marsalva/api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Actualizar server.js

Browse Source
This commit is contained in:
marsalva
2026-03-05 14:36:58 +00:00
parent f00b854959
commit 07883dc5dd
1 changed files with 48 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
server.js
View File

@@ -381,6 +381,54 @@ async function requirePlan(req, res, next, feature) {
// 🔐 RUTAS DE AUTENTICACIÓN (LOGIN) - RESTAURADAS // 🔐 RUTAS DE AUTENTICACIÓN (LOGIN) - RESTAURADAS
// ========================================== // ==========================================
app.post("/auth/login", async (req, res) => {
try {
const { identifier, password } = req.body;
if (!identifier || !password) return res.status(400).json({ ok: false, error: "Faltan datos" });
const identClean = identifier.replace(/\s+/g, '').trim();
// Buscamos al usuario por email o por teléfono (con o sin +34)
const q = await pool.query(
"SELECT * FROM users WHERE email = $1 OR phone LIKE $2 LIMIT 1",
[identClean, `%${identClean.replace('+34', '')}%`]
);
if (q.rowCount === 0) return res.status(401).json({ ok: false, error: "Usuario no encontrado" });
const user = q.rows[0];
if (user.status !== 'active') return res.status(403).json({ ok: false, error: "Tu cuenta está desactivada" });
const valid = await bcrypt.compare(password, user.password_hash);
if (!valid) return res.status(401).json({ ok: false, error: "Contraseña incorrecta" });
const token = signToken(user);
res.json({
ok: true,
token,
user: {
id: user.id,
name: user.full_name,
role: user.role,
accountId: user.owner_id || user.id
}
});
} catch (e) {
console.error("Error en login:", e);
res.status(500).json({ ok: false, error: "Error interno del servidor" });
}
});
app.get("/auth/me", authMiddleware, async (req, res) => {
try {
const q = await pool.query("SELECT id, full_name, email, phone, role, owner_id, status, company_slug, plan_tier FROM users WHERE id = $1", [req.user.sub]);
if (q.rowCount === 0) return res.status(404).json({ ok: false });
res.json({ ok: true, user: q.rows[0] });
} catch (e) {
res.status(500).json({ ok: false });
}
});
// ========================================== // ==========================================
// 🔗 PORTAL PÚBLICO DEL CLIENTE // 🔗 PORTAL PÚBLICO DEL CLIENTE
// ========================================== // ==========================================