260 lines
9.8 KiB
JavaScript
260 lines
9.8 KiB
JavaScript
const multer = require('multer');
|
|
const path = require('path');
|
|
const userService = require('../services/userService');
|
|
|
|
|
|
exports.addUser = async (req, res) => {
|
|
try {
|
|
const { hospital_id, role_id, ...rest } = req.body;
|
|
const result = await userService.addUser(hospital_id, role_id, { ...rest, password: req.body.password }, req.user.role, req.user.hospital_id);
|
|
res.status(201).json(result);
|
|
} catch (error) {
|
|
console.error('Error adding user:', error.message);
|
|
if (error.message.includes('Access denied') || error.message.includes('Email already exists')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('not found')) {
|
|
return res.status(404).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
};
|
|
|
|
exports.getUsersByHospital = async (req, res) => {
|
|
try {
|
|
const hospital_id = parseInt(req.params.hospital_id, 10);
|
|
const result = await userService.getUsersByHospital(hospital_id, req.user.role, req.user.hospital_id);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error fetching users:', error.message);
|
|
if (error.message.includes('Invalid hospital ID')) {
|
|
return res.status(400).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('not authorized')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.getProfilePhoto = async (req, res) => {
|
|
try {
|
|
const userId = req.params.id;
|
|
const result = await userService.getProfilePhoto(userId, req.user.role);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error fetching profile photo:', error.message);
|
|
if (error.message.includes('not authorized')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('not found')) {
|
|
return res.status(404).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.login = async (req, res) => {
|
|
try {
|
|
const { email, password } = req.body;
|
|
const result = await userService.login(email, password);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Login error:', error.message);
|
|
if (error.message.includes('Invalid email or password')) {
|
|
return res.status(401).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.logout = async (req, res) => {
|
|
try {
|
|
const authHeader = req.headers['authorization'];
|
|
const token = authHeader && authHeader.split(' ')[1];
|
|
const result = await userService.logout(token);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error during logout:', error.message);
|
|
if (error.message.includes('Access token required')) {
|
|
return res.status(401).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('Unauthorized access')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
// Configure multer for file uploads
|
|
const storage = multer.diskStorage({
|
|
destination: (req, file, cb) => {
|
|
cb(null, 'uploads/profile_photos');
|
|
},
|
|
filename: (req, file, cb) => {
|
|
const uniqueSuffix = `${Date.now()}-${Math.round(Math.random() * 1e9)}${path.extname(file.originalname)}`;
|
|
cb(null, `${file.fieldname}-${uniqueSuffix}`);
|
|
},
|
|
});
|
|
|
|
const upload = multer({
|
|
storage,
|
|
fileFilter: (req, file, cb) => {
|
|
if (file.mimetype.startsWith('image/')) {
|
|
cb(null, true);
|
|
} else {
|
|
cb(new Error('Only image files are allowed'), false);
|
|
}
|
|
},
|
|
limits: { fileSize: 5 * 1024 * 1024 }, // Limit file size to 5 MB
|
|
}).single('profile_photo');
|
|
|
|
exports.uploadProfilePhoto = async (req, res) => {
|
|
upload(req, res, async (err) => {
|
|
if (err) {
|
|
console.error('Error uploading file:', err.message);
|
|
return res.status(400).json({ error: err.message });
|
|
}
|
|
|
|
try {
|
|
const result = await userService.uploadProfilePhoto(req.user.id, req.file);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error updating photo URL in database:', error.message);
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
});
|
|
};
|
|
|
|
exports.editHospitalUser = async (req, res) => {
|
|
try {
|
|
const { id } = req.params;
|
|
const result = await userService.editHospitalUser(id, req.body, req.user.role);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error editing hospital user:', error.message);
|
|
if (error.message.includes('Access denied')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('not found')) {
|
|
return res.status(404).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('No valid fields')) {
|
|
return res.status(400).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.deleteHospitalUser = async (req, res) => {
|
|
try {
|
|
const { id } = req.params;
|
|
const result = await userService.deleteHospitalUser(id, req.user.role);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error deleting hospital user:', error.message);
|
|
if (error.message.includes('Access denied')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('not found')) {
|
|
return res.status(404).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.getAccessToken = async (req, res) => {
|
|
try {
|
|
const { refreshToken, user_id } = req.body;
|
|
const result = await userService.getAccessToken(refreshToken, user_id);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error generating access token:', error.message);
|
|
if (error.message.includes('required')) {
|
|
return res.status(400).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('Invalid or expired')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.getAccessTokenForSpurrinadmin = async (req, res) => {
|
|
try {
|
|
const { refreshToken, user_id } = req.body;
|
|
const result = await userService.getAccessTokenForSpurrinadmin(refreshToken, user_id);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error generating access token:', error.message);
|
|
if (error.message.includes('required')) {
|
|
return res.status(400).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('Invalid or expired')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.getRefreshTokenByUserId = async (req, res) => {
|
|
try {
|
|
const { user_id, role_id } = req.params;
|
|
const result = await userService.getRefreshTokenByUserId(user_id, role_id);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error fetching refresh token:', error.message);
|
|
if (error.message.includes('Invalid role_id')) {
|
|
return res.status(400).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('not found')) {
|
|
return res.status(404).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.getHospitalUserId = async (req, res) => {
|
|
try {
|
|
const { email, password } = req.body;
|
|
const result = await userService.getHospitalUserId(email, password);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error fetching hospital user:', error.message);
|
|
if (error.message.includes('required')) {
|
|
return res.status(400).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('Invalid email or password') || error.message.includes('not found')) {
|
|
return res.status(401).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
exports.updatePassword = async (req, res) => {
|
|
try {
|
|
const { id } = req.params;
|
|
const { new_password } = req.body;
|
|
const authHeader = req.headers.authorization;
|
|
const token = authHeader && authHeader.split(' ')[1];
|
|
const result = await userService.updatePassword(id, new_password, token);
|
|
res.status(200).json(result);
|
|
} catch (error) {
|
|
console.error('Error updating password:', error.message);
|
|
if (error.message.includes('required')) {
|
|
return res.status(400).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('Invalid or expired token')) {
|
|
return res.status(401).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('Token user does not match')) {
|
|
return res.status(403).json({ error: error.message });
|
|
}
|
|
if (error.message.includes('not found')) {
|
|
return res.status(404).json({ error: error.message });
|
|
}
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
module.exports
|