Spaces:
Sleeping
Sleeping
| // src/controllers/authController.js | |
| const User = require('../models/User'); | |
| const jwt = require('jsonwebtoken'); | |
| const bcrypt = require('bcryptjs'); | |
| // const admin = require('../config/firebase'); | |
| // Helper: Generate JWT | |
| const generateToken = (id) => { | |
| return jwt.sign({ id }, process.env.JWT_SECRET, { | |
| expiresIn: '30d', | |
| }); | |
| }; | |
| // @desc Register a new user (Verify OTP -> Create Account) | |
| // @route POST /api/auth/register | |
| // @access Public | |
| const registerUser = async (req, res) => { | |
| const { name, phone, password, address } = req.body; | |
| try { | |
| // 1. Check if user exists | |
| const userExists = await User.findOne({ phone }); | |
| if (userExists) { | |
| return res.status(400).json({ message: 'User already exists' }); | |
| } | |
| // 2. Hash password | |
| const salt = await bcrypt.genSalt(10); | |
| const hashedPassword = await bcrypt.hash(password, salt); | |
| // 3. Create User (Directly, no OTP check) | |
| const user = await User.create({ | |
| name, | |
| phone, | |
| password: hashedPassword, | |
| address: address || 'Nalhati', | |
| isVerified: false, // Default to false, Admin can mark true later | |
| }); | |
| if (user) { | |
| res.status(201).json({ | |
| _id: user.id, | |
| name: user.name, | |
| phone: user.phone, | |
| address: user.address, | |
| role: user.role, | |
| token: generateToken(user._id), | |
| }); | |
| } else { | |
| res.status(400).json({ message: 'Invalid user data' }); | |
| } | |
| } catch (error) { | |
| console.error("Register Error:", error.message); | |
| res.status(400).json({ message: 'Registration failed: ' + error.message }); | |
| } | |
| }; | |
| // @desc Login user (Phone + Password) | |
| // @route POST /api/auth/login | |
| // @access Public | |
| const loginUser = async (req, res) => { | |
| const { phone, password } = req.body; | |
| try { | |
| const user = await User.findOne({ phone }); | |
| if (user && (await bcrypt.compare(password, user.password))) { | |
| res.json({ | |
| _id: user.id, | |
| name: user.name, | |
| phone: user.phone, | |
| address: user.address, | |
| role: user.role, | |
| token: generateToken(user._id), | |
| }); | |
| } else { | |
| res.status(401).json({ message: 'Invalid phone or password' }); | |
| } | |
| } catch (error) { | |
| res.status(500).json({ message: error.message }); | |
| } | |
| }; | |
| // @desc Get current user profile | |
| // @route GET /api/auth/me | |
| // @access Private | |
| const getMe = async (req, res) => { | |
| const user = await User.findById(req.user.id).select('-password'); // Return user without password | |
| res.status(200).json(user); | |
| }; | |
| module.exports = { registerUser, loginUser, getMe }; | |