From 9b30947c7b0de6fd01ea6a9bc602e0ec21456750 Mon Sep 17 00:00:00 2001 From: yashrajverma Date: Tue, 11 May 2021 19:55:34 +0530 Subject: [PATCH] Added forgot pass --- .history/controllers/auth_20210511195522.js | 187 ++++++++++++++++++++ controllers/auth.js | 91 ++++++---- 2 files changed, 240 insertions(+), 38 deletions(-) create mode 100644 .history/controllers/auth_20210511195522.js diff --git a/.history/controllers/auth_20210511195522.js b/.history/controllers/auth_20210511195522.js new file mode 100644 index 0000000..70fab0a --- /dev/null +++ b/.history/controllers/auth_20210511195522.js @@ -0,0 +1,187 @@ +const bcrypt = require("bcryptjs"); +const User = require("../models/User"); +const Student = require("../models/Student"); +const jwt = require("jsonwebtoken"); +const JWT_secret = "Cantileverlabs"; +const messagebird = require("messagebird")("llVKD53ve6QRpbCKOHzWBADaS"); + +module.exports.Protected = async (req, res, next) => { + res.send("Hello User"); +}; +module.exports.postSignup = async (req, res, next) => { + try { + //we need firstName , lastName , email , password as input + let firstName = req.body.firstName || " "; + let lastName = req.body.lastName || " "; + let email = req.body.email; + let password = req.body.password; + let user = await User.findOne({ email: email }); + if (user) { + res.json({ + message: "User already exist", + type: "error", + }); + } else { + const hashedPass = await bcrypt.hash(password, 12); + user = new User({ + firstName: firstName, + lastName: lastName, + email: email, + password: hashedPass, + isAdmin: false, + }); + user = await user.save(); + await Student.deleteOne({ user: user._id }); + let student = new Student({ + user: user._id, + }); + student = await student.save(); + user.student = student._id; + await user.save(); + res.json({ + message: "Successfully signed Up", + type: "success", + }); + } + } catch (err) { + console.log(err); + } +}; + +module.exports.postSignin = async (req, res, next) => { + try { + //we need email and password as input + let email = req.body.email; + let password = req.body.password; + let user = await User.findOne({ email: email }); + if (user) { + const isMatched = await bcrypt.compare(password, user.password); + if (isMatched) { + const token = jwt.sign({ _id: user._id }, JWT_secret); + res.json({ + token: token, + }); + } else { + res.json({ + message: "email and password doesn't match", + type: "error", + }); + } + } else { + res.json({ + message: "No user with this email exists", + type: "error", + }); + } + } catch (err) { + console.log(err); + } +}; + +module.exports.sendOTP = (req, res, next) => { + //uNNYosMopvvCW9RTR1tRWJmYC test + //llVKD53ve6QRpbCKOHzWBADaS live + try { + const { phoneNumber } = req.body; + if (!phoneNumber) { + res.status(422).json({ message: "Please Add All Required Fields" }); + return; + } else { + messagebird.verify.create( + phoneNumber, + { + template: "Your verification code is %token", + }, + function (err, response) { + if (err) { + console.log(err); + res.status(422).json({ message: err.errors[0].description }); + } else { + console.log(response); + res.json({ id: response.id }); + } + } + ); + } + } catch (err) { + console.log(err); + } +}; + +module.exports.getOTP = (req, res, next) => { + try { + const { id, token } = req.body; + messagebird.verify.verify(id, token, function (err, response) { + if (err) { + console.log({ error: err.errors[0].description, id: id }); + res.json({ error: err.errors[0].description, id: id }); + } else { + console.log(response); + res.json({ message: "Code Verified" }); + } + }); + } catch (err) { + console.log(err); + } +}; +module.exports.forgotpassword = async (req, res, next) => { + const { email, link } = req.body; //link = https://cantileverlabs.herokuapp.com/resetpassword/:id/:token + User.findOne({ email }) + .then((result) => { + if (!result) { + res.status(404).json({ error: "User not found with this Email" }); + return; + } else { + const payload = { + email: result.email, + _id: result._id, + }; + const secret = JWT_secret + result.password; + const token = jwt.sign(payload, secret, { expiresIn: "10m" }); + const user_token = new User({ + passwordResetToken: token, + }); + user_token.save(); + const reset_link = `${link}/${result._id}/${token}`; + res + .status(200) + .json({ reset_link, message: "link is active for 10 mins" }); + } + }) + .catch((err) => { + console.log(err); + }); + //verify email then set password. +}; +module.exports.resetpassword = async (req, res, next) => { + const { _id, token } = req.params; + const { password } = req.body; + await User.findById({ _id }).then((result) => { + if (result) { + const secret = JWT_secret + result.password; + const user_token = User.findOne({ + passwordResetToken: result.passwordResetToken, + }); + const payload = jwt.verify(token, secret); + if (token == user_token) { + User.findByIdAndUpdate(_id, { $set: { password } }) + .then((data) => { + res.json({ message: "Password Updated!" }); + }) + .catch((err) => { + console.log(err); + }); + } else { + res.status(422).json({ error: "some error occured" }); + } + } + }); +}; + +module.exports.checkProtected = (req, res, next) => { + console.log(req.user); + res.json({ + message: "Protected", + user: req.user, + }); +}; diff --git a/controllers/auth.js b/controllers/auth.js index 75289d9..70fab0a 100644 --- a/controllers/auth.js +++ b/controllers/auth.js @@ -78,7 +78,6 @@ module.exports.postSignin = async (req, res, next) => { } }; - module.exports.sendOTP = (req, res, next) => { //uNNYosMopvvCW9RTR1tRWJmYC test //llVKD53ve6QRpbCKOHzWBADaS live @@ -90,43 +89,6 @@ module.exports.sendOTP = (req, res, next) => { } else { messagebird.verify.create( phoneNumber, - -module.exports.postSignin = async (req , res , next) => { - try - { - //we need email and password as input - let email = req.body.email ; - let password = req.body.password ; - let user = await User.findOne({email : email}) ; - if(user) - { - const isMatched = await bcrypt.compare(password , user.password) ; - if(isMatched) - { - const token = jwt.sign({_id:user._id},JWT_secret) - if(!user.numLoggedIn) - { - user.numLoggedIn = 0 ; - } - user.numLoggedIn = user.numLoggedIn + 1 ; - res.json( - { - token:token , - isAdmin : user.isAdmin - } - ) - await user.save() ; - } - else - { - res.json({ - message:"email and password doesn't match" , - type:"error" - }) - } - } - else - { template: "Your verification code is %token", }, @@ -162,6 +124,59 @@ module.exports.getOTP = (req, res, next) => { console.log(err); } }; +module.exports.forgotpassword = async (req, res, next) => { + const { email, link } = req.body; //link = https://cantileverlabs.herokuapp.com/resetpassword/:id/:token + User.findOne({ email }) + .then((result) => { + if (!result) { + res.status(404).json({ error: "User not found with this Email" }); + return; + } else { + const payload = { + email: result.email, + _id: result._id, + }; + const secret = JWT_secret + result.password; + const token = jwt.sign(payload, secret, { expiresIn: "10m" }); + const user_token = new User({ + passwordResetToken: token, + }); + user_token.save(); + const reset_link = `${link}/${result._id}/${token}`; + res + .status(200) + .json({ reset_link, message: "link is active for 10 mins" }); + } + }) + .catch((err) => { + console.log(err); + }); + //verify email then set password. +}; +module.exports.resetpassword = async (req, res, next) => { + const { _id, token } = req.params; + const { password } = req.body; + await User.findById({ _id }).then((result) => { + if (result) { + const secret = JWT_secret + result.password; + const user_token = User.findOne({ + passwordResetToken: result.passwordResetToken, + }); + const payload = jwt.verify(token, secret); + if (token == user_token) { + User.findByIdAndUpdate(_id, { $set: { password } }) + .then((data) => { + res.json({ message: "Password Updated!" }); + }) + .catch((err) => { + console.log(err); + }); + } else { + res.status(422).json({ error: "some error occured" }); + } + } + }); +}; module.exports.checkProtected = (req, res, next) => { console.log(req.user);