const express = require("express"); const router = express.Router(); const User = require("../models/user"); const jwt = require("jsonwebtoken"); const bcrypt = require("bcrypt"); const { verifyToken, generateToken } = require("../lib/jwtUtils"); router.post("/user", async (req, res) => { try { const { mobile, password, fullname, pic, province, permissions, city } = req.body; const hashedPassword = await bcrypt.hash(password, 10); const newUser = new User({ mobile, password: hashedPassword, pic, fullname, province, city, permissions, }); await newUser.save(); const token = generateToken(newUser._id); res.status(201).json({ message: "User created successfully", user: newUser, token, }); } catch (error) { console.error("Error creating user:", error); res.status(500).json({ message: "Internal Server Error" }); } }); router.post("/login", async (req, res) => { try { const { mobile, password } = req.body; const user = await User.findOne({ mobile }); if (!user) { return res.status(403).json({ message: "Invalid credentials" }); } const passwordMatch = await bcrypt.compare(password, user.password); if (!passwordMatch) { return res.status(403).json({ message: "Invalid credentials" }); } const token = generateToken(user._id); const userWithoutPassword = { ...user.toObject() }; delete userWithoutPassword.password; res .status(200) .json({ message: "Login successful", token, user: userWithoutPassword }); } catch (error) { console.error("Error during login:", error); res.status(500).json({ message: "Internal Server Error" }); } }); router.use(verifyToken); router.get("/user_profile/:userId", async (req, res) => { try { const userId = req.params.userId; const user = await User.findById(userId); if (!user) { return res.status(404).json({ message: "User not found" }); } res.status(200).json({ user }); } catch (error) { console.error("Error retrieving user:", error); res.status(500).json({ message: "Internal Server Error" }); } }); router.get("/users/:province", async (req, res) => { try { const province = req.params.province; const requestingUser = await User.findById(req.userId); let users = await User.find({ province }); if (!requestingUser?.permissions?.includes("admin")) { users = users.filter((item) => !item.permissions?.includes("admin")); } res.status(200).json(users); } catch (error) { console.error("Error retrieving users:", error); res.status(500).json({ message: "Internal Server Error" }); } }); router.delete("/users/:userId", async (req, res) => { try { const userId = req.params.userId; const deletedUser = await User.findByIdAndDelete(userId); if (!deletedUser) { return res.status(404).json({ message: "User not found" }); } res .status(200) .json({ message: "User deleted successfully", user: deletedUser }); } catch (error) { console.error("Error deleting user:", error); res.status(500).json({ message: "Internal Server Error" }); } }); router.put("/user/:userId", async (req, res) => { try { const userId = req.params.userId; const { mobile, password, fullname, pic, province, permissions, city } = req.body; const updateFields = { mobile, fullname, pic, province, permissions, city: city ?? "", }; if (password && String(password).trim() !== "") { updateFields.password = await bcrypt.hash(password, 10); } const updatedUser = await User.findByIdAndUpdate(userId, updateFields, { new: true, }); if (!updatedUser) { return res.status(404).json({ message: "User not found" }); } res .status(200) .json({ message: "User updated successfully", user: updatedUser }); } catch (error) { console.error("Error updating user:", error); res.status(500).json({ message: "Internal Server Error" }); } }); module.exports = router; // router // .route("/:id") // .get((req, res) => { // res.send(`User Get ${req.params.id}`); // }) // .post((req, res) => { // res.send(`User Get ${req.params.id}`); // }) // .put((req, res) => { // res.send(`User Get ${req.params.id}`); // }) // .delete((req, res) => { // res.send(`User Get ${req.params.id}`); // }); // module.exports = router;