forgotpassword for user and supplier

3 years ago · 4d7b8772f4
parent 757a11b5ab
commit 4d7b8772f4
2 changed files with 215 additions and 1 deletions
--- a/src/controllers/userController.js
+++ b/src/controllers/userController.js
@ -447,4 +447,191 @@ exports.sendSms = async (request, reply) => {
  req.end();
 }

+exports.forgotPassword = async (req, reply) => {
+  try {
+    // Create a new User object from the request body
+    var user = new User(req.body);
+    
+    // Check if the request body is URL encoded
+    checkFormEncoding = isUserFormUrlEncoded(req);
+    if (checkFormEncoding.isUserFormUrlEncoded) {
+      // Extract user information from the request body
+      usertobeInserted = checkFormEncoding.user;
+      user.username = usertobeInserted.username;
+      user.firstName = usertobeInserted.firstName;
+      user.lastName = usertobeInserted.lastName;
+      user.phone = usertobeInserted.phone;
+      user.emails = usertobeInserted.emails;
+    }
+
+    // Find a user with the given phone number in the database
+    userExists = await User.findOne({
+      phone: user.phone,
+    });
+
+    if (userExists) {
+      // Generate a random password reset code
+      const code = Math.floor(100000 + Math.random() * 900000);
+
+      // Convert the code to a string and hash it using bcrypt
+      codestr = "";
+      codestr = code.toString();
+      hash = await bcryptPassword(codestr);
+
+      // Update the user's password reset code and password hash in the database
+      const filter = {
+        phone: userExists.phone,
+      };
+      const update = {
+        $set: {
+          passwordResetCode: code,
+          "services.password.bcrypt": hash,
+          oneTimePasswordSetFlag: true,
+        },
+      };
+      const doc = await User.updateOne(filter, update);
+
+      // Find the updated user in the database
+      updatedUser = await User.findOne({ phone: userExists.phone });
+
+      if (updatedUser.oneTimePasswordSetFlag) {
+        // Send an SMS with the password reset code
+        const request = {
+          body: {
+            mobileNumbers: userExists.phone,
+          },
+        };
+        const response = {
+          send: (data) => {
+            console.log(data); // Optional: Log the response from the SMS provider
+            // Send a success response with the password reset code
+            req.body.passwordResetCode = code;
+            reply.send('{"armintatankdata":{"error":false,"forgotPassword": true}}');
+          },
+        };
+        await exports.sendSms(request, response);
+      } else {
+        // Send an error response if the password reset code was not set
+        error = {
+          armintatankdata: {
+            error: true,
+            code: 10007,
+            message: "10007 - Unable to reset password",
+          },
+        };
+        req.body.regError = error;
+        reply.send(error);
+      }
+    } else {
+      // Send an error response if no user was found with the given phone number
+      error = {
+        armintatankdata: {
+          error: true,
+          code: 10006,
+          message: "10006 - Please check the phone number you entered..",
+        },
+      };
+      req.body.regError = error;
+      reply.send(error);
+    }
+  } catch (err) {
+    // Handle any errors that occur during the API request
+    throw boom.boomify(err);
+  }
+};
+
+
+exports.forgotPasswordSupplier = async (req, reply) => {
+  try {
+    // Create a new Supplier object from the request body
+    var supplier = new Supplier(req.body);
+    
+    // Check if the request body is URL encoded
+    checkFormEncoding = isSupplierFormUrlEncoded(req);
+    if (checkFormEncoding.isSupplierFormUrlEncoded) {
+      // Extract supplier information from the request body
+      suppliertobeInserted = checkFormEncoding.supplier;
+      supplier.username = suppliertobeInserted.username;
+      supplier.firstName = suppliertobeInserted.firstName;
+      supplier.lastName = suppliertobeInserted.lastName;
+      supplier.phone = suppliertobeInserted.phone;
+      supplier.emails = suppliertobeInserted.emails;
+    }
+
+    // Find a supplier with the given phone number in the database
+    supplierExists = await Supplier.findOne({
+      phone: supplier.phone,
+    });
+
+    if (supplierExists) {
+      // Generate a random password reset code
+      const code = Math.floor(100000 + Math.random() * 900000);
+
+      // Convert the code to a string and hash it using bcrypt
+      codestr = "";
+      codestr = code.toString();
+      hash = await bcryptPassword(codestr);
+
+      // Update the supplier's password reset code and password hash in the database
+      const filter = {
+        phone: supplierExists.phone,
+      };
+      const update = {
+        $set: {
+          passwordResetCode: code,
+          "services.password.bcrypt": hash,
+          oneTimePasswordSetFlag: true,
+        },
+      };
+      const doc = await Supplier.updateOne(filter, update);
+
+      // Find the updated supplier in the database
+      updatedSupplier = await Supplier.findOne({ phone: supplierExists.phone });
+
+      if (updatedSupplier.oneTimePasswordSetFlag) {
+        // Send an SMS with the password reset code
+        const request = {
+          body: {
+            mobileNumbers: supplierExists.phone,
+          },
+        };
+        const response = {
+          send: (data) => {
+            console.log(data); // Optional: Log the response from the SMS provider
+            // Send a success response with the password reset code
+            req.body.passwordResetCode = code;
+            reply.send('{"armintatankdata":{"error":false,"forgotPassword": true}}');
+          },
+        };
+        await exports.sendSms(request, response);
+      } else {
+        // Send an error response if the password reset code was not set
+        error = {
+          armintatankdata: {
+            error: true,
+            code: 10007,
+            message: "10007 - Unable to reset password",
+          },
+        };
+        req.body.regError = error;
+        reply.send(error);
+      }
+    } else {
+      // Send an error response if no supplier was found with the given phone number
+      error = {
+        armintatankdata: {
+          error: true,
+          code: 10006,
+          message: "10006 - Please check the phone number you entered..",
+        },
+      };
+      req.body.regError = error;
+      reply.send(error);
+    }
+  } catch (err) {
+    // Handle any errors that occur during the API request
+    throw boom.boomify(err);
+  }
+};
+

--- a/src/routes/usersRoute.js
+++ b/src/routes/usersRoute.js
@ -224,7 +224,34 @@ module.exports = function (fastify, opts, next) {
      ],
    },
    // preHandler: [validationHandler.],
-    handler: validationHandler.forgotPassword,
+    handler: userController.forgotPassword,
+    onResponse: (request, reply) => {
+      validationHandler.sendPasswordResetCode(request, reply);
+    },
+  });
+
+  fastify.route({
+    method: "POST",
+    url: "/api/forgotpasswordsupplier",
+    schema: {
+      tags: ["Supplier"],
+      description: "This is for forgot password for the Supplier.",
+      summary: "This is for forgot password for the Supplier.",
+      body: {
+        type: "object",
+        required: ["phone"],
+        properties: {
+          phone: { type: "string" },
+        },
+      },
+      security: [
+        {
+          basicAuth: [],
+        },
+      ],
+    },
+    // preHandler: [validationHandler.],
+    handler: userController.forgotPasswordSupplier,
    onResponse: (request, reply) => {
      validationHandler.sendPasswordResetCode(request, reply);
    },