-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathadminAuth.js
More file actions
89 lines (73 loc) · 2.46 KB
/
Copy pathadminAuth.js
File metadata and controls
89 lines (73 loc) · 2.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
const express = require("express");
const router = express.Router();
const bcrypt = require("bcryptjs");
const { nanoid } = require("nanoid");
const jwt = require("jsonwebtoken");
const { getSheets } = require("../googleSheetsClient");
// =====================================================
// REGISTER
// =====================================================
router.post("/Admin/register", async (req, res) => {
try {
const { name, mobile, password, department } = req.body;
if (!name || !mobile || !password || !department) {
return res.status(400).json({ error: "All fields required" });
}
const sheets = await getSheets();
// -------------------------------------------------
// CHECK EXISTING MOBILE
// -------------------------------------------------
const empRes = await sheets.spreadsheets.values.get({
spreadsheetId: process.env.GOOGLE_SHEET_ID,
range: "Admin!A2:F",
});
const employees = empRes.data.values || [];
if (employees.find((e) => e[2] === mobile)) {
return res.status(400).json({ error: "Mobile already registered" });
}
res.json({ ok: true, EmployeeID });
} catch (err) {
console.error("REGISTER ERROR:", err);
res.status(500).json({ error: err.message });
}
});
// =====================================================
// LOGIN
// =====================================================
router.post("/Admin/login", async (req, res) => {
try {
const { employeeID, password } = req.body;
const sheets = await getSheets();
const empRes = await sheets.spreadsheets.values.get({
spreadsheetId: process.env.GOOGLE_SHEET_ID,
range: "Admin!A:F",
});
const employees = empRes.data.values || [];
const user = employees.find((u) => u[0] === employeeID);
if (!user) return res.status(404).json({ error: "User not found" });
const passOK = await bcrypt.compare(password, user[3]);
if (!passOK) return res.status(401).json({ error: "Incorrect password" });
const token = jwt.sign(
{
employeeID: user[0],
name: user[1],
department: user[4],
},
process.env.JWT_SECRET,
{ expiresIn: "2d" }
);
res.json({
ok: true,
token,
user: {
employeeID: user[0],
name: user[1],
sheet: `${user[1]}_Delegations`,
},
});
} catch (err) {
console.error("LOGIN ERROR:", err);
res.status(500).json({ error: err.message });
}
});
module.exports = router;