ninamartila · mammuttaqin · Sep 20, 2021 · Sep 20, 2021 · Sep 20, 2021
diff --git a/server/.env b/server/.env
@@ -1,3 +1,4 @@
 SECRET=ToMakeNewTokenForNewUser
 SECRET_KEY_XENDIT=xnd_development_S1YRENVA6FA1ELZerCvKR3NaBY1J7Jm2JLLhawkAzF7R5gTg4SvcAZfaXPIKA0n
 API_KEY_DAILY_CO=8b8b5a44c122c56ddf936637d5cc1b0eecec8afe030137b52b176fbec1ed0c08
+DOMAIN_EMAIL_ADMIN=protonmail.com
diff --git a/server/app.js b/server/app.js
@@ -1,15 +1,18 @@
-if (process.env.NODE_ENV !== 'production') {
-    require('dotenv').config()
+if (process.env.NODE_ENV !== "production") {
+  require("dotenv").config();
 }
-const express = require('express');
-const cors = require('cors');
-const routes = require('./routes');
-const app = express()
+const express = require("express");
+const cors = require("cors");
+const routes = require("./routes");
+const app = express();
+const { errorHandler } = require("./middlewares/errorHandler");
 
-app.use(cors())
-app.use(express.urlencoded({ extended: true }))
-app.use(express.json())
+app.use(cors());
+app.use(express.urlencoded({ extended: true }));
+app.use(express.json());
 
-app.use(routes)
+app.use(routes);
 
-module.exports = app
+app.use(errorHandler);
+
+module.exports = app;
diff --git a/server/controllers/userController.js b/server/controllers/userController.js
@@ -113,15 +113,17 @@ class UserController {
             role,
             status: "Pending",
           };
-          const checkRoom = await createRoom(`${email}`, email);
+          const checkRoom = await createRoom(`${email.split("@")[0]}${role}`, email);
           if (checkRoom) {
-            const createdBorrower = await Lender.create(newBorrower);
+            const createdBorrower = await Borrower.create(newBorrower);
             const { password: passwordStaff, ...toSend } = createdBorrower;
             if (createdBorrower) {
               res.status(201).json(toSend);
             } else {
               throw Error("register error");
             }
+          } else {
+            throw Error("Invalid Email");
           }
         }
       }
@@ -133,25 +135,36 @@ class UserController {
   static async loginUser(req, res, next) {
     try {
       const { email, password } = req.body;
-      const result = await User.findOne({ where: { email } });
-      const {
-        id,
-        firstName,
-        lastName,
-        email: userEmail,
-        password: userPassword,
-        phoneNumber,
-        address,
-        birthDate,
-        bankCode,
-        holderName,
-        accountNumber,
-        occupation,
-        role,
-      } = result;
-      const correctPassword = comparePassword(password, userPassword);
-      if (correctPassword) {
-        const userPayload = {
+      if (isAdmin(email)) {
+        const staffResult = await Staff.findOne({ where: { email } });
+        if (staffResult) {
+          const { id, name, email, password: staffPassword } = staffResult;
+          const correctPassword = comparePassword(password, staffPassword);
+          if (correctPassword) {
+            const staffPayload = {
+              id,
+              name,
+              email,
+            };
+            const token = generateToken(staffPayload);
+            res.status(200).json({ access_token: token, id, name, role: "admin" });
+          } else {
+            throw Error("wrong email/password");
+          }
+        } else {
+          throw Error("wrong email/password");
+        }
+      } else {
+        const lenderResult = await Lender.findOne({ where: { email } });
+        const borrowerResult = await Borrower.findOne({ where: { email } });
+        let userResult;
+        if (lenderResult) {
+          userResult = lenderResult;
+        }
+        if (borrowerResult) {
+          userResult = borrowerResult;
+        }
+        const {
           id,
           firstName,
           lastName,
@@ -165,11 +178,29 @@ class UserController {
           accountNumber,
           occupation,
           role,
-        };
-        const token = generateToken(userPayload);
-        res.status(200).json({ access_token: token, id, firstName, lastName });
-      } else {
-        res.status(404).json({ message: "salah password" });
+        } = userResult;
+        const correctPassword = comparePassword(password, userPassword);
+        if (correctPassword) {
+          const userPayload = {
+            id,
+            firstName,
+            lastName,
+            email: userEmail,
+            password: userPassword,
+            phoneNumber,
+            address,
+            birthDate,
+            bankCode,
+            holderName,
+            accountNumber,
+            occupation,
+            role,
+          };
+          const token = generateToken(userPayload);
+          res.status(200).json({ access_token: token, id, firstName, lastName, role });
+        } else {
+          res.status(404).json({ message: "salah password" });
+        }
       }
     } catch (error) {
       res.status(500).json(error);
@@ -178,12 +209,14 @@ class UserController {
 
   static async updateUser(req, res, next) {
     try {
-      const { id } = req.user;
+      const { id, userRole } = req.user;
       const {
         firstName,
         lastName,
         email,
         password,
+        ktpCard,
+        selfPicture,
         phoneNumber,
         address,
         birthDate,
@@ -200,6 +233,18 @@ class UserController {
           firstName,
         };
       }
+      if (ktpCard !== "" && typeof ktpCard !== "undefined") {
+        updatedUser = {
+          ...updatedUser,
+          ktpCard,
+        };
+      }
+      if (selfPicture !== "" && typeof selfPicture !== "undefined") {
+        updatedUser = {
+          ...updatedUser,
+          selfPicture,
+        };
+      }
       if (lastName !== "" && typeof lastName !== "undefined") {
         updatedUser = {
           ...updatedUser,
@@ -266,8 +311,15 @@ class UserController {
           role,
         };
       }
-      const result = await User.update(updatedUser, { where: { id } });
-      res.status(200).json(result);
+      if (userRole === "lender") {
+        const result = await Lender.update(updatedUser, { where: { id } });
+        res.status(200).json(result);
+      }
+
+      if (userRole === "borrower") {
+        const result = await Borrower.update(updatedUser, { where: { id } });
+        res.status(200).json(result);
+      }
     } catch (error) {
       res.status(500).json(error);
     }
@@ -280,7 +332,7 @@ class UserController {
       const userStatus = {
         status,
       };
-      const result = await User.update(userStatus, { where: { id: userId } });
+      const result = await Borrower.update(userStatus, { where: { id: userId } });
       res.status(200).json(result);
     } catch (error) {
       res.status(500).json(error);
@@ -289,9 +341,16 @@ class UserController {
 
   static async deleteUser(req, res, next) {
     const { userId } = req.params;
+    const { role } = req.query;
     try {
-      const result = await User.destroy({ where: { id: userId } });
-      res.status(200).json(result);
+      if (role === "lender") {
+        const result = await Lender.destroy({ where: { id: userId } });
+        res.status(200).json(result);
+      }
+      if (role === "borrower") {
+        const result = await Borrower.destroy({ where: { id: userId } });
+        res.status(200).json(result);
+      }
     } catch (error) {
       res.status(500).json(error);
     }

diff --git a/server/helpers/NodeMailer.js b/server/helpers/NodeMailer.js
@@ -17,7 +17,6 @@ async function sendMail(roomLink, email) {
   };
   try {
     const result = await transporter.sendMail(message);
-    console.log(result, "hoabh");
     if (result) {
       return {
         error: null,

diff --git a/server/helpers/admin.js b/server/helpers/admin.js
@@ -1,6 +1,6 @@
 const isAdmin = (email) => {
   const splittedEmail = email.split("@");
-  if (splittedEmail[splittedEmail.length - 1] === "protonmail.com") {
+  if (splittedEmail[splittedEmail.length - 1] === process.env.DOMAIN_EMAIL_ADMIN) {
     return true;
   } else {
     return false;

diff --git a/server/helpers/dailyCo.js b/server/helpers/dailyCo.js
@@ -9,7 +9,6 @@ async function createRoom(roomName, userEmail) {
       url: "https://api.daily.co/v1/rooms",
       headers: {
         authorization: `Bearer ${process.env.API_KEY_DAILY_CO}`,
-        // authorization: `Bearer 8b8b5a44c122c56ddf936637d5cc1b0eecec8afe030137b52b176fbec1ed0c08`,
       },
       data: {
         properties: {
@@ -23,13 +22,15 @@ async function createRoom(roomName, userEmail) {
       },
     });
     const { data } = result;
-    const emailSent = await sendMail(data, userEmail);
-    if (emailSent.accepted.length) {
+    const { error, result: nodemailerResult } = await sendMail(data, userEmail);
+
+    if (nodemailerResult) {
       return true;
     } else {
       return false;
     }
   } catch (error) {
+    console.log(error);
     return false;
   }
 }