yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ee303081127fafff53d59727ceaabc3a34a22f47
cod-api/controllers/auth.controller.js

141 lines
4.1 KiB
JavaScript
Raw Blame History

const AuthService = require('../services/auth.service');
const { registerSchema, loginSchema } = require('../validate/auth.schema')
const { setResponse } = require('../helpers/utils');
const { createCaptcha } = require('../utils/captcha');
class AuthController {
// Registration
static async register(req, res) {
try {
const { error, value } = registerSchema.validate(req.body, { abortEarly: false });
if (error) {
const errors = error.details.reduce((acc, cur) => {
const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
if (!acc[field]) acc[field] = [];
acc[field].push(cur.message);
return acc;
}, {});
return res.status(400).json(setResponse(errors, 'Validation failed', 400));
}
if (value.phone && value.phone.startsWith('0')) {
value.phone = '+62' + value.phone.slice(1);
}
const { user, tokens } = await AuthService.register(value);
// Set refresh token di cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, // masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
return res.status(201).json(
setResponse(
{
user: { ...user, approved: false },
accessToken: tokens.accessToken
},
'User registered successfully. Waiting for admin approval.',
201
)
);
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Register failed', err.statusCode || 500)
);
}
}
// Captcha
static async generateCaptcha(req, res) {
try {
const { svg, text } = createCaptcha();
res.setHeader('X-Captcha-Text', text);
return res.status(200).json({ data: { svg, text } });
} catch (err) {
return res.status(500).json(setResponse([], 'Captcha failed', 500));
}
}
// Login
static async login(req, res) {
try {
const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
if (error) return res.status(400).json(setResponse([], 'Validation failed', 400));
const { identifier, password, captcha, captchaText } = value;
if (!captcha || captcha.toLowerCase() !== captchaText.toLowerCase()) {
return res.status(400).json(setResponse([], 'Invalid captcha', 400));
}
const { user, tokens } = await AuthService.login({ identifier, password });
// Set refresh token di cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, // masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
return res.status(200).json(
setResponse(
{
user: { ...user, approved: true },
accessToken: tokens.accessToken
},
'Login successful',
200
)
);
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Login failed', err.statusCode || 500)
);
}
}
// Refresh Token
static async refreshToken(req, res) {
try {
const refreshToken = req.cookies?.refreshToken;
if (!refreshToken) {
return res.status(401).json(setResponse(null, 'Refresh token is required', 401));
}
const result = await AuthService.refreshToken(refreshToken);
return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200));
} catch (err) {
const status = err.statusCode && err.statusCode < 500 ? err.statusCode : 401;
return res.status(status).json(
setResponse(null, err.message || 'Refresh token invalid', status)
);
}
}
// Logout
static async logout(req, res) {
try {
res.clearCookie('refreshToken', {
httpOnly: true,
sameSite: 'none',
secure: true
});
return res.status(200).json(setResponse(null, 'Logged out successfully', 200));
} catch (err) {
return res.status(500).json(setResponse(null, 'Logout failed', 500));
}
}
}
module.exports = AuthController;
Reference in New Issue View Git Blame Copy Permalink