yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fe5241a1e1c65cec197faf66dc1b5f1ae84d9bbf
cod-api/controllers/auth.controller.js
Antony Kurniawan 1987508887 fix: cookie dev
2025-10-02 15:39:26 +07:00

124 lines
3.9 KiB
JavaScript
Raw Blame History

const AuthService = require('../services/auth.service');
const { registerSchema, loginSchema } = require('../helpers/validation');
const { setResponse } = require('../helpers/utils');
const { createCaptcha } = require('../utils/captcha');
class AuthController {
// Registration
static async register(req, res) {
try {
const { error, value } = registerSchema.validate(req.body, { abortEarly: false });
if (error) {
const errors = error.details.reduce((acc, cur) => {
const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
if (!acc[field]) acc[field] = [];
acc[field].push(cur.message);
return acc;
}, {});
return res.status(400).json(setResponse(errors, 'Validation failed', 400));
}
if (value.phone && value.phone.startsWith('0')) {
value.phone = '+62' + value.phone.slice(1);
}
const { user, tokens } = await AuthService.register(value);
// Set refresh token in cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, //masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
return res.status(201).json(
setResponse({ user, accessToken: tokens.accessToken }, 'User registered successfully', 201)
);
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Register failed', err.statusCode || 500)
);
}
}
// Captcha
static async generateCaptcha(req, res) {
try {
const { svg, text } = createCaptcha();
return res.status(200).json({ data: { svg, text } });
} catch (err) {
return res.status(500).json(setResponse([], 'Captcha failed', 500));
}
}
// Login
static async login(req, res) {
try {
const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
if (error) return res.status(400).json(setResponse([], 'Validation failed', 400));
const { email, password, captcha, captchaText } = value;
if (!captcha || captcha.toLowerCase() !== captchaText.toLowerCase()) {
return res.status(400).json(setResponse([], 'Invalid captcha', 400));
}
const { user, tokens } = await AuthService.login({ email, password });
// Set refresh token in cookie
res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true,
secure: false, // masih dev
sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
});
return res.status(200).json(
setResponse({ user, accessToken: tokens.accessToken }, 'Login successful', 200)
);
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Login failed', err.statusCode || 500)
);
}
}
// Refresh Token
static async refreshToken(req, res) {
try {
const refreshToken = req.cookies?.refreshToken;
if (!refreshToken) {
return res.status(401).json(setResponse(null, 'Refresh token is required', 401));
}
const result = await AuthService.refreshToken(refreshToken);
return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200));
} catch (err) {
const status = err.statusCode && err.statusCode < 500 ? err.statusCode : 401;
return res.status(status).json(
setResponse(null, err.message || 'Refresh token invalid', status)
);
}
}
// Logout
static async logout(req, res) {
try {
res.clearCookie('refreshToken', {
httpOnly: true,
sameSite: 'none',
secure: true
});
return res.status(200).json(setResponse(null, 'Logged out successfully', 200));
} catch (err) {
return res.status(500).json(setResponse(null, 'Logout failed', 500));
}
}
}
module.exports = AuthController;
Reference in New Issue View Git Blame Copy Permalink