diff --git a/constants/api-responses.js b/constants/api-responses.js index 047edc09b..6bd96455b 100644 --- a/constants/api-responses.js +++ b/constants/api-responses.js @@ -35,5 +35,7 @@ module.exports = { "FILE_NOT_PROVIDED": "File not provided", "FILE_UPLOADED_SUCCESSFULLY": "File uploaded successfully", "SIGNED_URL_GENERATED_SUCCESSFULLY": "Signed Url Generated Successfully", - "INCORRECT_INTERNAL_ACCESS_TOKEN": "Invalid internal access token" + "INCORRECT_INTERNAL_ACCESS_TOKEN": "Invalid internal access token", + "USER_IS_A_MENTOR":"User has mentor access", + "USER_IS_NOT_A_MENTOR":"User does't have mentor access" }; \ No newline at end of file diff --git a/constants/common.js b/constants/common.js index f416bd38f..86bc40671 100644 --- a/constants/common.js +++ b/constants/common.js @@ -38,6 +38,7 @@ module.exports = { '/user/v1/systemUsers/login' ], uploadUrls: [ - 'bulkCreateMentors' + 'bulkCreateMentors', + '/user/v1/account/verifyMentor' ] }; \ No newline at end of file diff --git a/controllers/v1/account.js b/controllers/v1/account.js index 5e3300d18..c2ca2cea6 100644 --- a/controllers/v1/account.js +++ b/controllers/v1/account.js @@ -137,4 +137,25 @@ module.exports = class Account { return error; } } + + /** + * Reset password + * @method + * @name verifyMentor + * @param {Object} req -request data. + * @returns {JSON} - verifies user is mentor or not + */ + + + async verifyMentor(req) { + try { + console.log("req.query",req.query); + const result = await accountHelper.verifyMentor(req.query.userId); + return result; + } catch (error) { + return error; + } + } + + } \ No newline at end of file diff --git a/middlewares/authenticator.js b/middlewares/authenticator.js index 80c2646c3..fce615bae 100644 --- a/middlewares/authenticator.js +++ b/middlewares/authenticator.js @@ -11,21 +11,39 @@ const httpStatusCode = require('../generics/http-status'); const apiResponses = require('../constants/api-responses'); const common = require('../constants/common'); -module.exports = (req, res, next) => { +module.exports = async function (req, res, next) { + - if (!common.guestUrls.includes(req.url)) { + + let internalAccess = false; + await Promise.all(common.uploadUrls.map(async function (path) { + if (req.path.includes(path)) { + if (req.headers.internal_access_token && process.env.INTERNAL_ACCESS_TOKEN == req.headers.internal_access_token) { + internalAccess =true; + } + } + })); + if (internalAccess == true) { + next(); + return; + } + else if (!common.guestUrls.includes(req.url)) { + + + const authHeader = req.get('X-auth-token'); if (!authHeader) { throw common.failureResponse({ message: apiResponses.UNAUTHORIZED_REQUEST, statusCode: httpStatusCode.unauthorized, responseCode: 'UNAUTHORIZED' }); } - let splittedUrl = req.url.split('/'); - - if (common.uploadUrls.includes(splittedUrl[splittedUrl.length - 1])) { - if (!req.headers.internal_access_token || process.env.INTERNAL_ACCESS_TOKEN !== req.headers.internal_access_token) { - throw common.failureResponse({ message: apiResponses.INCORRECT_INTERNAL_ACCESS_TOKEN, statusCode: httpStatusCode.unauthorized, responseCode: 'UNAUTHORIZED' }); - } - } + + // let splittedUrl = req.url.split('/'); + // if (common.uploadUrls.includes(splittedUrl[splittedUrl.length - 1])) { + // if (!req.headers.internal_access_token || process.env.INTERNAL_ACCESS_TOKEN !== req.headers.internal_access_token) { + // throw common.failureResponse({ message: apiResponses.INCORRECT_INTERNAL_ACCESS_TOKEN, statusCode: httpStatusCode.unauthorized, responseCode: 'UNAUTHORIZED' }); + // } + // } + const authHeaderArray = authHeader.split(' '); if (authHeaderArray[0] !== 'bearer') { @@ -45,6 +63,7 @@ module.exports = (req, res, next) => { } req.decodedToken = decodedToken.data; - } + } + next(); }; diff --git a/routes/index.js b/routes/index.js index ea463b526..f52ed2ac7 100644 --- a/routes/index.js +++ b/routes/index.js @@ -79,10 +79,11 @@ module.exports = (app) => { } - app.all("/user/:version/:controller/:file/:method", validator, router); - app.all("/user/:version/:controller/:file/:method/:id", router); + app.all("/user/:version/:controller/:method", validator, router); app.all("/user/:version/:controller/:method/:id", validator, router); + app.all("/user/:version/:controller/:file/:method", validator, router); + app.all("/user/:version/:controller/:file/:method/:id", router); app.use((req, res, next) => { res.status(404).json({ diff --git a/services/helper/account.js b/services/helper/account.js index f09055315..1e666ef1f 100644 --- a/services/helper/account.js +++ b/services/helper/account.js @@ -257,4 +257,22 @@ module.exports = class AccountHelper { } }) } + + + static async verifyMentor(userId) { + try { + + let user = await usersData.findOne({ '_id': userId },{ "isAMentor":1 }); + if(!user){ + return common.failureResponse({ message: apiResponses.USER_DOESNOT_EXISTS, statusCode: httpStatusCode.bad_request, responseCode: 'CLIENT_ERROR' }); + } else if(user && user.isAMentor==true){ + return common.successResponse({ statusCode: httpStatusCode.ok, message: apiResponses.USER_IS_A_MENTOR, result:user }); + } else { + return common.successResponse({ statusCode: httpStatusCode.ok, message: apiResponses.USER_IS_NOT_A_MENTOR, result:user }); + } + + } catch(error) { + throw error; + } + } } \ No newline at end of file