init
This commit is contained in:
chamikaJ
@@ -20,14 +20,24 @@ async function clearEmailInvitations(email: string, teamId: string) {
|
||||
}
|
||||
|
||||
// Check whether the user still exists on the database
|
||||
export async function deserialize(id: string, done: IDeserializeCallback) {
|
||||
export async function deserialize(user: { id: string | null }, done: IDeserializeCallback) {
|
||||
try {
|
||||
if (!user || !user.id) {
|
||||
return done(null, null);
|
||||
}
|
||||
|
||||
const {id} = user;
|
||||
const excludedSubscriptionTypes = ["TRIAL", "PADDLE"];
|
||||
const q = `SELECT deserialize_user($1) AS user;`;
|
||||
const result = await db.query(q, [id]);
|
||||
if (result.rows.length) {
|
||||
const [data] = result.rows;
|
||||
if (data?.user) {
|
||||
const realExpiredDate = moment(data.user.valid_till_date).add(7, "days");
|
||||
data.user.is_expired = false;
|
||||
|
||||
data.user.is_member = !!data.user.team_member_id;
|
||||
if (excludedSubscriptionTypes.includes(data.user.subscription_type)) data.user.is_expired = realExpiredDate.isBefore(moment(), "days");
|
||||
|
||||
void setLastActive(data.user.id);
|
||||
void clearEmailInvitations(data.user.email, data.user.team_id);
|
||||
|
||||
@@ -12,11 +12,11 @@ async function handleGoogleLogin(req: Request, _accessToken: string, _refreshTok
|
||||
if (Array.isArray(profile.photos) && profile.photos.length) body.picture = profile.photos[0].value;
|
||||
|
||||
// Check for existing accounts signed up using OAuth
|
||||
const localAccountResult = await db.query("SELECT 1 FROM users WHERE email = $1 AND password IS NOT NULL;", [body.email]);
|
||||
const localAccountResult = await db.query("SELECT 1 FROM users WHERE email = $1 AND password IS NOT NULL AND is_deleted IS FALSE;", [body.email]);
|
||||
if (localAccountResult.rowCount) {
|
||||
const message = `No Google account exists for email ${body.email}.`;
|
||||
(req.session as any).error = message;
|
||||
return done(null, undefined, req.flash(ERROR_KEY, message));
|
||||
return done(null, undefined, { message: req.flash(ERROR_KEY, message) });
|
||||
}
|
||||
|
||||
// If the user came from an invitation, this exists
|
||||
|
||||
@@ -1,46 +1,50 @@
|
||||
import bcrypt from "bcrypt";
|
||||
import {Strategy as LocalStrategy} from "passport-local";
|
||||
|
||||
import {log_error} from "../../shared/utils";
|
||||
import { Strategy as LocalStrategy } from "passport-local";
|
||||
import { log_error } from "../../shared/utils";
|
||||
import db from "../../config/db";
|
||||
import {Request} from "express";
|
||||
import { Request } from "express";
|
||||
|
||||
async function handleLogin(req: Request, email: string, password: string, done: any) {
|
||||
(req.session as any).flash = {};
|
||||
console.log("Login attempt for:", email);
|
||||
|
||||
if (!email || !password)
|
||||
return done(null, false, {message: "Invalid credentials."});
|
||||
if (!email || !password) {
|
||||
console.log("Missing credentials");
|
||||
return done(null, false, { message: "Please enter both email and password" });
|
||||
}
|
||||
|
||||
try {
|
||||
// select the user from the database based on the username
|
||||
const q = `SELECT id, email, google_id, password
|
||||
FROM users
|
||||
WHERE email = $1
|
||||
AND google_id IS NULL;`;
|
||||
AND google_id IS NULL
|
||||
AND is_deleted IS FALSE;`;
|
||||
const result = await db.query(q, [email]);
|
||||
console.log("User query result count:", result.rowCount);
|
||||
|
||||
const [data] = result.rows;
|
||||
|
||||
// Check user existence
|
||||
if (!data?.password)
|
||||
return done(null, false, {message: "Invalid credentials."});
|
||||
|
||||
// Compare the password & email
|
||||
if (bcrypt.compareSync(password, data.password) && email === data.email) {
|
||||
delete data.password;
|
||||
|
||||
req.logout(() => true);
|
||||
return done(false, data, {message: "User successfully logged in"});
|
||||
if (!data?.password) {
|
||||
console.log("No account found");
|
||||
return done(null, false, { message: "No account found with this email" });
|
||||
}
|
||||
|
||||
return done(null, false, {message: "Invalid credentials."});
|
||||
const passwordMatch = bcrypt.compareSync(password, data.password);
|
||||
console.log("Password match:", passwordMatch);
|
||||
|
||||
if (passwordMatch && email === data.email) {
|
||||
delete data.password;
|
||||
return done(null, data, {message: "User successfully logged in"});
|
||||
}
|
||||
return done(null, false, { message: "Incorrect email or password" });
|
||||
} catch (error) {
|
||||
console.error("Login error:", error);
|
||||
log_error(error, req.body);
|
||||
return done(error);
|
||||
}
|
||||
}
|
||||
|
||||
export default new LocalStrategy({
|
||||
usernameField: "email", // = email
|
||||
usernameField: "email",
|
||||
passwordField: "password",
|
||||
passReqToCallback: true
|
||||
}, (req, email, password, done) => void handleLogin(req, email, password, done));
|
||||
}, (req, email, password, done) => void handleLogin(req, email, password, done));
|
||||
@@ -56,11 +56,7 @@ async function handleSignUp(req: Request, email: string, password: string, done:
|
||||
try {
|
||||
const user = await registerUser(password, team_id, name, team_name, email, timezone, team_member_id);
|
||||
sendWelcomeEmail(email, name);
|
||||
|
||||
setTimeout(() => {
|
||||
return done(null, user, req.flash(SUCCESS_KEY, "Registration successful. Please check your email for verification."));
|
||||
}, 500);
|
||||
|
||||
return done(null, user, req.flash(SUCCESS_KEY, "Registration successful. Please check your email for verification."));
|
||||
} catch (error: any) {
|
||||
const message = (error?.message) || "";
|
||||
|
||||
|
||||
@@ -3,5 +3,5 @@ import {IPassportSession} from "../interfaces/passport-session";
|
||||
|
||||
// Parse the user id to deserialize function
|
||||
export function serialize($user: IPassportSession, done: ISerializeCallback) {
|
||||
done(null, $user?.id ?? null);
|
||||
done(null, { id: $user?.id ?? null });
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user