| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211 |
- const { validation } = require('../../middleware/validation')
- const response = require('../../utils/responseHandler')
- const userModel = require('../../model/user.model')
- const { roleDataProduction, PTB_DIKTI, PTB_ADMIN, TEMPLATE_OTP, PTB_READ } = require('../../utils/constanta')
- const convertRole = require('../../utils/convertRole')
- const jwt = require('jsonwebtoken')
- const moment = require('moment')
- const logModel = require('../../model/log.model')
- const auth = require('../../middleware/verifyToken')
- const generateOTP = require('../../utils/otp')
- const role = require('../../middleware/role')
- const pddiktiService = require('../../services/v2/pddikti.service')
- exports.login = [
- validation((req) => req.body, {
- username: { type: 'string', empty: false },
- password: { type: 'string', empty: false }
- }),
- async (req, res) => {
- const { username, password } = req.body
- let userResponse
- try {
- userResponse = await pddiktiService.login(req.body)
- if (userResponse.code === 400) {
- return response.error(res, {
- code: 401,
- message: userResponse.message
- })
- }
- } catch (e) {
- return response.error(res, {
- code: 500,
- message: e.message
- })
- }
- let role = userResponse.peran.find((e) => roleDataProduction.includes(e.peran.id))
- if (!role) {
- return response.error(res, {
- code: 401,
- message: 'Anda tidak memiliki akses ke aplikasi ini'
- })
- }
- role.peran.id = convertRole(role?.peran?.id)
- let user = await userModel.findOne({ user_id: userResponse.id })
- if (!user) {
- await userModel.create({
- user_id: userResponse.id,
- nama: userResponse.nama,
- lembaga: role.organisasi,
- email: userResponse.username,
- no_hp: userResponse.no_hp,
- alamat: userResponse.alamat,
- role: role.peran,
- role_asal: role.peran,
- isPublic: false,
- isPrivate: false
- })
- } else {
- await userModel.findOneAndUpdate({ user_id: userResponse.id }, {
- lembaga: role.organisasi,
- role: {
- id: username.toLowerCase() === 'rizqevo@outlook.com' ? PTB_READ : role.peran.id,
- nama: username.toLowerCase() === 'rizqevo@outlook.com' ? 'Auditor PTB' : role.peran.nama,
- menu: role.peran.menu
- },
- role_asal: {
- id: role.peran.id,
- nama: role.peran.nama,
- menu: role.peran.menu
- }
- })
- }
- user = await userModel.findOne({ user_id: userResponse.id })
- const accessToken = jwt.sign({ _id: user._id }, process.env.SRU51, {
- expiresIn: '1d'
- })
- res.cookie('sidali-cookie', accessToken, {
- httpOnly: true,
- expires: moment().add(1, 'day').toDate()
- })
- return response.success(res, {
- message: 'Berhasil Login',
- data: {
- token: `Bearer ${accessToken}`,
- user
- }
- })
- }
- ]
- exports.loginToPT = [
- auth,
- role([PTB_DIKTI, PTB_ADMIN]),
- validation((req) => req.body, {
- lembaga_id: 'string',
- password: 'string'
- }),
- async (req, res) => {
- let user = req.user
- const { lembaga_id, password } = req.body
- let dataLembaga
- try {
- const userResponse = await pddiktiService.login({ username: user.email, password })
- if (userResponse.code && userResponse.code !== 200) {
- return response.error(res, {
- code: 401,
- message: userResponse.message
- })
- }
- dataLembaga = await pddiktiService.getPT(lembaga_id)
- } catch (e) {
- return response.error(res, {
- code: e.response.status,
- message: e.message
- })
- }
- await userModel.updateOne({
- _id: user._id
- }, {
- lembaga: {
- id: dataLembaga[0].id,
- nama: dataLembaga[0].nama
- },
- role: {
- id: 2022,
- nama: 'PTB PT'
- }
- })
- user = await userModel.findOne({ _id: user._id })
- await logModel.create({
- user: user._id,
- aktivitas: `${user.nama} berhasil masuk ke PT ${dataLembaga[0].nama}`
- })
- const accessToken = jwt.sign({ _id: user._id }, process.env.SRU51, {
- expiresIn: '1d'
- })
- const data = {
- token: `Bearer ${accessToken}`,
- user
- }
- res.cookie('sidali-cookie', accessToken, {
- httpOnly: true,
- expires: moment().add(1, 'day').toDate()
- })
- response.success(res, {
- message: 'Berhasil Login',
- data
- })
- }
- ]
- exports.logout = [
- auth,
- (req, res) => {
- res.clearCookie('sidali-cookie')
- response.success(res, {
- message: 'Berhasil Logout'
- })
- }
- ]
- exports.sendOTP = [
- auth,
- validation((req) => req.body, { no_hp: 'string' }),
- async (req, res) => {
- const user = req.user
- let no_hp = req.body.no_hp
- no_hp = req.body.no_hp.substring(0, 1) === '0' ? '62' + no_hp.substring(1) : no_hp
- const generatedOtp = generateOTP(4)
- res.cookie('sidali-otp', jwt.sign({ no_hp, otp: generatedOtp }, process.env.SRU51, {
- expiresIn: '5m'
- }), {
- httpOnly: true,
- secure: true,
- expires: moment().add(5, 'minutes').toDate()
- })
- try {
- const waResult = await pddiktiService.whatsapp(
- TEMPLATE_OTP,
- [{ name: user.nama, number: no_hp }],
- [{ key: 1, value: 'otp', value_text: generatedOtp }],
- [{ type: 'url', value: generatedOtp }]
- )
- if ([200, 201].includes(waResult.status)) {
- return response.error(res, {
- code: waResult[0].error.code,
- error: waResult[0].error.messages
- })
- }
- } catch (e) {
- return response.error(res, {
- code: 500,
- message: e.message
- })
- }
- return response.success(res, {
- message: 'Berhasil mengirimkan OTP'
- })
- }
- ]
|
