From 035a989f29389f155e810afc498a7e6b1522823e Mon Sep 17 00:00:00 2001
From: MD ARIF KHAN <55360458+arifthehappy@users.noreply.github.com>
Date: Wed, 29 Mar 2023 11:35:43 +0530
Subject: [PATCH] added isbusinessauthenticate, businesslogin route ,
getselfbusiness route
---
middlewares/auth.js | 191 ++++---
resources/Businesses/BusinessController.js | 619 ++++++++++++---------
resources/Businesses/BusinessRoute.js | 36 +-
3 files changed, 483 insertions(+), 363 deletions(-)
diff --git a/middlewares/auth.js b/middlewares/auth.js
index 72ecb27..392aa6a 100644
--- a/middlewares/auth.js
+++ b/middlewares/auth.js
@@ -1,95 +1,126 @@
import User from "../resources/user/userModel.js";
import jwt from "jsonwebtoken";
-import ErrorHander from "../Utils/errorhander.js"
+import ErrorHander from "../Utils/errorhander.js";
import { Franchisee } from "../resources/Temple/FranchiseeModel.js";
+import { Business } from "../resources/Businesses/BusinessModel.js";
export const isAuthenticatedUser = async (req, res, next) => {
- try {
- if (!req.headers.authorization) {
- return res.status(400).json({
- success: false,
- message: "Login to Access this resource",
- });
- }
- const getToken = req.headers;
-
-
- //remove Bearer from token
- const fronttoken = getToken.authorization.slice(7);
-
- const frontdecoded = jwt.verify(fronttoken, process.env.JWT_SECRET);
- if (!frontdecoded) {
- return res.status(400).json({
- success: false,
- message: "incorrect token",
- });
- }
- const fuser = await User.findById(frontdecoded.id);
-
- req.user = fuser;
-
- next();
- } catch (error) {
- return res.status(400).json({
- success: false,
- message: error.message,
- });
+ try {
+ if (!req.headers.authorization) {
+ return res.status(400).json({
+ success: false,
+ message: "Login to Access this resource",
+ });
}
+ const getToken = req.headers;
+
+ //remove Bearer from token
+ const fronttoken = getToken.authorization.slice(7);
+
+ const frontdecoded = jwt.verify(fronttoken, process.env.JWT_SECRET);
+ if (!frontdecoded) {
+ return res.status(400).json({
+ success: false,
+ message: "incorrect token",
+ });
+ }
+ const fuser = await User.findById(frontdecoded.id);
+
+ req.user = fuser;
+
+ next();
+ } catch (error) {
+ return res.status(400).json({
+ success: false,
+ message: error.message,
+ });
+ }
};
-
-
-
-
export const isFranchiAuthenticated = async (req, res, next) => {
- try {
-
- if (!req.headers.authorization) {
- return res.status(400).json({
- success: false,
- message: "Login to Access this resource",
- });
- }
- const getToken = req.headers;
- //remove Bearer from token
-
- const fronttoken = getToken.authorization.slice(7);
-
- const frontdecoded = jwt.verify(fronttoken, process.env.JWT_SECRET);
-
- if (!frontdecoded) {
- return res.status(400).json({
- success: false,
- message: "incorrect token",
- });
- }
- // console.log(frontdecoded)
- const fuser = await Franchisee.findById(frontdecoded.id);
-
- req.franchi = fuser;
-
- next();
- } catch (error) {
- return res.status(400).json({
- success: false,
- message: error.message,
- });
+ try {
+ if (!req.headers.authorization) {
+ return res.status(400).json({
+ success: false,
+ message: "Login to Access this resource",
+ });
}
+ const getToken = req.headers;
+ //remove Bearer from token
+
+ const fronttoken = getToken.authorization.slice(7);
+
+ const frontdecoded = jwt.verify(fronttoken, process.env.JWT_SECRET);
+
+ if (!frontdecoded) {
+ return res.status(400).json({
+ success: false,
+ message: "incorrect token",
+ });
+ }
+ // console.log(frontdecoded)
+ const fuser = await Franchisee.findById(frontdecoded.id);
+
+ req.franchi = fuser;
+
+ next();
+ } catch (error) {
+ return res.status(400).json({
+ success: false,
+ message: error.message,
+ });
+ }
};
+// isBusinessAuthenticated
+export const isBusinessAuthenticated = async (req, res, next) => {
+ try {
+ if (!req.headers.authorization) {
+ return res.status(400).json({
+ success: false,
+ message: "Login to Access this resource",
+ });
+ }
+ const getToken = req.headers;
+ //remove Bearer from token
-export const authorizeRoles = (...roles) => {//pass admin
- return (req, res, next) => {
- if (!roles.includes(req.user.role)) {
- return next(
- new ErrorHander(
- `Role: ${req.user.role} is not allowed to access this resouce `,
- 403
- )
- );
- }
+ const fronttoken = getToken.authorization.slice(7);
- next();
- };
-};
\ No newline at end of file
+ const frontdecoded = jwt.verify(fronttoken, process.env.JWT_SECRET);
+
+ if (!frontdecoded) {
+ return res.status(400).json({
+ success: false,
+ message: "incorrect token",
+ });
+ }
+ // console.log(frontdecoded)
+ const fuser = await Business.findById(frontdecoded.id);
+
+ req.business = fuser;
+
+ next();
+ } catch (error) {
+ return res.status(400).json({
+ success: false,
+ message: error.message,
+ });
+ }
+};
+
+export const authorizeRoles = (...roles) => {
+ //pass admin
+ return (req, res, next) => {
+ if (!roles.includes(req.user.role)) {
+ return next(
+ new ErrorHander(
+ `Role: ${req.user.role} is not allowed to access this resouce `,
+ 403
+ )
+ );
+ }
+
+ next();
+ };
+};
diff --git a/resources/Businesses/BusinessController.js b/resources/Businesses/BusinessController.js
index ee74168..f50cf25 100644
--- a/resources/Businesses/BusinessController.js
+++ b/resources/Businesses/BusinessController.js
@@ -1,328 +1,393 @@
-
-
-
-import sendEmail from "../../Utils/sendEmail.js"
+import sendEmail from "../../Utils/sendEmail.js";
import cloudinary from "../../Utils/cloudinary.js";
-import { Business } from './BusinessModel.js'
-import password from 'secure-random-password'
+import { Business } from "./BusinessModel.js";
+import password from "secure-random-password";
import fs from "fs";
-
-
+import catchAsyncErrors from "../../middlewares/catchAsyncErrors.js";
+import sendToken from "../../Utils/jwtToken.js";
export const createBusiness = async (req, res) => {
- try {
- if (!req?.user) return res.status(400).json({ message: "please login !" });
-
- const { business, purpose, country, language, state, city, address_Line_1, address_Line_2, pincode,
- business_name, email, contact_Number, contact_Person_Name, url, short_url } =
- req.body;
- //validation
- switch (true) {
- case !business:
- return res.status(500).send({ error: "Business is Required" });
- case !purpose:
- return res.status(500).send({ error: "Purpose is Required" });
- case !language:
- return res.status(500).send({ error: "Language is Required" });
- case !address_Line_1:
- return res.status(500).send({ error: "address_Line_1 is Required" });
- case !address_Line_2:
- return res.status(500).send({ error: "address_Line_2 is Required" });
- case !state:
- return res.status(500).send({ error: "state is Required" });
- case !pincode:
- return res.status(500).send({ error: "pincode is Required" });
- case !city:
- return res.status(500).send({ error: "city is Required" });
- case !country:
- return res.status(500).send({ error: "country is Required" });
- case !business_name:
- return res.status(500).send({ error: "business_name is Required" });
- case !email:
- return res.status(500).send({ error: "email is Required" });
- case !contact_Number:
- return res.status(500).send({ error: "contact_Number is Required" });
- case !contact_Person_Name:
- return res.status(500).send({ error: "contact_Person_Name is Required" });
- case !url:
- return res.status(500).send({ error: " Business url is Required" });
- case !short_url:
- return res.status(500).send({ error: "short_url is Required" });
-
-
- }
-
-
- let businesse = await Business.findOne({ email });
- if (businesse) {
- return res
- .status(400)
- .json({ success: false, message: " THis Email already exists Please try another Email!" });
- }
- const businessWithURL = await Business.findOne({
- short_url: req.body?.short_url,
- });
- if (businessWithURL?._id) {
- if (req?.files?.image?.tempFilePath)
- fs.unlinkSync(image_file?.tempFilePath);
- return res.status(400).json({ message: "business URL is not available!" });
- }
- if (req?.files?.image?.tempFilePath) {
- const result = await cloudinary.v2.uploader.upload(
- image_file?.tempFilePath,
- {
- folder: "Bolo/business_Image",
- }
- );
- const image = { url: result?.secure_url, public_id: result?.public_id };
- req.body.banner = image;
- fs.unlinkSync(image_file?.tempFilePath);
- }
- //generate password
- const passwords = password.randomPassword({
- length: 10,
- characters: [
- { characters: password.upper, exactly: 1 },
- { characters: password.symbols, exactly: 1 },
- password.lower,
- password.digits]
- })
-
- req.body.password = passwords;
- // req.user.role === 'admin' ? req.body.verify = true : req.body.verify = false
-
-
-
-
- req.body.added_by = req.user._id
- const businesses = await Business.create(req.body);
- await sendEmail({
-
- to: `${req.body.email}`, // Change to your recipient
-
- from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender
-
- subject: `Bolo.Ai business Created`,
- html: `your Business Url is:${req.body.url}
your login email is: ${req.body.email}
and password is: ${passwords}
Thank You
`
-
- });
-
- res.status(201).send({
- success: true,
-
- message: `business added successfully and Email sent to ${req.body.email} successfully`,
-
- businesses,
- });
- } catch (error) {
- console.log(error);
- res.status(500).send({
- success: false,
- error,
- message: error.message ? error.message : "Unable to create."
- });
+ try {
+ if (!req?.user) return res.status(400).json({ message: "please login !" });
+ const {
+ business,
+ purpose,
+ country,
+ language,
+ state,
+ city,
+ address_Line_1,
+ address_Line_2,
+ pincode,
+ business_name,
+ email,
+ contact_Number,
+ contact_Person_Name,
+ url,
+ short_url,
+ } = req.body;
+ //validation
+ switch (true) {
+ case !business:
+ return res.status(500).send({ error: "Business is Required" });
+ case !purpose:
+ return res.status(500).send({ error: "Purpose is Required" });
+ case !language:
+ return res.status(500).send({ error: "Language is Required" });
+ case !address_Line_1:
+ return res.status(500).send({ error: "address_Line_1 is Required" });
+ case !address_Line_2:
+ return res.status(500).send({ error: "address_Line_2 is Required" });
+ case !state:
+ return res.status(500).send({ error: "state is Required" });
+ case !pincode:
+ return res.status(500).send({ error: "pincode is Required" });
+ case !city:
+ return res.status(500).send({ error: "city is Required" });
+ case !country:
+ return res.status(500).send({ error: "country is Required" });
+ case !business_name:
+ return res.status(500).send({ error: "business_name is Required" });
+ case !email:
+ return res.status(500).send({ error: "email is Required" });
+ case !contact_Number:
+ return res.status(500).send({ error: "contact_Number is Required" });
+ case !contact_Person_Name:
+ return res
+ .status(500)
+ .send({ error: "contact_Person_Name is Required" });
+ case !url:
+ return res.status(500).send({ error: " Business url is Required" });
+ case !short_url:
+ return res.status(500).send({ error: "short_url is Required" });
}
-}
-export const getAllBusiness = async (req, res) => {
- try {
- if (!req?.user) return res.status(400).json({ message: "please login !" });
-
-
- const businesses = await Business.find().sort({ createdAt: -1 })
- if (businesses) {
- res.status(201).send({
- success: true,
- message: "Business Fetched Successfully",
- businesses,
- });
+ let businesse = await Business.findOne({ email });
+ if (businesse) {
+ return res.status(400).json({
+ success: false,
+ message: " THis Email already exists Please try another Email!",
+ });
+ }
+ const businessWithURL = await Business.findOne({
+ short_url: req.body?.short_url,
+ });
+ if (businessWithURL?._id) {
+ if (req?.files?.image?.tempFilePath)
+ fs.unlinkSync(image_file?.tempFilePath);
+ return res
+ .status(400)
+ .json({ message: "business URL is not available!" });
+ }
+ if (req?.files?.image?.tempFilePath) {
+ const result = await cloudinary.v2.uploader.upload(
+ image_file?.tempFilePath,
+ {
+ folder: "Bolo/business_Image",
}
-
- } catch (error) {
- // console.log(error);
- res.status(500).send({
- success: false,
- error,
- message: error.message ? error.message : "Unable to fetch."
- });
-
+ );
+ const image = { url: result?.secure_url, public_id: result?.public_id };
+ req.body.banner = image;
+ fs.unlinkSync(image_file?.tempFilePath);
}
-}
-export const getSingleBusiness = async (req, res) => {
- try {
- if (!req?.user) return res.status(400).json({ message: "please login !" });
- if (!req?.params.id) return res.status(400).json({ message: "please Provide Business ID !" });
+ //generate password
+ const passwords = password.randomPassword({
+ length: 10,
+ characters: [
+ { characters: password.upper, exactly: 1 },
+ { characters: password.symbols, exactly: 1 },
+ password.lower,
+ password.digits,
+ ],
+ });
- const businesses = await Business.findById(req.params.id)
- if (businesses) {
- res.status(201).send({
- success: true,
- message: "Business Fetched Successfully",
- businesses,
- });
- }
+ req.body.password = passwords;
+ // req.user.role === 'admin' ? req.body.verify = true : req.body.verify = false
- } catch (error) {
- // console.log(error);
- res.status(500).send({
- success: false,
- error,
- message: error.message ? error.message : "Unable to fetch."
- });
+ req.body.added_by = req.user._id;
+ const businesses = await Business.create(req.body);
+ await sendEmail({
+ to: `${req.body.email}`, // Change to your recipient
- }
-}
-export const updateBusiness = async (req, res) => {
- try {
- if (!req?.user) return res.status(400).json({ message: "please login !" });
- if (!req?.params.id) return res.status(400).json({ message: "please Provide Business ID !" });
+ from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender
+ subject: `Bolo.Ai business Created`,
+ html: `your Business Url is:${req.body.url}
your login email is: ${req.body.email}
and password is: ${passwords}
Thank You
`,
+ });
+ res.status(201).send({
+ success: true,
- req.body.added_by = req.user._id
- const businesses = await Business.findByIdAndUpdate(req.params.id, { ...req.body })
+ message: `business added successfully and Email sent to ${req.body.email} successfully`,
- res.status(201).send({
- success: true,
- message: "Business Updated Successfully",
- businesses,
- });
- } catch (error) {
- console.log(error);
- res.status(500).send({
- success: false,
- error,
- message: error.message ? error.message : "Unable to Update."
- });
-
- }
-}
-//delete
-export const deleteBusinessById = async (req, res) => {
- try {
-
- if (!req?.user) return res.status(400).json({ message: "please login !" });
- if (!req?.params.id) return res.status(400).json({ message: "please Provide Business ID !" });
-
- const business = await Business.findByIdAndDelete(req.params.id)
- if (!business) {
- return res.status(400).json({ message: 'business Not Found' });
- }
- await business.remove();
-
- res.status(200).json({ status: "OK", msg: 'Deteted successfully' });
- } catch (err) {
- return res.status(500).json({ message: err.message ? err.message : "Unable to delete." });
- }
+ businesses,
+ });
+ } catch (error) {
+ console.log(error);
+ res.status(500).send({
+ success: false,
+ error,
+ message: error.message ? error.message : "Unable to create.",
+ });
+ }
};
+export const getAllBusiness = async (req, res) => {
+ try {
+ if (!req?.user) return res.status(400).json({ message: "please login !" });
+ const businesses = await Business.find().sort({ createdAt: -1 });
+ if (businesses) {
+ res.status(201).send({
+ success: true,
+ message: "Business Fetched Successfully",
+ businesses,
+ });
+ }
+ } catch (error) {
+ // console.log(error);
+ res.status(500).send({
+ success: false,
+ error,
+ message: error.message ? error.message : "Unable to fetch.",
+ });
+ }
+};
+export const getSingleBusiness = async (req, res) => {
+ try {
+ if (!req?.user) return res.status(400).json({ message: "please login !" });
+ if (!req?.params.id)
+ return res.status(400).json({ message: "please Provide Business ID !" });
+ const businesses = await Business.findById(req.params.id);
+ if (businesses) {
+ res.status(201).send({
+ success: true,
+ message: "Business Fetched Successfully",
+ businesses,
+ });
+ }
+ } catch (error) {
+ // console.log(error);
+ res.status(500).send({
+ success: false,
+ error,
+ message: error.message ? error.message : "Unable to fetch.",
+ });
+ }
+};
+// export getSelfBusiness
+export const getSelfBusiness = async (req, res) => {
+ try {
+ if (!req?.business)
+ return res.status(400).json({ message: "please login !" });
+ const businesses = await Business.findById(req.business._id);
+ if (businesses) {
+ res.status(201).send({
+ success: true,
+ message: "Business Fetched Successfully",
+ businesses,
+ });
+ }
+ } catch (error) {
+ // console.log(error);
+ res.status(500).send({
+ success: false,
+ error,
+ message: error.message ? error.message : "Unable to fetch.",
+ });
+ }
+};
+export const updateBusiness = async (req, res) => {
+ try {
+ if (!req?.user) return res.status(400).json({ message: "please login !" });
+ if (!req?.params.id)
+ return res.status(400).json({ message: "please Provide Business ID !" });
+ req.body.added_by = req.user._id;
+ const businesses = await Business.findByIdAndUpdate(req.params.id, {
+ ...req.body,
+ });
+ res.status(201).send({
+ success: true,
+ message: "Business Updated Successfully",
+ businesses,
+ });
+ } catch (error) {
+ console.log(error);
+ res.status(500).send({
+ success: false,
+ error,
+ message: error.message ? error.message : "Unable to Update.",
+ });
+ }
+};
+//delete
+export const deleteBusinessById = async (req, res) => {
+ try {
+ if (!req?.user) return res.status(400).json({ message: "please login !" });
+ if (!req?.params.id)
+ return res.status(400).json({ message: "please Provide Business ID !" });
+ const business = await Business.findByIdAndDelete(req.params.id);
+ if (!business) {
+ return res.status(400).json({ message: "business Not Found" });
+ }
+ await business.remove();
+ res.status(200).json({ status: "OK", msg: "Deteted successfully" });
+ } catch (err) {
+ return res
+ .status(500)
+ .json({ message: err.message ? err.message : "Unable to delete." });
+ }
+};
+// update password for business owner with old password
+export const updatePassword = catchAsyncErrors(async (req, res, next) => {
+ const business = await Business.findById(req.user.id).select("+password");
+ const isPasswordMatched = await business.comparePassword(
+ req.body.oldPassword
+ );
+ if (!isPasswordMatched) {
+ return next(new ErrorHander("Old password is incorrect", 400));
+ }
+ if (req.body.newPassword !== req.body.confirmPassword) {
+ return next(new ErrorHander("password does not match", 400));
+ }
+ business.password = req.body.newPassword;
+ await business.save();
+ sendToken(business, 200, res);
+});
+// login for business owner
+export const loginBusiness = async (req, res, next) => {
+ const { email, password } = req.body;
+ // checking if user has given password and email both
+ try {
+ if (!email || !password) {
+ return res.status(400).json({ message: "Please Enter Email & Password" });
+ }
+ const business = await Business.findOne({ email }).select("+password");
+ if (!business) {
+ return res.status(400).json({ message: "Invalid Email or Password" });
+ }
+ const isPasswordMatched = await business.comparePassword(password);
+ if (!isPasswordMatched) {
+ return res.status(400).json({ message: "Invalid Email or Password" });
+ }
+ sendToken(business, 200, res);
+ } catch (error) {
+ return res
+ .status(500)
+ .json({ message: "Something went wrong!", error: error?.message || "" });
+ }
+};
+/****************************************** */
const addBusiness = async (req, res) => {
- const image_file = req?.files?.image;
- try {
- const { email } = req.body
- let business = await Business.findOne({ email });
- if (business) {
- return res
- .status(400)
- .json({ success: false, message: "business already exists" });
- }
- const BusinessWithURL = await Business.findOne({
- short_url: req.body?.short_url,
- });
- if (BusinessWithURL?._id) {
- if (req?.files?.image?.tempFilePath)
- fs.unlinkSync(image_file?.tempFilePath);
- return res.status(400).json({ message: "Business URL is not available!" });
- }
- if (image_file?.tempFilePath) {
- const result = await cloudinary.v2.uploader.upload(
- image_file?.tempFilePath,
- {
- folder: "ATP/Business_banners",
- }
- );
- const image = { url: result?.secure_url, public_id: result?.public_id };
- req.body.banner = image;
- fs.unlinkSync(image_file?.tempFilePath);
- }
- //generate password
- const passwords = password.randomPassword({
- length: 10,
- characters: [
- { characters: password.upper, exactly: 1 },
- { characters: password.symbols, exactly: 1 },
- password.lower,
- password.digits]
- })
-
- req.body.password = passwords;
- req.user.role === 'admin' ? req.body.verify = true : req.body.verify = false
- const entity = await Business.create(req.body);
- await sendEmail({
-
- to: `${req.body.email}`, // Change to your recipient
-
- from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender
-
- subject: `ATP Business Created`,
- html: `your business Url is:${req.body.url}
your login email is: ${req.body.email}
and password is: ${passwords}
Thank You
`
-
- });
- return res.status(200).json({
- success: true,
- data: entity,
- message: `Business added successfully and Email sent to ${req.body.email} successfully`,
- });
- } catch (err) {
- // console.log(err)
- fs.unlinkSync(image_file?.tempFilePath);
- return res.status(500).json({ message: err.message ? err.message : "Unable to create." });
+ const image_file = req?.files?.image;
+ try {
+ const { email } = req.body;
+ let business = await Business.findOne({ email });
+ if (business) {
+ return res
+ .status(400)
+ .json({ success: false, message: "business already exists" });
}
+ const BusinessWithURL = await Business.findOne({
+ short_url: req.body?.short_url,
+ });
+ if (BusinessWithURL?._id) {
+ if (req?.files?.image?.tempFilePath)
+ fs.unlinkSync(image_file?.tempFilePath);
+ return res
+ .status(400)
+ .json({ message: "Business URL is not available!" });
+ }
+ if (image_file?.tempFilePath) {
+ const result = await cloudinary.v2.uploader.upload(
+ image_file?.tempFilePath,
+ {
+ folder: "ATP/Business_banners",
+ }
+ );
+ const image = { url: result?.secure_url, public_id: result?.public_id };
+ req.body.banner = image;
+ fs.unlinkSync(image_file?.tempFilePath);
+ }
+ //generate password
+ const passwords = password.randomPassword({
+ length: 10,
+ characters: [
+ { characters: password.upper, exactly: 1 },
+ { characters: password.symbols, exactly: 1 },
+ password.lower,
+ password.digits,
+ ],
+ });
+
+ req.body.password = passwords;
+ req.user.role === "admin"
+ ? (req.body.verify = true)
+ : (req.body.verify = false);
+ const entity = await Business.create(req.body);
+ await sendEmail({
+ to: `${req.body.email}`, // Change to your recipient
+
+ from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender
+
+ subject: `ATP Business Created`,
+ html: `your business Url is:${req.body.url}
your login email is: ${req.body.email}
and password is: ${passwords}
Thank You
`,
+ });
+ return res.status(200).json({
+ success: true,
+ data: entity,
+ message: `Business added successfully and Email sent to ${req.body.email} successfully`,
+ });
+ } catch (err) {
+ // console.log(err)
+ fs.unlinkSync(image_file?.tempFilePath);
+ return res
+ .status(500)
+ .json({ message: err.message ? err.message : "Unable to create." });
+ }
};
const addProductToBusiness = async (req, res) => {
- try {
- const Business = await Business.findByIdAndUpdate(
- req.params.id,
- {
- $push: { products: req.body.product_id },
- },
- { new: true }
- );
- res
- .status(200)
- .json({ status: "ok", message: "Product added to Business successfully" });
- } catch (err) {
- return res.status(500).json({ message: "Unable to get ID." });
- }
+ try {
+ const Business = await Business.findByIdAndUpdate(
+ req.params.id,
+ {
+ $push: { products: req.body.product_id },
+ },
+ { new: true }
+ );
+ res.status(200).json({
+ status: "ok",
+ message: "Product added to Business successfully",
+ });
+ } catch (err) {
+ return res.status(500).json({ message: "Unable to get ID." });
+ }
};
-
-
diff --git a/resources/Businesses/BusinessRoute.js b/resources/Businesses/BusinessRoute.js
index 18724bf..a243898 100644
--- a/resources/Businesses/BusinessRoute.js
+++ b/resources/Businesses/BusinessRoute.js
@@ -1,14 +1,38 @@
import { Router } from "express";
-import { authorizeRoles, isAuthenticatedUser } from "../../middlewares/auth.js";
-import { createBusiness, getAllBusiness, getSingleBusiness, updateBusiness, deleteBusinessById } from "./BusinessController.js";
+import {
+ authorizeRoles,
+ isAuthenticatedUser,
+ isBusinessAuthenticated,
+} from "../../middlewares/auth.js";
+import {
+ createBusiness,
+ getAllBusiness,
+ getSingleBusiness,
+ updateBusiness,
+ deleteBusinessById,
+ updatePassword,
+ getSelfBusiness,
+ loginBusiness,
+} from "./BusinessController.js";
const router = Router();
-router.route("/add").post(isAuthenticatedUser, authorizeRoles("admin"), createBusiness);
-router.route("/update/:id").patch(isAuthenticatedUser, authorizeRoles("admin"), updateBusiness);
-router.route("/delete/:id").delete(isAuthenticatedUser, authorizeRoles("admin"), deleteBusinessById);
+router
+ .route("/add")
+ .post(isAuthenticatedUser, authorizeRoles("admin"), createBusiness);
+router
+ .route("/update/:id")
+ .patch(isAuthenticatedUser, authorizeRoles("admin"), updateBusiness);
+router
+ .route("/delete/:id")
+ .delete(isAuthenticatedUser, authorizeRoles("admin"), deleteBusinessById);
router.route("/get/:id").get(isAuthenticatedUser, getSingleBusiness);
router.route("/getall").get(isAuthenticatedUser, getAllBusiness);
-export default router;
+router.route("/getselfbusiness").get(isBusinessAuthenticated, getSelfBusiness);
+//auth routes
+router.route("/login").post(loginBusiness);
+router.route("/password/update").patch(isAuthenticatedUser, updatePassword);
+
+export default router;