sensor and location done and some cleanupd

testing will be required
2024-01-24 15:04:50 +08:00
parent 940d40ed38
commit 5c3a43ddd6
9 changed files with 490 additions and 188 deletions
--- a/Sean/modules/otpUtils.js
+++ b/Sean/modules/otpUtils.js
@ -0,0 +1,42 @@
+const nodemailer = require("nodemailer");
+const otpGenerator = require('otp-generator');
+const path = require('path')
+require('dotenv').config({ path: path.resolve(__dirname, '../.env') })
+
+const generateOTP = () => {
+	const otp = otpGenerator.generate(6, { upperCase: false, specialChars: false });
+	const expirationTime = Date.now() + 5 * 60 * 1000; // 5 minutes expiration
+	return { otp, expirationTime };
+  };
+const sendOTPByEmail = async (email, otp) => {
+	try {
+	  const transporter = nodemailer.createTransport({
+		service: 'gmail',
+		host: 'smtp.gmail.com',
+        port: 587, // use the appropriate port for your SMTP server
+        secure: false, // true for 465, false for other ports
+		auth: {
+		  user: process.env.euser,  // replace with your email
+		  pass: process.env.epass   // replace with your email password
+		}
+	  });
+  
+	  const mailOptions = {
+		from: process.env.euser,
+		to: email,
+		subject: 'Login OTP',
+		text: `Your OTP for login is: ${otp}`
+	  };
+  
+	  await transporter.sendMail(mailOptions);
+	  console.log('OTP sent successfully to', email);
+	} catch (error) {
+	  console.error('Error sending OTP:', error);
+	  throw error;
+	}
+  };
+
+  module.exports = {
+    generateOTP,
+    sendOTPByEmail
+  };
--- a/Sean/modules/rateLimitMiddleware.js
+++ b/Sean/modules/rateLimitMiddleware.js
@ -0,0 +1,9 @@
+const rateLimit = require('express-rate-limit');
+
+const limiter = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 5, // limit each IP to 5 requests per windowMs
+  message: 'Too many login attempts from this IP, please try again later.',
+});
+
+module.exports = limiter;
--- a/Sean/modules/validationMiddleware.js
+++ b/Sean/modules/validationMiddleware.js
@ -0,0 +1,77 @@
+const { body } = require('express-validator');
+
+const locationValidation = [
+  body('name').trim().isLength({ min: 1 }).withMessage('Name must not be empty').escape(),
+  body('added_by').trim().isLength({ min: 1 }).withMessage('Added by must not be empty').escape(),
+  body('description').trim().escape(),
+];
+
+const locationValidationUpdate = [
+	body('id').trim().escape(),
+	body('name').trim().isLength({ min: 1 }).withMessage('Name must not be empty').escape(),
+	body('added_by').trim().isLength({ min: 1 }).withMessage('Added by must not be empty').escape(),
+	body('description').trim().escape(),
+  ];
+
+const locationdeleteValidation = [
+	body('id').trim().escape()
+  ];
+
+const sensorValidation = [
+	body('sensorname').trim().isLength({ min: 1 }).withMessage('Sensor Name must not be empty').escape(),
+	body('added_by').trim().isLength({ min: 1 }).withMessage('Added by must not be empty').escape(),
+	body('macAddress').custom(value => {
+	  const macAddressRegex = /^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/;
+	  if (!macAddressRegex.test(value)) {
+		throw new Error('Invalid MAC address format');
+	  }
+	  return true;
+	}).withMessage('Invalid MAC address format').escape(),
+	body('description').trim().escape(),
+	body('location').trim().escape()
+  ];
+
+const sensorupdateValidation = [
+	body('id').trim().escape(),
+	body('sensorname').trim().isLength({ min: 1 }).withMessage('Sensor Name must not be empty').escape(),
+	body('added_by').trim().isLength({ min: 1 }).withMessage('Added by must not be empty').escape(),
+	body('macAddress').custom(value => {
+	  const macAddressRegex = /^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/;
+	  if (!macAddressRegex.test(value)) {
+		throw new Error('Invalid MAC address format');
+	  }
+	  return true;
+	}).withMessage('Invalid MAC address format').escape(),
+	body('description').trim().escape(),
+	body('location').trim().escape()
+  ];
+
+const sensordeleteValidation = [
+	body('id').trim().escape()
+  ];
+
+const loginValidation = [
+	body('username').escape().trim().isLength({ min: 1 }).withMessage('Username must not be empty'),
+  body('password').escape().trim().isLength({ min: 1 }).withMessage('Password must not be empty'),
+  ];
+
+const otpValidation = [
+	body('otp').escape().trim().isLength({ min: 1 }).withMessage('OTP must not be empty'),
+  ];
+
+const createValidation = [
+	body('name').trim().isLength({ min: 1 }).withMessage('Name must not be empty').escape(),
+    body('username').trim().isLength({ min: 1 }).withMessage('Username must not be empty').escape(),
+    body('email').isEmail().withMessage('Invalid email address').normalizeEmail(),
+    body('password').custom((value) => {
+            if (!isStrongPassword(value)) { throw new Error('Password does not meet complexity requirements'); } return true;
+        }),
+    body('jobTitle').trim().isLength({ min: 1 }).withMessage('Job title must not be empty').escape(),
+  ]; 
+  
+  
+module.exports = {
+  locationValidation,locationValidationUpdate,locationdeleteValidation
+  ,sensorValidation,sensorupdateValidation,sensordeleteValidation,loginValidation,otpValidation
+  ,createValidation
+};