thomas
/
jagd-apps
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
jagd-apps/drohnenfuehrer/backend/controllers/handlerController.js

118 lines
3.9 KiB
JavaScript
Raw Blame History

const jwt = require('jsonwebtoken');
const bcrypt = require('bcryptjs');
const User = require('../models/User');
const config = require('../config/env');
const logger = require('../utils/logger');
// POST /api/handler/login — email + password
const handlerLogin = async (req, res) => {
try {
const { email, password } = req.body;
if (!email || !password) {
return res.status(400).json({ success: false, message: 'E-Mail und Passwort erforderlich' });
}
const user = await User.findOne({ email: email.trim().toLowerCase(), deleted: false });
if (!user || !user.passwordHash) {
return res.status(401).json({ success: false, message: 'Ungültige Anmeldedaten oder kein Passwort hinterlegt' });
}
const valid = await bcrypt.compare(password, user.passwordHash);
if (!valid) {
return res.status(401).json({ success: false, message: 'Ungültige Anmeldedaten' });
}
const token = jwt.sign(
{ id: user._id.toString(), role: 'handler' },
config.jwtSecret,
{ expiresIn: '12h' }
);
res.json({
success: true,
token,
user: {
id: user._id,
name: user.name,
email: user.email,
available: user.available,
type: user.type,
phone: user.phone,
landline: user.landline,
address: user.address
}
});
} catch (error) {
logger.error('Handler-Login Fehler:', error);
res.status(500).json({ success: false, message: 'Serverfehler beim Login' });
}
};
// POST /api/handler/set-password — set first password (handler provides token + new password)
// Admin first sets email, then the handler can set their own password
const setHandlerPassword = async (req, res) => {
try {
const { email, newPassword } = req.body;
if (!email || !newPassword || newPassword.length < 6) {
return res.status(400).json({ success: false, message: 'E-Mail und Passwort (min. 6 Zeichen) erforderlich' });
}
const user = await User.findOne({ email: email.trim().toLowerCase(), deleted: false });
if (!user) {
return res.status(404).json({ success: false, message: 'Kein Drohnenführer mit dieser E-Mail gefunden' });
}
user.passwordHash = await bcrypt.hash(newPassword, 12);
await user.save();
res.json({ success: true, message: 'Passwort erfolgreich gesetzt' });
} catch (error) {
logger.error('Passwort setzen Fehler:', error);
res.status(500).json({ success: false, message: 'Serverfehler' });
}
};
// PUT /api/handler/me — handler updates own availability + contact data
const updateHandlerSelf = async (req, res) => {
try {
const userId = req.handlerUser.id;
const { available, phone, landline, address } = req.body;
const update = {};
if (typeof available === 'boolean') update.available = available;
if (phone && phone.trim()) update.phone = phone.trim();
if (landline !== undefined) update.landline = landline ? landline.trim() : null;
if (address && address.trim()) update.address = address.trim();
const user = await User.findByIdAndUpdate(
userId,
update,
{ new: true, select: '-passwordHash' }
);
if (!user) {
return res.status(404).json({ success: false, message: 'Drohnenführer nicht gefunden' });
}
res.json({ success: true, data: user });
} catch (error) {
logger.error('Handler-Update Fehler:', error);
res.status(500).json({ success: false, message: 'Fehler beim Aktualisieren' });
}
};
// GET /api/handler/me — get own profile
const getHandlerSelf = async (req, res) => {
try {
const user = await User.findById(req.handlerUser.id).select('-passwordHash');
if (!user) return res.status(404).json({ success: false, message: 'Nicht gefunden' });
res.json({ success: true, data: user });
} catch (error) {
res.status(500).json({ success: false, message: 'Serverfehler' });
}
};
module.exports = { handlerLogin, setHandlerPassword, updateHandlerSelf, getHandlerSelf };
Reference in New Issue View Git Blame Copy Permalink