vendor.js
3.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
"use strict";
const { getService } = require("@strapi/plugin-users-permissions/server/utils");
/**
* vendor controller
*/
const { createCoreController } = require("@strapi/strapi").factories;
module.exports = createCoreController("api::vendor.vendor", () => ({
async create(ctx) {
// console.log("ctx", ctx.request.body);
// Get user from user entity
const currentUser = await strapi
.query("plugin::users-permissions.user")
.findOne({
populate: ["user"],
where: {
$and: [{ email: ctx.request.body.data.email }],
},
});
// Check if its already existing in vendor entity
// console.log("currentUser", currentUser);
let existingUser;
existingUser = await strapi.entityService.findMany("api::vendor.vendor", {
fields: ["id"],
filter: { phoneNumber: ctx.request.body.data.phoneNumber },
});
if (!existingUser) {
existingUser = await strapi.entityService.findMany("api::vendor.vendor", {
fields: ["id"],
filters: { email: ctx.request.body.data.email },
});
}
// Generate one time password (otp)
const oneTimePassword = Math.floor(1000 + Math.random() * 9000);
await strapi.entityService.update(
"plugin::users-permissions.user",
currentUser.id,
{
data: {
oneTimePassword: `${oneTimePassword}`,
},
}
);
const date = new Date();
// TODO: Code to send OTP on email
// TODO: Code to send OTP on SMS
if (existingUser && existingUser.length !== 0) {
} else {
ctx.request.body.data.user = currentUser.id;
const response = await strapi.entityService.create("api::vendor.vendor", {
data: { ...ctx.request.body.data, publishedAt: date },
});
console.log("response", response);
return { otpSent: true, data: response };
// ctx.request.body.data.user = currentUser;
// console.log("ctx.request.body.data", ctx.request.body.data);
// return await super.create(ctx);
}
ctx.send({
ok: true,
message: "Existing vendor found, skipping creation only sent OTP.",
});
},
async finishVendorOtpVerification(ctx) {
const { email, oneTimePassword } = ctx.request.body;
// 1. Identify the end-user record using the above.
console.log("email", email, oneTimePassword);
const vendorUser = await strapi
.query("plugin::users-permissions.user")
.findOne({
populate: ["user"],
where: {
$and: [{ email: email }],
},
});
if (!vendorUser) {
// throw new ValidationError("Invalid mobile number");
ctx.send({ ok: false, message: "Invalid mobile number" });
}
console.log("endUser", vendorUser);
// 2. Then identify the user record using step 1.
// 3. Verify otp.
const user = await strapi.query("plugin::users-permissions.user").findOne({
where: {
$and: [{ id: vendorUser.id }, { oneTimePassword: oneTimePassword }],
},
});
console.log("USER", user);
if (!user || user.blocked) {
console.log("invalid otp >>");
ctx.send({
ok: false,
message: "OTP is invalid, please enter the correct OTP!",
});
}
if (user) {
await getService("user").edit(user.id, {
oneTimePassword: null,
confirmed: true,
});
}
// 4. stamp otp in user to null.
if (user) {
ctx.send({ ok: true, message: "user registered" });
} else if (!user) {
ctx.send({
ok: false,
message: "OTP is invalid, please enter the correct OTP!",
});
}
},
}));