const db = require("../models/index"); const config = require("../config/auth.config"); const { Auth: Auth, User: User, RefreshToken: RefreshToken } = db; const jwt = require("jsonwebtoken"); const {registerUser} = require("../helper/user.helper"); exports.register = (req, res) => { // Ensure at least one role ist set req.body.roles = req.body.roles?.length ? req.body.roles : ['player']; try { registerUser(req.body); res.send({ message: "User registered successfully!" }); } catch (err) { res.status(500).send({ message: err.message }); } // // Save User to Database // Auth.create({ // email: req.body.email, // password: req.body.password // }).then((auth) => { // User.create({ // firstName: req.body.firstName, // lastName: req.body.lastName, // dateOfBirth: new Date(req.body.dateOfBirth), // authId: auth.id // }).then(user => { // Role.findAll({ // where: { // name: { // [Op.or]: req.body.roles // } // } // }).then(roles => { // user.setRoles(roles).then(() => { // res.send({ message: "User registered successfully!" }); // }); // }); // }).catch(err => { // res.status(500).send({ message: err.message }); // }); // }).catch(err => { // res.status(500).send({ message: err.message }); // }); }; exports.login = async (req, res) => { try { const auth = await Auth.findOne({ where: { email: req.body.email } }); if (!auth) { return res.status(404).send({message: "User Not found."}); } const passwordIsValid = auth.validPassword(req.body.password); if (!passwordIsValid) { return res.status(401).send({ accessToken: null, message: "Invalid Password!" }); } const refreshToken = await RefreshToken.createToken(auth); const accessToken = jwt.sign({id: auth.id}, config.secret, { algorithm: 'HS256', allowInsecureKeySizes: true, expiresIn: config.jwtExpiration }); const user = await User.findOne({ where: { authId: auth.id } }); const authorities = []; const roles = await user.getRoles(); for (let i = 0; i < roles.length; i++) { authorities.push("ROLE_" + roles[i].name.toUpperCase()); } return res.status(200).send({ id: user.id, email: auth.email, roles: authorities, accessToken: accessToken, refreshToken: refreshToken }); } catch (err) { res.status(500).send({ message: err.message }); } }; exports.refreshToken = async (req, res) => { const { refreshToken: requestToken } = req.body; if (requestToken == null) { return res.status(403).json({ message: "Refresh Token is required!" }); } try { let refreshToken = await RefreshToken.findOne({ where: { token: requestToken } }); if (!refreshToken) { res.status(403).json({ message: "Refresh token is not in database!" }); return; } if (RefreshToken.verifyExpiration(refreshToken)) { RefreshToken.destroy({ where: { id: refreshToken.id } }); res.status(403).json({ message: "Refresh token was expired. Please make a new login request", }); return; } let newAccessToken = jwt.sign({ id: refreshToken.authId }, config.secret, { expiresIn: config.jwtExpiration, }); return res.status(200).json({ accessToken: newAccessToken, refreshToken: refreshToken.token, }); } catch (err) { return res.status(500).send({ message: err }); } };