update: routes

2025-09-26 11:06:04 +07:00
parent 7b2509ffa1
commit c0aca9ea87
5 changed files with 187 additions and 75 deletions
--- a/services/auth.service.js
+++ b/services/auth.service.js
@@ -1,77 +1,101 @@
-const bcrypt = require("bcrypt");
-const jwt = require("jsonwebtoken");
-const validateUser = require("../helpers/validateUser");
-const { ErrorHandler } = require("../helpers/error");
-const {
-  getUserByUsernameDb
-} = require("../db/user.db");
-const { logger } = require("../utils/logger");
+const { 
+  getUserByUserEmailDb, 
+  createUserDb 
+} = require('../db/user.db');
+const JWTService = require('../utils/jwt');
+const { hashPassword, comparePassword } = require('../helpers/hashPassword');
+const { ErrorHandler } = require('../helpers/error');

 class AuthService {

-  async login(username, password, tenantId) {
-    try {
-      // if (!validateUser(username, password)) {
-      //   throw new ErrorHandler(403, "Invalid login");
-      // }
-
-      const user = await getUserByUsernameDb(username, tenantId);
-      console.log(user);
-      
-      if (!user) {
-        throw new ErrorHandler(403, "Username not found.");
-      }
-
-      const isCorrectPassword = password === user.password
-      if (!isCorrectPassword) {
-        throw new ErrorHandler(403, "Username or password incorrect.");
-      }
-
-      const dataToken = {
-        tenant_id: tenantId,
-        user_id: user.user_id,
-        username,
-        fullname: user.full_name,
-        role_id: user.role_id
-      }
-
-      const token = await this.signToken(dataToken);
-      const refreshToken = await this.signRefreshToken(dataToken);
-
-      return {
-        token,
-        refreshToken,
-        role_id: dataToken.role_id,
-        tenant_id: tenantId,
-        user: {
-          user_id: dataToken.user_id,
-          fullname: dataToken.fullname,
-          username: dataToken.username,
-        },
-      };
-    } catch (error) {
-      throw new ErrorHandler(error.statusCode, error.message);
+  // Register
+  static async register({ fullname, username, email, phone, password }) {
+    const existingUser = await getUserByUserEmailDb(email);
+    if (existingUser) {
+      throw new ErrorHandler(400, 'Email already registered');
    }
+
+    const hashedPassword = await hashPassword(password);
+
+    const userId = await createUserDb({
+      user_fullname: fullname,
+      user_name: username,
+      user_email: email,
+      user_phone: phone,
+      user_password: hashedPassword,
+      role_id: 3,
+      is_sa: 0,
+      is_active: 1
+    });
+
+    // ambil user baru
+    const newUser = {
+      user_id: userId,
+      user_fullname: fullname,
+      user_name: username,
+      user_email: email,
+      user_phone: phone,
+      role_id: 3,
+    };
+
+    // generate token pair
+    const tokens = JWTService.generateTokenPair(newUser);
+
+    return { user: newUser, tokens };
  }

-  async signToken(data) {
-    try {
-      // console.log("signToken process.env.SECRET", process.env.SECRET)
-      return jwt.sign(data, process.env.SECRET, { expiresIn: "23h" });
-    } catch (error) {
-      logger.error(error);
-      throw new ErrorHandler(500, "An error occurred");
+  // Login
+  static async login({ email, password }) {
+    const user = await getUserByUserEmailDb(email);
+    if (!user) {
+      throw new ErrorHandler(401, 'Invalid credentials');
    }
+
+    const passwordMatch = await comparePassword(password, user.user_password);
+    if (!passwordMatch) {
+      throw new ErrorHandler(401, 'Invalid credentials');
+    }
+
+    if (!user.is_active) {
+      throw new ErrorHandler(403, 'User is inactive');
+    }
+
+    const payload = {
+      user_id: user.user_id,
+      user_fullname: user.user_fullname,
+      user_name: user.user_name,
+      user_email: user.user_email,
+      phone: user.phone,
+      role_id: user.role_id,
+      role_name: user.role_name,
+      is_sa: user.is_sa
+    };
+
+    const tokens = JWTService.generateTokenPair(payload);
+    return { user: payload, tokens };
  }

-  async signRefreshToken(data) {
-    try {
-      return jwt.sign(data, process.env.REFRESH_SECRET, { expiresIn: "23h" });
-    } catch (error) {
-      logger.error(error);
-      throw new ErrorHandler(500, error.message);
+  // Refresh token
+  static async refreshToken(refreshToken) {
+    if (!refreshToken) {
+      throw new ErrorHandler(401, 'Refresh token is required');
    }
+
+    const decoded = JWTService.verifyRefreshToken(refreshToken);
+
+    const payload = {
+      user_id: decoded.user_id,
+      user_fullname: decoded.user_fullname,
+      user_name: decoded.user_name,
+      user_email: decoded.user_email,
+      role_id: decoded.role_id,
+      role_name: decoded.role_name
+    };
+
+    const accessToken = JWTService.generateAccessToken(payload);
+    return { accessToken, tokenType: 'Bearer', expiresIn: 900 };
  }
+
 }

-module.exports = new AuthService();
+module.exports = AuthService;