changes in user login regarding staff

src/controllers/userController.js

@@ -280,35 +280,49 @@ exports.addUser = async (req, reply) => {
 // Accepts a user , password , and checks in the system to see if user exists , and password is valid
 // returns a user object so that jwt token can be created and sent back to the client
 
-exports.loginUser = async (req, fcmId, deviceId) => {
+exports.loginUser = async (req, fcmIds, deviceId) => {
   try {
-    const phone = req.body.phone;
+    const { phone, password } = req.body;
-    const password = req.body.password;
+    let user = await User.findOne({ phone });
-    
+    let isStaff = false;
-    const user = await User.findOne({ phone: phone });
+    let staffMember = null;
-    if (user) {
+
-      const isSame = await bcryptComparePassword(
+    // If not a main user, check staff inside all users
-        password,
+    if (!user) {
-        user.services.password.bcrypt
+      const users = await User.find({ "staff.staff.phone": phone });
-      );
+      for (const u of users) {
-      if (isSame) {
+        const foundStaff = u.staff.staff.find((s) => s.phone === phone);
-        // Optionally, you can save/update fcmId and deviceId here
+        if (foundStaff) {
-        user.fcmId = fcmId;
+          user = u; // Assign user as the main user under which the staff exists
-        user.deviceId = deviceId;
+          staffMember = foundStaff;
-        await user.save();
+          isStaff = true;
-        
+          break;
-        return { same: true, user: user };
+        }
-      } else {
-        return { same: false };
       }
+    }
+
+    // If no user or staff found, return invalid credentials
+    if (!user) return { same: false };
+
+    // Validate password
+    let isSame = false;
+    if (isStaff) {
+      isSame = password === staffMember.password; // Plain text comparison for staff
     } else {
-      return { same: false };
+      isSame = await bcrypt.compare(password, user.services.password.bcrypt); // Bcrypt for main users
     }
+
+    if (!isSame) return { same: false };
+
+    // Update deviceId
+    user.deviceId = deviceId;
+    await user.save();
+
+    return { same: true, user, isStaff, staffMember };
   } catch (err) {
     throw boom.boomify(err);
   }
 };
-
 exports.loginUserWithOTP = async (req) => {
   try {
     const phone = req.body.phone;

src/index.js

@@ -166,120 +166,18 @@ fastify.post("/api/login", {
       properties: {
         phone: { type: "string" },
         password: { type: "string" },
-        // fcmId: { type: "string" }, // Add this line
+        fcmIds: { type: "array", items: { type: "string" }, default: [] },
-        fcmIds: {
+        deviceId: { type: "string" },
-          type: "array", // Change this to allow an array
-          items: { type: "string" }, // Each item in the array is a string
-          default: [], // Default value if not provided
-        },
-        deviceId: { type: "string" } // Add this line
       },
     },
   },
   async handler(req, reply) {
-    // Pass fcmId and deviceId to the loginUser function
     const { phone, password, fcmIds, deviceId } = req.body;
-    console.log(password,phone)
+    console.log(password, phone);
-    const loginObject = await userController.loginUser(req, fcmIds, deviceId);
 
-    if (loginObject.same) {
+    const loginObject = await userController.loginUser(req, fcmIds, deviceId);
-      console.log("entered 1st loop")
+    if (!loginObject.same) {
-      const phoneVerified = loginObject.user.phoneVerified;
+      return reply.send({
-      const oneTimePasswordSetFlag = loginObject.user.oneTimePasswordSetFlag;
-      console.log(
-        "oneTimePasswordSetFlag is ......",
-        oneTimePasswordSetFlag,
-        typeof oneTimePasswordSetFlag,
-        typeof phoneVerified
-      );
-      if (fcmIds && fcmIds.length > 0) {
-        await User.updateOne(
-          { customerId:  loginObject.user.customerId },
-          { $addToSet: { fcmIds: { $each: fcmIds } } } // Add multiple FCM IDs, avoiding duplicates
-        );
-      }
-      if (!phoneVerified) {
-        reply.send({
-          simplydata: {
-            error: false,
-            phoneVerified: false,
-            phone: loginObject.user.phone,
-            oneTimePasswordSetFlag: oneTimePasswordSetFlag,
-            message: "Please Verify your phone number",
-          },
-        });
-      } else if (oneTimePasswordSetFlag) {
-        reply.send({
-          simplydata: {
-            error: false,
-            phoneVerified: phoneVerified,
-            phone: loginObject.user.phone,
-            oneTimePasswordSetFlag: true,
-            message: "Password must be reset",
-          },
-        });
-      } else {
-        const token = fastify.jwt.sign(
-          {
-            username: loginObject.user.username,
-            userId: loginObject.user._id,
-            roles: loginObject.user.profile.role,
-          },
-          { expiresIn: "30d" }
-        );
-        const arr = loginObject.user.profile.role;
-        const arrayToString = JSON.stringify(Object.assign({}, arr)); // convert array to string
-        const stringToJsonObject = JSON.parse(arrayToString); // convert string to json object
-        const c_id = loginObject.user.customerId;
-        const profilePicture = await ProfilePicture.findOne({ customerId: c_id });
-        
-        if (!profilePicture) {
-          reply.send({
-            simplydata: {
-              error: false,
-              apiversion: fastify.config.APIVERSION,
-              access_token: token,
-              buildingName: loginObject.user.buildingName,
-              email: loginObject.user.emails,
-              phone: loginObject.user.phone,
-              customerId: loginObject.user.customerId,
-              username: loginObject.user.username,
-              address1: loginObject.user.profile.address1,
-              address2: loginObject.user.profile.address2,
-              phoneVerified: loginObject.user.phoneVerified,
-              oneTimePasswordSetFlag: loginObject.user.oneTimePasswordSetFlag,
-              latitude: loginObject.user.latitude,
-              longitude: loginObject.user.longitude,
-              type: loginObject.user.profile.role,
-              typeasobj: stringToJsonObject,
-            },
-          });
-        } else {
-          reply.send({
-            simplydata: {
-              error: false,
-              apiversion: fastify.config.APIVERSION,
-              access_token: token,
-              picture: profilePicture.picture,
-              email: loginObject.user.emails,
-              phone: loginObject.user.phone,
-              buildingName: loginObject.user.buildingName,
-              customerId: loginObject.user.customerId,
-              username: loginObject.user.username,
-              address1: loginObject.user.profile.address1,
-              address2: loginObject.user.profile.address2,
-              phoneVerified: loginObject.user.phoneVerified,
-              oneTimePasswordSetFlag: loginObject.user.oneTimePasswordSetFlag,
-              latitude: loginObject.user.latitude,
-              longitude: loginObject.user.longitude,
-              type: loginObject.user.profile.role,
-              typeasobj: stringToJsonObject,
-            },
-          });
-        }
-      }
-    } else {
-      reply.send({
         simplydata: {
           error: true,
           code: 400,
@@ -287,10 +185,83 @@ fastify.post("/api/login", {
         },
       });
     }
+
+    const user = loginObject.user;
+    const phoneVerified = user.phoneVerified;
+    const oneTimePasswordSetFlag = user.oneTimePasswordSetFlag;
+
+    if (fcmIds.length > 0) {
+      await User.updateOne(
+        { customerId: user.customerId },
+        { $addToSet: { fcmIds: { $each: fcmIds } } }
+      );
+    }
+
+    if (!phoneVerified) {
+      return reply.send({
+        simplydata: {
+          error: false,
+          phoneVerified: false,
+          phone: user.phone,
+          oneTimePasswordSetFlag,
+          message: "Please Verify your phone number",
+        },
+      });
+    }
+
+    if (oneTimePasswordSetFlag) {
+      return reply.send({
+        simplydata: {
+          error: false,
+          phoneVerified,
+          phone: user.phone,
+          oneTimePasswordSetFlag: true,
+          message: "Password must be reset",
+        },
+      });
+    }
+
+    const tokenPayload = {
+      username: loginObject.isStaff ? loginObject.staffMember.name : user.username,
+      userId: user._id,
+      roles: user.profile.role,
+    };
+
+    const token = fastify.jwt.sign(tokenPayload, { expiresIn: "30d" });
+
+    const profilePicture = await ProfilePicture.findOne({ customerId: user.customerId });
+    const responsePayload = {
+      simplydata: {
+        error: false,
+        apiversion: fastify.config.APIVERSION,
+        access_token: token,
+        buildingName: user.buildingName,
+        email: user.emails,
+        phone: user.phone,
+        customerId: user.customerId,
+        username: loginObject.isStaff ? loginObject.staffMember.name : user.username,
+        address1: user.profile.address1,
+        address2: user.profile.address2,
+        phoneVerified: user.phoneVerified,
+        oneTimePasswordSetFlag: user.oneTimePasswordSetFlag,
+        latitude: user.latitude,
+        longitude: user.longitude,
+        type: user.profile.role,
+        loginType: loginObject.isStaff ? "staff" : "user",
+      },
+    };
+
+    if (profilePicture) {
+      responsePayload.simplydata.picture = profilePicture.picture;
+    }
+
+    reply.send(responsePayload);
   },
 });
 
 
+
+
 fastify.post("/api/installotplogin", {
   schema: {
     description: "This is for Login Otp Installation",