otp:${mobileNumber}`, otp, 300);
+      }
       logger.info(`Sent OTP [${otp}] for type [${type}] to ${mobileNumber}`);
     }
     return res.status(200).json({ message: 'Message sent successfully' });
@@ -150,18 +152,15 @@ async function VerifyOtp(req, res) {
 
   try {
     const storedOtp = await getJson(`otp:${mobileNumber}`);
-    logger.info("OTP is stored");
 
     if (!storedOtp) {
-      logger.error("OTP expired or not found");
       return res.status(400).json({ error: 'OTP expired or not found' });
     }
 
     if (parseInt(otp, 10) !== parseInt(storedOtp, 10)) {
-      logger.error("Invalid OTP");
       return res.status(400).json({ error: 'Invalid OTP' });
     }
-    logger.info(`OTP verified with mobile number -${mobileNumber}`);
+
     return res.status(200).json({ message: 'OTP verified successfully' });
   } catch (err) {
     logger.error(err, 'Error verifying OTP');

src/controllers/report.controller.js

@@ -1,178 +0,0 @@
-
-const reportService = require('../services/report.service');
-const { logger } = require('../util/logger');
-
-async function active_users(req, res) {
-  const { from_date, to_date } = req.body;
-  if (!from_date || !to_date) {
-    return res.status(400).json({ error: 'from_date and to_date are required' });
-  }
-  try {
-    const users = await reportService.total_users(from_date, to_date);
-    const activeUsers = users.filter(u => u.is_first_login === false);
-    const inactiveUsers = users.filter(u => u.is_first_login === true);
-    const active_user_list = activeUsers.map(u => ({
-      customer_no: u.customer_no,
-      user_name: u.preferred_name,
-      created_at: u.created_at,
-      last_login: u.last_login,
-      status: "active"
-    }));
-    logger.info(`fetch total number of users and active users from date ${from_date} to ${to_date}`);
-    res.json({
-      total_users: users.length,
-      active_users: activeUsers.length,
-      inactive_users: inactiveUsers.length,
-      active_user_list: active_user_list
-    });
-  } catch (err) {
-    logger.error(err, 'failed to fetch data');
-    res.status(500).json({ error: 'something went wrong' });
-  }
-}
-
-async function inactive_users(req, res) {
-  const { from_date, to_date } = req.body;
-  if (!from_date || !to_date) {
-    return res.status(400).json({ error: 'from_date and to_date are required' });
-  }
-  try {
-    const users = await reportService.total_users(from_date, to_date);
-    const activeUsers = users.filter(u => u.is_first_login === false);
-    const inactiveUsers = users.filter(u => u.is_first_login === true);
-    const inactive_user_list = inactiveUsers.map(u => ({
-      customer_no: u.customer_no,
-      user_name: u.preferred_name,
-      created_at: u.created_at,
-      last_login: u.last_login,
-      status: "in-active"
-    }));
-    logger.info(`fetch total number of users and inactive users from date ${from_date} to ${to_date}`);
-    res.json({
-      total_users: users.length,
-      active_users: activeUsers.length,
-      inactive_users: inactiveUsers.length,
-      inactive_user_list: inactive_user_list
-    });
-  } catch (err) {
-    logger.error(err, 'failed to fetch data');
-    res.status(500).json({ error: 'something went wrong' });
-  }
-}
-
-async function getTransactions(req, res) {
-  const {
-    trx_type,
-    from_date,
-    to_date,
-    client,
-    amount_min,
-    amount_max,
-    customer_no
-  } = req.body;
-
-  if (!trx_type || !from_date || !to_date) {
-    return res.status(400).json({ error: 'trx_type, from_date and to_date are required' });
-  }
-
-  try {
-    const filters = {
-      trx_type,
-      from_date,
-      to_date,
-      client,
-      amount_min,
-      amount_max,
-      customer_no
-    };
-
-    const transactions = await reportService.getTransactions(filters);
-    const transactions_list = transactions.map(u => ({
-
-      customer_no: u.customer_no,
-      from_account: u.from_account,
-      to_account: u.to_account,
-      ifsc_code: u.ifsc_code,
-      amount: u.amount,
-      created_at: u.created_at,
-      trx_type: u.trx_type,
-      status: u.status,
-    }));
-
-    res.json({ count: transactions.length, transactions_list });
-
-  } catch (err) {
-    logger.error(err, 'failed to fetch transactions');
-    res.status(500).json({ error: 'something went wrong' });
-  }
-}
-
-async function getFailedTransactions(req, res) {
-  const {
-    from_date,
-    to_date,
-    customer_no
-  } = req.body;
-
-  if (!from_date || !to_date) {
-    return res.status(400).json({ error: 'from_date and to_date are required' });
-  }
-
-  try {
-    const filters = {
-      from_date,
-      to_date,
-      customer_no
-    };
-
-    const transactions = await reportService.getFailedTransactions(filters);
-    const transactions_list = transactions.map(u => ({
-
-      customer_no: u.customer_no,
-      from_account: u.from_account,
-      to_account: u.to_account,
-      ifsc_code: u.ifsc_code,
-      amount: u.amount,
-      created_at: u.created_at,
-      trx_type: u.trx_type,
-      status: u.status,
-    }));
-
-    res.json({ count: transactions.length, transactions_list });
-
-  } catch (err) {
-    logger.error(err, 'failed to fetch transactions');
-    res.status(500).json({ error: 'something went wrong' });
-  }
-}
-
-async function getDetailsOfNotLoginWithinDuration(req, res) {
-  const {
-    duration
-  } = req.body;
-
-  if (!duration) {
-    return res.status(400).json({ error: 'Duration are required' });
-  }
-
-  try {
-    const users = await reportService.getNotLogin(duration);
-    const user_list = users.map(u => ({
-
-      customer_no: u.customer_no,
-      user_name: u.preferred_name,
-      last_login: u.last_login,
-      created_at: u.created_at,
-      locked: u.locked,
-      status: u.status,
-    }));
-
-    res.json({ count: users.length, user_list });
-
-  } catch (err) {
-    logger.error(err, 'failed to fetch not logged in user details');
-    res.status(500).json({ error: 'something went wrong' });
-  }
-}
-
-module.exports = { active_users, inactive_users, getTransactions, getFailedTransactions, getDetailsOfNotLoginWithinDuration };

src/middlewares/admin.middleware.js

@@ -13,6 +13,7 @@ function checkAdmin (req,res,next){
   const token = authHeader.split(' ')[1];
   try {
     const payload = verifyToken(token);
+    // console.log("hi",payload);
     if(payload.customerNo && payload.role === 'admin'){
       req.admin = payload.customerNo;
       next();

src/middlewares/clientVerifier.middleware.js

@@ -1,9 +1,11 @@
 const { logger } = require('../util/logger');
 
 function verifyClient(req, res, next) {
+  console.log('printing headers');
+  console.log(req.headers);
   const clientHeader = req.headers['x-login-type'];
 
-  if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB' && clientHeader !== 'eMandate' && clientHeader !=='Admin')) {
+  if (!clientHeader || (clientHeader !== 'MB' && clientHeader !== 'IB' && clientHeader !== 'NPCI' && clientHeader !== 'eMandate' && clientHeader !=='Admin')) {
     logger.error(
       `Invalid or missing client header. Expected 'MB' or 'IB'. Found ${clientHeader}`
     );

src/routes/admin_auth.route.js

@@ -9,5 +9,4 @@ router.get('/admin_details', adminAuthenticate, adminAuthController.fetchAdminDe
 router.get('/fetch/customer_details',adminAuthenticate,adminAuthController.getUserDetails);
 router.post('/user/rights',adminAuthenticate,adminAuthController.UserRights);
 router.get('/user/rights',adminAuthenticate,adminAuthController.getUserRights);
-router.post('/user/unlock',adminAuthenticate,adminAuthController.handleUnlockUser);
 module.exports = router;

src/routes/atm.route.js

@@ -6,7 +6,7 @@ const router = express.Router();
 
 const atmRoute = async (req, res) => {
   try {
-    const query_str = 'SELECT * FROM atm';
+    const query_str = 'SELECT * FROM atm_details';
     const result = await db.query(query_str);
     return res.json(result.rows);
   } catch (error) {

src/routes/emandate.route.js

@@ -13,8 +13,8 @@ const emandateData = async (req, res) => {
                 headers: { 'Content-Type': 'application/json', },
             }
         );
-        logger.info("Data validate");
+        logger.info(response.data, "Data validate");
-        return response.data;
+        return res.json({data: response.data});
     } catch (error) {
         logger.error(error, 'error occured while E-Mandate validation');
         return res.status(500).json({ error: 'INTERNAL_SERVER_ERROR' });

src/routes/index.js

@@ -4,7 +4,6 @@ const adminAuthRoute = require('./admin_auth.route');
 const detailsRoute = require('./customer_details.route');
 const transactionRoute = require('./transactions.route');
 const authenticate = require('../middlewares/auth.middleware');
-const adminAuthenticate = require('../middlewares/admin.middleware');
 const transferRoute = require('./transfer.route');
 const beneficiaryRoute = require('./beneficiary.route');
 const neftRoute = require('./neft.route');
@@ -14,12 +13,7 @@ const branchRoute = require('./branch.route');
 const atmRoute = require('./atm.route');
 const { npciResponse } = require('../controllers/npci.controller');
 const otp = require('./otp.route');
-<<<<<<< HEAD
-const reports =require('./report.route');
-
-=======
 const eMandate = require('./emandate.route');
->>>>>>> 7e162e741d4d126fd029b1875bd5e4e0d3c460cf
 const router = express.Router();
 
 router.use('/auth', authRoute);
@@ -32,7 +26,6 @@ router.use('/payment/rtgs', authenticate, rtgsRoute);
 router.use('/payment/imps', authenticate, impsRoute);
 router.use('/beneficiary', authenticate, beneficiaryRoute);
 router.use('/npci/beneficiary-response', npciResponse);
-router.use('/report',adminAuthenticate,reports);
 router.use('/otp', otp);
 router.use('/e-mandate', authenticate, eMandate);
 router.use('/branch', authenticate, branchRoute);

src/routes/report.route.js

@@ -1,12 +0,0 @@
-const reportController = require('../controllers/report.controller');
-const express = require('express');
-
-const router = express.Router();
-
-router.post('/active_users', reportController.active_users);
-router.post('/in-active_users', reportController.inactive_users);
-router.post('/transaction_report', reportController.getTransactions);
-router.post('/failed_transaction_report', reportController.getFailedTransactions);
-router.post('/not_logged_in', reportController.getDetailsOfNotLoginWithinDuration);
-
-module.exports = router;

src/services/admin.auth.service.js

@@ -38,19 +38,10 @@ async function getCustomerDetails(customerNo) {
 }
 
 async function getCustomerDetailsFromDB(customerNo) {
-  const result = await db.query(
+  const result = await db.query('SELECT customer_no,created_at,last_login,is_first_login,ib_access_level,mb_access_level FROM users WHERE customer_no = $1', [
-    'SELECT customer_no,created_at,last_login,is_first_login,ib_access_level,mb_access_level,inb_limit_amount,mobile_limit_amount,locked FROM users WHERE customer_no = $1 or preferred_name= $1', [
     customerNo,
   ]);
   return result.rows[0];
 }
 
-async function updateUserLockStatus(customerNo ,locked ,adminUserName) {
+module.exports = { validateAdmin, findAdminByUserName, getCustomerDetails,getCustomerDetailsFromDB };
-  const result = await db.query(
-    'Update users set locked =$2 ,unlocked_by=$3  WHERE customer_no = $1 or preferred_name= $1', [
-    customerNo, locked ,adminUserName
-  ]);
-  return result.rows[0];
-}
-
-module.exports = { validateAdmin, findAdminByUserName, getCustomerDetails, getCustomerDetailsFromDB ,updateUserLockStatus };

src/services/report.service.js

@@ -1,106 +0,0 @@
-const db = require('../config/db');
-const { logger } = require('../util/logger');
-
-async function total_users(from_date, to_date) {
-  try {
-    const result = await db.query(
-      `SELECT * FROM users WHERE created_at BETWEEN $1 AND $2`,
-      [from_date, to_date]
-    );
-    logger.info("data fetch for users");
-    return result.rows;
-  } catch (err) {
-    logger.error(err, 'failed to fetch data');
-    res.status(500).json({ error: 'something went wrong' });
-  }
-}
-
-async function getTransactions(filters) {
-  try {
-    const { trx_type, from_date, to_date, client, amount_min, amount_max, customer_no } = filters;
-
-    let query = `SELECT * FROM transactions WHERE trx_type = $1 AND created_at >= $2 AND created_at < $3`;
-    const params = [trx_type, from_date, to_date];
-    let paramIndex = 4;
-
-    if (client) {
-      query += ` AND client = $${paramIndex++}`;
-      params.push(client);
-    }
-
-    if (amount_min && amount_max) {
-      query += ` AND amount BETWEEN $${paramIndex++} AND $${paramIndex++}`;
-      params.push(amount_min, amount_max);
-    } else if (amount_min) {
-      query += ` AND amount >= $${paramIndex++}`;
-      params.push(amount_min);
-    } else if (amount_max) {
-      query += ` AND amount <= $${paramIndex++}`;
-      params.push(amount_max);
-    }
-
-    if (customer_no) {
-      query += ` AND customer_no = $${paramIndex++}`;
-      params.push(customer_no);
-    }
-
-    query += ` ORDER BY created_at DESC`;
-
-    const result = await db.query(query, params);
-    logger.info(`Fetched ${result.rows.length} transactions`);
-    return result.rows;
-
-  } catch (err) {
-    logger.error(err, 'failed to fetch transactions');
-    throw err;
-  }
-}
-
-async function getFailedTransactions(filters) {
-  try {
-    const { from_date, to_date, customer_no } = filters;
-
-    let query = `
-      SELECT * 
-      FROM transactions 
-      WHERE created_at >= $1 
-        AND created_at < $2 
-        AND status LIKE 'FAILURE%'`;
-
-    // params should match $1, $2, etc.
-    const params = [from_date, to_date];
-    let paramIndex = params.length + 1; // start from 3
-
-    if (customer_no) {
-      query += ` AND customer_no = $${paramIndex}`;
-      params.push(customer_no);
-    }
-
-    query += ` ORDER BY created_at DESC`;
-    console.log(query);
-
-    const result = await db.query(query, params);
-    logger.info(`Fetched ${result.rows.length} failed transactions`);
-    return result.rows;
-
-  } catch (err) {
-    logger.error(err, 'Failed to fetch failed transactions');
-    throw err;
-  }
-}
-
-async function getNotLogin(duration) {
-  try {
-    const result = await db.query(
-      `SELECT * FROM users WHERE last_login <= NOW() - ($1 || ' month')::interval`,
-      [duration]
-    );
-    logger.info("data fetch for users who have not logged-in in mentioned duration");
-    return result.rows;
-  } catch (err) {
-    logger.error(err, 'failed to fetch not logged-in users data');
-    res.status(500).json({ error: 'something went wrong' });
-  }
-}
-
-module.exports = { total_users, getTransactions, getFailedTransactions, getNotLogin };