This commit is contained in:
@@ -83,6 +83,15 @@ const getEffectivePermissions = (employeeDoc) => {
|
||||
return permissions;
|
||||
};
|
||||
|
||||
const isEmployeeActive = (employeeDoc) => {
|
||||
const rawStatus = employeeDoc?.status;
|
||||
// Backward compatibility: older records may not have status set.
|
||||
if (rawStatus === undefined || rawStatus === null || `${rawStatus}`.trim() === "") {
|
||||
return true;
|
||||
}
|
||||
return `${rawStatus}`.trim().toLowerCase() === "active";
|
||||
};
|
||||
|
||||
// Create and Save a new User
|
||||
exports.login = (req, res) => {
|
||||
var condition = {};
|
||||
@@ -98,10 +107,11 @@ exports.login = (req, res) => {
|
||||
Employee.find(condition)
|
||||
.then(data => {
|
||||
if (data && data.length > 0) {
|
||||
const activeEmployee = isEmployeeActive(data[0]);
|
||||
if (data.length === 1 && bcrypt.compareSync(
|
||||
req.body.password,
|
||||
data[0].password
|
||||
) && data[0]?.status === 'active') {
|
||||
) && activeEmployee) {
|
||||
var token = jwt.sign({id: data[0].id}, config.secret, {
|
||||
expiresIn: 86400 // 24 hours
|
||||
});
|
||||
@@ -116,7 +126,7 @@ exports.login = (req, res) => {
|
||||
name_cn: data[0].name_cn
|
||||
} );
|
||||
} else {
|
||||
if (data[0].status !== 'active') {
|
||||
if (!activeEmployee) {
|
||||
throw(Error('User is not activated'));
|
||||
} else {
|
||||
throw(Error('Email or Password Is Invalid'));
|
||||
|
||||
Reference in New Issue
Block a user