yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update: auth

Browse Source
This commit is contained in:
Antony Kurniawan
2025-10-10 14:24:41 +07:00
parent 36a2609512
commit 62823524bc
2 changed files with 198 additions and 208 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
controllers/auth.controller.js
View File

@@ -1,23 +1,15 @@
const AuthService = require('../services/auth.service'); const AuthService = require('../services/auth.service');
const { registerSchema, loginSchema } = require('../validate/auth.schema') const { registerSchema, loginSchema } = require('../validate/auth.schema');
const { setResponse } = require('../helpers/utils'); const { setResponse, checkValidate } = require('../helpers/utils');
const { createCaptcha } = require('../utils/captcha'); const { createCaptcha } = require('../utils/captcha');
class AuthController { class AuthController {
// Register
// Registration
static async register(req, res) { static async register(req, res) {
try { const { error, value } = await checkValidate(registerSchema, req);
const { error, value } = registerSchema.validate(req.body, { abortEarly: false });
if (error) { if (error) {
const errors = error.details.reduce((acc, cur) => { return res.status(400).json(setResponse(error, 'Validation failed', 400));
const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
if (!acc[field]) acc[field] = [];
acc[field].push(cur.message);
return acc;
}, {});
return res.status(400).json(setResponse(errors, 'Validation failed', 400));
} }
if (value.phone && value.phone.startsWith('0')) { if (value.phone && value.phone.startsWith('0')) {
@@ -34,41 +26,25 @@ class AuthController {
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
}); });
return res.status(201).json( const response = await setResponse(
setResponse(
{ {
user: { ...user, approved: false }, user: { ...user, approved: false },
accessToken: tokens.accessToken accessToken: tokens.accessToken
}, },
'User registered successfully. Waiting for admin approval.', 'User registered successfully. Waiting for admin approval.',
201 201
)
); );
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Register failed', err.statusCode || 500)
);
}
}
// Captcha return res.status(response.statusCode).json(response);
static async generateCaptcha(req, res) {
try {
const { svg, text } = createCaptcha();
res.setHeader('X-Captcha-Text', text);
return res.status(200).json({ data: { svg, text } });
} catch (err) {
return res.status(500).json(setResponse([], 'Captcha failed', 500));
}
} }
// Login // Login
static async login(req, res) { static async login(req, res) {
try { const { error, value } = await checkValidate(loginSchema, req);
const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
if (error) return res.status(400).json(setResponse([], 'Validation failed', 400)); if (error) {
return res.status(400).json(setResponse(error, 'Validation failed', 400));
}
const { identifier, password, captcha, captchaText } = value; const { identifier, password, captcha, captchaText } = value;
@@ -86,54 +62,53 @@ class AuthController {
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
}); });
return res.status(200).json( const response = await setResponse(
setResponse(
{ {
user: { ...user, approved: true }, user: { ...user, approved: true },
accessToken: tokens.accessToken accessToken: tokens.accessToken
}, },
'Login successful', 'Login successful',
200 200
)
); );
} catch (err) {
return res.status(err.statusCode || 500).json( return res.status(response.statusCode).json(response);
setResponse([], err.message || 'Login failed', err.statusCode || 500)
);
}
} }
// Refresh Token // Refresh Token
static async refreshToken(req, res) { static async refreshToken(req, res) {
try {
const refreshToken = req.cookies?.refreshToken; const refreshToken = req.cookies?.refreshToken;
if (!refreshToken) { if (!refreshToken) {
return res.status(401).json(setResponse(null, 'Refresh token is required', 401)); return res.status(401).json(setResponse(null, 'Refresh token is required', 401));
} }
const result = await AuthService.refreshToken(refreshToken); const result = await AuthService.refreshToken(refreshToken);
const response = await setResponse(result, 'Token refreshed successfully', 200);
return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200)); return res.status(response.statusCode).json(response);
} catch (err) {
const status = err.statusCode && err.statusCode < 500 ? err.statusCode : 401;
return res.status(status).json(
setResponse(null, err.message || 'Refresh token invalid', status)
);
}
} }
// Logout // Logout
static async logout(req, res) { static async logout(req, res) {
try {
res.clearCookie('refreshToken', { res.clearCookie('refreshToken', {
httpOnly: true, httpOnly: true,
sameSite: 'none', sameSite: 'none',
secure: true secure: true
}); });
return res.status(200).json(setResponse(null, 'Logged out successfully', 200));
} catch (err) { const response = await setResponse(null, 'Logged out successfully', 200);
return res.status(500).json(setResponse(null, 'Logout failed', 500)); return res.status(response.statusCode).json(response);
} }
// Captcha
static async generateCaptcha(req, res) {
const { svg, text } = createCaptcha();
// munculkan di header untuk keperluan dev
res.setHeader('X-Captcha-Text', text);
const response = await setResponse({ svg, text }, 'Captcha generated', 200);
return res.status(response.statusCode).json(response);
} }
} }

25
services/auth.service.js
View File

@@ -8,9 +8,9 @@ const { ErrorHandler } = require('../helpers/error');
const JWTService = require('../utils/jwt'); const JWTService = require('../utils/jwt');
class AuthService { class AuthService {
// Register // Register
static async register({ fullname, name, email, phone, password }) { static async register({ fullname, name, email, phone, password }) {
try {
const existingUser = await getUserByUserEmailDb(email); const existingUser = await getUserByUserEmailDb(email);
if (existingUser) { if (existingUser) {
throw new ErrorHandler(400, 'Email already registered'); throw new ErrorHandler(400, 'Email already registered');
@@ -40,14 +40,17 @@ class AuthService {
user_phone: phone user_phone: phone
}; };
// generate token pair
const tokens = JWTService.generateTokenPair(newUser); const tokens = JWTService.generateTokenPair(newUser);
return { user: newUser, tokens }; return { user: newUser, tokens };
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
}
} }
// Login // Login
static async login({ identifier, password }) { static async login({ identifier, password }) {
try {
let user; let user;
if (identifier.includes('@')) { if (identifier.includes('@')) {
@@ -57,7 +60,7 @@ class AuthService {
} }
if (!user) { if (!user) {
throw new ErrorHandler(401, 'Invalid credentials') throw new ErrorHandler(401, 'Invalid credentials');
} }
const passwordMatch = await comparePassword(password, user.user_password); const passwordMatch = await comparePassword(password, user.user_password);
@@ -85,18 +88,27 @@ class AuthService {
}; };
const tokens = JWTService.generateTokenPair(payload); const tokens = JWTService.generateTokenPair(payload);
return { user: payload, tokens }; return { user: payload, tokens };
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
}
} }
// Refresh Token // Refresh Token
static async refreshToken(refreshToken) { static async refreshToken(refreshToken) {
if (!refreshToken) throw new ErrorHandler(401, 'Refresh token is required'); try {
if (!refreshToken) {
throw new ErrorHandler(401, 'Refresh token is required');
}
let decoded; let decoded;
try { try {
decoded = JWTService.verifyRefreshToken(refreshToken); decoded = JWTService.verifyRefreshToken(refreshToken);
} catch (err) { } catch (err) {
if (err.message.includes('expired')) throw new ErrorHandler(401, 'Refresh token expired'); if (err.message.includes('expired')) {
throw new ErrorHandler(401, 'Refresh token expired');
}
throw new ErrorHandler(401, 'Invalid refresh token'); throw new ErrorHandler(401, 'Invalid refresh token');
} }
@@ -118,6 +130,9 @@ class AuthService {
tokenType: 'Bearer', tokenType: 'Bearer',
expiresIn: 900 expiresIn: 900
}; };
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
}
} }
} }