estatesfunding/ef-api/controllers/user.js

import dotenv from "dotenv";
import UserModal from "../models/user.js";
import mongoose from 'mongoose';
import bcrypt from "bcryptjs";
import jwt from "jsonwebtoken";
import { sendEmail } from "../utils/sendEmail.js";

dotenv.config();
const secret = process.env.SECRET_KEY;

// This is signup
export const signup = async (req, res) => {
  const { title, email, password, firstName, middleName, lastName, termsconditions, userType, profileImage } = req.body;

  function generateRandomNumber() {
    return Math.floor(Math.random() * 90000) + 10000;
  }

  try {
    // Check if user already exists
    const oldUser = await UserModal.findOne({ email });
    if (oldUser) {
      return res.status(400).json({ message: "User already exists" });
    }

    // Hash the password
    const hashedPassword = await bcrypt.hash(password, 12);
    const randomNumber = generateRandomNumber().toString();
    const userId = `ELUI${randomNumber}`;

    // Create new user
    const result = await UserModal.create({
      title,
      email,
      password: hashedPassword,
      firstName,
      middleName,
      lastName,
      termsconditions,
      userType,
      userId:userId,
      profileImage,
    });
    console.log("result", result)

    // Generate JWT (if needed)
    const token = jwt.sign({ email: result.email, id: result._id }, secret, { expiresIn: "7h" });

        // Save the token in the user's tokens array
        result.tokens.push({ token });
        await result.save();

    const url = `Click on the link ${process.env.RETURN_URL}/users/${result._id}/verify/${token}`;
    await sendEmail(result.email, "Verify Email", url);

    // Send the user info and token back to the client
    res.status(201).json({ result, token });

  } catch (error) {
    console.error(error);
    res.status(500).json({ message: "Something went wrong" });
  }
};

//This is to verify user

export const verifyUser = async (req, res) => {
  try {
    const user = await UserModal.findOne({ _id: req.params.id });
    if (!user) return res.status(400).send({ message: "Invalid link" });

    const token = user.tokens.find(
      (tokenObj) => tokenObj.token === req.params.token
    );
    if (!token) return res.status(400).send({ message: "Invalid link" });

    // Update the user's verified status to true
    user.verified = true;
    await user.save();

    // Remove the token from the tokens array
    user.tokens = user.tokens.filter(
      (tokenObj) => tokenObj.token !== req.params.token
    );
    await user.save();

    res.status(200).send({ message: "Email verified successfully" });
  } catch (error) {
    res.status(500).send({ message: "Internal Server Errors" });
  }
};

// This is signIn
export const signin = async (req, res) => {
  const { email, password } = req.body;

  try {
    const oldUser = await UserModal.findOne({ email });
    if (!oldUser)
      return res.status(404).json({ message: "User doesn't exist" });

    const isPasswordCorrect = await bcrypt.compare(password, oldUser.password);

    if (!isPasswordCorrect)
      return res.status(400).json({ message: "Invalid credentials" });

    if (!oldUser.verified) {
      return res.status(401).json({ message: "User is not verified" });
    }

    const token = jwt.sign({ email: oldUser.email, id: oldUser._id }, secret, {
      expiresIn: "8h",
    });

    res.status(200).json({ result: oldUser, token });
  } catch (error) {
    res.status(500).json({ message: "Something went wrong" });
    console.log(error);
  }
};

//To show user

export const showUser = async (req, res) => {
  const { userId } = req.params;

  // Optional: Validate if userId is a MongoDB ObjectId
  if (mongoose.Types.ObjectId.isValid(userId)) {
    try {
      const user = await UserModal.findById(userId);
      if (!user) {
        return res.status(404).json({ message: 'User not found' });
      }
      return res.json(user);
    } catch (error) {
      return res.status(500).json({ message: 'Server Error' });
    }
  } else {
    // If the userId is not an ObjectId, search by other fields (e.g., custom userId)
    try {
      const user = await UserModal.findOne({ userId }); // Adjust based on how your schema stores userId
      if (!user) {
        return res.status(404).json({ message: 'User not found' });
      }
      return res.json(user);
    } catch (error) {
      return res.status(500).json({ message: 'Server Error' });
    }
  }
};


//forgot password

export const forgotPassword = async (req, res) => {
  const { email } = req.body;

  try {
    const user = await UserModal.findOne({ email });
    if (!user) {
      return res.status(404).json({ message: "User not found" });
    }

    const secrets = secret + user.password;
    const token = jwt.sign({ email: user.email, id: user._id }, secrets, {
      expiresIn: "5m",
    });
    user.resetToken = token;
    user.resetTokenExpiration = Date.now() + 300000; // 5 minutes
    await user.save();
    res.status(200).send({ message: "Reset Email alert sent successfully" });

    const url = `CLick on the link ${process.env.RETURN_URL}/users/resetpassword/${user._id}/${token}`;

    await sendEmail(user.email, "Reset Email", url);
    // res.json({ message: 'Password reset successful' });
  } catch (err) {
    console.error("Forgot Password Error:", err);
    res.status(500).json({ message: "Something went wrong" });
  }
};

// To reset password

export const resetPassword = async (req, res) => {
  const { id, token } = req.params;
  const { password } = req.body;

  try {
    if (!password || password.trim() === "") {
      return res.status(400).json({ message: "Password not entered" });
    }

    const user = await UserModal.findOne({ _id: id });
    if (!user) {
      return res.json({ status: "User Not Exists!!" });
    }

    // Update the user's password and clear the reset token
    user.password = await bcrypt.hash(password, 12);
    // user.resetToken = undefined;
    // user.resetTokenExpiration = undefined;
    user.resetToken = token;
    user.resetTokenExpiration = Date.now() + 300000; // 5 minutes

    await user.save();

    res.json({ message: "Password reset successful" });
  } catch (err) {
    console.error("Password Reset Error:", err);
    res.status(500).json({ message: "Something went wrong" });
  }
};


// Update user controller

export const updateUser = async (req, res) => {
  try {
    const { 
      userId, title, firstName, 
      middleName, lastName, email, 
      aboutme, city, state, county, zip, profileImage } = req.body;
    // Use findOneAndUpdate instead, querying by userId (custom field)
    const updatedUser = await UserModal.findOneAndUpdate(
      { userId }, // Query by custom userId, not ObjectId
      { title, firstName, middleName, lastName, email, aboutme, city, state, county, zip, profileImage },
      { new: true } // Return the updated document
    );

    console.log("updatedUser", updatedUser);

    if (!updatedUser) {
      return res.status(404).json({ message: "User not found" });
    }

    res.status(200).json(updatedUser);
  } catch (error) {
    console.error("Error updating user:", error);
    res.status(500).json({ message: "Error updating user", error });
  }
};


export const investFunds = async (req, res) => {
  const { userId,fundAmount } = req.body;

  // console.log("userId", userId, fundAmount);

  if (fundAmount <= 0) {
    return res.status(400).json({ message: "Investment amount must be greater than 0." });
  }

  try {
    const updatedUser = await UserModal.findOneAndUpdate(
      { userId }, // Query by custom userId, not ObjectId
      { fundAmount},
      { new: true } // Return the updated document
    );
    if (!updatedUser) {
      return res.status(404).json({ message: "User not found." });
    }
    res.status(200).json(updatedUser);
  } catch (error) {
    res.status(500).json({ message: "Something went wrong." });
  }
};
done 2024-09-04 00:52:26 +00:00			`import dotenv from "dotenv";`
			`import UserModal from "../models/user.js";`
done 2024-09-30 15:39:00 +00:00			`import mongoose from 'mongoose';`
done 2024-09-04 00:52:26 +00:00			`import bcrypt from "bcryptjs";`
			`import jwt from "jsonwebtoken";`
done 2024-09-07 14:08:04 +00:00			`import { sendEmail } from "../utils/sendEmail.js";`
done 2024-09-04 00:52:26 +00:00
			`dotenv.config();`
			`const secret = process.env.SECRET_KEY;`

			`// This is signup`
			`export const signup = async (req, res) => {`
done 2024-10-01 12:44:18 +00:00			`const { title, email, password, firstName, middleName, lastName, termsconditions, userType, profileImage } = req.body;`
done 2024-09-04 00:52:26 +00:00
done 2024-09-09 17:00:42 +00:00			`function generateRandomNumber() {`
			`return Math.floor(Math.random() * 90000) + 10000;`
			`}`

done 2024-09-04 00:52:26 +00:00			`try {`
			`// Check if user already exists`
			`const oldUser = await UserModal.findOne({ email });`
			`if (oldUser) {`
			`return res.status(400).json({ message: "User already exists" });`
			`}`

			`// Hash the password`
			`const hashedPassword = await bcrypt.hash(password, 12);`
done 2024-09-09 16:38:14 +00:00			`const randomNumber = generateRandomNumber().toString();`
done 2024-09-22 11:03:36 +00:00			const userId = `ELUI${randomNumber}`;
done 2024-09-04 00:52:26 +00:00
			`// Create new user`
			`const result = await UserModal.create({`
done 2024-09-07 07:48:55 +00:00			`title,`
done 2024-09-04 00:52:26 +00:00			`email,`
			`password: hashedPassword,`
			`firstName,`
done 2024-09-07 05:39:50 +00:00			`middleName,`
done 2024-09-04 00:52:26 +00:00			`lastName,`
done 2024-09-07 07:48:55 +00:00			`termsconditions,`
done 2024-09-07 11:26:52 +00:00			`userType,`
done 2024-09-09 16:38:14 +00:00			`userId:userId,`
done 2024-10-01 12:44:18 +00:00			`profileImage,`
done 2024-09-04 00:52:26 +00:00			`});`
done 2024-10-22 06:43:35 +00:00			`console.log("result", result)`
done 2024-09-04 00:52:26 +00:00
			`// Generate JWT (if needed)`
			`const token = jwt.sign({ email: result.email, id: result._id }, secret, { expiresIn: "7h" });`

			`// Save the token in the user's tokens array`
			`result.tokens.push({ token });`
			`await result.save();`

done 2024-09-07 13:58:47 +00:00			const url = `Click on the link ${process.env.RETURN_URL}/users/${result._id}/verify/${token}`;
			`await sendEmail(result.email, "Verify Email", url);`

done 2024-09-04 00:52:26 +00:00			`// Send the user info and token back to the client`
			`res.status(201).json({ result, token });`

			`} catch (error) {`
			`console.error(error);`
			`res.status(500).json({ message: "Something went wrong" });`
			`}`
			`};`

done 2024-09-07 13:58:47 +00:00			`//This is to verify user`

			`export const verifyUser = async (req, res) => {`
			`try {`
			`const user = await UserModal.findOne({ _id: req.params.id });`
			`if (!user) return res.status(400).send({ message: "Invalid link" });`

			`const token = user.tokens.find(`
			`(tokenObj) => tokenObj.token === req.params.token`
			`);`
			`if (!token) return res.status(400).send({ message: "Invalid link" });`

			`// Update the user's verified status to true`
			`user.verified = true;`
			`await user.save();`

			`// Remove the token from the tokens array`
			`user.tokens = user.tokens.filter(`
			`(tokenObj) => tokenObj.token !== req.params.token`
			`);`
			`await user.save();`

			`res.status(200).send({ message: "Email verified successfully" });`
			`} catch (error) {`
			`res.status(500).send({ message: "Internal Server Errors" });`
			`}`
			`};`

done 2024-09-07 07:48:55 +00:00			`// This is signIn`
done 2024-09-04 00:52:26 +00:00			`export const signin = async (req, res) => {`
			`const { email, password } = req.body;`

			`try {`
			`const oldUser = await UserModal.findOne({ email });`
			`if (!oldUser)`
			`return res.status(404).json({ message: "User doesn't exist" });`

			`const isPasswordCorrect = await bcrypt.compare(password, oldUser.password);`

			`if (!isPasswordCorrect)`
			`return res.status(400).json({ message: "Invalid credentials" });`

done 2024-09-09 17:09:58 +00:00			`if (!oldUser.verified) {`
			`return res.status(401).json({ message: "User is not verified" });`
			`}`
done 2024-09-04 00:52:26 +00:00
			`const token = jwt.sign({ email: oldUser.email, id: oldUser._id }, secret, {`
			`expiresIn: "8h",`
			`});`

			`res.status(200).json({ result: oldUser, token });`
			`} catch (error) {`
			`res.status(500).json({ message: "Something went wrong" });`
			`console.log(error);`
			`}`
done 2024-09-06 15:02:20 +00:00			`};`

			`//To show user`

			`export const showUser = async (req, res) => {`
done 2024-09-30 15:39:00 +00:00			`const { userId } = req.params;`

			`// Optional: Validate if userId is a MongoDB ObjectId`
			`if (mongoose.Types.ObjectId.isValid(userId)) {`
			`try {`
			`const user = await UserModal.findById(userId);`
			`if (!user) {`
			`return res.status(404).json({ message: 'User not found' });`
			`}`
			`return res.json(user);`
			`} catch (error) {`
			`return res.status(500).json({ message: 'Server Error' });`
			`}`
			`} else {`
			`// If the userId is not an ObjectId, search by other fields (e.g., custom userId)`
			`try {`
			`const user = await UserModal.findOne({ userId }); // Adjust based on how your schema stores userId`
			`if (!user) {`
			`return res.status(404).json({ message: 'User not found' });`
			`}`
			`return res.json(user);`
			`} catch (error) {`
			`return res.status(500).json({ message: 'Server Error' });`
done 2024-09-06 15:02:20 +00:00			`}`
			`}`
			`};`
done 2024-09-08 12:30:09 +00:00
done 2024-09-30 15:39:00 +00:00

done 2024-09-08 12:30:09 +00:00			`//forgot password`

			`export const forgotPassword = async (req, res) => {`
			`const { email } = req.body;`

			`try {`
			`const user = await UserModal.findOne({ email });`
			`if (!user) {`
			`return res.status(404).json({ message: "User not found" });`
			`}`

			`const secrets = secret + user.password;`
			`const token = jwt.sign({ email: user.email, id: user._id }, secrets, {`
			`expiresIn: "5m",`
			`});`
			`user.resetToken = token;`
			`user.resetTokenExpiration = Date.now() + 300000; // 5 minutes`
			`await user.save();`
			`res.status(200).send({ message: "Reset Email alert sent successfully" });`

			const url = `CLick on the link ${process.env.RETURN_URL}/users/resetpassword/${user._id}/${token}`;

			`await sendEmail(user.email, "Reset Email", url);`
			`// res.json({ message: 'Password reset successful' });`
			`} catch (err) {`
			`console.error("Forgot Password Error:", err);`
			`res.status(500).json({ message: "Something went wrong" });`
			`}`
			`};`

			`// To reset password`

			`export const resetPassword = async (req, res) => {`
			`const { id, token } = req.params;`
			`const { password } = req.body;`

			`try {`
			`if (!password \|\| password.trim() === "") {`
			`return res.status(400).json({ message: "Password not entered" });`
			`}`

			`const user = await UserModal.findOne({ _id: id });`
			`if (!user) {`
			`return res.json({ status: "User Not Exists!!" });`
			`}`

			`// Update the user's password and clear the reset token`
			`user.password = await bcrypt.hash(password, 12);`
			`// user.resetToken = undefined;`
			`// user.resetTokenExpiration = undefined;`
			`user.resetToken = token;`
			`user.resetTokenExpiration = Date.now() + 300000; // 5 minutes`

			`await user.save();`

			`res.json({ message: "Password reset successful" });`
			`} catch (err) {`
			`console.error("Password Reset Error:", err);`
			`res.status(500).json({ message: "Something went wrong" });`
			`}`
done 2024-09-30 15:39:00 +00:00			`};`


			`// Update user controller`

			`export const updateUser = async (req, res) => {`
			`try {`
done 2024-10-01 12:44:18 +00:00			`const {`
			`userId, title, firstName,`
			`middleName, lastName, email,`
			`aboutme, city, state, county, zip, profileImage } = req.body;`
done 2024-09-30 15:39:00 +00:00			`// Use findOneAndUpdate instead, querying by userId (custom field)`
			`const updatedUser = await UserModal.findOneAndUpdate(`
			`{ userId }, // Query by custom userId, not ObjectId`
done 2024-10-01 12:44:18 +00:00			`{ title, firstName, middleName, lastName, email, aboutme, city, state, county, zip, profileImage },`
done 2024-09-30 15:39:00 +00:00			`{ new: true } // Return the updated document`
			`);`

done 2024-10-22 06:43:35 +00:00			`console.log("updatedUser", updatedUser);`

done 2024-09-30 15:39:00 +00:00			`if (!updatedUser) {`
			`return res.status(404).json({ message: "User not found" });`
			`}`

			`res.status(200).json(updatedUser);`
			`} catch (error) {`
			`console.error("Error updating user:", error);`
			`res.status(500).json({ message: "Error updating user", error });`
			`}`
			`};`
done 2024-11-05 11:31:20 +00:00

			`export const investFunds = async (req, res) => {`
			`const { userId,fundAmount } = req.body;`

			`// console.log("userId", userId, fundAmount);`

			`if (fundAmount <= 0) {`
			`return res.status(400).json({ message: "Investment amount must be greater than 0." });`
			`}`

			`try {`
			`const updatedUser = await UserModal.findOneAndUpdate(`
			`{ userId }, // Query by custom userId, not ObjectId`
			`{ fundAmount},`
			`{ new: true } // Return the updated document`
			`);`
			`if (!updatedUser) {`
			`return res.status(404).json({ message: "User not found." });`
			`}`
			`res.status(200).json(updatedUser);`
			`} catch (error) {`
			`res.status(500).json({ message: "Something went wrong." });`
			`}`
			`};`