const bcrypt = require("bcryptjs"); const User = require("../models/User"); const Student = require("../models/Student"); const jwt = require("jsonwebtoken"); const JWT_secret = "Cantileverlabs"; const messagebird = require("messagebird")("llVKD53ve6QRpbCKOHzWBADaS"); const nodemailer = require("nodemailer"); module.exports.Protected = async (req, res, next) => { res.send("Hello User"); }; module.exports.postSignup = async (req, res, next) => { try { //we need firstName , lastName , email , password as input let firstName = req.body.firstName || " "; let lastName = req.body.lastName || " "; let email = req.body.email; let password = req.body.password; let user = await User.findOne({ email: email }); if (user) { res.json({ message: "User already exist", type: "error", }); } else { const hashedPass = await bcrypt.hash(password, 12); user = new User({ firstName: firstName, lastName: lastName, email: email, password: hashedPass, isAdmin: false, }); user = await user.save(); await Student.deleteOne({ user: user._id }); let student = new Student({ user: user._id, }); student = await student.save(); user.student = student._id; await user.save(); res.json({ message: "Successfully signed Up", type: "success", }); } } catch (err) { console.log(err); } }; module.exports.postSignin = async (req, res, next) => { try { //we need email and password as input let email = req.body.email; let password = req.body.password; let user = await User.findOne({ email: email }); if (user) { const isMatched = await bcrypt.compare(password, user.password); if (isMatched) { const token = jwt.sign({ _id: user._id }, JWT_secret); res.json({ token: token, }); } else { res.json({ message: "email and password doesn't match", type: "error", }); } } else { res.json({ message: "No user with this email exists", type: "error", }); } } catch (err) { console.log(err); } }; module.exports.sendOTP = (req, res, next) => { //uNNYosMopvvCW9RTR1tRWJmYC test //llVKD53ve6QRpbCKOHzWBADaS live try { const { phoneNumber } = req.body; if (!phoneNumber) { res.status(422).json({ message: "Please Add All Required Fields" }); return; } else { messagebird.verify.create( phoneNumber, { template: "Your verification code is %token", }, function (err, response) { if (err) { console.log(err); res.status(422).json({ message: err.errors[0].description }); } else { console.log(response); res.json({ id: response.id }); } } ); } } catch (err) { console.log(err); } }; module.exports.getOTP = (req, res, next) => { try { const { id, token } = req.body; messagebird.verify.verify(id, token, function (err, response) { if (err) { console.log({ error: err.errors[0].description, id: id }); res.json({ error: err.errors[0].description, id: id }); } else { console.log(response); res.json({ message: "Code Verified" }); } }); } catch (err) { console.log(err); } }; var transport = nodemailer.createTransport({ host: "smtp.mailtrap.io", port: 2525, auth: { user: "5578544cc56856", pass: "a510d3d969d3b3", }, }); module.exports.forgotpassword = async (req, res, next) => { const { email, link, _html, sending_company_email, subject } = req.body; //link = https://cantileverlabs.herokuapp.com/resetpassword/:id/:token try { await User.findOne({ email }).then((user) => { if (!user) { res.status(404).json({ error: "User not found with this Email" }); return; } else { const payload = { email: user.email, _id: user._id, }; const secret = JWT_secret + user.password; const token = jwt.sign(payload, secret, { expiresIn: "10m" }); User.findByIdAndUpdate(user._id, { $set: { passwordResetToken: token }, }) .then((data) => { const reset_link = `${link}/${user._id}/${token}`; const message = { from: `${sending_company_email}`, // Sender address to: `${user.email}`, // List of recipients subject: `${subject}`, // Subject line html: `${_html}`, // design html for email message. }; transport.sendMail(message, function (err, info) { if (err) { console.log(err); } else { console.log(info); } }); res.status(200).json({ message: "Token Saved and link is active for 10 mins", reset_link, }); }) .catch((err) => { console.log(err); }); } }); } catch { (error) => { console.log("Error from forgot pass", error); }; } //verify email then set password. }; module.exports.resetpassword = async (req, res, next) => { const { _id, token } = req.params; const { password } = req.body; try { let user = await User.findById({ _id }); if (!user) { res.json({ error: "User not Found or WrongId" }); return; } else { const secret = JWT_secret + user.password; const user_token = user.passwordResetToken; const payload = jwt.verify(token, secret); const hashedPass = await bcrypt.hash(password, 12); if (token == user_token) { user.password = hashedPass; await user .save() .then((ok) => { res.json({ message: "Password Updated!" }); }) .catch((err) => { console.log("Error in save", err); }); } else { res.status(422).json({ error: "Either Token not found or Expired!" }); return; } } } catch { (err) => { console.log("error from try catch resetpass", err); }; } }; module.exports.checkProtected = (req, res, next) => { console.log(req.user); res.json({ message: "Protected", user: req.user, }); };