api created for employees,authentication and attendance.

Learnings.md

@@ -0,0 +1,5 @@
+-->claudinary ,express-upload ,multer
+
+-->Make sure to include type:module
+
+-->correct file name extensions   i.e .js .ts etc

server/config/db.js

@@ -1,9 +1,9 @@
-import mongoose, { connect } from "mongoose";
+import mongoose from "mongoose";
 
 
 export const connectDb = async () => {
     try {
-        await mongoose.connect(MONGODB_URI);
+        await mongoose.connect(process.env.MONGODB_URI);
         console.log("connect to database")
     } catch (error) {
         console.log(error);

server/controllers/attendanceController.js

@@ -0,0 +1,113 @@
+import Attendance from "../models/Attendance.js";
+import { Employee } from "../models/Employee.js"
+
+
+//clock in/out for employee
+//POST api/attendance
+
+export const clockInOut = async (req, res) => {
+
+    try {
+        const session = req.session;
+
+        const employee = await Employee.findOne({ userId: session.userId });
+
+        if (!employee)
+            return res.status(404).json({ message: "Employee not found" })
+
+
+        if (employee.isDeleted)
+            return res.status(403).json({ message: "Your account id deactivated.You cannot clock in/out" });
+
+
+
+        const today = new Date();
+        today.setHours(0, 0, 0, 0);
+
+        const existing = await getAttendance.findOne({
+            employeeId: employee._id,
+            date: today
+        })
+
+        const now = new Date();
+
+        if (!existing) {
+            const isLate = now.getHours() >= 9 && now.getMinutes() > 0;
+
+            const attendance = await Attendance.create({
+                employeeId: employee._id,
+                date: today,
+                checkIn: now,
+                status: isLate ? "LATE" : "PRESENT",
+            })
+
+            return res.json({
+                success: true,
+                type: "CHECK_IN",
+                data: attendance
+            });
+        } else if (!existing.checkOut) {
+            const checkInTime = new Date(existing.checkIn).getTime()
+            const diffMs = now.getTime() - checkInTime;
+            const diffHours = diffMs / (1000 * 60 * 60);
+
+            existing.checkOut = now;
+
+            const workingHours = parseFloat(diffHours.toFixed(2));
+
+            let dayType = "Half Day";
+            if (workingHours >= 8)
+                dayType = "Full Day";
+            else if (workingHours >= 6)
+                dayType = "Three Quarter Day";
+            else if (workingHours >= 4)
+                dayType = "Half Day";
+            else
+                dayType = "Short Day";
+
+
+            await existing.save();
+            return res.json({
+                success: true,
+                type: "CHECK_OUT",
+                data: existing
+            })
+        } else {
+            return res.json({
+                success: true,
+                type: "CHECK_OUT",
+                data: existing
+            })
+        }
+    } catch (error) {
+        console.log(error);
+        console.error("Attendance Error:", error);
+        return res.status(500).json({ error: "Operation failed" });
+    }
+}
+
+
+//Get attendance for employee
+//GET /api/attendance
+
+export const getAttendance = async (req, res) => {
+    try {
+        const session = req.session;
+        const employee = await Employee.findOne({ userId: session.userId });
+
+        if (!employee)
+            return res.status(404).json({ message: "Employee not found" })
+
+        const limit = parseInt(req.query.limit || 30);
+        const history = await Attendance.find({ employeeId: employee._id }).sort({ date: -1 }).limit(limit)
+
+
+        return res.json({
+            data: history,
+            employee: { isDeleted: employee.isDeleted }
+        })
+
+    } catch (error) {
+        return res.status(500).json({ error: "Failed to Fetch Attendance" });
+    }
+}

server/controllers/authController.js

@@ -0,0 +1,103 @@
+import User from "../models/User";
+import bcrypt from "bcryptjs";
+import jwt from "jsonwebtoken";
+
+
+//Login for employee and admin
+//POST /api/auth/login
+
+export const login = async (req, res) => {
+    try {
+        const { email, password, role_type } = req.body;
+
+        if (!email || !password) {
+            return res.status(400).json({ message: "Please provide email and password" })
+        }
+
+        const user = await User.findOne({ email });
+
+        if (!user) {
+            return res.status(401).json({ message: "Invalid email or password" })
+        }
+
+        if (role_type === "admin" && user.role !== "ADMIN") {
+            return res.status(401).json({ message: "Not authorized as admin" })
+        }
+
+        if (role_type === "employee" && user.role !== "EMPLOYEE") {
+            return res.status(401).json({ message: "Not authorized as employee" })
+        }
+
+        const isValid = await bcrypt.compare(password, user.password);
+
+        if (!isValid) {
+            return res.status(401).json({ message: "Invalid email or password" })
+        }
+
+
+        const payload = {
+            userId: user._id.toString(),
+            role: user.role,
+            email: user.email,
+        }
+
+        const token = jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: "7d" });
+
+        return res.json({ user: payload, token })
+    } catch (err) {
+        console.log("Login Error:", err);
+        return res.status(500).json({ message: "Failed to login" });
+    }
+}
+
+
+//Get session for employee and admin
+//GET /api/auth/session
+
+
+export const session = (req, res) => {
+    const session = req.session;
+
+    if (!req.session) return res.status(401).json({ message: "No session" });
+
+    return res.json({ user: session });
+}
+
+
+//change password for employee and admin
+//POST /api/auth/change-password
+
+export const changePassword = async (req, res) => {
+    try {
+        const userSession = req.session;
+        const { currentPassword, newPassword } = req.body;
+
+        if (!userSession || !userSession.userId)
+            return res.status(401).json({ message: "Unauthorized" });
+
+
+        if (!currentPassword || !newPassword)
+            return res.status(400).json({ message: "Both passwords field required" })
+
+        const user = await User.findById(userSession.userId);
+
+        if (!user)
+            return res.status(404).json({ error: "User not found" });
+
+
+        const isValid = await bcrypt.compare(currentPassword, user.password);
+
+        if (!isValid)
+            return res.status(400).json({ error: "Current password is incorrect" });
+
+        const hashed = await bcrypt.hash(newPassword, 10);
+
+        await User.findByIdAndUpdate(userSession.userId, { password: hashed });
+
+
+        return res.json({ success: true })
+
+    } catch (error) {
+        return res.status(500).json({ error: "Failed to change password" })
+    }
+}