Listing_SuggestPrice/backend/app/controllers/auth_controller.ts

99 lines
3.1 KiB
TypeScript

import type { HttpContext } from '@adonisjs/core/http'
import User from '#models/user'
import { loginValidator, registerValidator } from '#validators/auth'
export default class AuthController {
/** POST /api/auth/register */
async register({ request, response }: HttpContext) {
const data = await request.validateUsing(registerValidator)
const user = await User.create(data)
return response.created({ id: user.id, username: user.username, firstName: user.firstName, lastName: user.lastName })
}
/** POST /api/auth/login -> trả về bearer token */
async login({ request, response }: HttpContext) {
const { username, password } = await request.validateUsing(loginValidator)
try {
const remoteUrl = process.env.ERP_API_URL || 'https://stage.nswteam.net'
const remoteResp = await fetch(`${remoteUrl}/api/login`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
userEmail: username,
password,
}),
})
const remoteData = (await remoteResp.json().catch(() => null)) as
| { success?: boolean; data?: { firstName?: string | null; lastName?: string | null } }
| null
if (!remoteResp.ok || !remoteData?.success) {
return response.badRequest({
status: false,
message: 'Login ERP Fail, Email or password is incorrect',
error: 'EMAIL_OR_PASSWORD_INCORRECT',
})
}
const remoteUser = remoteData.data
const existingUser = await User.findBy('username', username)
const userPayload = {
username,
password,
firstName: remoteUser?.firstName ?? existingUser?.firstName ?? null,
lastName: remoteUser?.lastName ?? existingUser?.lastName ?? null,
}
let user = existingUser
if (user) {
const needsUpdate =
user.firstName !== userPayload.firstName || user.lastName !== userPayload.lastName
if (needsUpdate) {
user.firstName = userPayload.firstName
user.lastName = userPayload.lastName
await user.save()
}
} else {
user = await User.create(userPayload)
}
const token = await User.accessTokens.create(user)
return {
user: { id: user.id, username: user.username, firstName: user.firstName, lastName: user.lastName },
token: token.value!.release(),
type: 'bearer',
expiresAt: token.expiresAt,
}
} catch (error) {
return response.badRequest({
status: false,
message: 'Login ERP Fail',
error: error instanceof Error ? error.message : 'UNKNOWN_ERROR',
details: error,
})
}
}
/** POST /api/auth/logout */
async logout({ auth }: HttpContext) {
const user = auth.getUserOrFail()
const token = auth.user?.currentAccessToken
if (token) await User.accessTokens.delete(user, token.identifier)
return { revoked: true }
}
/** GET /api/auth/me */
async me({ auth }: HttpContext) {
const user = auth.getUserOrFail()
return { id: user.id, username: user.username, firstName: user.firstName, lastName: user.lastName }
}
}