update: routes
This commit is contained in:
@@ -1,8 +1,8 @@
|
||||
const router = require("express").Router();
|
||||
const auth = require("./auth");
|
||||
const users = require("./users");
|
||||
const auth = require("./auth.route");
|
||||
const users = require("./users.route");
|
||||
|
||||
router.use("/auth", auth);
|
||||
router.use("/users", users);
|
||||
router.use("/user", users);
|
||||
|
||||
module.exports = router;
|
||||
|
||||
@@ -14,20 +14,19 @@ const verifyToken = require("../middleware/verifyToken");
|
||||
|
||||
router.get("/roles", getAllRoles);
|
||||
|
||||
router.route("/profile")
|
||||
.get(getUserProfile);
|
||||
router.get('/profile', verifyToken.verifyAccessToken, getUserProfile);
|
||||
|
||||
router.route("/")
|
||||
.get(verifyToken, getAllUsers)
|
||||
.post(verifyToken, createUser);
|
||||
.get(verifyToken.verifyAccessToken, getAllUsers)
|
||||
.post(verifyToken.verifyAccessToken, createUser);
|
||||
|
||||
router
|
||||
.route("/status")
|
||||
.get(verifyToken, getAllStatusUsers);
|
||||
.get(verifyToken.verifyAccessToken, getAllStatusUsers);
|
||||
|
||||
router.route("/:id")
|
||||
.get(verifyToken, getUserById)
|
||||
.put(verifyToken, updateUser)
|
||||
.delete(verifyToken, deleteUser);
|
||||
.get(verifyToken.verifyAccessToken, getUserById)
|
||||
.put(verifyToken.verifyAccessToken, updateUser)
|
||||
.delete(verifyToken.verifyAccessToken, deleteUser);
|
||||
|
||||
module.exports = router;
|
||||
@@ -1,77 +1,101 @@
|
||||
const bcrypt = require("bcrypt");
|
||||
const jwt = require("jsonwebtoken");
|
||||
const validateUser = require("../helpers/validateUser");
|
||||
const { ErrorHandler } = require("../helpers/error");
|
||||
const {
|
||||
getUserByUsernameDb
|
||||
} = require("../db/user.db");
|
||||
const { logger } = require("../utils/logger");
|
||||
const {
|
||||
getUserByUserEmailDb,
|
||||
createUserDb
|
||||
} = require('../db/user.db');
|
||||
const JWTService = require('../utils/jwt');
|
||||
const { hashPassword, comparePassword } = require('../helpers/hashPassword');
|
||||
const { ErrorHandler } = require('../helpers/error');
|
||||
|
||||
class AuthService {
|
||||
|
||||
async login(username, password, tenantId) {
|
||||
try {
|
||||
// if (!validateUser(username, password)) {
|
||||
// throw new ErrorHandler(403, "Invalid login");
|
||||
// }
|
||||
|
||||
const user = await getUserByUsernameDb(username, tenantId);
|
||||
console.log(user);
|
||||
|
||||
if (!user) {
|
||||
throw new ErrorHandler(403, "Username not found.");
|
||||
}
|
||||
|
||||
const isCorrectPassword = password === user.password
|
||||
if (!isCorrectPassword) {
|
||||
throw new ErrorHandler(403, "Username or password incorrect.");
|
||||
}
|
||||
|
||||
const dataToken = {
|
||||
tenant_id: tenantId,
|
||||
user_id: user.user_id,
|
||||
username,
|
||||
fullname: user.full_name,
|
||||
role_id: user.role_id
|
||||
}
|
||||
|
||||
const token = await this.signToken(dataToken);
|
||||
const refreshToken = await this.signRefreshToken(dataToken);
|
||||
|
||||
return {
|
||||
token,
|
||||
refreshToken,
|
||||
role_id: dataToken.role_id,
|
||||
tenant_id: tenantId,
|
||||
user: {
|
||||
user_id: dataToken.user_id,
|
||||
fullname: dataToken.fullname,
|
||||
username: dataToken.username,
|
||||
},
|
||||
};
|
||||
} catch (error) {
|
||||
throw new ErrorHandler(error.statusCode, error.message);
|
||||
// Register
|
||||
static async register({ fullname, username, email, phone, password }) {
|
||||
const existingUser = await getUserByUserEmailDb(email);
|
||||
if (existingUser) {
|
||||
throw new ErrorHandler(400, 'Email already registered');
|
||||
}
|
||||
|
||||
const hashedPassword = await hashPassword(password);
|
||||
|
||||
const userId = await createUserDb({
|
||||
user_fullname: fullname,
|
||||
user_name: username,
|
||||
user_email: email,
|
||||
user_phone: phone,
|
||||
user_password: hashedPassword,
|
||||
role_id: 3,
|
||||
is_sa: 0,
|
||||
is_active: 1
|
||||
});
|
||||
|
||||
// ambil user baru
|
||||
const newUser = {
|
||||
user_id: userId,
|
||||
user_fullname: fullname,
|
||||
user_name: username,
|
||||
user_email: email,
|
||||
user_phone: phone,
|
||||
role_id: 3,
|
||||
};
|
||||
|
||||
// generate token pair
|
||||
const tokens = JWTService.generateTokenPair(newUser);
|
||||
|
||||
return { user: newUser, tokens };
|
||||
}
|
||||
|
||||
async signToken(data) {
|
||||
try {
|
||||
// console.log("signToken process.env.SECRET", process.env.SECRET)
|
||||
return jwt.sign(data, process.env.SECRET, { expiresIn: "23h" });
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
throw new ErrorHandler(500, "An error occurred");
|
||||
// Login
|
||||
static async login({ email, password }) {
|
||||
const user = await getUserByUserEmailDb(email);
|
||||
if (!user) {
|
||||
throw new ErrorHandler(401, 'Invalid credentials');
|
||||
}
|
||||
|
||||
const passwordMatch = await comparePassword(password, user.user_password);
|
||||
if (!passwordMatch) {
|
||||
throw new ErrorHandler(401, 'Invalid credentials');
|
||||
}
|
||||
|
||||
if (!user.is_active) {
|
||||
throw new ErrorHandler(403, 'User is inactive');
|
||||
}
|
||||
|
||||
const payload = {
|
||||
user_id: user.user_id,
|
||||
user_fullname: user.user_fullname,
|
||||
user_name: user.user_name,
|
||||
user_email: user.user_email,
|
||||
phone: user.phone,
|
||||
role_id: user.role_id,
|
||||
role_name: user.role_name,
|
||||
is_sa: user.is_sa
|
||||
};
|
||||
|
||||
const tokens = JWTService.generateTokenPair(payload);
|
||||
return { user: payload, tokens };
|
||||
}
|
||||
|
||||
async signRefreshToken(data) {
|
||||
try {
|
||||
return jwt.sign(data, process.env.REFRESH_SECRET, { expiresIn: "23h" });
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
throw new ErrorHandler(500, error.message);
|
||||
// Refresh token
|
||||
static async refreshToken(refreshToken) {
|
||||
if (!refreshToken) {
|
||||
throw new ErrorHandler(401, 'Refresh token is required');
|
||||
}
|
||||
|
||||
const decoded = JWTService.verifyRefreshToken(refreshToken);
|
||||
|
||||
const payload = {
|
||||
user_id: decoded.user_id,
|
||||
user_fullname: decoded.user_fullname,
|
||||
user_name: decoded.user_name,
|
||||
user_email: decoded.user_email,
|
||||
role_id: decoded.role_id,
|
||||
role_name: decoded.role_name
|
||||
};
|
||||
|
||||
const accessToken = JWTService.generateAccessToken(payload);
|
||||
return { accessToken, tokenType: 'Bearer', expiresIn: 900 };
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
module.exports = new AuthService();
|
||||
module.exports = AuthService;
|
||||
|
||||
8
utils/captcha.js
Normal file
8
utils/captcha.js
Normal file
@@ -0,0 +1,8 @@
|
||||
const svgCaptcha = require('svg-captcha');
|
||||
|
||||
function createCaptcha() {
|
||||
const captcha = svgCaptcha.create({ size: 5, noise: 2, color: true });
|
||||
return { svg: captcha.data, text: captcha.text };
|
||||
}
|
||||
|
||||
module.exports = { createCaptcha };
|
||||
81
utils/jwt.js
Normal file
81
utils/jwt.js
Normal file
@@ -0,0 +1,81 @@
|
||||
const jwt = require('jsonwebtoken');
|
||||
const crypto = require('crypto');
|
||||
|
||||
const tokenSettings = {
|
||||
access: {
|
||||
expiresIn: '15m',
|
||||
type: 'access',
|
||||
secret: process.env.SECRET
|
||||
},
|
||||
refresh: {
|
||||
expiresIn: '7d',
|
||||
type: 'refresh',
|
||||
secret: process.env.REFRESH_SECRET
|
||||
}
|
||||
};
|
||||
|
||||
function generateTokenId() {
|
||||
return crypto.randomBytes(32).toString('hex');
|
||||
}
|
||||
|
||||
function generateToken(payload, type) {
|
||||
const settings = tokenSettings[type];
|
||||
if (!settings) throw new Error(`Invalid token type: ${type}`);
|
||||
|
||||
const tokenPayload = { ...payload, type: settings.type };
|
||||
|
||||
return jwt.sign(tokenPayload, settings.secret, {
|
||||
expiresIn: settings.expiresIn,
|
||||
jwtid: generateTokenId()
|
||||
});
|
||||
}
|
||||
|
||||
function verifyTokenType(token, type) {
|
||||
const settings = tokenSettings[type];
|
||||
try {
|
||||
const decoded = jwt.verify(token, settings.secret);
|
||||
if (decoded.type !== type) throw new Error('Invalid token type');
|
||||
return decoded;
|
||||
} catch (error) {
|
||||
if (error.name === 'TokenExpiredError') throw new Error(`${type} token has expired`);
|
||||
if (error.name === 'JsonWebTokenError') throw new Error(`Invalid ${type} token`);
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
||||
function generateAccessToken(payload) {
|
||||
return generateToken(payload, 'access');
|
||||
}
|
||||
|
||||
function generateRefreshToken(payload) {
|
||||
return generateToken(payload, 'refresh');
|
||||
}
|
||||
|
||||
function verifyToken(token) {
|
||||
return verifyTokenType(token, 'access');
|
||||
}
|
||||
|
||||
function verifyRefreshToken(token) {
|
||||
return verifyTokenType(token, 'refresh');
|
||||
}
|
||||
|
||||
function generateTokenPair(payload) {
|
||||
const accessToken = generateAccessToken(payload);
|
||||
const refreshToken = generateRefreshToken(payload);
|
||||
|
||||
return {
|
||||
accessToken,
|
||||
refreshToken,
|
||||
tokenType: 'Bearer',
|
||||
expiresIn: 900,
|
||||
refreshExpiresIn: 604800
|
||||
};
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
generateAccessToken,
|
||||
generateRefreshToken,
|
||||
verifyToken,
|
||||
verifyRefreshToken,
|
||||
generateTokenPair,
|
||||
};
|
||||
Reference in New Issue
Block a user