yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update: auth

Browse Source
This commit is contained in:
Antony Kurniawan
2025-10-10 14:24:41 +07:00
parent 36a2609512
commit 62823524bc
2 changed files with 198 additions and 208 deletions
Download Patch File Download Diff File Expand all files Collapse all files

197
controllers/auth.controller.js
View File

@@ -1,139 +1,114 @@
const AuthService = require('../services/auth.service'); const AuthService = require('../services/auth.service');
const { registerSchema, loginSchema } = require('../validate/auth.schema') const { registerSchema, loginSchema } = require('../validate/auth.schema');
const { setResponse } = require('../helpers/utils'); const { setResponse, checkValidate } = require('../helpers/utils');
const { createCaptcha } = require('../utils/captcha'); const { createCaptcha } = require('../utils/captcha');
class AuthController { class AuthController {
// Register
// Registration
static async register(req, res) { static async register(req, res) {
try { const { error, value } = await checkValidate(registerSchema, req);
const { error, value } = registerSchema.validate(req.body, { abortEarly: false });
if (error) { if (error) {
const errors = error.details.reduce((acc, cur) => { return res.status(400).json(setResponse(error, 'Validation failed', 400));
const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
if (!acc[field]) acc[field] = [];
acc[field].push(cur.message);
return acc;
}, {});
return res.status(400).json(setResponse(errors, 'Validation failed', 400));
}
if (value.phone && value.phone.startsWith('0')) {
value.phone = '+62' + value.phone.slice(1);
}
const { user, tokens } = await AuthService.register(value);
// Set refresh token di cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, // masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
return res.status(201).json(
setResponse(
{
user: { ...user, approved: false },
accessToken: tokens.accessToken
},
'User registered successfully. Waiting for admin approval.',
201
)
);
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Register failed', err.statusCode || 500)
);
} }
}
// Captcha if (value.phone && value.phone.startsWith('0')) {
static async generateCaptcha(req, res) { value.phone = '+62' + value.phone.slice(1);
try {
const { svg, text } = createCaptcha();
res.setHeader('X-Captcha-Text', text);
return res.status(200).json({ data: { svg, text } });
} catch (err) {
return res.status(500).json(setResponse([], 'Captcha failed', 500));
} }
const { user, tokens } = await AuthService.register(value);
// Set refresh token di cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, // masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
const response = await setResponse(
{
user: { ...user, approved: false },
accessToken: tokens.accessToken
},
'User registered successfully. Waiting for admin approval.',
201
);
return res.status(response.statusCode).json(response);
} }
// Login // Login
static async login(req, res) { static async login(req, res) {
try { const { error, value } = await checkValidate(loginSchema, req);
const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
if (error) return res.status(400).json(setResponse([], 'Validation failed', 400));
const { identifier, password, captcha, captchaText } = value; if (error) {
return res.status(400).json(setResponse(error, 'Validation failed', 400));
if (!captcha || captcha.toLowerCase() !== captchaText.toLowerCase()) {
return res.status(400).json(setResponse([], 'Invalid captcha', 400));
}
const { user, tokens } = await AuthService.login({ identifier, password });
// Set refresh token di cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, // masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
return res.status(200).json(
setResponse(
{
user: { ...user, approved: true },
accessToken: tokens.accessToken
},
'Login successful',
200
)
);
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Login failed', err.statusCode || 500)
);
} }
const { identifier, password, captcha, captchaText } = value;
if (!captcha || captcha.toLowerCase() !== captchaText.toLowerCase()) {
return res.status(400).json(setResponse([], 'Invalid captcha', 400));
}
const { user, tokens } = await AuthService.login({ identifier, password });
// Set refresh token di cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, // masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
const response = await setResponse(
{
user: { ...user, approved: true },
accessToken: tokens.accessToken
},
'Login successful',
200
);
return res.status(response.statusCode).json(response);
} }
// Refresh Token // Refresh Token
static async refreshToken(req, res) { static async refreshToken(req, res) {
try { const refreshToken = req.cookies?.refreshToken;
const refreshToken = req.cookies?.refreshToken;
if (!refreshToken) {
return res.status(401).json(setResponse(null, 'Refresh token is required', 401));
}
const result = await AuthService.refreshToken(refreshToken); if (!refreshToken) {
return res.status(401).json(setResponse(null, 'Refresh token is required', 401));
return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200));
} catch (err) {
const status = err.statusCode && err.statusCode < 500 ? err.statusCode : 401;
return res.status(status).json(
setResponse(null, err.message || 'Refresh token invalid', status)
);
} }
const result = await AuthService.refreshToken(refreshToken);
const response = await setResponse(result, 'Token refreshed successfully', 200);
return res.status(response.statusCode).json(response);
} }
// Logout // Logout
static async logout(req, res) { static async logout(req, res) {
try { res.clearCookie('refreshToken', {
res.clearCookie('refreshToken', { httpOnly: true,
httpOnly: true, sameSite: 'none',
sameSite: 'none', secure: true
secure: true });
});
return res.status(200).json(setResponse(null, 'Logged out successfully', 200)); const response = await setResponse(null, 'Logged out successfully', 200);
} catch (err) { return res.status(response.statusCode).json(response);
return res.status(500).json(setResponse(null, 'Logout failed', 500)); }
}
// Captcha
static async generateCaptcha(req, res) {
const { svg, text } = createCaptcha();
// munculkan di header untuk keperluan dev
res.setHeader('X-Captcha-Text', text);
const response = await setResponse({ svg, text }, 'Captcha generated', 200);
return res.status(response.statusCode).json(response);
} }
} }

209
services/auth.service.js
View File

@@ -1,5 +1,5 @@
const { const {
getUserByUserEmailDb, getUserByUserEmailDb,
createUserDb, createUserDb,
getUserByUsernameDb getUserByUsernameDb
} = require('../db/user.db'); } = require('../db/user.db');
@@ -8,116 +8,131 @@ const { ErrorHandler } = require('../helpers/error');
const JWTService = require('../utils/jwt'); const JWTService = require('../utils/jwt');
class AuthService { class AuthService {
// Register // Register
static async register({ fullname, name, email, phone, password }) { static async register({ fullname, name, email, phone, password }) {
const existingUser = await getUserByUserEmailDb(email); try {
if (existingUser) { const existingUser = await getUserByUserEmailDb(email);
throw new ErrorHandler(400, 'Email already registered'); if (existingUser) {
throw new ErrorHandler(400, 'Email already registered');
}
const hashedPassword = await hashPassword(password);
const userId = await createUserDb({
user_fullname: fullname,
user_name: name,
user_email: email,
user_phone: phone,
user_password: hashedPassword,
role_id: null,
is_sa: 0,
is_active: 1,
is_approve: 0,
approved_by: null,
approved_at: null
});
const newUser = {
user_id: userId,
user_fullname: fullname,
user_name: name,
user_email: email,
user_phone: phone
};
const tokens = JWTService.generateTokenPair(newUser);
return { user: newUser, tokens };
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
} }
const hashedPassword = await hashPassword(password);
const userId = await createUserDb({
user_fullname: fullname,
user_name: name,
user_email: email,
user_phone: phone,
user_password: hashedPassword,
role_id: null,
is_sa: 0,
is_active: 1,
is_approve: 0,
approved_by: null,
approved_at: null
});
const newUser = {
user_id: userId,
user_fullname: fullname,
user_name: name,
user_email: email,
user_phone: phone
};
// generate token pair
const tokens = JWTService.generateTokenPair(newUser);
return { user: newUser, tokens };
} }
// Login // Login
static async login({ identifier, password }) { static async login({ identifier, password }) {
let user; try {
let user;
if (identifier.includes('@')) { if (identifier.includes('@')) {
user = await getUserByUserEmailDb(identifier); user = await getUserByUserEmailDb(identifier);
} else { } else {
user = await getUserByUsernameDb(identifier); user = await getUserByUsernameDb(identifier);
}
if (!user) {
throw new ErrorHandler(401, 'Invalid credentials');
}
const passwordMatch = await comparePassword(password, user.user_password);
if (!passwordMatch) {
throw new ErrorHandler(401, 'Invalid credentials');
}
if (!user.is_active) {
throw new ErrorHandler(403, 'User is inactive');
}
if (!user.is_approve) {
throw new ErrorHandler(403, 'Your account has not been approved by admin yet.');
}
const payload = {
user_id: user.user_id,
user_fullname: user.user_fullname,
user_name: user.user_name,
user_email: user.user_email,
user_phone: user.user_phone,
role_id: user.role_id,
role_name: user.role_name,
is_sa: user.is_sa
};
const tokens = JWTService.generateTokenPair(payload);
return { user: payload, tokens };
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
} }
if (!user) {
throw new ErrorHandler(401, 'Invalid credentials')
}
const passwordMatch = await comparePassword(password, user.user_password);
if (!passwordMatch) {
throw new ErrorHandler(401, 'Invalid credentials');
}
if (!user.is_active) {
throw new ErrorHandler(403, 'User is inactive');
}
if (!user.is_approve) {
throw new ErrorHandler(403, 'Your account has not been approved by admin yet.');
}
const payload = {
user_id: user.user_id,
user_fullname: user.user_fullname,
user_name: user.user_name,
user_email: user.user_email,
user_phone: user.user_phone,
role_id: user.role_id,
role_name: user.role_name,
is_sa: user.is_sa
};
const tokens = JWTService.generateTokenPair(payload);
return { user: payload, tokens };
} }
// Refresh Token // Refresh Token
static async refreshToken(refreshToken) { static async refreshToken(refreshToken) {
if (!refreshToken) throw new ErrorHandler(401, 'Refresh token is required');
let decoded;
try { try {
decoded = JWTService.verifyRefreshToken(refreshToken); if (!refreshToken) {
} catch (err) { throw new ErrorHandler(401, 'Refresh token is required');
if (err.message.includes('expired')) throw new ErrorHandler(401, 'Refresh token expired'); }
throw new ErrorHandler(401, 'Invalid refresh token');
let decoded;
try {
decoded = JWTService.verifyRefreshToken(refreshToken);
} catch (err) {
if (err.message.includes('expired')) {
throw new ErrorHandler(401, 'Refresh token expired');
}
throw new ErrorHandler(401, 'Invalid refresh token');
}
const payload = {
user_id: decoded.user_id,
user_fullname: decoded.user_fullname,
user_name: decoded.user_name,
user_email: decoded.user_email,
user_phone: decoded.user_phone,
role_id: decoded.role_id,
role_name: decoded.role_name,
is_sa: decoded.is_sa
};
const accessToken = JWTService.generateAccessToken(payload);
return {
accessToken,
tokenType: 'Bearer',
expiresIn: 900
};
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
} }
const payload = {
user_id: decoded.user_id,
user_fullname: decoded.user_fullname,
user_name: decoded.user_name,
user_email: decoded.user_email,
user_phone: decoded.user_phone,
role_id: decoded.role_id,
role_name: decoded.role_name,
is_sa: decoded.is_sa
};
const accessToken = JWTService.generateAccessToken(payload);
return {
accessToken,
tokenType: 'Bearer',
expiresIn: 900
};
} }
} }