update: auth
This commit is contained in:
@@ -1,23 +1,15 @@
|
||||
const AuthService = require('../services/auth.service');
|
||||
const { registerSchema, loginSchema } = require('../validate/auth.schema')
|
||||
const { setResponse } = require('../helpers/utils');
|
||||
const { registerSchema, loginSchema } = require('../validate/auth.schema');
|
||||
const { setResponse, checkValidate } = require('../helpers/utils');
|
||||
const { createCaptcha } = require('../utils/captcha');
|
||||
|
||||
class AuthController {
|
||||
|
||||
// Registration
|
||||
// Register
|
||||
static async register(req, res) {
|
||||
try {
|
||||
const { error, value } = registerSchema.validate(req.body, { abortEarly: false });
|
||||
const { error, value } = await checkValidate(registerSchema, req);
|
||||
|
||||
if (error) {
|
||||
const errors = error.details.reduce((acc, cur) => {
|
||||
const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
|
||||
if (!acc[field]) acc[field] = [];
|
||||
acc[field].push(cur.message);
|
||||
return acc;
|
||||
}, {});
|
||||
return res.status(400).json(setResponse(errors, 'Validation failed', 400));
|
||||
return res.status(400).json(setResponse(error, 'Validation failed', 400));
|
||||
}
|
||||
|
||||
if (value.phone && value.phone.startsWith('0')) {
|
||||
@@ -34,41 +26,25 @@ class AuthController {
|
||||
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
|
||||
});
|
||||
|
||||
return res.status(201).json(
|
||||
setResponse(
|
||||
const response = await setResponse(
|
||||
{
|
||||
user: { ...user, approved: false },
|
||||
accessToken: tokens.accessToken
|
||||
},
|
||||
'User registered successfully. Waiting for admin approval.',
|
||||
201
|
||||
)
|
||||
);
|
||||
} catch (err) {
|
||||
return res.status(err.statusCode || 500).json(
|
||||
setResponse([], err.message || 'Register failed', err.statusCode || 500)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// Captcha
|
||||
static async generateCaptcha(req, res) {
|
||||
try {
|
||||
const { svg, text } = createCaptcha();
|
||||
|
||||
res.setHeader('X-Captcha-Text', text);
|
||||
|
||||
return res.status(200).json({ data: { svg, text } });
|
||||
} catch (err) {
|
||||
return res.status(500).json(setResponse([], 'Captcha failed', 500));
|
||||
}
|
||||
return res.status(response.statusCode).json(response);
|
||||
}
|
||||
|
||||
// Login
|
||||
static async login(req, res) {
|
||||
try {
|
||||
const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
|
||||
if (error) return res.status(400).json(setResponse([], 'Validation failed', 400));
|
||||
const { error, value } = await checkValidate(loginSchema, req);
|
||||
|
||||
if (error) {
|
||||
return res.status(400).json(setResponse(error, 'Validation failed', 400));
|
||||
}
|
||||
|
||||
const { identifier, password, captcha, captchaText } = value;
|
||||
|
||||
@@ -86,54 +62,53 @@ class AuthController {
|
||||
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
|
||||
});
|
||||
|
||||
return res.status(200).json(
|
||||
setResponse(
|
||||
const response = await setResponse(
|
||||
{
|
||||
user: { ...user, approved: true },
|
||||
accessToken: tokens.accessToken
|
||||
},
|
||||
'Login successful',
|
||||
200
|
||||
)
|
||||
);
|
||||
} catch (err) {
|
||||
return res.status(err.statusCode || 500).json(
|
||||
setResponse([], err.message || 'Login failed', err.statusCode || 500)
|
||||
);
|
||||
}
|
||||
|
||||
return res.status(response.statusCode).json(response);
|
||||
}
|
||||
|
||||
// Refresh Token
|
||||
static async refreshToken(req, res) {
|
||||
try {
|
||||
const refreshToken = req.cookies?.refreshToken;
|
||||
|
||||
if (!refreshToken) {
|
||||
return res.status(401).json(setResponse(null, 'Refresh token is required', 401));
|
||||
}
|
||||
|
||||
const result = await AuthService.refreshToken(refreshToken);
|
||||
const response = await setResponse(result, 'Token refreshed successfully', 200);
|
||||
|
||||
return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200));
|
||||
} catch (err) {
|
||||
const status = err.statusCode && err.statusCode < 500 ? err.statusCode : 401;
|
||||
return res.status(status).json(
|
||||
setResponse(null, err.message || 'Refresh token invalid', status)
|
||||
);
|
||||
}
|
||||
return res.status(response.statusCode).json(response);
|
||||
}
|
||||
|
||||
// Logout
|
||||
static async logout(req, res) {
|
||||
try {
|
||||
res.clearCookie('refreshToken', {
|
||||
httpOnly: true,
|
||||
sameSite: 'none',
|
||||
secure: true
|
||||
});
|
||||
return res.status(200).json(setResponse(null, 'Logged out successfully', 200));
|
||||
} catch (err) {
|
||||
return res.status(500).json(setResponse(null, 'Logout failed', 500));
|
||||
|
||||
const response = await setResponse(null, 'Logged out successfully', 200);
|
||||
return res.status(response.statusCode).json(response);
|
||||
}
|
||||
|
||||
// Captcha
|
||||
static async generateCaptcha(req, res) {
|
||||
const { svg, text } = createCaptcha();
|
||||
|
||||
// munculkan di header untuk keperluan dev
|
||||
res.setHeader('X-Captcha-Text', text);
|
||||
|
||||
const response = await setResponse({ svg, text }, 'Captcha generated', 200);
|
||||
return res.status(response.statusCode).json(response);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -8,9 +8,9 @@ const { ErrorHandler } = require('../helpers/error');
|
||||
const JWTService = require('../utils/jwt');
|
||||
|
||||
class AuthService {
|
||||
|
||||
// Register
|
||||
static async register({ fullname, name, email, phone, password }) {
|
||||
try {
|
||||
const existingUser = await getUserByUserEmailDb(email);
|
||||
if (existingUser) {
|
||||
throw new ErrorHandler(400, 'Email already registered');
|
||||
@@ -40,14 +40,17 @@ class AuthService {
|
||||
user_phone: phone
|
||||
};
|
||||
|
||||
// generate token pair
|
||||
const tokens = JWTService.generateTokenPair(newUser);
|
||||
|
||||
return { user: newUser, tokens };
|
||||
} catch (error) {
|
||||
throw new ErrorHandler(error.statusCode, error.message);
|
||||
}
|
||||
}
|
||||
|
||||
// Login
|
||||
static async login({ identifier, password }) {
|
||||
try {
|
||||
let user;
|
||||
|
||||
if (identifier.includes('@')) {
|
||||
@@ -57,7 +60,7 @@ class AuthService {
|
||||
}
|
||||
|
||||
if (!user) {
|
||||
throw new ErrorHandler(401, 'Invalid credentials')
|
||||
throw new ErrorHandler(401, 'Invalid credentials');
|
||||
}
|
||||
|
||||
const passwordMatch = await comparePassword(password, user.user_password);
|
||||
@@ -85,18 +88,27 @@ class AuthService {
|
||||
};
|
||||
|
||||
const tokens = JWTService.generateTokenPair(payload);
|
||||
|
||||
return { user: payload, tokens };
|
||||
} catch (error) {
|
||||
throw new ErrorHandler(error.statusCode, error.message);
|
||||
}
|
||||
}
|
||||
|
||||
// Refresh Token
|
||||
static async refreshToken(refreshToken) {
|
||||
if (!refreshToken) throw new ErrorHandler(401, 'Refresh token is required');
|
||||
try {
|
||||
if (!refreshToken) {
|
||||
throw new ErrorHandler(401, 'Refresh token is required');
|
||||
}
|
||||
|
||||
let decoded;
|
||||
try {
|
||||
decoded = JWTService.verifyRefreshToken(refreshToken);
|
||||
} catch (err) {
|
||||
if (err.message.includes('expired')) throw new ErrorHandler(401, 'Refresh token expired');
|
||||
if (err.message.includes('expired')) {
|
||||
throw new ErrorHandler(401, 'Refresh token expired');
|
||||
}
|
||||
throw new ErrorHandler(401, 'Invalid refresh token');
|
||||
}
|
||||
|
||||
@@ -118,6 +130,9 @@ class AuthService {
|
||||
tokenType: 'Bearer',
|
||||
expiresIn: 900
|
||||
};
|
||||
} catch (error) {
|
||||
throw new ErrorHandler(error.statusCode, error.message);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user