165 lines
4.3 KiB
JavaScript
165 lines
4.3 KiB
JavaScript
const express = require("express");
|
|
const router = express.Router();
|
|
const User = require("../models/user");
|
|
const jwt = require("jsonwebtoken");
|
|
const bcrypt = require("bcrypt");
|
|
const { verifyToken, generateToken } = require("../lib/jwtUtils");
|
|
|
|
router.post("/user", async (req, res) => {
|
|
try {
|
|
const { mobile, password, fullname, pic, province, permissions, city } =
|
|
req.body;
|
|
const hashedPassword = await bcrypt.hash(password, 10);
|
|
|
|
const newUser = new User({
|
|
mobile,
|
|
password: hashedPassword,
|
|
pic,
|
|
fullname,
|
|
province,
|
|
city,
|
|
permissions,
|
|
});
|
|
|
|
await newUser.save();
|
|
|
|
const token = generateToken(newUser._id);
|
|
|
|
res.status(201).json({
|
|
message: "User created successfully",
|
|
user: newUser,
|
|
token,
|
|
});
|
|
} catch (error) {
|
|
console.error("Error creating user:", error);
|
|
res.status(500).json({ message: "Internal Server Error" });
|
|
}
|
|
});
|
|
|
|
router.post("/login", async (req, res) => {
|
|
try {
|
|
const { mobile, password } = req.body;
|
|
const user = await User.findOne({ mobile });
|
|
|
|
if (!user) {
|
|
return res.status(403).json({ message: "Invalid credentials" });
|
|
}
|
|
|
|
const passwordMatch = await bcrypt.compare(password, user.password);
|
|
|
|
if (!passwordMatch) {
|
|
return res.status(403).json({ message: "Invalid credentials" });
|
|
}
|
|
|
|
const token = generateToken(user._id);
|
|
|
|
const userWithoutPassword = { ...user.toObject() };
|
|
delete userWithoutPassword.password;
|
|
|
|
res
|
|
.status(200)
|
|
.json({ message: "Login successful", token, user: userWithoutPassword });
|
|
} catch (error) {
|
|
console.error("Error during login:", error);
|
|
res.status(500).json({ message: "Internal Server Error" });
|
|
}
|
|
});
|
|
|
|
router.use(verifyToken);
|
|
|
|
router.get("/user_profile/:userId", async (req, res) => {
|
|
try {
|
|
const userId = req.params.userId;
|
|
const user = await User.findById(userId);
|
|
|
|
if (!user) {
|
|
return res.status(404).json({ message: "User not found" });
|
|
}
|
|
|
|
res.status(200).json({ user });
|
|
} catch (error) {
|
|
console.error("Error retrieving user:", error);
|
|
res.status(500).json({ message: "Internal Server Error" });
|
|
}
|
|
});
|
|
|
|
router.get("/users/:province", async (req, res) => {
|
|
try {
|
|
const province = req.params.province;
|
|
const requestingUser = await User.findById(req.userId);
|
|
|
|
let users = await User.find({ province });
|
|
|
|
if (!requestingUser?.permissions?.includes("admin")) {
|
|
users = users.filter((item) => !item.permissions?.includes("admin"));
|
|
}
|
|
|
|
res.status(200).json(users);
|
|
} catch (error) {
|
|
console.error("Error retrieving users:", error);
|
|
res.status(500).json({ message: "Internal Server Error" });
|
|
}
|
|
});
|
|
|
|
router.delete("/users/:userId", async (req, res) => {
|
|
try {
|
|
const userId = req.params.userId;
|
|
|
|
const deletedUser = await User.findByIdAndDelete(userId);
|
|
|
|
if (!deletedUser) {
|
|
return res.status(404).json({ message: "User not found" });
|
|
}
|
|
|
|
res
|
|
.status(200)
|
|
.json({ message: "User deleted successfully", user: deletedUser });
|
|
} catch (error) {
|
|
console.error("Error deleting user:", error);
|
|
res.status(500).json({ message: "Internal Server Error" });
|
|
}
|
|
});
|
|
|
|
router.put("/user/:userId", async (req, res) => {
|
|
try {
|
|
const userId = req.params.userId;
|
|
const { mobile, password, fullname, pic, province, permissions } = req.body;
|
|
|
|
const updatedUser = await User.findByIdAndUpdate(
|
|
userId,
|
|
{ mobile, password, fullname, pic, province, permissions },
|
|
{ new: true }, // Set { new: true } to return the updated document
|
|
);
|
|
|
|
if (!updatedUser) {
|
|
return res.status(404).json({ message: "User not found" });
|
|
}
|
|
|
|
res
|
|
.status(200)
|
|
.json({ message: "User updated successfully", user: updatedUser });
|
|
} catch (error) {
|
|
console.error("Error updating user:", error);
|
|
res.status(500).json({ message: "Internal Server Error" });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|
|
|
|
// router
|
|
// .route("/:id")
|
|
// .get((req, res) => {
|
|
// res.send(`User Get ${req.params.id}`);
|
|
// })
|
|
// .post((req, res) => {
|
|
// res.send(`User Get ${req.params.id}`);
|
|
// })
|
|
// .put((req, res) => {
|
|
// res.send(`User Get ${req.params.id}`);
|
|
// })
|
|
// .delete((req, res) => {
|
|
// res.send(`User Get ${req.params.id}`);
|
|
// });
|
|
|
|
// module.exports = router;
|