Spaces:
Sleeping
Sleeping
File size: 2,583 Bytes
efb87a5 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
// src/controllers/authController.js
const User = require('../models/User');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcryptjs');
// const admin = require('../config/firebase');
// Helper: Generate JWT
const generateToken = (id) => {
return jwt.sign({ id }, process.env.JWT_SECRET, {
expiresIn: '30d',
});
};
// @desc Register a new user (Verify OTP -> Create Account)
// @route POST /api/auth/register
// @access Public
const registerUser = async (req, res) => {
const { name, phone, password, address } = req.body;
try {
// 1. Check if user exists
const userExists = await User.findOne({ phone });
if (userExists) {
return res.status(400).json({ message: 'User already exists' });
}
// 2. Hash password
const salt = await bcrypt.genSalt(10);
const hashedPassword = await bcrypt.hash(password, salt);
// 3. Create User (Directly, no OTP check)
const user = await User.create({
name,
phone,
password: hashedPassword,
address: address || 'Nalhati',
isVerified: false, // Default to false, Admin can mark true later
});
if (user) {
res.status(201).json({
_id: user.id,
name: user.name,
phone: user.phone,
address: user.address,
role: user.role,
token: generateToken(user._id),
});
} else {
res.status(400).json({ message: 'Invalid user data' });
}
} catch (error) {
console.error("Register Error:", error.message);
res.status(400).json({ message: 'Registration failed: ' + error.message });
}
};
// @desc Login user (Phone + Password)
// @route POST /api/auth/login
// @access Public
const loginUser = async (req, res) => {
const { phone, password } = req.body;
try {
const user = await User.findOne({ phone });
if (user && (await bcrypt.compare(password, user.password))) {
res.json({
_id: user.id,
name: user.name,
phone: user.phone,
address: user.address,
role: user.role,
token: generateToken(user._id),
});
} else {
res.status(401).json({ message: 'Invalid phone or password' });
}
} catch (error) {
res.status(500).json({ message: error.message });
}
};
// @desc Get current user profile
// @route GET /api/auth/me
// @access Private
const getMe = async (req, res) => {
const user = await User.findById(req.user.id).select('-password'); // Return user without password
res.status(200).json(user);
};
module.exports = { registerUser, loginUser, getMe };
|