prod124njac/prod124njac-back-b/authsec_node/Backend/api/user.controller.js

177 lines
5.1 KiB
JavaScript
Raw Normal View History

2024-09-18 04:14:45 +00:00
const { pool, db } = require("../config/database")
const { genSaltSync, hashSync, compareSync } = require("bcrypt")
const { sign } = require("jsonwebtoken")
const bcrypt = require("bcrypt")
const otpGenerator = require("otp-generator")
const nodemailer = require("nodemailer")
const transporter = nodemailer.createTransport({
service: "gmail", // e.g., 'Gmail'
host: process.env.NODEMAILER_HOST,
port: process.env.NODEMAILER_PORT,
secure: false,
auth: {
user: process.env.NODEMAILER_USER,
pass: process.env.NODEMAILER_PASSWORD,
},
})
async function executeQuery(sql, values) {
const connection = await pool.getConnection()
try {
const [rows] = await connection.execute(sql, values)
return rows
} finally {
connection.release()
}
}
// path = /addOneAppUser
// const registerOld = async (req, res) => {
// const { email } = req.body
// try {
// const rows = await pool.execute("SELECT * FROM sec_users WHERE email = ?", [
// email,
// ])
// if (rows.length > 0) {
// return res.status(400).json({ message: "Email already exists" })
// }
// // Generate and save OTP
// const otp = Math.floor(1000 + Math.random() * 9000).toString()
// const result = await pool.execute(
// "INSERT INTO sec_users (email, password1) VALUES (?, ?)",
// [email, otp]
// )
// if (result) {
// // Send OTP via email
// const mailOptions = {
// from: "example.com",
// to: email,
// subject: "OTP for registration",
// text: `Your OTP is: ${otp}`,
// }
// transporter.sendMail(mailOptions, (error) => {
// if (error) {
// console.log(error)
// return res.status(500).json({ message: "Error sending OTP" })
// }
// return res.status(200).json({ message: "OTP sent successfully" })
// })
// } else {
// return res.status(500).json({ message: "Failed to create user" })
// }
// } catch (error) {
// console.error(error)
// res.status(400).json({ message: "Some error occured" })
// }
// }
var count = 0
const register = async (req, res) => {
const body = req.body
// console.log(email)
try {
let sql = `SELECT * FROM sec_users WHERE email = ?`
const rows = await executeQuery(sql, [body.email])
if (rows.length > 0) {
return res.status(400).json({ message: "Email already exists" })
}
count++
// Generate and save OTP
const otp = Math.floor(1000 + Math.random() * 9000).toString()
let user_id = 10007589 + count
const password = bcrypt.hashSync(body.user_passw, 10)
let sql2 = `INSERT INTO sec_users (email, random_no, user_id, user_name, full_name, user_passw, change_passw, first_name, country, is_blocked, is_complete, active) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
const result = await executeQuery(sql2, [
body.email,
otp,
user_id,
body.user_name,
body.full_name,
password,
body.change_passw,
body.first_name,
body.country,
false,
true,
true,
])
if (result) {
// Send OTP via email
const mailOptions = {
from: "example.com",
to: body.email,
subject: "OTP for registration",
text: `Your OTP is: ${otp}`,
}
transporter.sendMail(mailOptions, (error) => {
if (error) {
console.log(error)
return res.status(500).json({ message: "Error sending OTP" })
}
return res.status(200).json({ message: "OTP sent successfully" })
})
} else {
return res.status(500).json({ message: "Failed to create user" })
}
} catch (error) {
console.error(error)
res.status(400).json({ message: "Some error occured" })
}
}
const verifyOTP = async (req, res) => {
const { email, otp } = req.body
try {
let sql = `SELECT * FROM sec_users WHERE email = ?`
const rows = await executeQuery(sql, [email])
if (rows.length === 0) {
return res.status(400).json({ message: "User not found" })
}
const user = rows[0]
if (user.random_no === otp) {
// OTP is valid, you can update the user's status to verified or perform any necessary actions.
// For example: Update the 'is_complete' field to true.
let updateSql = `UPDATE sec_users SET status = ? WHERE email = ?`
await executeQuery(updateSql, [true, email])
return res.status(200).json({ message: "OTP verified successfully" })
} else {
return res.status(400).json({ message: "Invalid OTP" })
}
} catch (error) {
console.error(error)
res.status(500).json({ message: "Error verifying OTP" })
}
}
const deleteUser = async (req, res) => {
const email = req.body.email
const sql = `SELECT * FROM sec_users WHERE email = ?`
const rows = await executeQuery(sql, [email])
if (rows.length === 0) {
return res.status(400).json({ message: "User not found" })
} else {
const sql2 = `DELETE FROM sec_users WHERE email = ?`
const result = await executeQuery(sql2, [email])
res
.status(200)
.json({ message: `User with ${email} deleted successfully...!!! ` })
}
}
module.exports = {
register,
verifyOTP,
deleteUser,
}