diff --git a/model/admin.js b/model/admin.js index ddc5957..d3251e7 100644 --- a/model/admin.js +++ b/model/admin.js @@ -6,6 +6,8 @@ const AdminSchema = new mongoose.Schema({ password: String, fullName: String, Mobile: Number, + resetTokenExpiration: Date, + resetToken:String }) const Admin = mongoose.model('Admin', AdminSchema); diff --git a/model/ngo.js b/model/ngo.js index d39840b..401a357 100644 --- a/model/ngo.js +++ b/model/ngo.js @@ -7,7 +7,9 @@ const ngoRegisterSchema = new mongoose.Schema({ Mobile: { type: String, required: true }, NgoID: { type: String, required: true }, NgoLocation: { type: String, required: true }, - approved: { type: Boolean, default: false } // New field for approval status + approved: { type: Boolean, default: false }, + resetTokenExpiration: Date, + resetToken:String // New field for approval status }); diff --git a/routers/NgoRoutes.js b/routers/NgoRoutes.js index d8da0c7..fddc0ad 100644 --- a/routers/NgoRoutes.js +++ b/routers/NgoRoutes.js @@ -8,7 +8,7 @@ const bcrypt = require("bcrypt"); const saltRounds = 10; const jwt = require("jsonwebtoken"); -const transporter = require("../helpers/emailHelpers"); +const {transporter} = require("../helpers/emailHelpers"); const User = require("../model/user"); const Admin = require("../model/admin"); @@ -51,6 +51,7 @@ router.post("/NGO-login", async (req, res) => { router.post("/NGO-Registarion", async (req, res) => { // Check if the NGO already exists const existingNGO = await NGO.findOne({ username: req.body.username }); + console.log("existed ngo",existingNGO); if (existingNGO) { return res.status(400).json({ error: "NGO already exists" }); } @@ -112,6 +113,8 @@ router.post("/NGO-Registarion", async (req, res) => { console.error("Error creating NGO:", err); res.status(500).json({ error: "Internal server error" }); } + + // try { // await newNGO.save(); @@ -188,4 +191,162 @@ router.post("/NGO-Registarion", async (req, res) => { // }); }); +router.route("/forgot-password-ngo").get(async (req, res) => { + res.render("forget-password",{role:"ngo"}); +}); + +//send Email for the reset password +router.route("/forgot-password-ngo").post(async (req, res) => { + const { email } = req.body; + try { + const ngo = await NGO.findOne({ username:email }); + + if (!ngo) { + return res.send("Ngo Not Exist"); + } + + // Generate a reset token and save it to the user + const resetToken = jwt.sign( + { email: ngo.username }, + process.env.ACCESS_TOKEN_SECRET, + { expiresIn: "1h" } + ); + + ngo.resetTokenExpiration = Date.now() + 300000; // 5 minutes + ngo.resetToken = resetToken; + + console.log("ngo after setting ", ngo); + await ngo.save(); + + // Send the reset link to the user via email + const resetLink = `http://localhost:3000/reset-password-ngo?email=${encodeURIComponent( + ngo.username + )}&token=${encodeURIComponent(resetToken)}`; // Replace with the actual path to your logo + console.log(resetLink); + const mailOptions = { + to: ngo.username, + subject: "Password Reset", + template: "reset-password", // Use the Handlebars template + context: { + ngo: { + fname: ngo.NGOName, + _id: ngo._id, + username: ngo.NGOName, + email: ngo.username, + }, + resetLink, + }, + attachments: [ + { + filename: "logo.png", + path: path.join("public", "img", "logo.png"), + cid: "logo", + }, + ], + }; + console.log("Ngo email:", ngo.username); + + transporter.sendMail(mailOptions, (error, info) => { + if (error) { + console.error(error); + return res.status(500).send("Error sending reset email"); + } + console.log(`Reset email sent: ${info.response}`); + res.send("Password reset link sent successfully"); + }); + } catch (error) { + console.error(error); + res.status(500).send("Internal Server Error"); + } +}); + +// verify Email and render reset password page +router.route("/reset-password-ngo").get(async (req, res) => { + const { email, token } = req.query; + try { + const ngo = await NGO.findOne({ + username:email, + resetToken: token, + resetTokenExpiration: { $gt: Date.now() }, + }); + + if (!ngo) { + return res.status(400).send("Invalid or expired reset token"); + } + + // Verify the token + try { + const decodedToken = jwt.verify(token, process.env.ACCESS_TOKEN_SECRET); + // Process the decoded token (e.g., extract information from it) + console.log(decodedToken); + // Continue with the reset-password logic + res.render("set_password", { email, token,role:"ngo" }); + } catch (error) { + // Handle JWT verification errors + console.error("JWT verification error:", error.message); + // You might want to send an error response or redirect the user + res.status(401).send("Unauthorized"); + } + } catch (error) { + console.error(error); + res.status(500).send("Internal Server Error"); + } +}); + +//verify the password +router.route("/reset-password-ngo").post(async (req, res) => { + const { email, token } = req.query; + const { newPassword } = req.body; + // console.log(" User Info",email,token,newPassword); + + try { + // Verify the token again + const ngo = await NGO.findOne({ + username:email, + resetToken: token, + resetTokenExpiration: { $gt: Date.now() }, + }); + + if (!ngo) { + return res.status(400).send("Invalid or expired reset token"); + } + + try { + const decodedToken = jwt.verify(token, process.env.ACCESS_TOKEN_SECRET); + // Process the decoded token (e.g., extract information from it) + console.log(decodedToken); + + // Update the user's password and reset the resetToken fields + const hash = await bcrypt.hash(newPassword, saltRounds); + ngo.password = hash; + ngo.resetToken = null; + ngo.resetTokenExpiration = null; + await ngo.save(); + + const dooner = await User.find(); + + return res.render("NGO-DashBoard", { + fullName: ngo.NGOName, + email: ngo.username, + id: ngo.NGOID, + phoneNo: ngo.Mobile, + address: ngo.NGOLocation, + Donation: dooner, + Pickup: dooner, + complain: "", + }); + + // Redirect to login page or any other desired page + } catch (error) { + // Handle JWT verification errors + console.error("JWT verification error:", error.message); + // You might want to send an error response or redirect the user + res.status(401).send("Unauthorized"); + } + } catch (error) { + console.error(error); + res.status(500).send("Internal Server Error"); + } +}); + module.exports = router; diff --git a/routers/adminRoutes.js b/routers/adminRoutes.js index 4099282..42c175c 100644 --- a/routers/adminRoutes.js +++ b/routers/adminRoutes.js @@ -417,4 +417,165 @@ router.post("/complains-response/:email/:userId/:id", async (req, res) => { } }); +router.route("/forgot-password-admin").get(async (req, res) => { + res.render("forget-password",{role:"admin"}); +}); + +//send Email for the reset password +router.route("/forgot-password-admin").post(async (req, res) => { + const { email } = req.body; + try { + const admin = await Admin.findOne({ email }); + if (!admin) { + return res.send("Admin Not Exist"); + } + + // Generate a reset token and save it to the user + const resetToken = jwt.sign( + { email: admin.email }, + process.env.ACCESS_TOKEN_SECRET, + { expiresIn: "1h" } + ); + + admin.resetTokenExpiration = Date.now() + 300000; // 5 minutes + admin.resetToken = resetToken; + + console.log("use after setting ", admin); + await admin.save(); + + // Send the reset link to the user via email + const resetLink = `http://localhost:3000/reset-password-admin?email=${encodeURIComponent( + admin.email + )}&token=${encodeURIComponent(resetToken)}`; // Replace with the actual path to your logo + console.log(resetLink); + const mailOptions = { + to: admin.email, + subject: "Password Reset", + template: "reset-password", // Use the Handlebars template + context: { + admin: { + fname: admin.fullName, + _id: admin._id, + username: admin.username, + email: admin.email, + }, + resetLink, + }, + attachments: [ + { + filename: "logo.png", + path: path.join("public", "img", "logo.png"), + cid: "logo", + }, + ], + }; + console.log("Admin email:", admin.email); + + transporter.sendMail(mailOptions, (error, info) => { + if (error) { + console.error(error); + return res.status(500).send("Error sending reset email"); + } + console.log(`Reset email sent: ${info.response}`); + res.send("Password reset link sent successfully"); + }); + } catch (error) { + console.error(error); + res.status(500).send("Internal Server Error"); + } +}); + +// verify Email and render reset password page +router.route("/reset-password-admin").get(async (req, res) => { + const { email, token } = req.query; + try { + const admin = await Admin.findOne({ + email, + resetToken: token, + resetTokenExpiration: { $gt: Date.now() }, + }); + + if (!admin) { + return res.status(400).send("Invalid or expired reset token"); + } + + // Verify the token + try { + const decodedToken = jwt.verify(token, process.env.ACCESS_TOKEN_SECRET); + // Process the decoded token (e.g., extract information from it) + console.log(decodedToken); + // Continue with the reset-password logic + res.render("set_password", { email, token,role:"admin"}); + } catch (error) { + // Handle JWT verification errors + console.error("JWT verification error:", error.message); + // You might want to send an error response or redirect the user + res.status(401).send("Unauthorized"); + } + } catch (error) { + console.error(error); + res.status(500).send("Internal Server Error"); + } +}); + +//verify the password +router.route("/reset-password-admin").post(async (req, res) => { + const { email, token } = req.query; + const { newPassword } = req.body; + // console.log(" User Info",email,token,newPassword); + + try { + // Verify the token again + const admin = await Admin.findOne({ + email, + resetToken: token, + resetTokenExpiration: { $gt: Date.now() }, + }); + + if (!admin) { + return res.status(400).send("Invalid or expired reset token"); + } + + try { + const decodedToken = jwt.verify(token, process.env.ACCESS_TOKEN_SECRET); + // Process the decoded token (e.g., extract information from it) + console.log(decodedToken); + + // Update the user's password and reset the resetToken fields + const hash = await bcrypt.hash(newPassword, saltRounds); + admin.password = hash; + admin.resetToken = null; + admin.resetTokenExpiration = null; + await admin.save(); + + const dooner = await User.find(); // Assuming User is your Mongoose model for users + const ngo = await NGO.find(); + + //return UNRESOLVED query + const query1 = await problem.find({ answere: { $exists: false } }); + + return res.render("Admin_DashBoard", { + fullName: admin.fullName, + email: admin.email, + phoneNo: admin.Mobile, + address: admin.address, + NGOname: ngo, + Donername: dooner, + UserName: "sahil114", + complain: query1, + }); + + // Redirect to login page or any other desired page + } catch (error) { + // Handle JWT verification errors + console.error("JWT verification error:", error.message); + // You might want to send an error response or redirect the user + res.status(401).send("Unauthorized"); + } + } catch (error) { + console.error(error); + res.status(500).send("Internal Server Error"); + } +}); + module.exports = router; diff --git a/routers/userRoutes.js b/routers/userRoutes.js index 1463311..d79434a 100644 --- a/routers/userRoutes.js +++ b/routers/userRoutes.js @@ -318,12 +318,12 @@ router.post("/User_singUp", async function (req, res) { } }); -router.route("/forgot-password").get(async (req, res) => { - res.render("forget-password"); +router.route("/forgot-password-user").get(async (req, res) => { + res.render("forget-password",{role:"user"}); }); //send Email for the reset password -router.route("/forgot-password").post(async (req, res) => { +router.route("/forgot-password-user").post(async (req, res) => { const { email } = req.body; try { const user = await User.findOne({ email }); @@ -345,7 +345,7 @@ router.route("/forgot-password").post(async (req, res) => { await user.save(); // Send the reset link to the user via email - const resetLink = `http://localhost:3000/reset-password?email=${encodeURIComponent( + const resetLink = `http://localhost:3000/reset-password-user?email=${encodeURIComponent( user.email )}&token=${encodeURIComponent(resetToken)}`; // Replace with the actual path to your logo console.log(resetLink); @@ -387,7 +387,7 @@ router.route("/forgot-password").post(async (req, res) => { }); // verify Email and render reset password page -router.route("/reset-password").get(async (req, res) => { +router.route("/reset-password-user").get(async (req, res) => { const { email, token } = req.query; try { const user = await User.findOne({ @@ -406,7 +406,7 @@ router.route("/reset-password").get(async (req, res) => { // Process the decoded token (e.g., extract information from it) console.log(decodedToken); // Continue with the reset-password logic - res.render("set_password", { email, token }); + res.render("set_password", { email, token,role:"user" }); } catch (error) { // Handle JWT verification errors console.error("JWT verification error:", error.message); @@ -420,7 +420,7 @@ router.route("/reset-password").get(async (req, res) => { }); //verify the password -router.route("/reset-password").post(async (req, res) => { +router.route("/reset-password-user").post(async (req, res) => { const { email, token } = req.query; const { newPassword } = req.body; // console.log(" User Info",email,token,newPassword); @@ -448,12 +448,13 @@ router.route("/reset-password").post(async (req, res) => { user.resetToken = null; user.resetTokenExpiration = null; await user.save(); - + const userQuerys = await Query.find({ user_id: user._id }); return res.render("UserDashBoard", { fullName: user.fullName, email: user.email, phoneNo: user.Mobile, address: user.address, + complain:userQuerys }); // Redirect to login page or any other desired page diff --git a/views/NGO-Dashboard.ejs b/views/NGO-Dashboard.ejs index fba7d88..c7e4ee9 100644 --- a/views/NGO-Dashboard.ejs +++ b/views/NGO-Dashboard.ejs @@ -137,7 +137,7 @@ - + + + + +