otherData.js 3.0 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
  1. const Merchant = require("../models/merchant");
  2. const bcrypt = require("bcryptjs");
  3. module.exports = {
  4. /*
  5. POST - logs the user in
  6. req.body = {
  7. email: email of the user,
  8. password: password of the user
  9. }
  10. Redirects to /dashboard
  11. */
  12. login: function(req, res){
  13. Merchant.findOne({email: req.body.email.toLowerCase()})
  14. .then((merchant)=>{
  15. if(merchant !== null){
  16. bcrypt.compare(req.body.password, merchant.password, (err, result)=>{
  17. if(result === true){
  18. //Check if email has not been verified
  19. if(merchant.status.includes("unverified")){
  20. req.session.error = "PLEASE VERIFY YOUR EMAIL ADDRESS";
  21. return res.redirect(`/verify/email/${merchant._id}`);
  22. }
  23. //Check for suspended account
  24. if(merchant.status.includes("suspended")){
  25. req.session.error = "ACCOUNT SUSPENDED. PLEASE CONTACT SUPPORT IF THIS IS IN ERROR";
  26. return res.redirect("/");
  27. }
  28. //Check for out of date access token
  29. let cutoff = new Date();
  30. cutoff.setDate(cutoff.getDate() + 1);
  31. if(merchant.pos === "square" && merchant.square.expires < cutoff){
  32. let data = await axios.post(`${process.env.SQUARE_ADDRESS}/oauth2/token`, {
  33. client_id: process.env.SUBLINE_SQUARE_APPID,
  34. client_secret: process.env.SUBLINE_SQUARE_APPSECRET,
  35. grant_type: "refresh_token",
  36. refresh_token: merchant.square.refreshToken
  37. });
  38. merchant.square.accessToken = data.data.access_token;
  39. merchant.square.expires = new Date(data.data.expires_at);
  40. await merchant.save();
  41. }
  42. req.session.user = merchant.session.sessionId;
  43. return res.redirect("/dashboard");
  44. }else{
  45. req.session.error = "INVALID EMAIL OR PASSWORD";
  46. return res.redirect("/login");
  47. }
  48. });
  49. }else{
  50. req.session.error = "INVALID EMAIL OR PASSWORD";
  51. return res.redirect("/login");
  52. }
  53. })
  54. .catch((err)=>{
  55. req.session.error = "ERROR: UNABLE TO RETRIEVE DATA";
  56. return res.redirect("/");
  57. });
  58. },
  59. /*
  60. GET - logs the user out
  61. Redirects to /
  62. */
  63. logout: function(req, res){
  64. req.session.user = undefined;
  65. return res.redirect("/");
  66. }
  67. }