From 02291550890c64ed1d69c06e9202bc5efa9604cb Mon Sep 17 00:00:00 2001 From: Varun Date: Mon, 3 Mar 2025 15:36:50 +0530 Subject: [PATCH 1/4] changes in user login regarding staff --- src/controllers/userController.js | 56 +++++---- src/index.js | 187 +++++++++++++----------------- 2 files changed, 114 insertions(+), 129 deletions(-) diff --git a/src/controllers/userController.js b/src/controllers/userController.js index f63fccb3..6386f657 100644 --- a/src/controllers/userController.js +++ b/src/controllers/userController.js @@ -280,35 +280,49 @@ exports.addUser = async (req, reply) => { // Accepts a user , password , and checks in the system to see if user exists , and password is valid // returns a user object so that jwt token can be created and sent back to the client -exports.loginUser = async (req, fcmId, deviceId) => { +exports.loginUser = async (req, fcmIds, deviceId) => { try { - const phone = req.body.phone; - const password = req.body.password; - - const user = await User.findOne({ phone: phone }); - if (user) { - const isSame = await bcryptComparePassword( - password, - user.services.password.bcrypt - ); - if (isSame) { - // Optionally, you can save/update fcmId and deviceId here - user.fcmId = fcmId; - user.deviceId = deviceId; - await user.save(); - - return { same: true, user: user }; - } else { - return { same: false }; + const { phone, password } = req.body; + let user = await User.findOne({ phone }); + let isStaff = false; + let staffMember = null; + + // If not a main user, check staff inside all users + if (!user) { + const users = await User.find({ "staff.staff.phone": phone }); + for (const u of users) { + const foundStaff = u.staff.staff.find((s) => s.phone === phone); + if (foundStaff) { + user = u; // Assign user as the main user under which the staff exists + staffMember = foundStaff; + isStaff = true; + break; + } } + } + + // If no user or staff found, return invalid credentials + if (!user) return { same: false }; + + // Validate password + let isSame = false; + if (isStaff) { + isSame = password === staffMember.password; // Plain text comparison for staff } else { - return { same: false }; + isSame = await bcrypt.compare(password, user.services.password.bcrypt); // Bcrypt for main users } + + if (!isSame) return { same: false }; + + // Update deviceId + user.deviceId = deviceId; + await user.save(); + + return { same: true, user, isStaff, staffMember }; } catch (err) { throw boom.boomify(err); } }; - exports.loginUserWithOTP = async (req) => { try { const phone = req.body.phone; diff --git a/src/index.js b/src/index.js index f90f4a78..54541cde 100644 --- a/src/index.js +++ b/src/index.js @@ -166,120 +166,18 @@ fastify.post("/api/login", { properties: { phone: { type: "string" }, password: { type: "string" }, - // fcmId: { type: "string" }, // Add this line - fcmIds: { - type: "array", // Change this to allow an array - items: { type: "string" }, // Each item in the array is a string - default: [], // Default value if not provided - }, - deviceId: { type: "string" } // Add this line + fcmIds: { type: "array", items: { type: "string" }, default: [] }, + deviceId: { type: "string" }, }, }, }, async handler(req, reply) { - // Pass fcmId and deviceId to the loginUser function const { phone, password, fcmIds, deviceId } = req.body; - console.log(password,phone) - const loginObject = await userController.loginUser(req, fcmIds, deviceId); + console.log(password, phone); - if (loginObject.same) { - console.log("entered 1st loop") - const phoneVerified = loginObject.user.phoneVerified; - const oneTimePasswordSetFlag = loginObject.user.oneTimePasswordSetFlag; - console.log( - "oneTimePasswordSetFlag is ......", - oneTimePasswordSetFlag, - typeof oneTimePasswordSetFlag, - typeof phoneVerified - ); - if (fcmIds && fcmIds.length > 0) { - await User.updateOne( - { customerId: loginObject.user.customerId }, - { $addToSet: { fcmIds: { $each: fcmIds } } } // Add multiple FCM IDs, avoiding duplicates - ); - } - if (!phoneVerified) { - reply.send({ - simplydata: { - error: false, - phoneVerified: false, - phone: loginObject.user.phone, - oneTimePasswordSetFlag: oneTimePasswordSetFlag, - message: "Please Verify your phone number", - }, - }); - } else if (oneTimePasswordSetFlag) { - reply.send({ - simplydata: { - error: false, - phoneVerified: phoneVerified, - phone: loginObject.user.phone, - oneTimePasswordSetFlag: true, - message: "Password must be reset", - }, - }); - } else { - const token = fastify.jwt.sign( - { - username: loginObject.user.username, - userId: loginObject.user._id, - roles: loginObject.user.profile.role, - }, - { expiresIn: "30d" } - ); - const arr = loginObject.user.profile.role; - const arrayToString = JSON.stringify(Object.assign({}, arr)); // convert array to string - const stringToJsonObject = JSON.parse(arrayToString); // convert string to json object - const c_id = loginObject.user.customerId; - const profilePicture = await ProfilePicture.findOne({ customerId: c_id }); - - if (!profilePicture) { - reply.send({ - simplydata: { - error: false, - apiversion: fastify.config.APIVERSION, - access_token: token, - buildingName: loginObject.user.buildingName, - email: loginObject.user.emails, - phone: loginObject.user.phone, - customerId: loginObject.user.customerId, - username: loginObject.user.username, - address1: loginObject.user.profile.address1, - address2: loginObject.user.profile.address2, - phoneVerified: loginObject.user.phoneVerified, - oneTimePasswordSetFlag: loginObject.user.oneTimePasswordSetFlag, - latitude: loginObject.user.latitude, - longitude: loginObject.user.longitude, - type: loginObject.user.profile.role, - typeasobj: stringToJsonObject, - }, - }); - } else { - reply.send({ - simplydata: { - error: false, - apiversion: fastify.config.APIVERSION, - access_token: token, - picture: profilePicture.picture, - email: loginObject.user.emails, - phone: loginObject.user.phone, - buildingName: loginObject.user.buildingName, - customerId: loginObject.user.customerId, - username: loginObject.user.username, - address1: loginObject.user.profile.address1, - address2: loginObject.user.profile.address2, - phoneVerified: loginObject.user.phoneVerified, - oneTimePasswordSetFlag: loginObject.user.oneTimePasswordSetFlag, - latitude: loginObject.user.latitude, - longitude: loginObject.user.longitude, - type: loginObject.user.profile.role, - typeasobj: stringToJsonObject, - }, - }); - } - } - } else { - reply.send({ + const loginObject = await userController.loginUser(req, fcmIds, deviceId); + if (!loginObject.same) { + return reply.send({ simplydata: { error: true, code: 400, @@ -287,10 +185,83 @@ fastify.post("/api/login", { }, }); } + + const user = loginObject.user; + const phoneVerified = user.phoneVerified; + const oneTimePasswordSetFlag = user.oneTimePasswordSetFlag; + + if (fcmIds.length > 0) { + await User.updateOne( + { customerId: user.customerId }, + { $addToSet: { fcmIds: { $each: fcmIds } } } + ); + } + + if (!phoneVerified) { + return reply.send({ + simplydata: { + error: false, + phoneVerified: false, + phone: user.phone, + oneTimePasswordSetFlag, + message: "Please Verify your phone number", + }, + }); + } + + if (oneTimePasswordSetFlag) { + return reply.send({ + simplydata: { + error: false, + phoneVerified, + phone: user.phone, + oneTimePasswordSetFlag: true, + message: "Password must be reset", + }, + }); + } + + const tokenPayload = { + username: loginObject.isStaff ? loginObject.staffMember.name : user.username, + userId: user._id, + roles: user.profile.role, + }; + + const token = fastify.jwt.sign(tokenPayload, { expiresIn: "30d" }); + + const profilePicture = await ProfilePicture.findOne({ customerId: user.customerId }); + const responsePayload = { + simplydata: { + error: false, + apiversion: fastify.config.APIVERSION, + access_token: token, + buildingName: user.buildingName, + email: user.emails, + phone: user.phone, + customerId: user.customerId, + username: loginObject.isStaff ? loginObject.staffMember.name : user.username, + address1: user.profile.address1, + address2: user.profile.address2, + phoneVerified: user.phoneVerified, + oneTimePasswordSetFlag: user.oneTimePasswordSetFlag, + latitude: user.latitude, + longitude: user.longitude, + type: user.profile.role, + loginType: loginObject.isStaff ? "staff" : "user", + }, + }; + + if (profilePicture) { + responsePayload.simplydata.picture = profilePicture.picture; + } + + reply.send(responsePayload); }, }); + + fastify.post("/api/installotplogin", { schema: { description: "This is for Login Otp Installation", From cd505dcab4d7513bf17fe446081407d34e139e84 Mon Sep 17 00:00:00 2001 From: Varun Date: Mon, 3 Mar 2025 15:37:18 +0530 Subject: [PATCH 2/4] changes --- src/controllers/userController.js | 1 + src/index.js | 1 + 2 files changed, 2 insertions(+) diff --git a/src/controllers/userController.js b/src/controllers/userController.js index 6386f657..f6dc5db9 100644 --- a/src/controllers/userController.js +++ b/src/controllers/userController.js @@ -301,6 +301,7 @@ exports.loginUser = async (req, fcmIds, deviceId) => { } } + // If no user or staff found, return invalid credentials if (!user) return { same: false }; diff --git a/src/index.js b/src/index.js index 54541cde..f7fa9ba1 100644 --- a/src/index.js +++ b/src/index.js @@ -251,6 +251,7 @@ fastify.post("/api/login", { }, }; + if (profilePicture) { responsePayload.simplydata.picture = profilePicture.picture; } From c6055ac5ca58d131259ad027328095eae717ad02 Mon Sep 17 00:00:00 2001 From: Varun Date: Mon, 3 Mar 2025 15:59:40 +0530 Subject: [PATCH 3/4] changes in login for staff --- src/controllers/userController.js | 5 ++++- src/index.js | 12 ++++++++---- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/controllers/userController.js b/src/controllers/userController.js index f6dc5db9..179ce6e0 100644 --- a/src/controllers/userController.js +++ b/src/controllers/userController.js @@ -289,6 +289,7 @@ exports.loginUser = async (req, fcmIds, deviceId) => { // If not a main user, check staff inside all users if (!user) { + const users = await User.find({ "staff.staff.phone": phone }); for (const u of users) { const foundStaff = u.staff.staff.find((s) => s.phone === phone); @@ -301,7 +302,6 @@ exports.loginUser = async (req, fcmIds, deviceId) => { } } - // If no user or staff found, return invalid credentials if (!user) return { same: false }; @@ -324,6 +324,9 @@ exports.loginUser = async (req, fcmIds, deviceId) => { throw boom.boomify(err); } }; + + + exports.loginUserWithOTP = async (req) => { try { const phone = req.body.phone; diff --git a/src/index.js b/src/index.js index f7fa9ba1..37514d76 100644 --- a/src/index.js +++ b/src/index.js @@ -202,7 +202,7 @@ fastify.post("/api/login", { simplydata: { error: false, phoneVerified: false, - phone: user.phone, + phone: loginObject.isStaff ? loginObject.staffMember.phone : user.phone, oneTimePasswordSetFlag, message: "Please Verify your phone number", }, @@ -214,7 +214,7 @@ fastify.post("/api/login", { simplydata: { error: false, phoneVerified, - phone: user.phone, + phone: loginObject.isStaff ? loginObject.staffMember.phone : user.phone, oneTimePasswordSetFlag: true, message: "Password must be reset", }, @@ -237,7 +237,7 @@ fastify.post("/api/login", { access_token: token, buildingName: user.buildingName, email: user.emails, - phone: user.phone, + phone: loginObject.isStaff ? loginObject.staffMember.phone : user.phone, customerId: user.customerId, username: loginObject.isStaff ? loginObject.staffMember.name : user.username, address1: user.profile.address1, @@ -251,7 +251,10 @@ fastify.post("/api/login", { }, }; - + if (loginObject.isStaff) { + responsePayload.simplydata.all_motor_access = loginObject.staffMember.all_motor_access; + } + if (profilePicture) { responsePayload.simplydata.picture = profilePicture.picture; } @@ -263,6 +266,7 @@ fastify.post("/api/login", { + fastify.post("/api/installotplogin", { schema: { description: "This is for Login Otp Installation", From 5d3ecf64290d426d0292fb2d003346f5e4a2f709 Mon Sep 17 00:00:00 2001 From: Varun Date: Mon, 3 Mar 2025 16:54:08 +0530 Subject: [PATCH 4/4] changes in view only --- src/index.js | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/index.js b/src/index.js index 37514d76..5402f540 100644 --- a/src/index.js +++ b/src/index.js @@ -252,8 +252,15 @@ fastify.post("/api/login", { }; if (loginObject.isStaff) { - responsePayload.simplydata.all_motor_access = loginObject.staffMember.all_motor_access; - } + let allMotorAccess = loginObject.staffMember.all_motor_access; + + // Normalize the value if it matches the given variations + if (["view", "view only", "View", "View Only"].includes(allMotorAccess)) { + allMotorAccess = "view"; + } + + responsePayload.simplydata.all_motor_access = allMotorAccess; + } if (profilePicture) { responsePayload.simplydata.picture = profilePicture.picture;