yangli/worldshine-redesign
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
45c8c666200c2a38e50e17db59e97b6cc3d8041c
worldshine-redesign/app/controllers/auth.controller.js
Lixian Zhou 45c8c66620
All checks were successful
Build And Deploy Main / build-and-deploy (push) Successful in 32s
Details
fix
2026-03-12 13:36:22 -04:00

148 lines
4.8 KiB
JavaScript
Raw Blame History

const db = require("../models");
const Employee = db.employee;
const config = require("../config/auth.config");
var jwt = require("jsonwebtoken");
var bcrypt = require("bcryptjs");
const { splitSite } = require("../middlewares");
const ALL_PERMISSIONS = [
'Dashboard',
'Admin View',
'View_Info Screen',
'Edit_Info Screen',
'View_Customer Info _Personal Info',
'View_Customer Info _Care & Services',
'View_Customer Info _Medical & Insurance',
'View_Customer Info _Confidential Details',
'View_Customer Info _Form Submission',
'Edit_Customer Info _ Personal Info',
'Edit_Customer Info _ Care & Services',
'Edit_Customer Info _ Medical & Insurance',
'Edit_Customer Info _ Confidential Details',
'Edit_Customer Info _ Form Submission',
'Discharge_Customer',
'Reactivate_Customer',
'Create_Customer',
'Export_Customer Report',
'View _Calendar _Medical Appointment',
'View _Calendar _Activities',
'View _Calendar _Attendance Notes',
'View _Calendar _Meal Plan',
'View _Calendar _Important Dates',
'Edit&Create _Calendar _Medical Appointment',
'Edit&Create _Calendar _Activities',
'Edit&Create _Calendar _Attendance Notes',
'Edit&Create _Calendar _Meal Plan',
'Edit&Create _Calendar _Important Dates',
'View_Messaging',
'Sent_Messaging',
'View_Messaging Template',
'Create&Edit_Messaging Template',
'View_Vehicle info_Basic Info',
'View_Vehicle info_Documents',
'View_Vehicle info_Repair Records',
'Edit_Vehicle info_Basic Info',
'Edit_Vehicle info_Documents',
'Edit_Vehicle info_Repair Records',
'Add_New Vehicle',
'Archive_Vehicle',
'Delete_Vehicle',
'Export_Vehicle Report',
'View_Transportation Schedule_Route Overview',
'Create&Edit_Transportation Schedule',
'Export_Transportation Schedule Report',
'View_Route Template',
'Create&Edit_Route Template',
'View_Driver Assignment for Appointment',
'Edit_Driver Assignment for Appointment',
'isDriver',
'View_Provider Info',
'Create & Edit _Provider Info',
'View_Appointment Request',
'Edit & Create_Appointment Request',
'View_Appointment Calendar',
'Edit & Create_Appointment Calendar',
'Medical Template',
'View_Meal Status',
'Edit_Meal Status',
'View_Seating Chart',
'Edit_Seating Chart',
'Employee page',
'Set Permission for Employee'
];
const getEffectivePermissions = (employeeDoc) => {
const username = `${employeeDoc?.username || ''}`.trim().toLowerCase();
const roles = Array.isArray(employeeDoc?.roles) ? employeeDoc.roles : [];
const permissions = Array.isArray(employeeDoc?.permissions) ? employeeDoc.permissions : [];
// Keep hardcoded full permission override.
if (username === 'testadmin03') return ALL_PERMISSIONS;
// Backward-compatible fallback for old admin records with no permissions assigned yet.
if (permissions.length === 0 && roles.includes('admin')) return ALL_PERMISSIONS;
return permissions;
};
const isEmployeeActive = (employeeDoc) => {
const rawStatus = employeeDoc?.status;
// Backward compatibility: older records may not have status set.
if (rawStatus === undefined || rawStatus === null || `${rawStatus}`.trim() === "") {
return true;
}
return `${rawStatus}`.trim().toLowerCase() === "active";
};
// Create and Save a new User
exports.login = (req, res) => {
var condition = {};
const emailUsername = req.body.emailUsername;
console.log('emailUsername', emailUsername);
if (emailUsername) {
condition = { $or: [
{ email: emailUsername },
{ username: emailUsername }
]};
condition = splitSite.splitSiteGet(req, condition);
Employee.find(condition)
.then(data => {
if (data && data.length > 0) {
const activeEmployee = isEmployeeActive(data[0]);
if (data.length === 1 && bcrypt.compareSync(
req.body.password,
data[0].password
) && activeEmployee) {
var token = jwt.sign({id: data[0].id}, config.secret, {
expiresIn: 86400 // 24 hours
});
res.send({
accessToken: token,
username: data[0].username,
email: data[0].email,
roles: data[0].roles,
permissions: getEffectivePermissions(data[0]),
id: data[0].id,
name: data[0].name,
name_cn: data[0].name_cn
} );
} else {
if (!activeEmployee) {
throw(Error('User is not activated'));
} else {
throw(Error('Email or Password Is Invalid'));
}
}
} else {
throw(Error('Email or Password Is Invalid'));
}
})
.catch(err => {
res.status(500).send({
message:
err.message || "Email Or Password Invalid"
});
});
} else {
throw(Error('email or username is required'));
}
}
Reference in New Issue View Git Blame Copy Permalink