77 lines
1.8 KiB
JavaScript
77 lines
1.8 KiB
JavaScript
const cds = require("@sap/cds");
|
|
const jwt = require("jsonwebtoken");
|
|
const bcrypt = require("bcrypt");
|
|
|
|
const { ACCESS_TOKEN_SECRET } = cds.env;
|
|
const ACCESS_TOKEN_EXP_IN = "10m";
|
|
|
|
module.exports = async function () {
|
|
const db = await cds.connect.to("db");
|
|
const { Employees, Customers } = db.entities;
|
|
|
|
const getUserEntity = (isCustomer) => (isCustomer ? Customers : Employees);
|
|
|
|
this.on("updatePerson", async (req) => {
|
|
await UPDATE(
|
|
getUserEntity(req.user && req.user._roles && req.user.is("customer"))
|
|
)
|
|
.set(req.data.person)
|
|
.where({ ID: req.user.attr.ID });
|
|
});
|
|
|
|
this.on("getPerson", async (req) => {
|
|
return await db.run(
|
|
SELECT.one(
|
|
getUserEntity(req.user && req.user._roles && req.user.is("customer"))
|
|
)
|
|
.columns(
|
|
"lastName",
|
|
"firstName",
|
|
"city",
|
|
"state",
|
|
"address",
|
|
"country",
|
|
"postalCode",
|
|
"phone",
|
|
"fax",
|
|
"email"
|
|
)
|
|
.where({ email: req.user.id })
|
|
);
|
|
});
|
|
|
|
this.on("login", async (req) => {
|
|
const { email, password } = req.data;
|
|
|
|
let userFromDb = await db.run(SELECT.one(Employees).where({ email }));
|
|
let roles = ["employee"];
|
|
if (!userFromDb) {
|
|
userFromDb = await db.run(SELECT.one(Customers).where({ email }));
|
|
roles = ["customer"];
|
|
}
|
|
|
|
const userEqualPassword = await bcrypt.compare(
|
|
password,
|
|
userFromDb.password
|
|
);
|
|
if (!userEqualPassword) {
|
|
req.reject(401);
|
|
}
|
|
|
|
const token = jwt.sign(
|
|
{ email, ID: userFromDb.ID, roles },
|
|
ACCESS_TOKEN_SECRET,
|
|
{
|
|
expiresIn: ACCESS_TOKEN_EXP_IN,
|
|
}
|
|
);
|
|
|
|
return {
|
|
token,
|
|
roles,
|
|
email: userFromDb.email,
|
|
ID: userFromDb.ID,
|
|
};
|
|
});
|
|
};
|