-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauthController.js
152 lines (129 loc) · 4.06 KB
/
authController.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
const bcrypt = require("bcryptjs");
const jwt = require("jsonwebtoken");
const { errResponse } = require("../utils/error");
const Student = require("../models/student");
const Volunteer = require("../models/volunteer");
const Admin = require("../models/admin");
// Register function for Volunteer and Student
const register = async (req, res, next) => {
const { nim, name, password, confirmPassword, role } = req.body;
try {
// Check if account is already registered
let checkUser = await Admin.findOne({ NIM: nim });
if (!checkUser) checkUser = await Student.findOne({ NIM: nim });
if (!checkUser) checkUser = await Volunteer.findOne({ NIM: nim });
if (checkUser) errResponse("This account is already registered", 409);
// Check if the password is not the same as confirmPassword
if (password !== confirmPassword) {
return res.status(400).json({ message: "Password must be the same" });
}
// Hashed password using bcrypt
const salt = bcrypt.genSaltSync(12);
const hashedPassword = await bcrypt.hash(password, salt);
// If the role is volunteer then the code below will be executed
if (role === "volunteer") {
// Creating Volunteer data
const newVolunteer = new Volunteer({
NIM: nim,
name: name,
password: hashedPassword,
});
// Save data to the database
await newVolunteer.save();
// Creating a token using jsonwebtoken
jwt.sign({ nim: nim }, process.env.JWT_TOKEN, (error, token) => {
if (error) {
errResponse("Internal Server Error", 500);
}
res
.status(201)
.cookie("token", token, {
httpOnly: true,
})
.json({
message: "Data has been successfully created!",
data: newVolunteer,
});
});
return;
}
// If the role is other than volunteer then the code below will be executed
// Creating Student data
const newStudent = new Student({
NIM: nim,
name: name,
password: hashedPassword,
});
// Save data to the database
await newStudent.save();
// Creating a token using jsonwebtoken
jwt.sign({ nim: nim }, process.env.JWT_TOKEN, (error, token) => {
if (error) {
errResponse("Internal Server Error", 500);
}
res
.status(201)
.cookie("token", token, {
httpOnly: true,
})
.json({
message: "Data has been successfully created!",
data: newStudent,
});
});
} catch (err) {
if (!err.statusCode) err.statusCode = 500;
next(err);
}
};
// Login function for Admin, Student and Student
const login = async (req, res, next) => {
const { nim, password } = req.body;
try {
const user =
(await Admin.findOne({ NIM: nim })) ||
(await Student.findOne({ NIM: nim })) ||
(await Volunteer.findOne({ NIM: nim }));
// Check if user doesn't exist
if (!user) {
errResponse("No account registered", 400);
}
// Compare password
const isPassword = await bcrypt.compare(password, user.password);
if (!isPassword) errResponse("Your password is incorrect", 400);
// Create token
jwt.sign({ nim: nim }, process.env.JWT_TOKEN, (error, token) => {
if (error) errResponse("Internal Server Error", 500);
res
.status(200)
.cookie("token", token, {
httpOnly: false,
})
.json({
message: "Request successfully",
data: user,
});
});
} catch (err) {
if (!err.statusCode) err.statusCode = 500;
next(err);
}
};
// Logout function for Admin, Volunteer and Student
const logout = async (req, res, next) => {
const { cookie } = req.headers;
try {
const token = cookie.split("=")[1];
if (!token) {
errResponse("No token in cookies", 401);
}
res
.status(200)
.cookie("token", "")
.json({ message: "Logout successfully" });
} catch (err) {
if (!err.statusCode) err.statusCode = 500;
next(err);
}
};
module.exports = { register, login, logout };