first commit
This commit is contained in:
ryanwong
@@ -0,0 +1,6 @@
|
||||
const Login = require("./login");
|
||||
const Logout = require("./logout");
|
||||
const Profile = require("./profile");
|
||||
|
||||
module.exports = [Login,Logout,Profile]
|
||||
|
||||
@@ -0,0 +1,73 @@
|
||||
"use strict";
|
||||
|
||||
const ValidationService = require("../../services/ValidationService");
|
||||
const AuthService = require("../../services/AuthService");
|
||||
const JWTService = require("../../services/JwtService");
|
||||
const SessionService = require("../../services/SessionService");
|
||||
const db = require("../../models");
|
||||
const errors = require("../../core/errors");
|
||||
const app = require("express").Router();
|
||||
const role_id = 1;
|
||||
|
||||
app.get("/admin/login", SessionService.preventAuthRoutes(role_id, "admin"), async function (req, res, next) {
|
||||
const AuthViewModel = require("../../view_models/admin_auth_view_model");
|
||||
|
||||
const viewModel = new AuthViewModel(db.user, "Login");
|
||||
req.session.redirect_to = req.query.redirect_to;
|
||||
|
||||
return res.render("admin/Login", viewModel);
|
||||
});
|
||||
|
||||
app.post(
|
||||
"/admin/login",
|
||||
|
||||
ValidationService.validateInput(
|
||||
{
|
||||
email: "required|email",
|
||||
password: "required|minLength:6",
|
||||
},
|
||||
{
|
||||
"email.required": "Email is required",
|
||||
"email.email": "Invalid email",
|
||||
"password.required": "Password is required.",
|
||||
"password.minLength": "Password should be at least 6 characters long.",
|
||||
}
|
||||
),
|
||||
|
||||
async function (req, res, next) {
|
||||
const role_id = 1;
|
||||
const { email, password } = req.body;
|
||||
|
||||
const AuthViewModel = require("../../view_models/admin_auth_view_model");
|
||||
|
||||
const viewModel = new AuthViewModel(db.user, "Login");
|
||||
|
||||
ValidationService.handleValidationErrorForViews(req, res, viewModel, "admin/Login", "login_fields", { email });
|
||||
|
||||
try {
|
||||
const { credential, user } = await AuthService.login(email, password, role_id);
|
||||
|
||||
const session = req.session;
|
||||
|
||||
session.role = role_id;
|
||||
session.user = user;
|
||||
session.credential = credential;
|
||||
|
||||
return session.save((error) => {
|
||||
if (error) {
|
||||
throw new Error(error);
|
||||
}
|
||||
if (session.redirect_to) {
|
||||
return res.redirect(session.redirect_to);
|
||||
}
|
||||
return res.redirect("/admin/dashboard");
|
||||
});
|
||||
} catch (error) {
|
||||
viewModel.error = error.message || "Something went wrong";
|
||||
viewModel.login_fields.email = email;
|
||||
return res.render("admin/Login", viewModel);
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
module.exports = app;
|
||||
@@ -0,0 +1,13 @@
|
||||
'use strict';
|
||||
const app = require('express').Router();
|
||||
|
||||
app.get('/admin/logout', async function (req, res, next) {
|
||||
req.session.destroy(function(err) {
|
||||
req.session = {}
|
||||
})
|
||||
|
||||
return res.redirect("/admin/login")
|
||||
});
|
||||
|
||||
|
||||
module.exports = app;
|
||||
@@ -0,0 +1,188 @@
|
||||
"use strict";
|
||||
|
||||
const ValidationService = require("../../services/ValidationService");
|
||||
const AuthService = require("../../services/AuthService");
|
||||
const JWTService = require("../../services/JwtService");
|
||||
const SessionService = require("../../services/SessionService");
|
||||
const PasswordService = require("../../services/PasswordService");
|
||||
const db = require("../../models");
|
||||
const helpers = require("../../core/helpers");
|
||||
const { validateEmail } = require("../../core/utils");
|
||||
const app = require("express").Router();
|
||||
|
||||
const role_id = 1;
|
||||
|
||||
app.get(
|
||||
"/admin/profile",
|
||||
SessionService.verifySessionMiddleware(role_id, "admin"),
|
||||
|
||||
async function (req, res, next) {
|
||||
const user = await db.user.getByPK(req.session.user);
|
||||
const id = user.id;
|
||||
|
||||
const AuthViewModel = require("../../view_models/admin_auth_view_model");
|
||||
|
||||
const viewModel = new AuthViewModel(db.user, "Profile");
|
||||
|
||||
viewModel._base_url = "/admin/profile";
|
||||
|
||||
if (!user || !user.id) {
|
||||
viewModel.error = "User Not Found";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
}
|
||||
if (req.session.csrf === undefined) {
|
||||
req.session.csrf = SessionService.randomString(100);
|
||||
}
|
||||
|
||||
try {
|
||||
// TODO: make this responsive with no joins as well
|
||||
const exists = await db.user.get_user_credential(id, db);
|
||||
|
||||
if (!exists || +exists.status === 0) {
|
||||
viewModel.error = "Profile Not Found";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
}
|
||||
|
||||
const values = exists;
|
||||
Object.keys(viewModel.form_fields).forEach((field) => {
|
||||
if (field === "credential.email") {
|
||||
viewModel.form_fields[field] = values["credential"]["email"];
|
||||
return;
|
||||
}
|
||||
if (field === "credential.password") {
|
||||
viewModel.form_fields[field] = values["credential"]["password"];
|
||||
return;
|
||||
}
|
||||
viewModel.form_fields[field] = values[field];
|
||||
});
|
||||
viewModel.credential = db.credential;
|
||||
|
||||
return res.render("admin/Profile", viewModel);
|
||||
} catch (error) {
|
||||
viewModel.error = "Something went wrong";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
app.post(
|
||||
"/admin/profile",
|
||||
|
||||
SessionService.verifySessionMiddleware(role_id, "admin"),
|
||||
|
||||
async function (req, res, next) {
|
||||
let UserRef;
|
||||
let CredentialRef;
|
||||
|
||||
let User;
|
||||
let Credential;
|
||||
|
||||
const user = await db.user.getByPK(req.session.user);
|
||||
|
||||
const AuthViewModel = require("../../view_models/admin_auth_view_model");
|
||||
|
||||
const viewModel = new AuthViewModel(db.user, "Profile");
|
||||
viewModel._base_url = "/admin/profile";
|
||||
|
||||
if (!user || !user.id) {
|
||||
viewModel.error = "User Not Found";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
}
|
||||
|
||||
if (req.session.csrf === undefined) {
|
||||
req.session.csrf = SessionService.randomString(100);
|
||||
}
|
||||
|
||||
const { first_name, last_name, credential_email, credential_password, status } = req.body;
|
||||
|
||||
var credentialFields = {
|
||||
email: credential_email,
|
||||
password: credential_password,
|
||||
};
|
||||
|
||||
viewModel.form_fields = {
|
||||
...viewModel.form_fields,
|
||||
first_name,
|
||||
last_name,
|
||||
"credential.email": credential_email,
|
||||
"credential.password": credential_password,
|
||||
status,
|
||||
};
|
||||
|
||||
delete credentialFields.password;
|
||||
delete viewModel.form_fields["credential.password"];
|
||||
|
||||
if (credential_password && credential_password !== "" && credential_password !== null && credential_password !== undefined) {
|
||||
credentialFields.password = credential_password;
|
||||
}
|
||||
|
||||
try {
|
||||
if (req.validationError) {
|
||||
viewModel.error = req.validationError;
|
||||
return res.render("admin/Profile", viewModel);
|
||||
}
|
||||
|
||||
CredentialRef = await db.credential.getByFields({
|
||||
user_id: user.id,
|
||||
status: 1,
|
||||
type: 0,
|
||||
});
|
||||
|
||||
if (!CredentialRef) throw new Error("Email Address Not Found");
|
||||
|
||||
const credentialType = CredentialRef.type;
|
||||
|
||||
UserRef = await db.user.getByFields({
|
||||
id: user.id,
|
||||
status: 1,
|
||||
});
|
||||
|
||||
if (!UserRef) throw new Error("Email Address Not Found");
|
||||
|
||||
if (credentialType == 0 && Object.entries(credentialFields).length > 0) {
|
||||
if (credentialFields.email) {
|
||||
if (!validateEmail(credentialFields.email)) {
|
||||
viewModel.error = "Invalid email";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
}
|
||||
|
||||
if (CredentialRef.email !== credentialFields.email) {
|
||||
const userExists = await db.credential.getByField("email", credentialFields.email);
|
||||
if (userExists) {
|
||||
throw new Error("Email Address Already Exists");
|
||||
}
|
||||
}
|
||||
}
|
||||
if (credentialFields.password) {
|
||||
credentialFields.password = await PasswordService.hash(credentialFields.password);
|
||||
}
|
||||
|
||||
Credential = await db.credential.edit(credentialFields, CredentialRef.id);
|
||||
}
|
||||
User = await db.user.edit(
|
||||
{
|
||||
first_name,
|
||||
last_name,
|
||||
status,
|
||||
},
|
||||
UserRef.id
|
||||
);
|
||||
|
||||
viewModel.success = "Profile Updated Successfully";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
} catch (error) {
|
||||
console.error(error);
|
||||
try {
|
||||
if (Credential && CredentialRef) {
|
||||
await db.credential.edit(credentialFields, CredentialRef.id);
|
||||
}
|
||||
viewModel.error = error.message || "Something went wrong";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
} catch (error_2) {}
|
||||
viewModel.error = error_2.message || "Something went wrong";
|
||||
return res.render("admin/Profile", viewModel);
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
module.exports = app;
|
||||
@@ -0,0 +1,5 @@
|
||||
const AdminRoutes = require("./admin/index");
|
||||
const MemberRoutes = require("./member/index");
|
||||
|
||||
|
||||
module.exports = [AdminRoutes,MemberRoutes];
|
||||
@@ -0,0 +1,80 @@
|
||||
const ValidationService = require('../../services/ValidationService');
|
||||
const AuthService = require('../../services/AuthService');
|
||||
const JWTService = require('../../services/JwtService');
|
||||
const SessionService = require('../../services/SessionService');
|
||||
const OAuthService = require('../../services/OAuthService');
|
||||
const db = require('../../models');
|
||||
const errors = require('../../core/errors');
|
||||
const app = require('express').Router();
|
||||
|
||||
|
||||
app.get('/member/facebook/initialize', async function (req, res) {
|
||||
const role_id = 2
|
||||
try {
|
||||
|
||||
const authenticationUrl = OAuthService.facebook.generateAuthURL({
|
||||
redirect_uri: process.env.DYNAMIC_CONFIG_FACEBOOK_REDIRECT_URI,
|
||||
client_id: process.env.DYNAMIC_CONFIG_FACEBOOK_CLIENT_ID,
|
||||
});
|
||||
|
||||
res.redirect(authenticationUrl);
|
||||
} catch (error) {
|
||||
viewModel.error = 'Something went wrong';
|
||||
return res.render('member/Login', viewModel);
|
||||
}
|
||||
});
|
||||
|
||||
app.get('/member/facebook', async function (req, res) {
|
||||
const role_id = 2
|
||||
|
||||
const AuthViewModel = require('../../view_models/member_auth_view_model');
|
||||
const viewModel = new AuthViewModel(db.user, 'Facebook login');
|
||||
try {
|
||||
const authToken = await OAuthService.facebook.generateAuthToken({
|
||||
redirect_uri: process.env.DYNAMIC_CONFIG_FACEBOOK_REDIRECT_URI,
|
||||
client_id: process.env.DYNAMIC_CONFIG_FACEBOOK_CLIENT_ID,
|
||||
client_id: process.env.DYNAMIC_CONFIG_FACEBOOK_CLIENT_ID,
|
||||
client_secret: process.env.DYNAMIC_CONFIG_FACEBOOK_CLIENT_SECRET,
|
||||
auth_code: req.query.code,
|
||||
});
|
||||
|
||||
const facebookUser = await OAuthService.facebook.getUserInfo(authToken);
|
||||
|
||||
// Facebook doesn't return email address sometime
|
||||
// Allow email in the list of permissions in the frontend and access token will return email as well
|
||||
|
||||
if (!facebookUser.email) {
|
||||
throw new Error(
|
||||
'EMAIL_ASSOCIATED_WITH_FACEBOOK_COULD_NOT_BE_FOUND',
|
||||
);
|
||||
}
|
||||
|
||||
const payload = await OAuthService.authenticate({
|
||||
provider: 'f',
|
||||
id: facebookUser.id,
|
||||
email: facebookUser.email,
|
||||
first_name: facebookUser.first_name,
|
||||
last_name: facebookUser.last_name,
|
||||
image: '',
|
||||
role_id
|
||||
});
|
||||
|
||||
const session = req.session;
|
||||
session.role = role_id;
|
||||
session.user = payload.user;
|
||||
|
||||
return session.save((error) => {
|
||||
if (error) {
|
||||
throw new Error(error);
|
||||
}
|
||||
return res.redirect('/member/dashboard');
|
||||
});
|
||||
} catch (error) {
|
||||
viewModel.error = error.message || "Something went wrong";
|
||||
return res.render('member/Login', viewModel);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
|
||||
module.exports = app;
|
||||
@@ -0,0 +1,217 @@
|
||||
'use strict';
|
||||
|
||||
const ValidationService = require('../../services/ValidationService')
|
||||
const AuthService = require('../../services/AuthService');
|
||||
const JWTService = require('../../services/JwtService');
|
||||
const SessionService = require('../../services/SessionService');
|
||||
const db = require("../../models");
|
||||
const app = require('express').Router();
|
||||
|
||||
const role_id = 2
|
||||
|
||||
app.get('/member/forgot',
|
||||
SessionService.preventAuthRoutes(role_id, 'member')
|
||||
,async function (req, res, next) {
|
||||
|
||||
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user, "Forgot Password")
|
||||
|
||||
return res.render("member/Forgot", viewModel)
|
||||
|
||||
});
|
||||
|
||||
app.post('/member/forgot',
|
||||
|
||||
ValidationService.validateInput({
|
||||
email:"required|email",
|
||||
},{
|
||||
"email.required":"Email is required",
|
||||
"email.email":"Invalid email",
|
||||
})
|
||||
,async function (req, res, next) {
|
||||
const role_id = 2
|
||||
const {email} = req.body;
|
||||
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user,"Forgot Password")
|
||||
|
||||
|
||||
ValidationService.handleValidationErrorForViews(
|
||||
req,
|
||||
res,
|
||||
viewModel,
|
||||
'member/Forgot',
|
||||
'forgot_fields',
|
||||
{ email },
|
||||
);
|
||||
|
||||
|
||||
try {
|
||||
const accountExists = await viewModel.account_exists(email,{role_id})
|
||||
if(!accountExists){
|
||||
viewModel.error = "Account doesn't exists."
|
||||
return res.render("member/Forgot",viewModel )
|
||||
}
|
||||
|
||||
const user = await viewModel.get_associated_user(accountExists.user_id)
|
||||
|
||||
if(!user){
|
||||
viewModel.error = "Account doesn't exists."
|
||||
return res.render("member/Forgot",viewModel )
|
||||
}
|
||||
|
||||
viewModel.initializeMailService(email)
|
||||
const mailTemplate = await viewModel.getForgotPasswordMailTemplate('reset-password')
|
||||
|
||||
if (!mailTemplate) {
|
||||
throw new Error();
|
||||
}
|
||||
|
||||
const token = viewModel.generateRandomToken()
|
||||
|
||||
if (!token) {
|
||||
throw new Error();
|
||||
}
|
||||
|
||||
|
||||
const finalTemplate = viewModel.injectMailTemplate(
|
||||
{
|
||||
body: mailTemplate.html,
|
||||
subject: mailTemplate.subject,
|
||||
},
|
||||
{
|
||||
email,
|
||||
link: process.env.BASE_URL + '/member/reset',
|
||||
reset_token: token,
|
||||
},
|
||||
)
|
||||
|
||||
if (!finalTemplate) {
|
||||
throw new Error();
|
||||
}
|
||||
|
||||
await viewModel.saveTokenToDB(token, user.id)
|
||||
|
||||
await viewModel.sendMail(finalTemplate)
|
||||
|
||||
viewModel.success = "A password reset link is sent to your inbox."
|
||||
return res.render("member/Login", viewModel)
|
||||
|
||||
} catch (error) {
|
||||
viewModel.error = "Something went wrong"
|
||||
return res.render("member/Forgot",viewModel )
|
||||
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
app.get('/member/reset/:token',
|
||||
SessionService.preventAuthRoutes(role_id, 'member')
|
||||
, async function (req, res, next) {
|
||||
|
||||
const token = req.params.token
|
||||
if(!token){
|
||||
viewModel.error = "Invalid token"
|
||||
return res.render("member/Login",viewModel)
|
||||
}
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user, "Reset Password")
|
||||
|
||||
viewModel.resetToken=token
|
||||
|
||||
|
||||
|
||||
try {
|
||||
const tokenValid = await viewModel.validateToken(token)
|
||||
if(!tokenValid){
|
||||
viewModel.error = "Invalid token"
|
||||
return res.render("member/Login",viewModel)
|
||||
}
|
||||
return res.render("member/Reset", viewModel)
|
||||
|
||||
} catch (error) {
|
||||
viewModel.error = "Something went wrong"
|
||||
return res.render("member/Login",viewModel )
|
||||
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
app.post('/member/reset/:token',
|
||||
|
||||
ValidationService.validateInput({
|
||||
password:"required|minLength:6",
|
||||
confirm_password:"required|minLength:6",
|
||||
},{
|
||||
"password.required":"Password is required.",
|
||||
"confirm_password.required":"Password is required.",
|
||||
"password.minLength":"Password should be at least 6 characters long.",
|
||||
"confirm_password.minLength":"Password should be at least 6 characters long."
|
||||
})
|
||||
,async function (req, res, next) {
|
||||
const role_id = 2
|
||||
const token = req.params.token
|
||||
const {password, confirm_password} = req.body;
|
||||
|
||||
if(!token){
|
||||
viewModel.error = "Invalid token"
|
||||
return res.render("member/Login",viewModel)
|
||||
}
|
||||
|
||||
if(password!==confirm_password){
|
||||
viewModel.error = "Passwords do not match"
|
||||
return res.render("member/Reset",viewModel )
|
||||
}
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user,"Reset Password")
|
||||
viewModel.resetToken = token;
|
||||
|
||||
|
||||
|
||||
ValidationService.handleValidationErrorForViews(
|
||||
req,
|
||||
res,
|
||||
viewModel,
|
||||
'member/Reset',
|
||||
'reset_fields',
|
||||
{ password, confirm_password },
|
||||
);
|
||||
|
||||
|
||||
|
||||
try {
|
||||
const tokenValid = await viewModel.validateToken(token)
|
||||
if(!tokenValid){
|
||||
viewModel.error = "Invalid token"
|
||||
return res.render("member/Login",viewModel)
|
||||
}
|
||||
|
||||
const hashPassword =await viewModel.generate_hash(password)
|
||||
if(!hashPassword){
|
||||
throw new Error()
|
||||
}
|
||||
const userCredential =await viewModel.getUserCredential(tokenValid.user_id)
|
||||
|
||||
if(!userCredential){
|
||||
throw new Error()
|
||||
}
|
||||
await viewModel.updatePassword(hashPassword, userCredential.id)
|
||||
|
||||
viewModel.success="Password reset successful"
|
||||
return res.render("member/Login",viewModel)
|
||||
|
||||
|
||||
} catch (error) {
|
||||
viewModel.error = error.message || "Something went wrong";
|
||||
return res.render("member/Reset",viewModel )
|
||||
|
||||
}
|
||||
});
|
||||
|
||||
module.exports = app;
|
||||
|
||||
@@ -0,0 +1,72 @@
|
||||
const OAuthService = require('../../services/OAuthService');
|
||||
const JWTService = require('../../services/JwtService');
|
||||
const AuthService = require('../../services/AuthService');
|
||||
const ValidationService = require('../../services/ValidationService');
|
||||
const db = require('../../models');
|
||||
const app = require('express').Router();
|
||||
// prettier-ignore
|
||||
|
||||
|
||||
app.get('/member/google/initialize', async function (req, res) {
|
||||
const role_id = 2
|
||||
try {
|
||||
|
||||
|
||||
const authenticationUrl = OAuthService.google.generateAuthURL({
|
||||
redirect_uri: process.env.DYNAMIC_CONFIG_GOOGLE_REDIRECT_URI,
|
||||
client_id: process.env.DYNAMIC_CONFIG_GOOGLE_CLIENT_ID,
|
||||
});
|
||||
|
||||
res.redirect(authenticationUrl)
|
||||
} catch (error) {
|
||||
res.status(500).json({ success: false, message: error.message });
|
||||
}
|
||||
});
|
||||
|
||||
app.get('/member/google', async function (req, res) {
|
||||
try {
|
||||
const role_id = 2
|
||||
|
||||
const AuthViewModel = require('../../view_models/member_auth_view_model');
|
||||
var viewModel = new AuthViewModel(db.user, 'Google login');
|
||||
|
||||
const authToken = await OAuthService.google.generateAuthToken({
|
||||
redirect_uri: process.env.DYNAMIC_CONFIG_GOOGLE_REDIRECT_URI,
|
||||
client_id: process.env.DYNAMIC_CONFIG_GOOGLE_CLIENT_ID,
|
||||
client_secret: process.env.DYNAMIC_CONFIG_GOOGLE_CLIENT_SECRET,
|
||||
auth_code: req.query.code,
|
||||
});
|
||||
|
||||
const googleUser = await OAuthService.google.getUserInfo(authToken);
|
||||
|
||||
const payload = await OAuthService.authenticate({
|
||||
provider: 'g',
|
||||
id: googleUser.id,
|
||||
email: googleUser.email,
|
||||
first_name: googleUser.given_name,
|
||||
last_name: googleUser.family_name,
|
||||
image: googleUser.picture,
|
||||
});
|
||||
|
||||
const session = req.session;
|
||||
session.role = role_id;
|
||||
session.user = payload.user;
|
||||
|
||||
return session.save((error) => {
|
||||
if (error) {
|
||||
throw new Error(error);
|
||||
}
|
||||
return res.redirect('/member/dashboard');
|
||||
});
|
||||
} catch (error) {
|
||||
|
||||
viewModel.error = error.message || "Something went wrong";
|
||||
return res.render('member/Login', viewModel);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
module.exports = app;
|
||||
@@ -0,0 +1,10 @@
|
||||
const Facebook = require("./facebook");
|
||||
const Forgot = require("./forgot");
|
||||
const Google = require("./google");
|
||||
const Login = require("./login");
|
||||
const Logout = require("./logout");
|
||||
const Profile = require("./profile");
|
||||
const Register = require("./register");
|
||||
|
||||
module.exports = [Facebook,Forgot,Google,Login,Logout,Profile,Register]
|
||||
|
||||
@@ -0,0 +1,94 @@
|
||||
'use strict';
|
||||
|
||||
const ValidationService = require('../../services/ValidationService')
|
||||
const AuthService = require('../../services/AuthService');
|
||||
const JWTService = require('../../services/JwtService');
|
||||
const SessionService = require('../../services/SessionService');
|
||||
const db = require("../../models");
|
||||
const errors = require('../../core/errors');
|
||||
const app = require('express').Router();
|
||||
const role_id = 2
|
||||
|
||||
app.get('/member/login',
|
||||
SessionService.preventAuthRoutes(role_id, 'member')
|
||||
,async function (req, res, next) {
|
||||
|
||||
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user, "Login")
|
||||
|
||||
return res.render("member/Login", viewModel)
|
||||
|
||||
});
|
||||
|
||||
app.post('/member/login',
|
||||
|
||||
ValidationService.validateInput({
|
||||
email:"required|email",
|
||||
password:"required|minLength:6"
|
||||
},{
|
||||
"email.required":"Email is required",
|
||||
"email.email":"Invalid email",
|
||||
"password.required":"Password is required.",
|
||||
"password.minLength":"Password should be at least 6 characters long."})
|
||||
|
||||
,async function (req, res, next) {
|
||||
const role_id = 2
|
||||
const {email, password} = req.body;
|
||||
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user,"Login")
|
||||
|
||||
ValidationService.handleValidationErrorForViews(
|
||||
req,
|
||||
res,
|
||||
viewModel,
|
||||
'member/Login',
|
||||
'login_fields',
|
||||
{ email },
|
||||
);
|
||||
|
||||
try {
|
||||
const { credential, user } = await AuthService.login(email, password, role_id);
|
||||
|
||||
|
||||
|
||||
|
||||
const session = req.session;
|
||||
|
||||
|
||||
|
||||
|
||||
if (req.body.remember_me === 'on') {
|
||||
const day = 60 * 60 * 1000 * 24;
|
||||
req.session.cookie.expires = new Date(Date.now() + day * 31);
|
||||
req.session.cookie.maxAge = day * 31;
|
||||
}
|
||||
|
||||
session.role = role_id
|
||||
session.user = user
|
||||
session.credential = credential
|
||||
|
||||
|
||||
|
||||
return session.save((error) => {
|
||||
if(error){
|
||||
throw new Error(error);
|
||||
}
|
||||
return res.redirect("/member/dashboard")
|
||||
})
|
||||
|
||||
|
||||
} catch (error) {
|
||||
viewModel.error = error.message || "Something went wrong";
|
||||
viewModel.login_fields.email = email;
|
||||
return res.render("member/Login",viewModel )
|
||||
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
module.exports = app;
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
'use strict';
|
||||
const app = require('express').Router();
|
||||
|
||||
app.get('/member/logout', async function (req, res, next) {
|
||||
req.session.destroy(function(err) {
|
||||
req.session = {}
|
||||
})
|
||||
|
||||
return res.redirect("/member/login")
|
||||
});
|
||||
|
||||
|
||||
module.exports = app;
|
||||
@@ -0,0 +1,200 @@
|
||||
'use strict';
|
||||
|
||||
const ValidationService = require('../../services/ValidationService')
|
||||
const AuthService = require('../../services/AuthService');
|
||||
const JWTService = require('../../services/JwtService');
|
||||
const SessionService = require('../../services/SessionService');
|
||||
const PasswordService = require('../../services/PasswordService');
|
||||
const db = require("../../models");
|
||||
const helpers = require("../../core/helpers");
|
||||
const { validateEmail } = require('../../core/utils');
|
||||
const app = require('express').Router();
|
||||
|
||||
const role_id= 2
|
||||
|
||||
app.get("/member/profile", SessionService.verifySessionMiddleware(role_id, "member"),
|
||||
|
||||
|
||||
|
||||
async function (
|
||||
req,
|
||||
res,
|
||||
next
|
||||
) {
|
||||
const user = await db.user.getByPK(req.session.user);
|
||||
const id = user.id;
|
||||
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel = new AuthViewModel(db.user,"Profile")
|
||||
|
||||
viewModel._base_url = '/member/profile'
|
||||
|
||||
if(!user || !user.id){
|
||||
viewModel.error = "User Not Found"
|
||||
return res.render("member/Profile", viewModel)
|
||||
}
|
||||
if (req.session.csrf === undefined) {
|
||||
req.session.csrf = SessionService.randomString(100);
|
||||
}
|
||||
|
||||
try{
|
||||
// TODO: make this responsive with no joins as well
|
||||
const exists = await db.user.get_user_credential(id, db);
|
||||
|
||||
if(!exists || +exists.status === 0){
|
||||
viewModel.error = "Profile Not Found";
|
||||
return res.render("member/Profile", viewModel);
|
||||
}
|
||||
|
||||
const values = exists;
|
||||
Object.keys(viewModel.form_fields).forEach((field) => {
|
||||
if (field === 'credential.email') {
|
||||
viewModel.form_fields[field] = values["credential"]["email"];
|
||||
return;
|
||||
}
|
||||
if (field === 'credential.password') {
|
||||
viewModel.form_fields[field] = values["credential"]["password"];
|
||||
return;
|
||||
}
|
||||
viewModel.form_fields[field] = values[field];
|
||||
});
|
||||
viewModel.credential = db.credential
|
||||
|
||||
return res.render("member/Profile",viewModel)
|
||||
} catch(error){
|
||||
viewModel.error = "Something went wrong"
|
||||
return res.render("member/Profile", viewModel)
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
app.post(
|
||||
'/member/profile',
|
||||
|
||||
|
||||
|
||||
SessionService.verifySessionMiddleware(role_id, 'member'),
|
||||
|
||||
async function (req, res, next) {
|
||||
let UserRef;
|
||||
let CredentialRef;
|
||||
|
||||
let User;
|
||||
let Credential;
|
||||
|
||||
const user = await db.user.getByPK(req.session.user);
|
||||
|
||||
const AuthViewModel = require('../../view_models/member_auth_view_model');
|
||||
|
||||
const viewModel = new AuthViewModel(db.user,"Profile")
|
||||
viewModel._base_url = '/member/profile'
|
||||
|
||||
|
||||
if (!user || !user.id) {
|
||||
viewModel.error = 'User Not Found';
|
||||
return res.render('member/Profile', viewModel);
|
||||
}
|
||||
|
||||
if (req.session.csrf === undefined) {
|
||||
req.session.csrf = SessionService.randomString(100);
|
||||
}
|
||||
|
||||
const { first_name,last_name,credential_email,credential_password,status } = req.body;
|
||||
|
||||
var credentialFields = {
|
||||
'email': credential_email,'password': credential_password
|
||||
};
|
||||
|
||||
viewModel.form_fields = {
|
||||
...viewModel.form_fields,
|
||||
first_name,last_name,'credential.email': credential_email,'credential.password': credential_password,status
|
||||
};
|
||||
|
||||
|
||||
delete credentialFields.password;
|
||||
delete viewModel.form_fields['credential.password'];
|
||||
|
||||
if(credential_password && credential_password !== "" && credential_password !== null && credential_password !== undefined){
|
||||
credentialFields.password = credential_password;
|
||||
}
|
||||
|
||||
try {
|
||||
if (req.validationError) {
|
||||
viewModel.error = req.validationError;
|
||||
return res.render('member/Profile', viewModel);
|
||||
}
|
||||
|
||||
CredentialRef = await db.credential.getByFields({
|
||||
user_id: user.id,
|
||||
status: 1,
|
||||
type: 0,
|
||||
});
|
||||
|
||||
if (!CredentialRef) throw new Error('Email Address Not Found');
|
||||
|
||||
const credentialType = CredentialRef.type;
|
||||
|
||||
UserRef = await db.user.getByFields({
|
||||
id: user.id,
|
||||
status: 1,
|
||||
});
|
||||
|
||||
if (!UserRef) throw new Error('Email Address Not Found');
|
||||
|
||||
if (credentialType == 0 && Object.entries(credentialFields).length > 0) {
|
||||
if(credentialFields.email){
|
||||
if (!validateEmail(credentialFields.email)) {
|
||||
viewModel.error = 'Invalid email';
|
||||
return res.render('member/Profile', viewModel);
|
||||
}
|
||||
|
||||
if (CredentialRef.email !== credentialFields.email) {
|
||||
const userExists = await db.credential.getByField('email', credentialFields.email);
|
||||
if (userExists) {
|
||||
throw new Error('Email Address Already Exists');
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
if (credentialFields.password) {
|
||||
credentialFields.password = await PasswordService.hash(credentialFields.password);
|
||||
}
|
||||
|
||||
Credential = await db.credential.edit(
|
||||
credentialFields,
|
||||
CredentialRef.id,
|
||||
);
|
||||
|
||||
}
|
||||
User = await db.user.edit(
|
||||
{
|
||||
first_name,last_name,status
|
||||
},
|
||||
UserRef.id,
|
||||
);
|
||||
|
||||
viewModel.success = 'Profile Updated Successfully';
|
||||
return res.render('member/Profile', viewModel);
|
||||
} catch (error) {
|
||||
console.error(error);
|
||||
try {
|
||||
if (Credential && CredentialRef) {
|
||||
await db.credential.edit(
|
||||
credentialFields,
|
||||
CredentialRef.id,
|
||||
);
|
||||
}
|
||||
viewModel.error = error.message || "Something went wrong"
|
||||
return res.render('member/Profile', viewModel);
|
||||
} catch (error_2) {}
|
||||
viewModel.error = error_2.message || "Something went wrong"
|
||||
return res.render('member/Profile', viewModel);
|
||||
}
|
||||
},
|
||||
);
|
||||
|
||||
|
||||
|
||||
|
||||
module.exports = app;
|
||||
@@ -0,0 +1,113 @@
|
||||
'use strict';
|
||||
|
||||
const ValidationService = require('../../services/ValidationService')
|
||||
const AuthService = require('../../services/AuthService');
|
||||
const JWTService = require('../../services/JwtService');
|
||||
const SessionService = require('../../services/SessionService');
|
||||
const db = require("../../models");
|
||||
const app = require('express').Router();
|
||||
|
||||
const role_id = 2
|
||||
|
||||
app.get('/member/register',
|
||||
SessionService.preventAuthRoutes(role_id, 'member')
|
||||
, async function (req, res, next) {
|
||||
|
||||
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user, "Register")
|
||||
|
||||
return res.render("member/Register", viewModel)
|
||||
|
||||
});
|
||||
|
||||
app.post('/member/register',
|
||||
|
||||
ValidationService.validateInput({
|
||||
email:"required|email",
|
||||
first_name:"required",
|
||||
last_name:"required",
|
||||
password:"required|minLength:6",
|
||||
confirm_password:"required|minLength:6"
|
||||
},{
|
||||
"email.required":"Email is required",
|
||||
"first_name.required":"First name is required",
|
||||
"last_name.required":"Last name is required",
|
||||
"email.email":"Invalid email",
|
||||
"password.required":"Password is required.",
|
||||
"confirm_password.required":"Password is required.",
|
||||
"password.minLength":"Password should be at least 6 characters long.",
|
||||
"confirm_password.minLength":"Password should be at least 6 characters long."
|
||||
})
|
||||
|
||||
,async function (req, res, next) {
|
||||
const role_id = 2
|
||||
const {email,first_name, last_name, password, confirm_password} = req.body;
|
||||
|
||||
const AuthViewModel = require("../../view_models/member_auth_view_model")
|
||||
|
||||
const viewModel =new AuthViewModel(db.user,"Register")
|
||||
|
||||
|
||||
|
||||
ValidationService.handleValidationErrorForViews(
|
||||
req,
|
||||
res,
|
||||
viewModel,
|
||||
'member/Register',
|
||||
'register_fields',
|
||||
{ email, first_name, last_name },
|
||||
);
|
||||
|
||||
let newUser = null
|
||||
|
||||
try {
|
||||
if(password!==confirm_password){
|
||||
viewModel.error = "Passwords do not match"
|
||||
viewModel.register_fields.email = email
|
||||
viewModel.register_fields.first_name = first_name
|
||||
viewModel.register_fields.last_name = last_name
|
||||
return res.render("member/Register",viewModel )
|
||||
}
|
||||
|
||||
var { credential, user } = await AuthService.register(
|
||||
email,
|
||||
password,
|
||||
role_id,
|
||||
{
|
||||
first_name,
|
||||
last_name,
|
||||
},
|
||||
);
|
||||
|
||||
if(user){
|
||||
const session = req.session;
|
||||
session.role = role_id;
|
||||
session.user = user;
|
||||
session.credential = credential;
|
||||
|
||||
return session.save((error) => {
|
||||
if(error){
|
||||
throw new Error(error)
|
||||
}
|
||||
return res.redirect("/member/dashboard")
|
||||
})
|
||||
}
|
||||
|
||||
throw new Error();
|
||||
|
||||
|
||||
} catch (error) {
|
||||
if(user){
|
||||
await db.user.destroy(user)
|
||||
}
|
||||
viewModel.error = error.message || "Something went wrong";
|
||||
viewModel.register_fields.email = email
|
||||
viewModel.register_fields.first_name = first_name
|
||||
viewModel.register_fields.last_name = last_name
|
||||
return res.render("member/Register",viewModel )}
|
||||
});
|
||||
|
||||
module.exports = app;
|
||||
|
||||
Reference in New Issue
Block a user