diff --git a/serverless/functions/operator.yml b/serverless/functions/operator.yml index d3f5cce..203fcf2 100644 --- a/serverless/functions/operator.yml +++ b/serverless/functions/operator.yml @@ -71,3 +71,20 @@ operatorLogin: - httpApi: path: /login method: post + +operatorVerifyPassword: + handler: src/modules/host/handlers/operator/verifyPassword.handler + memorySize: 384 + package: + patterns: + - 'src/modules/host/handlers/operator/**' + - 'src/modules/host/services/operatorAuth.service.ts' + - 'src/common/**' + - ${file(./serverless/patterns/base.yml):pattern1} + - ${file(./serverless/patterns/base.yml):pattern2} + - ${file(./serverless/patterns/base.yml):pattern3} + - ${file(./serverless/patterns/base.yml):pattern4} + events: + - httpApi: + path: /verify-password + method: post diff --git a/src/modules/host/handlers/operator/verifyPassword.ts b/src/modules/host/handlers/operator/verifyPassword.ts new file mode 100644 index 0000000..e8786bd --- /dev/null +++ b/src/modules/host/handlers/operator/verifyPassword.ts @@ -0,0 +1,44 @@ +import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda'; +import { prismaClient } from '../../../../common/database/prisma.lambda.service'; +import { safeHandler } from '../../../../common/utils/handlers/safeHandler'; +import ApiError from '../../../../common/utils/helper/ApiError'; +import { OperatorAuthService } from '../../services/operatorAuth.service'; + +const operatorAuthService = new OperatorAuthService(prismaClient); + +export const handler = safeHandler(async ( + event: APIGatewayProxyEvent, + context?: Context, +): Promise => { + let body: { emailAddress?: string; userPassword?: string }; + + try { + body = event.body ? JSON.parse(event.body) : {}; + } catch (error) { + throw new ApiError(400, 'Invalid JSON in request body'); + } + + const { emailAddress, userPassword } = body; + + if (!emailAddress || !userPassword) { + throw new ApiError(400, 'Email and password are required'); + } + + const isPasswordValid = await operatorAuthService.verifyPasswordForOperator( + emailAddress.trim().toLowerCase(), + userPassword, + ); + + return { + statusCode: 200, + headers: { + 'Content-Type': 'application/json', + 'Access-Control-Allow-Origin': '*', + }, + body: JSON.stringify({ + success: true, + message: isPasswordValid ? 'Password is valid' : 'Password is invalid', + data: { isValid: isPasswordValid }, + }), + }; +}); \ No newline at end of file diff --git a/src/modules/host/services/operatorAuth.service.ts b/src/modules/host/services/operatorAuth.service.ts index 7b097a2..15ebc34 100644 --- a/src/modules/host/services/operatorAuth.service.ts +++ b/src/modules/host/services/operatorAuth.service.ts @@ -1,9 +1,9 @@ import { Injectable } from '@nestjs/common'; import { PrismaClient } from '@prisma/client'; import * as bcrypt from 'bcryptjs'; +import { ROLE, USER_STATUS } from '../../../common/utils/constants/common.constant'; import ApiError from '../../../common/utils/helper/ApiError'; import { OtpGeneratorSixDigit } from '../../../common/utils/helper/OtpGenerator'; -import { ROLE, USER_STATUS } from '../../../common/utils/constants/common.constant'; type OperatorSignupInput = { firstName?: string; @@ -257,4 +257,30 @@ export class OperatorAuthService { return existingOperator; } + + async verifyPasswordForOperator(emailAddress: string, userPassword: string) { + const existingOperator = await this.prisma.user.findFirst({ + where: { + emailAddress, + roleXid: ROLE.OPERATOR, + isActive: true, + userStatus: USER_STATUS.ACTIVE, + }, + select: { + id: true, + userPassword: true, + }, + }); + + if (!existingOperator) { + throw new ApiError(404, 'Operator not found'); + } + + const isPasswordMatched = await bcrypt.compare( + userPassword, + existingOperator.userPassword || '', + ); + + return isPasswordMatched; + } }