const authService = require('../services/auth.service'); const env = require('../config/env'); const setCookies = (res, { accessToken, refreshToken }) => { res.cookie('accessToken', accessToken, { httpOnly: true, secure: env.nodeEnv === 'production', sameSite: 'lax', maxAge: 15 * 60 * 1000 }); res.cookie('refreshToken', refreshToken, { httpOnly: true, secure: env.nodeEnv === 'production', sameSite: 'lax', maxAge: 7 * 24 * 60 * 60 * 1000 }); }; exports.login = async (req, res, next) => { try { const result = await authService.login({ email: req.body.email, password: req.body.password, ip: req.ip }); setCookies(res, result); res.json({ message: 'Login successful', accessToken: result.accessToken, admin: result.admin }); } catch (error) { next(error); } }; exports.refreshToken = async (req, res, next) => { try { const token = req.cookies?.refreshToken || req.body.refreshToken; const result = await authService.refresh({ token }); setCookies(res, result); res.json({ accessToken: result.accessToken }); } catch (error) { next(error); } }; exports.logout = async (req, res, next) => { try { await authService.logout(req.admin); res.clearCookie('accessToken'); res.clearCookie('refreshToken'); res.json({ message: 'Logged out successfully.' }); } catch (error) { next(error); } }; exports.getMe = async (req, res, next) => { try { const admin = await authService.getMe(req.admin._id); res.json({ admin }); } catch (error) { next(error); } };