const nocodbService = require('../services/nocodb'); class AuthController { async login(req, res) { try { const { email, password } = req.body; // Validate input if (!email || !password) { return res.status(400).json({ success: false, error: 'Email and password are required' }); } // Validate email format const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/; if (!emailRegex.test(email)) { return res.status(400).json({ success: false, error: 'Invalid email format' }); } console.log('Login attempt:', { email, ip: req.ip, userAgent: req.headers['user-agent'] }); // Fetch user from NocoDB const user = await nocodbService.getUserByEmail(email); if (!user) { console.warn(`No user found with email: ${email}`); return res.status(401).json({ success: false, error: 'Invalid email or password' }); } // Check password if (user.Password !== password && user.password !== password) { console.warn(`Invalid password for email: ${email}`); return res.status(401).json({ success: false, error: 'Invalid email or password' }); } // Update last login time try { // Debug: Log user object structure console.log('User object keys:', Object.keys(user)); console.log('User ID candidates:', { ID: user.ID, Id: user.Id, id: user.id }); const userId = user.ID || user.Id || user.id; if (userId) { await nocodbService.updateUser(userId, { 'Last Login': new Date().toISOString() }); } else { console.warn('No valid user ID found for updating last login time'); } } catch (updateError) { console.warn('Failed to update last login time:', updateError.message); // Don't fail the login } // Set session req.session.authenticated = true; req.session.userId = user.ID || user.Id || user.id; req.session.userEmail = user.Email || user.email; req.session.userName = user.Name || user.name; req.session.isAdmin = user.Admin || user.admin || false; console.log('User logged in successfully:', { email: req.session.userEmail, isAdmin: req.session.isAdmin }); // Force session save req.session.save((err) => { if (err) { console.error('Session save error:', err); return res.status(500).json({ success: false, error: 'Session error. Please try again.' }); } res.json({ success: true, user: { id: req.session.userId, email: req.session.userEmail, name: req.session.userName, isAdmin: req.session.isAdmin } }); }); } catch (error) { console.error('Login error:', error); res.status(500).json({ success: false, error: 'Server error. Please try again later.' }); } } async logout(req, res) { try { const userEmail = req.session?.userEmail; req.session.destroy((err) => { if (err) { console.error('Session destroy error:', err); return res.status(500).json({ success: false, error: 'Logout failed' }); } console.log('User logged out:', userEmail); res.json({ success: true }); }); } catch (error) { console.error('Logout error:', error); res.status(500).json({ success: false, error: 'Server error during logout' }); } } async checkSession(req, res) { try { const isAuthenticated = (req.session && req.session.authenticated) || (req.session && req.session.userId && req.session.userEmail); if (isAuthenticated) { res.json({ authenticated: true, user: { id: req.session.userId, email: req.session.userEmail, name: req.session.userName, isAdmin: req.session.isAdmin } }); } else { res.json({ authenticated: false }); } } catch (error) { console.error('Session check error:', error); res.status(500).json({ success: false, error: 'Session check failed' }); } } } module.exports = new AuthController();