99 lines
3.1 KiB
TypeScript
99 lines
3.1 KiB
TypeScript
import type { HttpContext } from '@adonisjs/core/http'
|
|
import User from '#models/user'
|
|
import { loginValidator, registerValidator } from '#validators/auth'
|
|
|
|
export default class AuthController {
|
|
/** POST /api/auth/register */
|
|
async register({ request, response }: HttpContext) {
|
|
const data = await request.validateUsing(registerValidator)
|
|
const user = await User.create(data)
|
|
return response.created({ id: user.id, username: user.username, firstName: user.firstName, lastName: user.lastName })
|
|
}
|
|
|
|
/** POST /api/auth/login -> trả về bearer token */
|
|
async login({ request, response }: HttpContext) {
|
|
const { username, password } = await request.validateUsing(loginValidator)
|
|
|
|
try {
|
|
const remoteUrl = process.env.ERP_API_URL || 'https://stage.nswteam.net'
|
|
const remoteResp = await fetch(`${remoteUrl}/api/login`, {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
},
|
|
body: JSON.stringify({
|
|
userEmail: username,
|
|
password,
|
|
}),
|
|
})
|
|
|
|
const remoteData = (await remoteResp.json().catch(() => null)) as
|
|
| { success?: boolean; data?: { firstName?: string | null; lastName?: string | null } }
|
|
| null
|
|
|
|
if (!remoteResp.ok || !remoteData?.success) {
|
|
return response.badRequest({
|
|
status: false,
|
|
message: 'Login ERP Fail, Email or password is incorrect',
|
|
error: 'EMAIL_OR_PASSWORD_INCORRECT',
|
|
})
|
|
}
|
|
|
|
const remoteUser = remoteData.data
|
|
const existingUser = await User.findBy('username', username)
|
|
|
|
const userPayload = {
|
|
username,
|
|
password,
|
|
firstName: remoteUser?.firstName ?? existingUser?.firstName ?? null,
|
|
lastName: remoteUser?.lastName ?? existingUser?.lastName ?? null,
|
|
}
|
|
|
|
let user = existingUser
|
|
|
|
if (user) {
|
|
const needsUpdate =
|
|
user.firstName !== userPayload.firstName || user.lastName !== userPayload.lastName
|
|
|
|
if (needsUpdate) {
|
|
user.firstName = userPayload.firstName
|
|
user.lastName = userPayload.lastName
|
|
await user.save()
|
|
}
|
|
} else {
|
|
user = await User.create(userPayload)
|
|
}
|
|
|
|
const token = await User.accessTokens.create(user)
|
|
|
|
return {
|
|
user: { id: user.id, username: user.username, firstName: user.firstName, lastName: user.lastName },
|
|
token: token.value!.release(),
|
|
type: 'bearer',
|
|
expiresAt: token.expiresAt,
|
|
}
|
|
} catch (error) {
|
|
return response.badRequest({
|
|
status: false,
|
|
message: 'Login ERP Fail',
|
|
error: error instanceof Error ? error.message : 'UNKNOWN_ERROR',
|
|
details: error,
|
|
})
|
|
}
|
|
}
|
|
|
|
/** POST /api/auth/logout */
|
|
async logout({ auth }: HttpContext) {
|
|
const user = auth.getUserOrFail()
|
|
const token = auth.user?.currentAccessToken
|
|
if (token) await User.accessTokens.delete(user, token.identifier)
|
|
return { revoked: true }
|
|
}
|
|
|
|
/** GET /api/auth/me */
|
|
async me({ auth }: HttpContext) {
|
|
const user = auth.getUserOrFail()
|
|
return { id: user.id, username: user.username, firstName: user.firstName, lastName: user.lastName }
|
|
}
|
|
}
|