diff --git a/backend/controller/customer.controller.js b/backend/controller/customer.controller.js index 73c25ceb..aa9b54d1 100644 --- a/backend/controller/customer.controller.js +++ b/backend/controller/customer.controller.js @@ -123,7 +123,6 @@ async function loginCustomer(req, res) { process.env.JWT_SECRET, { expiresIn: "1h" } // Expires in 1 hour ); - res.json({ message: "Login successful", token, diff --git a/backend/middlewares/authCustomer.js b/backend/middlewares/authCustomer.js index eb175092..69d10322 100644 --- a/backend/middlewares/authCustomer.js +++ b/backend/middlewares/authCustomer.js @@ -1,24 +1,42 @@ const jwt = require("jsonwebtoken"); const logger = require("../config/logger"); const config = require("../config/secret"); +const Customer = require("../models/customer.model"); + // Assuming the Customer model is located here -const authenticateCustomer = (req, res, next) => { +const authenticateCustomer = async (req, res, next) => { const token = req.header("Authorization")?.split(" ")[1]; // Expecting "Bearer " - if (token) { - jwt.verify(token, config.JWT_SECRET, (err, user) => { - if (err) { - if (err.name === "TokenExpiredError") { - return res.status(401).json({ message: "Token expired" }); - } - return res.status(403).json({ message: "Invalid token" }); - } - req.user = user; - logger.info(`Customer authenticated: ${JSON.stringify(user.username)}`); - next(); - }); - } else { - res.sendStatus(401); // Unauthorized + if (!token) { + return res.status(401).json({ message: "Authorization token is missing" }); + } + + try { + // Verify token + const decoded = jwt.verify(token, config.JWT_SECRET); + + // Retrieve user from database to check verification status + const user = await Customer.findById(decoded.sub); + + if (!user) { + return res.status(404).json({ message: "User not found" }); + } + + if (!user.isVerified) { + return res.status(403).json({ message: "Account not verified" }); + } + + // If verified, attach user to request and proceed + req.user = user; + logger.info(`Customer authenticated: ${user.name}`); + next(); + + } catch (err) { + if (err.name === "TokenExpiredError") { + return res.status(401).json({ message: "Token expired" }); + } + logger.error("Token verification failed:", err); + return res.status(403).json({ message: "Invalid token" }); } }; diff --git a/backend/routes/eventRouter.js b/backend/routes/eventRouter.js index 7cdcece4..1cd9d773 100644 --- a/backend/routes/eventRouter.js +++ b/backend/routes/eventRouter.js @@ -5,6 +5,7 @@ const { getEvents, deleteEvent, } = require("../controller/event.controller"); +const authenticateCustomer = require("../middlewares/authCustomer"); const router = express.Router(); @@ -24,8 +25,8 @@ router.get("/", async (req, res) => { res.status(500).json({ error: "Internal server error" }); } }); -router.post("/create", createEvent); -router.get("/all", getEvents); -router.get("/delete", deleteEvent); +router.post("/create",authenticateCustomer, createEvent); +router.get("/all",authenticateCustomer, getEvents); +router.get("/delete",authenticateCustomer, deleteEvent); module.exports = router; diff --git a/frontend/src/components/Pages/Event.jsx b/frontend/src/components/Pages/Event.jsx index d60a3fc7..db47e4d7 100644 --- a/frontend/src/components/Pages/Event.jsx +++ b/frontend/src/components/Pages/Event.jsx @@ -14,6 +14,8 @@ import game from '../../assets/Boardgames/carrom.gif'; import spin from '../../assets/Boardgames/spin.gif'; import MainHOC from '../MainHOC'; const daysOfWeek = ['Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat']; +import { useNavigate } from 'react-router-dom'; +import Cookies from 'js-cookie'; const months = [ 'January', 'February', @@ -31,6 +33,18 @@ const months = [ function Event() { const [events, setEvents] = useState([]); const [error, setError] = useState(null); + const navigate = useNavigate(); + + + + const handleRegisterClick = () => { + const isAuthenticated = Boolean(Cookies.get('authToken')); + + if (!isAuthenticated) { + alert("Please sign in to register for the event."); + navigate('/login'); + } + }; useEffect(() => { const fetchData = async () => { try { @@ -183,7 +197,7 @@ function Event() { ))}
-