gitadmin/api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added isbusinessauthenticate, businesslogin route , getselfbusiness route

Browse Source
This commit is contained in:
MD ARIF KHAN 2023-03-29 11:35:43 +05:30
parent b8ab99cf9a
commit 035a989f29
3 changed files with 483 additions and 363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
middlewares/auth.js
View File

@ -1,7 +1,8 @@
import User from "../resources/user/userModel.js"; import User from "../resources/user/userModel.js";
import jwt from "jsonwebtoken"; import jwt from "jsonwebtoken";
import ErrorHander from "../Utils/errorhander.js" import ErrorHander from "../Utils/errorhander.js";
import { Franchisee } from "../resources/Temple/FranchiseeModel.js"; import { Franchisee } from "../resources/Temple/FranchiseeModel.js";
import { Business } from "../resources/Businesses/BusinessModel.js";
export const isAuthenticatedUser = async (req, res, next) => { export const isAuthenticatedUser = async (req, res, next) => {
try { try {
@ -13,7 +14,6 @@ export const isAuthenticatedUser = async (req, res, next) => {
} }
const getToken = req.headers; const getToken = req.headers;
//remove Bearer from token //remove Bearer from token
const fronttoken = getToken.authorization.slice(7); const fronttoken = getToken.authorization.slice(7);
@ -37,13 +37,8 @@ export const isAuthenticatedUser = async (req, res, next) => {
} }
}; };
export const isFranchiAuthenticated = async (req, res, next) => { export const isFranchiAuthenticated = async (req, res, next) => {
try { try {
if (!req.headers.authorization) { if (!req.headers.authorization) {
return res.status(400).json({ return res.status(400).json({
success: false, success: false,
@ -77,9 +72,45 @@ export const isFranchiAuthenticated = async (req, res, next) => {
} }
}; };
// isBusinessAuthenticated
export const isBusinessAuthenticated = async (req, res, next) => {
try {
if (!req.headers.authorization) {
return res.status(400).json({
success: false,
message: "Login to Access this resource",
});
}
const getToken = req.headers;
//remove Bearer from token
export const authorizeRoles = (...roles) => {//pass admin const fronttoken = getToken.authorization.slice(7);
const frontdecoded = jwt.verify(fronttoken, process.env.JWT_SECRET);
if (!frontdecoded) {
return res.status(400).json({
success: false,
message: "incorrect token",
});
}
// console.log(frontdecoded)
const fuser = await Business.findById(frontdecoded.id);
req.business = fuser;
next();
} catch (error) {
return res.status(400).json({
success: false,
message: error.message,
});
}
};
export const authorizeRoles = (...roles) => {
//pass admin
return (req, res, next) => { return (req, res, next) => {
if (!roles.includes(req.user.role)) { if (!roles.includes(req.user.role)) {
return next( return next(

225
resources/Businesses/BusinessController.js
View File

@ -1,22 +1,33 @@
import sendEmail from "../../Utils/sendEmail.js";
import sendEmail from "../../Utils/sendEmail.js"
import cloudinary from "../../Utils/cloudinary.js"; import cloudinary from "../../Utils/cloudinary.js";
import { Business } from './BusinessModel.js' import { Business } from "./BusinessModel.js";
import password from 'secure-random-password' import password from "secure-random-password";
import fs from "fs"; import fs from "fs";
import catchAsyncErrors from "../../middlewares/catchAsyncErrors.js";
import sendToken from "../../Utils/jwtToken.js";
export const createBusiness = async (req, res) => { export const createBusiness = async (req, res) => {
try { try {
if (!req?.user) return res.status(400).json({ message: "please login !" }); if (!req?.user) return res.status(400).json({ message: "please login !" });
const { business, purpose, country, language, state, city, address_Line_1, address_Line_2, pincode, const {
business_name, email, contact_Number, contact_Person_Name, url, short_url } = business,
req.body; purpose,
country,
language,
state,
city,
address_Line_1,
address_Line_2,
pincode,
business_name,
email,
contact_Number,
contact_Person_Name,
url,
short_url,
} = req.body;
//validation //validation
switch (true) { switch (true) {
case !business: case !business:
@ -44,21 +55,21 @@ export const createBusiness = async (req, res) => {
case !contact_Number: case !contact_Number:
return res.status(500).send({ error: "contact_Number is Required" }); return res.status(500).send({ error: "contact_Number is Required" });
case !contact_Person_Name: case !contact_Person_Name:
return res.status(500).send({ error: "contact_Person_Name is Required" }); return res
.status(500)
.send({ error: "contact_Person_Name is Required" });
case !url: case !url:
return res.status(500).send({ error: " Business url is Required" }); return res.status(500).send({ error: " Business url is Required" });
case !short_url: case !short_url:
return res.status(500).send({ error: "short_url is Required" }); return res.status(500).send({ error: "short_url is Required" });
} }
let businesse = await Business.findOne({ email }); let businesse = await Business.findOne({ email });
if (businesse) { if (businesse) {
return res return res.status(400).json({
.status(400) success: false,
.json({ success: false, message: " THis Email already exists Please try another Email!" }); message: " THis Email already exists Please try another Email!",
});
} }
const businessWithURL = await Business.findOne({ const businessWithURL = await Business.findOne({
short_url: req.body?.short_url, short_url: req.body?.short_url,
@ -66,7 +77,9 @@ export const createBusiness = async (req, res) => {
if (businessWithURL?._id) { if (businessWithURL?._id) {
if (req?.files?.image?.tempFilePath) if (req?.files?.image?.tempFilePath)
fs.unlinkSync(image_file?.tempFilePath); fs.unlinkSync(image_file?.tempFilePath);
return res.status(400).json({ message: "business URL is not available!" }); return res
.status(400)
.json({ message: "business URL is not available!" });
} }
if (req?.files?.image?.tempFilePath) { if (req?.files?.image?.tempFilePath) {
const result = await cloudinary.v2.uploader.upload( const result = await cloudinary.v2.uploader.upload(
@ -86,26 +99,22 @@ export const createBusiness = async (req, res) => {
{ characters: password.upper, exactly: 1 }, { characters: password.upper, exactly: 1 },
{ characters: password.symbols, exactly: 1 }, { characters: password.symbols, exactly: 1 },
password.lower, password.lower,
password.digits] password.digits,
}) ],
});
req.body.password = passwords; req.body.password = passwords;
// req.user.role === 'admin' ? req.body.verify = true : req.body.verify = false // req.user.role === 'admin' ? req.body.verify = true : req.body.verify = false
req.body.added_by = req.user._id;
req.body.added_by = req.user._id
const businesses = await Business.create(req.body); const businesses = await Business.create(req.body);
await sendEmail({ await sendEmail({
to: `${req.body.email}`, // Change to your recipient to: `${req.body.email}`, // Change to your recipient
from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender
subject: `Bolo.Ai business Created`, subject: `Bolo.Ai business Created`,
html: `your Business Url is:${req.body.url}<br/><br/>your login email is: <strong> ${req.body.email}</strong><br/>and password is: <strong> ${passwords}</strong><br/><br/><h3>Thank You</h3>` html: `your Business Url is:${req.body.url}<br/><br/>your login email is: <strong> ${req.body.email}</strong><br/>and password is: <strong> ${passwords}</strong><br/><br/><h3>Thank You</h3>`,
}); });
res.status(201).send({ res.status(201).send({
@ -120,18 +129,16 @@ export const createBusiness = async (req, res) => {
res.status(500).send({ res.status(500).send({
success: false, success: false,
error, error,
message: error.message ? error.message : "Unable to create." message: error.message ? error.message : "Unable to create.",
}); });
}
} }
};
export const getAllBusiness = async (req, res) => { export const getAllBusiness = async (req, res) => {
try { try {
if (!req?.user) return res.status(400).json({ message: "please login !" }); if (!req?.user) return res.status(400).json({ message: "please login !" });
const businesses = await Business.find().sort({ createdAt: -1 });
const businesses = await Business.find().sort({ createdAt: -1 })
if (businesses) { if (businesses) {
res.status(201).send({ res.status(201).send({
success: true, success: true,
@ -139,23 +146,22 @@ export const getAllBusiness = async (req, res) => {
businesses, businesses,
}); });
} }
} catch (error) { } catch (error) {
// console.log(error); // console.log(error);
res.status(500).send({ res.status(500).send({
success: false, success: false,
error, error,
message: error.message ? error.message : "Unable to fetch." message: error.message ? error.message : "Unable to fetch.",
}); });
}
} }
};
export const getSingleBusiness = async (req, res) => { export const getSingleBusiness = async (req, res) => {
try { try {
if (!req?.user) return res.status(400).json({ message: "please login !" }); if (!req?.user) return res.status(400).json({ message: "please login !" });
if (!req?.params.id) return res.status(400).json({ message: "please Provide Business ID !" }); if (!req?.params.id)
return res.status(400).json({ message: "please Provide Business ID !" });
const businesses = await Business.findById(req.params.id) const businesses = await Business.findById(req.params.id);
if (businesses) { if (businesses) {
res.status(201).send({ res.status(201).send({
success: true, success: true,
@ -163,26 +169,51 @@ export const getSingleBusiness = async (req, res) => {
businesses, businesses,
}); });
} }
} catch (error) { } catch (error) {
// console.log(error); // console.log(error);
res.status(500).send({ res.status(500).send({
success: false, success: false,
error, error,
message: error.message ? error.message : "Unable to fetch." message: error.message ? error.message : "Unable to fetch.",
}); });
}
};
// export getSelfBusiness
export const getSelfBusiness = async (req, res) => {
try {
if (!req?.business)
return res.status(400).json({ message: "please login !" });
const businesses = await Business.findById(req.business._id);
if (businesses) {
res.status(201).send({
success: true,
message: "Business Fetched Successfully",
businesses,
});
} }
} catch (error) {
// console.log(error);
res.status(500).send({
success: false,
error,
message: error.message ? error.message : "Unable to fetch.",
});
} }
};
export const updateBusiness = async (req, res) => { export const updateBusiness = async (req, res) => {
try { try {
if (!req?.user) return res.status(400).json({ message: "please login !" }); if (!req?.user) return res.status(400).json({ message: "please login !" });
if (!req?.params.id) return res.status(400).json({ message: "please Provide Business ID !" }); if (!req?.params.id)
return res.status(400).json({ message: "please Provide Business ID !" });
req.body.added_by = req.user._id;
const businesses = await Business.findByIdAndUpdate(req.params.id, {
req.body.added_by = req.user._id ...req.body,
const businesses = await Business.findByIdAndUpdate(req.params.id, { ...req.body }) });
res.status(201).send({ res.status(201).send({
success: true, success: true,
@ -194,60 +225,90 @@ export const updateBusiness = async (req, res) => {
res.status(500).send({ res.status(500).send({
success: false, success: false,
error, error,
message: error.message ? error.message : "Unable to Update." message: error.message ? error.message : "Unable to Update.",
}); });
}
} }
};
//delete //delete
export const deleteBusinessById = async (req, res) => { export const deleteBusinessById = async (req, res) => {
try { try {
if (!req?.user) return res.status(400).json({ message: "please login !" }); if (!req?.user) return res.status(400).json({ message: "please login !" });
if (!req?.params.id) return res.status(400).json({ message: "please Provide Business ID !" }); if (!req?.params.id)
return res.status(400).json({ message: "please Provide Business ID !" });
const business = await Business.findByIdAndDelete(req.params.id) const business = await Business.findByIdAndDelete(req.params.id);
if (!business) { if (!business) {
return res.status(400).json({ message: 'business Not Found' }); return res.status(400).json({ message: "business Not Found" });
} }
await business.remove(); await business.remove();
res.status(200).json({ status: "OK", msg: 'Deteted successfully' }); res.status(200).json({ status: "OK", msg: "Deteted successfully" });
} catch (err) { } catch (err) {
return res.status(500).json({ message: err.message ? err.message : "Unable to delete." }); return res
.status(500)
.json({ message: err.message ? err.message : "Unable to delete." });
} }
}; };
// update password for business owner with old password
export const updatePassword = catchAsyncErrors(async (req, res, next) => {
const business = await Business.findById(req.user.id).select("+password");
const isPasswordMatched = await business.comparePassword(
req.body.oldPassword
);
if (!isPasswordMatched) {
return next(new ErrorHander("Old password is incorrect", 400));
}
if (req.body.newPassword !== req.body.confirmPassword) {
return next(new ErrorHander("password does not match", 400));
}
business.password = req.body.newPassword;
await business.save();
sendToken(business, 200, res);
});
// login for business owner
export const loginBusiness = async (req, res, next) => {
const { email, password } = req.body;
// checking if user has given password and email both
try {
if (!email || !password) {
return res.status(400).json({ message: "Please Enter Email & Password" });
}
const business = await Business.findOne({ email }).select("+password");
if (!business) {
return res.status(400).json({ message: "Invalid Email or Password" });
}
const isPasswordMatched = await business.comparePassword(password);
if (!isPasswordMatched) {
return res.status(400).json({ message: "Invalid Email or Password" });
}
sendToken(business, 200, res);
} catch (error) {
return res
.status(500)
.json({ message: "Something went wrong!", error: error?.message || "" });
}
};
/****************************************** */
const addBusiness = async (req, res) => { const addBusiness = async (req, res) => {
const image_file = req?.files?.image; const image_file = req?.files?.image;
try { try {
const { email } = req.body const { email } = req.body;
let business = await Business.findOne({ email }); let business = await Business.findOne({ email });
if (business) { if (business) {
return res return res
@ -260,7 +321,9 @@ const addBusiness = async (req, res) => {
if (BusinessWithURL?._id) { if (BusinessWithURL?._id) {
if (req?.files?.image?.tempFilePath) if (req?.files?.image?.tempFilePath)
fs.unlinkSync(image_file?.tempFilePath); fs.unlinkSync(image_file?.tempFilePath);
return res.status(400).json({ message: "Business URL is not available!" }); return res
.status(400)
.json({ message: "Business URL is not available!" });
} }
if (image_file?.tempFilePath) { if (image_file?.tempFilePath) {
const result = await cloudinary.v2.uploader.upload( const result = await cloudinary.v2.uploader.upload(
@ -280,21 +343,22 @@ const addBusiness = async (req, res) => {
{ characters: password.upper, exactly: 1 }, { characters: password.upper, exactly: 1 },
{ characters: password.symbols, exactly: 1 }, { characters: password.symbols, exactly: 1 },
password.lower, password.lower,
password.digits] password.digits,
}) ],
});
req.body.password = passwords; req.body.password = passwords;
req.user.role === 'admin' ? req.body.verify = true : req.body.verify = false req.user.role === "admin"
? (req.body.verify = true)
: (req.body.verify = false);
const entity = await Business.create(req.body); const entity = await Business.create(req.body);
await sendEmail({ await sendEmail({
to: `${req.body.email}`, // Change to your recipient to: `${req.body.email}`, // Change to your recipient
from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender from: `${process.env.SEND_EMAIL_FROM}`, // Change to your verified sender
subject: `ATP Business Created`, subject: `ATP Business Created`,
html: `your business Url is:${req.body.url}<br/><br/>your login email is: <strong> ${req.body.email}</strong><br/>and password is: <strong> ${passwords}</strong><br/><br/><h3>Thank You</h3>` html: `your business Url is:${req.body.url}<br/><br/>your login email is: <strong> ${req.body.email}</strong><br/>and password is: <strong> ${passwords}</strong><br/><br/><h3>Thank You</h3>`,
}); });
return res.status(200).json({ return res.status(200).json({
success: true, success: true,
@ -304,7 +368,9 @@ const addBusiness = async (req, res) => {
} catch (err) { } catch (err) {
// console.log(err) // console.log(err)
fs.unlinkSync(image_file?.tempFilePath); fs.unlinkSync(image_file?.tempFilePath);
return res.status(500).json({ message: err.message ? err.message : "Unable to create." }); return res
.status(500)
.json({ message: err.message ? err.message : "Unable to create." });
} }
}; };
@ -317,12 +383,11 @@ const addProductToBusiness = async (req, res) => {
}, },
{ new: true } { new: true }
); );
res res.status(200).json({
.status(200) status: "ok",
.json({ status: "ok", message: "Product added to Business successfully" }); message: "Product added to Business successfully",
});
} catch (err) { } catch (err) {
return res.status(500).json({ message: "Unable to get ID." }); return res.status(500).json({ message: "Unable to get ID." });
} }
}; };

36
resources/Businesses/BusinessRoute.js
View File

@ -1,14 +1,38 @@
import { Router } from "express"; import { Router } from "express";
import { authorizeRoles, isAuthenticatedUser } from "../../middlewares/auth.js"; import {
import { createBusiness, getAllBusiness, getSingleBusiness, updateBusiness, deleteBusinessById } from "./BusinessController.js"; authorizeRoles,
isAuthenticatedUser,
isBusinessAuthenticated,
} from "../../middlewares/auth.js";
import {
createBusiness,
getAllBusiness,
getSingleBusiness,
updateBusiness,
deleteBusinessById,
updatePassword,
getSelfBusiness,
loginBusiness,
} from "./BusinessController.js";
const router = Router(); const router = Router();
router.route("/add").post(isAuthenticatedUser, authorizeRoles("admin"), createBusiness); router
router.route("/update/:id").patch(isAuthenticatedUser, authorizeRoles("admin"), updateBusiness); .route("/add")
router.route("/delete/:id").delete(isAuthenticatedUser, authorizeRoles("admin"), deleteBusinessById); .post(isAuthenticatedUser, authorizeRoles("admin"), createBusiness);
router
.route("/update/:id")
.patch(isAuthenticatedUser, authorizeRoles("admin"), updateBusiness);
router
.route("/delete/:id")
.delete(isAuthenticatedUser, authorizeRoles("admin"), deleteBusinessById);
router.route("/get/:id").get(isAuthenticatedUser, getSingleBusiness); router.route("/get/:id").get(isAuthenticatedUser, getSingleBusiness);
router.route("/getall").get(isAuthenticatedUser, getAllBusiness); router.route("/getall").get(isAuthenticatedUser, getAllBusiness);
export default router; router.route("/getselfbusiness").get(isBusinessAuthenticated, getSelfBusiness);
//auth routes
router.route("/login").post(loginBusiness);
router.route("/password/update").patch(isAuthenticatedUser, updatePassword);
export default router;