diff --git a/constants.js b/constants.js new file mode 100644 index 0000000..603e22d --- /dev/null +++ b/constants.js @@ -0,0 +1 @@ +exports.kSaltRounds = 10; \ No newline at end of file diff --git a/controllers/userAuth.controller.js b/controllers/userAuth.controller.js index 160400b..f670dff 100644 --- a/controllers/userAuth.controller.js +++ b/controllers/userAuth.controller.js @@ -2,6 +2,8 @@ const User = require("../models/user.model"); const UserCredentials = require("../models/user.credentials"); const OTP = require("../models/otp.model"); const nodemailer = require("nodemailer"); +const bcrypt = require("bcrypt"); +const {kSaltRounds} = require("../constants"); const transporter = nodemailer.createTransport({ port: 465, @@ -93,10 +95,12 @@ exports.createNewUser = async (req, res, next) => { // save user const user = await createUser.save(); + const hashedPassword = await bcrypt.hash(password,kSaltRounds); + const createUserCredentials = new UserCredentials({ user_id: user._id, email, - password, + password: hashedPassword, }); createUserCredentials.save(); @@ -109,18 +113,6 @@ exports.createNewUser = async (req, res, next) => { entityModel: "User", }); - // await new Promise((resolve, reject) => { - // // verify connection configuration - // transporter.verify(function (error, success) { - // if (error) { - // console.log(error); - // reject(error); - // } else { - // console.log("Server is ready to take our messages"); - // resolve(success); - // } - // }); - // }); let mailData = { from: { @@ -132,7 +124,7 @@ exports.createNewUser = async (req, res, next) => { text: `Your Otp is - ${otp}`, }; - await new Promise((resolve, reject) => { + new Promise((resolve, reject) => { // send mail transporter.sendMail(mailData, (err, info) => { if (err) { @@ -169,7 +161,7 @@ exports.login = async (req, res, next) => { next({ status: 401, message: USER_NOT_VERIFIED }); } - const passwordMatch = password === user.password ? 1 : 0; + const passwordMatch = await bcrypt.compare(password, user.password); if (passwordMatch) { const token = createJwtToken({ userId: user.user_id }); diff --git a/controllers/vendorAuth.controller.js b/controllers/vendorAuth.controller.js index e3ae963..58adaf2 100644 --- a/controllers/vendorAuth.controller.js +++ b/controllers/vendorAuth.controller.js @@ -4,6 +4,7 @@ const OTP = require("../models/otp.model"); const nodemailer = require("nodemailer"); const bcrypt = require("bcrypt"); +const {kSaltRounds} = require('../constants') const { USER_NOT_FOUND_ERR, @@ -22,7 +23,7 @@ let mailTransporter = nodemailer.createTransport({ pass: "mxzc acbf revb xcxh", }); -// --------------------- create new user --------------------------------- +// --------------------- create new Vendor --------------------------------- exports.createNewVendor = async (req, res, next) => { try { @@ -42,7 +43,7 @@ exports.createNewVendor = async (req, res, next) => { console.log(description); - // let images = [image_url]; + const emailExist = await Vendor.findOne({ email }); if (emailExist) { @@ -50,6 +51,8 @@ exports.createNewVendor = async (req, res, next) => { return; } + const hashedPassword = await bcrypt.hash(password, kSaltRounds); + const createVendor = new Vendor({ ownerName, email, @@ -66,7 +69,7 @@ exports.createNewVendor = async (req, res, next) => { const createVendorCredentials = new VendorCredentials({ email, - password, + password: hashedPassword, vendor_id: vendor._id, }); await createVendorCredentials.save(); @@ -77,32 +80,32 @@ exports.createNewVendor = async (req, res, next) => { }); await menu.save(); - const otp = Math.floor(1000 + Math.random() * 9000); - const sentOtp = new OTP({ - code: otp, - expiresAt: new Date(new Date().getTime() + 2 * 60 * 1000), - entity: vendor._id, - entityModel: "Vendor", - }); - await sentOtp.save(); - - let mailDetails = { - from: "adityavinay@iitbhilai.ac.in", - to: email, - subject: "Test mail", - text: `Your OTP is: ${otp}`, - }; - - mailTransporter.sendMail(mailDetails, function (err, data) { - if (err) { - console.log("Error Occurs"); - console.log(err); - } else { - console.log("Email sent successfully"); - } - }); - - res.status(200).json("OTP send successfully"); + // const otp = Math.floor(1000 + Math.random() * 9000); + // const sentOtp = new OTP({ + // code: otp, + // expiresAt: new Date(new Date().getTime() + 2 * 60 * 1000), + // entity: vendor._id, + // entityModel: "Vendor", + // }); + // await sentOtp.save(); + + // let mailDetails = { + // from: "adityavinay@iitbhilai.ac.in", + // to: email, + // subject: "Test mail", + // text: `Your OTP is: ${otp}`, + // };c + + // mailTransporter.sendMail(mailDetails, function (err, data) { + // if (err) { + // console.log("Error Occurs"); + // console.log(err); + // } else { + // console.log("Email sent successfully"); + // } + // }); + + res.status(200).json("Register successfully"); } catch (error) { next(error); } @@ -120,7 +123,7 @@ exports.vendorLogin = async (req, res, next) => { return; } - const passwordMatch = vendor.password === password; + const passwordMatch = await bcrypt.compare(password, vendor.password); if (passwordMatch) { // Generate JWT token const token = createJwtToken({ userId: vendor.vendor_id });