powr-sdk-api 2.2.2 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +7 -1
- package/dist/middleware/jwtToken.js +45 -4
- package/dist/routes/auth.js +51 -11
- package/dist/routes/index.js +14 -6
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -23,6 +23,10 @@ const {
|
|
|
23
23
|
const {
|
|
24
24
|
createPowrRoutes
|
|
25
25
|
} = require("./routes");
|
|
26
|
+
const {
|
|
27
|
+
generateJWTToken,
|
|
28
|
+
verifyToken
|
|
29
|
+
} = require("./middleware/jwtToken");
|
|
26
30
|
module.exports = {
|
|
27
31
|
errorCatcher,
|
|
28
32
|
errorHandler,
|
|
@@ -32,5 +36,7 @@ module.exports = {
|
|
|
32
36
|
generateToken,
|
|
33
37
|
validateAuth,
|
|
34
38
|
notFoundHandler,
|
|
35
|
-
createPowrRoutes
|
|
39
|
+
createPowrRoutes,
|
|
40
|
+
generateJWTToken,
|
|
41
|
+
verifyToken
|
|
36
42
|
};
|
|
@@ -1,18 +1,59 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
3
|
const jwt = require('jsonwebtoken');
|
|
4
|
+
const {
|
|
5
|
+
ObjectId
|
|
6
|
+
} = require('mongodb');
|
|
4
7
|
const {
|
|
5
8
|
config
|
|
6
9
|
} = require('../config');
|
|
7
10
|
const generateJWTToken = user => {
|
|
8
11
|
return jwt.sign({
|
|
9
|
-
userId: user._id
|
|
10
|
-
username: user.username,
|
|
11
|
-
name: user.name
|
|
12
|
+
userId: user._id
|
|
12
13
|
}, config.jwtToken, {
|
|
13
14
|
expiresIn: '24h'
|
|
14
15
|
});
|
|
15
16
|
};
|
|
17
|
+
|
|
18
|
+
// Verify JWT token middleware for APIs
|
|
19
|
+
const verifyToken = async (req, res, next) => {
|
|
20
|
+
try {
|
|
21
|
+
// Get token from Authorization header
|
|
22
|
+
const authHeader = req.headers.authorization;
|
|
23
|
+
if (!authHeader) {
|
|
24
|
+
return res.status(401).json({
|
|
25
|
+
success: false,
|
|
26
|
+
message: "No authorization token provided."
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
// Extract token (remove 'Bearer ' if present)
|
|
31
|
+
const token = authHeader.startsWith("Bearer ") ? authHeader.slice(7) : authHeader;
|
|
32
|
+
|
|
33
|
+
// Verify JWT token
|
|
34
|
+
const decoded = jwt.verify(token, config.jwtToken);
|
|
35
|
+
console.log("JWT Decoded user data:", JSON.stringify(decoded, null, 2));
|
|
36
|
+
|
|
37
|
+
// Attach user info to request object
|
|
38
|
+
req.user = {
|
|
39
|
+
powrId: new ObjectId(decoded.userId),
|
|
40
|
+
// powr-base user ID
|
|
41
|
+
access: 1 // Default access level for API users
|
|
42
|
+
};
|
|
43
|
+
console.log("Authenticated user:", {
|
|
44
|
+
powrId: req.user.powrId,
|
|
45
|
+
access: req.user.access
|
|
46
|
+
});
|
|
47
|
+
next();
|
|
48
|
+
} catch (error) {
|
|
49
|
+
console.error("Error in auth middleware:", error);
|
|
50
|
+
return res.status(401).json({
|
|
51
|
+
success: false,
|
|
52
|
+
message: "Invalid token."
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
};
|
|
16
56
|
module.exports = {
|
|
17
|
-
generateJWTToken
|
|
57
|
+
generateJWTToken,
|
|
58
|
+
verifyToken
|
|
18
59
|
};
|
package/dist/routes/auth.js
CHANGED
|
@@ -4,13 +4,14 @@ const express = require("express");
|
|
|
4
4
|
const router = express.Router();
|
|
5
5
|
const {
|
|
6
6
|
getDb
|
|
7
|
-
} = require("../services/
|
|
7
|
+
} = require("../services/dbService");
|
|
8
8
|
const {
|
|
9
9
|
ObjectId
|
|
10
10
|
} = require("mongodb");
|
|
11
11
|
const bcrypt = require("bcrypt");
|
|
12
12
|
const {
|
|
13
|
-
generateJWTToken
|
|
13
|
+
generateJWTToken,
|
|
14
|
+
verifyToken
|
|
14
15
|
} = require("../middleware/jwtToken");
|
|
15
16
|
const {
|
|
16
17
|
config
|
|
@@ -21,18 +22,39 @@ router.post("/register", async (req, res) => {
|
|
|
21
22
|
const {
|
|
22
23
|
fullName,
|
|
23
24
|
username,
|
|
25
|
+
phoneOrEmail,
|
|
24
26
|
password
|
|
25
27
|
} = req.body;
|
|
26
28
|
try {
|
|
27
|
-
if (!
|
|
29
|
+
if (!(username || phoneOrEmail)) {
|
|
28
30
|
return res.status(400).json({
|
|
29
31
|
success: false,
|
|
30
|
-
message: "
|
|
32
|
+
message: "Username or phone number or email is required"
|
|
31
33
|
});
|
|
32
34
|
}
|
|
33
|
-
|
|
35
|
+
if (!password) {
|
|
36
|
+
return res.status(400).json({
|
|
37
|
+
success: false,
|
|
38
|
+
message: "Password is required"
|
|
39
|
+
});
|
|
40
|
+
}
|
|
41
|
+
if (!fullName) {
|
|
42
|
+
return res.status(400).json({
|
|
43
|
+
success: false,
|
|
44
|
+
message: "Full name is required"
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
let q = username ? {
|
|
34
48
|
username: username
|
|
35
|
-
}
|
|
49
|
+
} : {
|
|
50
|
+
$or: [{
|
|
51
|
+
phoneNumber: phoneOrEmail
|
|
52
|
+
}, {
|
|
53
|
+
email: phoneOrEmail
|
|
54
|
+
}]
|
|
55
|
+
};
|
|
56
|
+
console.log(q);
|
|
57
|
+
const existingUser = await getDb().collection("users").findOne(q);
|
|
36
58
|
if (existingUser) {
|
|
37
59
|
return res.status(400).json({
|
|
38
60
|
success: false,
|
|
@@ -43,6 +65,8 @@ router.post("/register", async (req, res) => {
|
|
|
43
65
|
const hashedPassword = await bcrypt.hash(password, saltRounds);
|
|
44
66
|
const newUser = {
|
|
45
67
|
fullName,
|
|
68
|
+
email: phoneOrEmail,
|
|
69
|
+
phoneNumber: phoneOrEmail,
|
|
46
70
|
username,
|
|
47
71
|
password: hashedPassword,
|
|
48
72
|
createdAt: new Date()
|
|
@@ -66,22 +90,38 @@ router.post("/register", async (req, res) => {
|
|
|
66
90
|
router.post("/login", async (req, res) => {
|
|
67
91
|
const {
|
|
68
92
|
username,
|
|
93
|
+
phoneOrEmail,
|
|
69
94
|
password
|
|
70
95
|
} = req.body;
|
|
71
96
|
try {
|
|
72
|
-
if (!username ||
|
|
97
|
+
if (!(username || phoneOrEmail)) {
|
|
73
98
|
return res.status(400).json({
|
|
74
99
|
success: false,
|
|
75
|
-
message: "Username
|
|
100
|
+
message: "Username or phone number or email is required"
|
|
76
101
|
});
|
|
77
102
|
}
|
|
78
|
-
|
|
103
|
+
if (!password) {
|
|
104
|
+
return res.status(400).json({
|
|
105
|
+
success: false,
|
|
106
|
+
message: "Password is required"
|
|
107
|
+
});
|
|
108
|
+
}
|
|
109
|
+
let q = username ? {
|
|
79
110
|
username: username
|
|
80
|
-
}
|
|
111
|
+
} : {
|
|
112
|
+
$or: [{
|
|
113
|
+
phoneNumber: phoneOrEmail
|
|
114
|
+
}, {
|
|
115
|
+
email: phoneOrEmail
|
|
116
|
+
}]
|
|
117
|
+
};
|
|
118
|
+
console.log(q);
|
|
119
|
+
const user = await getDb().collection("users").findOne(q);
|
|
120
|
+
console.log(user);
|
|
81
121
|
if (!user) {
|
|
82
122
|
return res.status(401).json({
|
|
83
123
|
success: false,
|
|
84
|
-
message: "
|
|
124
|
+
message: "User not found."
|
|
85
125
|
});
|
|
86
126
|
}
|
|
87
127
|
const isPasswordValid = await bcrypt.compare(password, user.password);
|
package/dist/routes/index.js
CHANGED
|
@@ -18,16 +18,24 @@ const blogsRoutes = require('./blogs');
|
|
|
18
18
|
const slidesRoutes = require('./slides');
|
|
19
19
|
const notificationsRoutes = require('./notifications');
|
|
20
20
|
const createPowrRoutes = () => {
|
|
21
|
-
// Get config from environment variables
|
|
22
|
-
const {
|
|
23
|
-
getConfig
|
|
24
|
-
} = require('../config');
|
|
25
|
-
const config = getConfig();
|
|
26
21
|
const router = express.Router();
|
|
27
22
|
|
|
28
23
|
// Middleware to inject projectId into all requests
|
|
29
24
|
router.use((req, res, next) => {
|
|
30
|
-
|
|
25
|
+
try {
|
|
26
|
+
const {
|
|
27
|
+
getConfig
|
|
28
|
+
} = require('../config');
|
|
29
|
+
const config = getConfig();
|
|
30
|
+
req.projectId = config.projectId;
|
|
31
|
+
} catch (error) {
|
|
32
|
+
console.error('❌ Config error:', error.message);
|
|
33
|
+
return res.status(500).json({
|
|
34
|
+
success: false,
|
|
35
|
+
message: 'Configuration error',
|
|
36
|
+
error: error.message
|
|
37
|
+
});
|
|
38
|
+
}
|
|
31
39
|
next();
|
|
32
40
|
});
|
|
33
41
|
|