const express = require("express"); const asyncHandler = require("../Middleware/async"); const jwt = require("jsonwebtoken") const User = require("../Model/User"); const AppModel = require("../Model/AppModel"); const ErrorResponse = require("../utils/errorResponse"); const dbInfo = require("../Model/Database") const DataModel = require("../Model/BC_Data") // Login User exports.login = asyncHandler(async (req, res, next) => { const { username, password, DB_CODE, APP_CODE = 'MBN', CUST_CODE } = req.body console.log("USERNAME ", username) console.log("PASSWORD ", password) console.log("DB CODE ", DB_CODE) try { if (!username || !password || !DB_CODE) { throw "Not enough information" } // static admin case if (username.toLowerCase() == process.env.ADMIN_USERNAME) { if (password != process.env.ADMIN_PASS) { throw "Invalid username or password" } const token = jwt.sign({ id: 1, dbCode: DB_CODE, appCode: APP_CODE, custCode: CUST_CODE }, process.env.JWT_SECRET, { expiresIn: process.env.JWT_EXPIRE }) if (!token) { throw "Something when wrong" } return res.status(200).send({ success: "true", token: token, userid: 1, typeof: "SELLER", typeid: "ADMIN", dbcode: "DB_CODE", firstName: "ADMIN", lastName: "BC", warehouse: "1-LOC-OFFICE", address: "Tonaire Digital", map: '11.58371006791093,104.89721512933093' }) } // verify from Database var user = await User.findOne({ where: { USER_NAME: username } }); console.log("USER ", user) if (!user) { throw "Invalid username or password" } const validPass = await user.matchPassword(password) console.log("IS VALID PASS", validPass) if (validPass == false) { throw "Invalid Password. Try Again" } // check whether user authorize to use the app or not var app = await AppModel.findOne({ where: { APP_CODE: process.env.APP_CODE, USER_ID: user.USER_ID }, order: [['USER_ID']], }) console.log("APP ", app) if (!app) { throw "You're not allowed to use this app" } // CHECK USER TYPE console.log("USER TYPE ", user.USER_TYPE) if (user.USER_TYPE == "C") { token = await user.getSignedJwtToken( DB_CODE, APP_CODE, customer.ADD_CODE ) } else { token = await user.getSignedJwtToken( DB_CODE, APP_CODE, CUST_CODE, ) } // var customer; // if (user.USER_TYPE == "C") { // customer = await Customer.findOne({ // attributes: { // exclude: ['PICTURE'], // }, // where: { // ADD_CODE: user.FIELD_0 // }, // include: [ // { // attributes: { // exclude: ["IMAGE"], // }, // model: Market, // }, // { // model: CustomerAnalysis // }, // ], // }) // } if (!token) { throw "Something Went Wrong" } return res.status(200).send({ message: "Login Successful", app: app, token: token }) } catch (error) { next(new ErrorResponse(error, 400)); } }) exports.checkUsername = asyncHandler(async (req, res, next) => { const { username, APP_CODE } = req.query; console.log("USERNAME ", username) try { if (!username) { return res.status(400).send({ message: "Invalid Username" }) } var user = await User.findOne({ where: { USER_NAME: username } }); console.log("USER ", user) if (user) { console.log("USER IS APPROVE ", user.APPROVED) if (user.APPROVED == 0) { return next(new ErrorResponse("Username is not yet approved", 403)) } if (user.USER_STATUS == "0") { return next(new ErrorResponse("Username is disabled", 403)) } console.log("FINSIH CHECKING USER STATUS") user = JSON.parse(JSON.stringify(user)) delete user.USER_PASS //remove password from user object when return to client // chech whether user authorize to use the app or not const isAllowed = await AppModel.findAll({ where: { APP_CODE: APP_CODE, USER_ID: user.USER_ID }, // we need to specify this order because in APP_MODEL we don't have primary key // in default sequelize will order by primary key so it will turn into error order: [['DB_CODE']] }) console.log("IS ALLOWED ", isAllowed) if (isAllowed.length == 0) { return next(new ErrorResponse("User is not allowed to use this app", 403)) } else { // In this Block we want to return the USER Presets To Client // Note : Presets is not a column in User Table user.PRESETS = {} // GET Database Name from DB_INFO by using DB_CODE from APP_MODEL await Promise.all(isAllowed.map(async (app) => { const { DB_NAME } = await dbInfo.findOne({ where: { DB_CODE: app.DB_CODE }, raw: true }) console.log("DB NAME ", DB_NAME) const DBName = app.DB_CODE + ' - ' + DB_NAME if (!user.PRESETS[DBName]) { user.PRESETS[DBName] = [] } console.log("APP PRESET ", app.PRESET) console.log("USER TYPE ", user.USER_TYPE) // check user type if (user.USER_TYPE == "S" || user.USER_TYPE == "C") { var userPresets = await DataModel.findAll({ where: { DATA_CODE: app.PRESET, }, order: [["DATA_DESC"]] }) user.PRESETS[DBName].push(userPresets) } })) res.status(200).send( JSON.stringify(user) ) } } else { return next(new ErrorResponse("Username is not available", 404)) } } catch (e) { throw new ErrorResponse(e, 400) } })