| import { Request, Response } from 'express';
|
| import prisma from '../models/prisma';
|
| import bcrypt from 'bcryptjs';
|
|
|
|
|
|
|
|
|
| const resetTokens = new Map<string, { email: string; expires: Date }>();
|
|
|
| export const login = async (req: Request, res: Response) => {
|
| try {
|
| const { email, password } = req.body;
|
|
|
|
|
| const user = await prisma.user.findUnique({ where: { email } });
|
|
|
| if (!user) {
|
| return res.status(401).json({ error: "Invalid credentials" });
|
| }
|
|
|
|
|
|
|
|
|
| const isValid = password === user.password;
|
|
|
| if (!isValid) {
|
| return res.status(401).json({ error: "Invalid credentials" });
|
| }
|
|
|
|
|
|
|
| const updatedUser = await prisma.user.update({
|
| where: { id: user.id },
|
| data: { tokenVersion: { increment: 1 } }
|
| });
|
|
|
|
|
|
|
|
|
|
|
|
|
| return res.json({
|
| user: {
|
| id: updatedUser.id,
|
| email: updatedUser.email,
|
| name: updatedUser.name,
|
| role: updatedUser.role,
|
| tokenVersion: updatedUser.tokenVersion
|
| }
|
|
|
| });
|
|
|
| } catch (error) {
|
| console.error("Login Error:", error);
|
| return res.status(500).json({ error: "Internal server error" });
|
| }
|
| };
|
|
|
| export const forgotPassword = async (req: Request, res: Response) => {
|
| try {
|
| const { email } = req.body;
|
| if (!email) return res.status(400).json({ error: "Email required" });
|
|
|
| const user = await prisma.user.findUnique({ where: { email } });
|
|
|
| if (user) {
|
| const token = Math.random().toString(36).substring(2) + Date.now().toString(36);
|
| const expires = new Date(Date.now() + 3600 * 1000);
|
|
|
| resetTokens.set(token, { email, expires });
|
|
|
| console.log("----------------------------------------------------------------");
|
| console.log(`[Backend Email] Password Reset Requested for ${email}`);
|
| console.log(`[Link] http://localhost:3000/admin/reset-password?token=${token}`);
|
| console.log("----------------------------------------------------------------");
|
| }
|
|
|
| return res.json({ message: "If account exists, email sent" });
|
| } catch (error) {
|
| return res.status(500).json({ error: "Internal server error" });
|
| }
|
| };
|
|
|
| export const resetPassword = async (req: Request, res: Response) => {
|
| try {
|
| const { token, password } = req.body;
|
|
|
| const tokenData = resetTokens.get(token);
|
| if (!tokenData) return res.status(400).json({ error: "Invalid token" });
|
|
|
| if (new Date() > tokenData.expires) {
|
| resetTokens.delete(token);
|
| return res.status(400).json({ error: "Expired token" });
|
| }
|
|
|
|
|
| await prisma.user.update({
|
| where: { email: tokenData.email },
|
| data: { password }
|
| });
|
|
|
| resetTokens.delete(token);
|
| console.log(`[Backend] Password updated for ${tokenData.email}`);
|
|
|
| return res.json({ message: "Password updated successfully" });
|
|
|
| } catch (error) {
|
| return res.status(500).json({ error: "Internal server error" });
|
| }
|
| };
|
|
|