@ecopex/ecopex-framework 1.0.0 → 1.0.2

package/routes/admin/spec/auth.js

@@ -1,626 +0,0 @@
-const JWT = require('@root/libraries/jwt');
-const BCRYPT = require('@root/libraries/bcrypt');
-const { getUtcFormated } = require('@root/libraries/date');
-const fs = require('fs');
-const QRCode = require('qrcode')
-const { generate_2fa_secret, verify_2fa_token } = require('@root/libraries/2fa');
-const DeviceDetector = require('node-device-detector');
-const detector = new DeviceDetector({
-    clientIndexes: true,
-    deviceIndexes: true,
-    deviceAliasCode: false
-});
-
-const db = require('@root/libraries/knex');
-const jwt = new JWT();
-const bcrypt = new BCRYPT();
-
-const userdata_schema = {
-    id: { type: 'integer' },
-    role: { type: 'string', enum: ['admin', 'manager'] },
-    firstname: { type: 'string', default: null },
-    lastname: { type: 'string', default: null },
-    username: { type: 'string' },
-    email: { type: 'string', default: null },
-    two_factor_enabled: { type: 'boolean', default: false },
-    phone_number: { type: 'string', default: null },
-    phone_verified: { type: 'boolean', default: false },
-    email_verified: { type: 'boolean', default: false },
-    is_active: { type: 'boolean', default: true },
-    address: { type: 'string', default: null },
-    city: { type: 'string', default: null },
-    state: { type: 'string', default: null },
-    zip: { type: 'string', default: null },
-    country_id: { type: 'integer', default: null },
-    country_name: { type: 'string', default: null },
-    last_login_ip: { type: 'string', default: null },
-    last_login_at: { type: 'string', format: 'date-time', default: null },
-    login_attempts: { type: 'integer', default: 0 },
-    locked_until: { type: 'string', format: 'date-time', default: null },
-    created_at: { type: 'string', format: 'date-time', default: null },
-    updated_at: { type: 'string', format: 'date-time', default: null }
-}
-
-const login = {
-    method: 'POST',
-    path: 'login',
-    schema: {
-        description: 'Login to the system',
-        summary: 'Login to the system',
-        body: {
-            type: 'object',
-            required: ['username', 'password', 'type'],
-            properties: {
-                username: { type: 'string', default: 'admin' },
-                password: { type: 'string', default: 'password' },
-                type: { type: 'string', enum: ['admin', 'manager'], default: 'admin' }
-            },
-            additionalProperties: false
-        },
-        headers: {
-            type: 'object',
-            properties: {
-                locale: { type: 'string', default: 'en' }
-            }
-        },
-        success_response: {
-            type: 'object',
-            properties: {
-                status: { type: 'boolean', default: true },
-                data: {
-                    type: 'object',
-                    properties: {
-                        token: { type: 'string', format: 'jwt', description: 'JWT token', example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiZGV2aWNlIjoidW5rbm93biIsInR5cGUiOiJhZG1pbiIsImlhdCI6MTc2NzA5NjM5NCwiZXhwIjoxNzY3MTgyNzk0fQ.6DTKLdJ7tEE3ttqY1eN9lCcnhCTK8TdOPhChlAtlJjE" }
-                    },
-                    additionalProperties: false
-                }
-            }
-        }
-    },
-    handler: async (request, reply) => {
-
-        const { username, password, type } = request.body;
-        const device = request.headers['device'] || 'unknown';
-
-        let user = null;
-
-        if(type === 'admin') {
-            user = await db('admins').where('username', username).first();
-            if(!user) {
-                return reply.status(401).send({
-                    status: false,
-                    message: 'Invalid credentials',
-                    code: 401
-                });
-            }
-        } else if(type === 'manager') {
-            user = await db('managers').where('username', username).first();
-            if(!user) {
-                return reply.status(401).send({
-                    status: false,
-                    message: 'Invalid credentials',
-                    code: 401
-                });
-            }
-        }
-
-        if(user.locked_until && user.locked_until > new Date()) {
-            return reply.status(401).send({
-                status: false,
-                message: 'Account is locked',
-                code: 401
-            });
-        }
-
-        if(user.login_attempts >= 5) {
-            return reply.status(401).send({
-                status: false,
-                message: 'Too many login attempts',
-                code: 401
-            });
-        }
-
-        const isPasswordValid = await bcrypt.compare(password, user.password);
-        if(!isPasswordValid) {
-            await db('admins').where('admin_id', user.admin_id).update({
-                login_attempts: user.login_attempts + 1
-            });
-            return reply.status(401).send({
-                status: false,
-                message: 'Invalid credentials',
-                code: 401
-            });
-        }
-
-        if(!device) {
-            return reply.status(401).send({
-                status: false,
-                message: 'Device not found',
-                code: 401
-            });
-        }
-
-        const personal_id = user.admin_id || user.manager_id;
-
-        const token = jwt.sign({
-            id: personal_id,
-            device: device,
-            type: type
-        });
-        
-        const device_info = detector.detect(request.headers['user-agent']);
-        const client_ip = request.headers['x-real-ip'] || request.ip
-
-        const device_informations = {
-            os: device_info.os?.name || 'unknown',
-            os_version: device_info.os?.version || 'unknown',
-            client: device_info.client?.name || 'unknown',
-            client_version: device_info.client?.version || 'unknown',
-            device: device_info.device?.brand || 'unknown'
-        }
-
-        await db('devices').insert({
-            personal_id: personal_id,
-            personal_type: type,
-            unique_id: device || '--',
-            ip_address: client_ip,
-            two_factor_approved: false,
-            last_login_at: getUtcFormated(),
-            last_login_ip: client_ip,
-            token: token,
-            device_information: JSON.stringify(device_informations)
-        }).onConflict().merge(['last_login_at', 'last_login_ip', 'token', 'device_information']);
-
-        // if(!user.two_factor_enabled) {
-        //     return reply.status(303).send({
-        //         status: false,
-        //         message: 'Two-factor authentication is not enabled',
-        //         details: {
-                    
-        //             two_factor_enabled: user.two_factor_enabled
-        //         },
-        //         code: 303
-        //     });
-        // }
-
-        if(user.two_factor_enabled) {
-            let check_device = await db('devices').where({ personal_id: personal_id, personal_type: type, unique_id: device }).first()
-            
-            if(!check_device.two_factor_approved) {
-                return reply.status(303).send({
-                    status: false,
-                    message: 'Device is not approved',
-                    details: {
-                        token: token,
-                        two_factor_approved: check_device.two_factor_approved
-                    },
-                    code: 303
-                });
-            }
-        }
-
-        await db('admins').where('admin_id', user.admin_id).update({
-            login_attempts: 0
-        });
-
-        reply.send({
-            status: true,
-            data: {
-                token: token
-            }
-        })
-    }
-}
-
-const login_2fa = {
-    method: 'POST',
-    path: 'login-2fa',
-    schema: {
-        description: 'Login with 2FA',
-        summary: 'After successful login, you will be redirected to the 2FA page to enter the code if 2FA is enabled',
-        body: {
-            type: 'object',
-            required: ['code'],
-            properties: {
-                code: { type: 'string' }
-            }
-        },
-        success_response: {
-            type: 'object',
-            properties: {
-                status: { type: 'boolean', default: true },
-                data: { 
-                    type: 'object', 
-                    properties: userdata_schema,
-                    additionalProperties: false
-                }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-        const user = request.user;
-        const { code } = request.body;
-        const { device } = request.headers;
-        
-        if(!user.two_factor_enabled) {
-            return reply.status(303).send({
-                status: false,
-                message: 'Two-factor authentication is not enabled',
-                code: 303
-            });
-        }
-        
-        const isValid = verify_2fa_token(user.two_factor_secret, code);
-
-        if(!isValid) {
-            return reply.status(400).send({
-                status: false,
-                message: 'Invalid code',
-                code: 400
-            });
-        }
-
-        await db('devices').where({ personal_id: user.id, personal_type: user.type, unique_id: device }).update({
-            two_factor_approved: true,
-            last_login_at: getUtcFormated(),
-            last_login_ip: request.headers['x-real-ip'] || request.ip
-        })
-
-        await db(user.type == 'admin' ? 'admins' : 'managers').where({ admin_id: user.id }).update({
-            login_attempts: 0
-        })
-
-        user.last_login_at = getUtcFormated();
-        user.last_login_ip = request.headers['x-real-ip'] || request.ip;
-
-        reply.send({
-            status: true,
-            data: user
-        });
-    }
-}
-
-const userdata = {
-    method: 'GET',
-    path: 'userdata',
-    schema: {
-        description: 'Get user data',
-        summary: 'Get user data',
-        headers: {
-            type: 'object',
-            properties: {
-                locale: { type: 'string', default: 'en' }
-            }
-        },
-        success_response: {
-            type: 'object',
-            properties: {
-                status: { type: 'boolean', default: true },
-                data: { 
-                    type: 'object', 
-                    properties: userdata_schema,
-                    additionalProperties: false
-                }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-        const user = request.user;
-        reply.send({
-            status: true,
-            data: user
-        })
-    }
-}
-
-const update_userdata = {
-    method: 'PUT',
-    path: 'update-userdata',
-    schema: {
-        description: 'Update user data',
-        summary: 'Update user data',
-        body: {
-            type: 'object',
-            properties: {
-                firstname: { type: 'string' },
-                lastname: { type: 'string' },
-                phone_number: { type: 'string' },
-                country_id: { type: 'integer' },
-                address: { type: 'string' },
-                city: { type: 'string' },
-                state: { type: 'string' },
-                zip: { type: 'string' }
-            }
-        },
-        success_response: {
-            type: 'object',
-            properties: {
-                status: { type: 'boolean', default: true },
-                data: { 
-                    type: 'object', 
-                    properties: userdata_schema,
-                    additionalProperties: false
-                }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-
-        const user = request.user;
-        const { firstname, lastname, phone_number, country_id, address, city, state, zip } = request.body;
-
-        const country = await db('countries').where('country_id', country_id).first();
-        if(!country) {
-            return reply.status(400).send({
-                status: false,
-                message: 'Country not found',
-                code: 400
-            });
-        }
-
-        const update_data = {}
-
-        if(firstname) {
-            update_data.firstname = firstname;
-        }
-        if(lastname) {
-            update_data.lastname = lastname;
-        }
-        if(phone_number) {
-            update_data.phone_number = phone_number;
-        }
-        if(country_id) {
-            update_data.country_id = country_id;
-        }
-        if(address) {
-            update_data.address = address;
-        }
-        if(city) {
-            update_data.city = city;
-        }
-        if(state) {
-            update_data.state = state;
-        }
-        if(zip) {
-            update_data.zip = zip;
-        }
-
-        if(Object.keys(update_data).length > 0) {
-            await db('admins').where('admin_id', user.id).update(update_data);
-        }
-
-        const updated_user = await db('admins').where('admin_id', user.id).first();
-
-        reply.send({
-            status: true,
-            data: updated_user
-        })
-    }
-}
-
-const change_password = {
-    method: 'PUT',
-    path: 'change-password',
-    schema: {
-        description: 'Change password',
-        summary: 'Change password',
-        body: {
-            type: 'object',
-            required: ['old_password', 'new_password', 'new_password_again'],
-            properties: {
-                old_password: { type: 'string' },
-                new_password: { type: 'string' },
-                new_password_again: { type: 'string' }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-
-        const user = request.user;
-        const { old_password, new_password, new_password_again } = request.body;
-        
-        const isPasswordValid = await bcrypt.compare(old_password, user.password);
-        if(!isPasswordValid) {
-            return reply.status(400).send({
-                status: false,
-                message: request.t('messages.invalid_old_password'),
-                code: 400
-            });
-        }
-
-        if(new_password !== new_password_again) {
-            return reply.status(400).send({
-                status: false,
-                message: request.t('messages.new_password_not_match'),
-                code: 400
-            });
-        }
-
-        const hashedPassword = await bcrypt.hash(new_password, 10);
-        await db(user.type == 'admin' ? 'admins' : 'managers').where({ admin_id: user.id }).update({
-            password: hashedPassword
-        });
-
-        reply.send({
-            status: true,
-            message: request.t('messages.password_changed_successfully')
-        })
-    }
-}
-
-const activate_2fa = {
-    method: 'GET',
-    path: 'activate-2fa',
-    schema: {
-        description: 'Create QR Code for 2FA',
-        summary: 'Create QR Code for 2FA',
-        success_response: {
-            type: 'object',
-            properties: {
-                status: { type: 'boolean', default: true },
-                data: { type: 'object', properties: { qr: { type: 'string' }, secret: { type: 'string' }, uri: { type: 'string' } } }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-        const user = request.user;
-
-        if(user.two_factor_enabled) {
-            return reply.status(303).send({
-                status: false,
-                message: 'Two-factor authentication is already enabled',
-                code: 303
-            });
-        }
-
-        const generate_data = generate_2fa_secret(user.username, request.headers.origin)
-    
-        await db(user.type == 'admin' ? 'admins' : 'managers').where({ admin_id: user.id }).update({
-            two_factor_secret: generate_data.secret
-        })
-
-        generate_data.qr = await QRCode.toDataURL(generate_data.uri);
-
-        reply.send({
-            status: true,
-            data: generate_data
-        })
-    }
-}
-
-const activation_2fa = {
-    method: 'POST',
-    path: 'activation-2fa',
-    schema: {
-        description: 'Activation 2FA',
-        summary: 'Activation 2FA',
-        body: {
-            type: 'object',
-            required: ['code'],
-            properties: {
-                code: { type: 'string' }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-        const user = request.user;
-        const { code } = request.body;
-        const { device } = request.headers;
-
-        if(user.two_factor_enabled) {
-            return reply.status(303).send({
-                status: false,
-                message: 'Two-factor authentication is not enabled',
-                code: 303
-            });
-        }
-        
-        const isValid = verify_2fa_token(user.two_factor_secret, code);
-        
-        if(!isValid) {
-            return reply.status(400).send({
-                status: false,
-                message: 'Invalid code',
-                code: 400
-            });
-        }
-
-        await db(user.type == 'admin' ? 'admins' : 'managers').where({ admin_id: user.id }).update({
-            two_factor_enabled: true
-        })
-
-        await db('devices').where({ personal_id: user.id, personal_type: user.type, unique_id: device }).update({
-            two_factor_approved: true
-        })
-
-        reply.send({
-            status: true,
-            message: 'Two-factor authentication activated'
-        })
-    }
-}
-
-const upload_avatar = {
-    method: 'POST',
-    path: 'upload-avatar',
-    schema: {
-        description: 'Upload avatar',
-        summary: 'Upload avatar',
-        body: {
-            type: 'object',
-            properties: {
-                avatar: { type: 'string' }
-            }
-        },
-        success_response: {
-            type: 'object',
-            properties: {
-                status: { type: 'boolean', default: true },
-                data: { type: 'object', properties: { avatar: { type: 'string' } } }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-        const user = request.user;
-        const { avatar } = request.body;
-
-        const upload_result = await uploadFile(avatar, 'avatar', 'users');
-        if(!upload_result.status) {
-            return reply.status(400).send({
-                status: false,
-                message: 'Failed to upload avatar',
-                code: 400
-            });
-        }
-        
-        await db('admins').where('admin_id', user.id).update({
-            avatar: upload_result.data.file.fileUrl
-        });
-
-        reply.send({
-            status: true,
-            data: { avatar: upload_result.data.file.fileUrl }
-        })
-    }
-}
-
-const delete_avatar = {
-    method: 'DELETE',
-    path: 'delete-avatar',
-    schema: {
-        description: 'Delete avatar',
-        summary: 'Delete avatar',
-        success_response: {
-            type: 'object',
-            properties: {
-                status: { type: 'boolean', default: true },
-                message: { type: 'string' }
-            }
-        }
-    },
-    security: 'auth',
-    handler: async (request, reply) => {
-        const user = request.user;
-        await db('admins').where('admin_id', user.id).update({
-            avatar: null
-        });
-
-        if(user.avatar && fs.existsSync(user.avatar)) {
-            fs.unlinkSync(user.avatar);
-        }
-
-        reply.send({
-            status: true,
-            message: 'Avatar deleted successfully'
-        })
-    }
-}
-
-module.exports = [login, login_2fa, userdata, change_password, update_userdata, upload_avatar, delete_avatar, activate_2fa, activation_2fa,]

package/routes/admin/spec/users.js

@@ -1,3 +0,0 @@
-const db = require('@root/libraries/knex');
-
-module.exports = []