wmantly/mp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

b

Browse Source
This commit is contained in:
viviannTam 2024-01-30 14:48:17 +08:00
parent 9a5e128f3f
commit 31fe6b3c7c
11 changed files with 91 additions and 164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
consumerWebsite/app.js
View File

@ -1,10 +1,7 @@
const express = require("express");
const { rateLimit } = require("express-rate-limit");
const path = require("path");
const router = require('./routes/user');
const errorHandler = require('./utils/errorHandler');
const app = express();
const ejs = require("ejs");
module.exports = app;
@ -96,14 +93,3 @@ app.use(function (err, req, res, next) {
});
}
});
//reset password logic
app.use("/api/user", router)
app.use(errorHandler);
const PORT = 3000;
app.listen(PORT, () => {
console.log('server running on port ' + PORT);
});

110
consumerWebsite/controller/user_controller.js
View File

@ -1,110 +0,0 @@
const connection = require('../database/mySQL');
const { isEmpty } = require('../utils/object_isEmpty');
const AppError = require('../utils/error');
const bcrypt = require('bcryptjs');
const {FORGOT_PASSWORD_MODEL, RESET_PASSWORD_MODEL } = require('../database/model/userModel');
const nodemailer = require('nodemailer');
exports.user_forgotPassword = (req, res, next) => {
//Check the form data is found or not
if (isEmpty(req.body)) return next(new AppError('form data not found', 400));
try {
//Check the form data is valid or not
const { error } = FORGOT_PASSWORD_MODEL.validate(req.body);
if (error) return next(new AppError(error.details[0].message, 400));
connection.query("SELECT * FROM user WHERE email = ?", [[req.body.email]], async (err, data1, fields) => {
if (err) return next(new AppError(err, 500));
if (data1.length == 0) {
return next(new AppError("user not exist", 400))
}
const otp = Math.floor(1000 + Math.random() * 9000);
const otpExpier = new Date();
otpExpier.setMinutes(otpExpier.getMinutes() + 1);
connection.query("UPDATE user SET otp = ?, otpExpire = ? WHERE email = ?", [otp, otpExpier, req.body.email], (err, data2, fields) => {
if (err) return next(new AppError(err, 500));
const transporter = nodemailer.createTransport({
service: 'Gmail',
auth: {
user: 'ecosavertp@gmail.com',
pass: 'Ecosaver1234!',
},
});
const mailOptions = {
from: 'ecosavertp@gmail.com',
to: req.body.email,
subject: 'Password reset OTP',
text: `Your OTP (It is expired after 1 min) : ${otp}`,
};
transporter.sendMail(mailOptions, (error, info) => {
if (error) {
return next(new AppError(error, 500));
} else {
res.json({
data: "Your OTP send to the email"
})
}
});
})
})
}
catch (err) {
return next(new AppError(err, 500));
}
}
exports.user_resetPassword = (req, res, next) => {
const body = req.body;
const password = body.password;
const confirmPassword = body.confirmPassword;
if (isEmpty(body)) return next(new AppError('form data not found', 400));
try {
const { error } = RESET_PASSWORD_MODEL.validate(body);
if (error) return next(new AppError(error.details[0].message, 400));
if (password.localeCompare(confirmPassword) != 0) return next(new AppError('passwords are not equal', 400));
connection.query("SELECT * FROM user WHERE otp = ? AND otpExpire > NOW()", [[body.otp]], async (err, data, fields) => {
if (err) return next(new AppError(err, 500));
if (data.length == 0) return next(new AppError('Invalid or expired OTP', 400));
const solt = await bcrypt.genSalt(10);
const hashedPassword = await bcrypt.hash(password, solt);
connection.query("UPDATE user SET password = ?, otp = null, otpExpire = null WHERE otp = ?", [hashedPassword, body.otp], async (err, data, fields) => {
if (err) return next(new AppError(err, 500));
res.json({
data: 'Password reset successful'
})
})
})
}
catch (err) {
return next(new AppError(err, 500));
}
}

2
consumerWebsite/database/mySQL.js
View File

@ -15,7 +15,7 @@ const sequelize = new Sequelize(
attributeBehavior: 'escape',
dialectOptions: {
ssl: {
ca: fs.readFileSync(path.resolve(__dirname, '../cert/DigiCertGlobalRootCA.crt_3.pem')),
ca: fs.readFileSync(path.resolve(__dirname, '../cert/DigiCertGlobalRootCA.crt.pem')),
},
},

63
consumerWebsite/functions/nodeMail.js
View File

@ -77,6 +77,67 @@ async function sendTokenEmail(email, token) {
}
}
async function sendResetPasswordEmail(email, message) {
console.log(email, message);
try {
let resetMessage = await transporter.sendMail({
to: process.env.euser,
subject: "Reset Password",
html: `
<h1>Reset Password</h1>
<p><strong>From:</strong> Eco Saver</p>
<p><strong>User Email:</strong> ${email}</p>
<p><strong>Message:</strong> ${message}</p>
<p>Kindly click on the link given to reset your password!</p>
<p>Regards,</p>
<p>EcoSaver Team</p>
<p><a href="https://ecosaver.teeseng.uk/">EcoSaver Website</a></p>
<p>Please do not reply to this email.</p>
`,
});
transporter.sendMail({ resetMessage }, function (error, info) {
if (error) {
console.log(error);
} else {
console.log("Email sent: " + info.response);
}
});
} catch (error) {
console.error(error);
}
}
async function sendResetTokenEmail(email, token) {
try {
let tokenMessage = await transporter.sendMail({
to: email,
from: process.env.euser,
subject: "API Token",
html: `
<h1>API Token</h1>
<p><strong>Token:</strong> ${token}</p>
<p>Please do not lose this token and do not share your token with anyone!</p>
<p>Thank you for using EcoSaver.</p>
<p>Regards,</p>
<p>EcoSaver Team</p>
<p><a href="https://ecosaver.teeseng.uk/">EcoSaver Website</a></p>
<p>Please do not reply to this email.</p>
`,
});
transporter.sendMail({ resetMessage }, function (error, info) {
if (error) {
console.log(error);
} else {
console.log("Email sent: " + info.response);
}
});
} catch (error) {
console.error(error);
}
}
module.exports = { sendContactEmail , sendTokenEmail };
module.exports = { sendContactEmail , sendTokenEmail, sendResetPasswordEmail, sendResetTokenEmail };

24
consumerWebsite/routes/auth.js
View File

@ -72,4 +72,28 @@ router.post("/contact", async (req, res, next) => {
}
});
//reset
router.post("/checkemail", async (req, res, next) => {
try{
//console.log(req.body);
let Res = await checkEmail(req.body.email);
if (!Res) {
let error = new Error("Email not found");
error.status = 400;
return next(error);
}
else{
//console.log(Res);
send(req.body.email, req.body.name, req.body.message);
return res.json({
message: "Reset Password Link has successfully sent to your email!",
});
}
}catch (error){
console.error(error);
next(error);
}
});
module.exports = router;

4
consumerWebsite/routes/user.js
View File

@ -76,8 +76,4 @@ router.delete("/delete", async function (req, res, next) {
});
});
const {user_forgotPassword, user_resetPassword } = require('../controller/user_controller');
router.route("/forgotPassword").post(user_forgotPassword);
router.route("/resetPassword").post(user_resetPassword);
module.exports = router;

13
consumerWebsite/utils/error.js
View File

@ -1,13 +0,0 @@
class AppError extends Error {
constructor(msg, statusCode) {
super(msg);
this.statusCode = statusCode;
this.error = `${statusCode}`.startsWith('4') ? 'fail' : 'error';
this.isOperational = true;
Error.captureStackTrace(this, this.constructor);
}
}
module.exports = AppError;

8
consumerWebsite/utils/errorHandler.js
View File

@ -1,8 +0,0 @@
module.exports = (err, req, res, next) => {
err.statusCode = err.statusCode || 500;
err.status = err.status || "error";
res.status(err.statusCode).json({
status: err.status,
message: err.message,
});
};

8
consumerWebsite/utils/object_isEmpty.js
View File

@ -1,8 +0,0 @@
//Checking that the request body is empty
exports.isEmpty = function (obj) {
for(var prop in obj) {
if(obj.hasOwnProperty(prop))
return false;
}
return JSON.stringify(obj) === JSON.stringify({});
}

7
consumerWebsite/views/forgotPassword.ejs
View File

@ -4,10 +4,9 @@
<section class="wrapper">
<div class="form">
<header>Reset Password</header>
<form action="/resetpassword">
<input type="text" id="email" placeholder="Email" required />
<input type="password" id="password" placeholder="Password" required />
<input type="password" id="confirmPassword" placeholder="Confirm Password" required />
<form action="auth/checkemail" method="POST" onsubmit="formAJAX(this)">
<input type="email" name="email" placeholder="Email" required
pattern="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*" />
<input type="submit" value="Reset Password" />
</form>
<br>

2
consumerWebsite/views/resetpassword.ejs
View File

@ -29,7 +29,7 @@
<table class="footer">
<tr>
<td>
<p>&copy; 2023 EcoSaver</p>
<p>&copy; 2024 EcoSaver</p>
</td>
</tr>
</table>