'use strict'; const Joi = require('joi'); const { encryptSha1, compareSha1 } = require('iut-encrypt-cemal'); // Importe les fonctions d'encryption const Jwt = require('@hapi/jwt'); module.exports = [ { method: 'post', path: '/user', options: { auth: false, tags:['api'], validate: { payload: Joi.object({ scope: Joi.string().valid('admin', 'user').example('admin').description('Scope of the user (user or admin)'), firstName: Joi.string().required().min(3).example('John').description('Firstname of the user'), lastName: Joi.string().required().min(3).example('Doe').description('Lastname of the user'), username: Joi.string().required().min(3).example('john_doe').description('Username of the user'), email: Joi.string().email().required().example('john@example.com').description('Email address of the user'), password: Joi.string().required().min(8).example('password123').description('Password of the user') }) } }, handler: async (request, h) => { const { userService } = request.services(); const { emailService } = request.services(); //send welcome email const { email, firstName, lastName } = request.payload; await emailService.sendEmail( email, firstName, lastName, 'welcome', '\n' + '\n' + '\n' + '\n' + ' \n' + ' \n' + ' Welcome to Our Application!\n' + ' \n' + '\n' + '\n' + '\n' + '
\n' + '
\n' + '

Welcome to Our Application!

\n' + '
\n' + '
\n' + '

Hello,

\n' + '

We are thrilled to have you join our community! Your journey with us begins now, and we can\'t wait to\n' + ' share\n' + ' all the exciting features and updates we have in store for you.

\n' + '

To get started, simply log in to your account and explore everything our application has to offer.\n' + ' Don\'t hesitate to reach out to our support team if you have any questions or need assistance along the\n' + ' way.

\n' + ' Log In Now\n' + '

Happy exploring!

\n' + '
\n' + '
\n' + '

© 2024 Cemal. All rights reserved.

\n' + '
\n' + '
\n' + '\n' + '\n' + '\n' ); // Appelle la méthode create du userService en passant les champs nécessaires return await userService.create({ scope: request.payload.scope, firstName: request.payload.firstName, lastName: request.payload.lastName, username: request.payload.username, email: request.payload.email, password: request.payload.password }); } }, { method: 'GET', path: '/users', options: { tags: ['api'], }, handler: async (request, h) => { const { User } = request.models(); // Récupère tous les utilisateurs dans la base de données const users = await User.query(); return users; // Renvoie tous les utilisateurs } }, { method: 'DELETE', path: '/user/{id}', options: { auth: { scope : 'admin' }, tags: ['api'], validate: { params: Joi.object({ id: Joi.number().integer().positive().required().example(1).description('ID of the user to delete') }) } }, handler: async (request, h) => { const { userService } = request.services(); const { id } = request.params; // Appelle la méthode delete du userService pour supprimer l'utilisateur par son ID await userService.delete(id); // Renvoie une réponse vide lorsque la suppression se déroule correctement return 'deleted'; } }, { method: 'PATCH', path: '/user/{id}', options: { auth: { strategy: 'jwt', scope : ['admin'] }, tags: ['api'], validate: { params: Joi.object({ id: Joi.number().integer().positive().required().example(1).description('ID of the user to update') }), payload: Joi.object({ scope: Joi.string().valid('admin').example('admin').description('New scope of the user'), username: Joi.string().min(3).example('john_doe').description('New username of the user'), firstName: Joi.string().min(3).example('John').description('New firstname of the user'), lastName: Joi.string().min(3).example('Doe').description('New lastname of the user'), email: Joi.string().email().example('john@example.com').description('New email address of the user'), password: Joi.string().min(8).example('password123').description('New password of the user') }) } }, handler: async (request, h) => { const { userService } = request.services(); const { id } = request.params; // Appelle la méthode update du userService pour mettre à jour l'utilisateur par son ID return await userService.update(id, request.payload); } }, { method: 'POST', path: '/user/login', options: { auth: false, tags: ['api'], validate: { payload: Joi.object({ email: Joi.string().email().required().example('john@example.com').description('Email address of the user'), password: Joi.string().min(8).required().example('password123').description('Password of the user') }) } }, handler: async (request, h) => { const {User} = request.models(); const {email, password} = request.payload; // Récupère l'utilisateur par son email depuis la base de données const user = await User.query().findOne({email}); // Vérifie si l'utilisateur existe et si le mot de passe est valide if (user && compareSha1(password, user.password)) { // Génère un JWT avec les informations de l'utilisateur const token = Jwt.token.generate({ aud: 'urn:audience:iut', iss: 'urn:issuer:iut', firstName: user.firstName, lastName: user.lastName, email: user.email, scope: user.scope, }, { key: 'random_string', // Clé secrète pour signer le JWT (devrait être stockée en toute sécurité) algorithm: 'HS512' }, { ttlSec: 14400 // Durée de validité du JWT en secondes (4 heures) }); // Retourne le JWT généré return {token}; } else { // Si le mot de passe n'est pas correct, retourne une réponse 401 Unauthorized return h.response().code(401); } }, } ];