expressCart/routes/order.js

285 lines
8.9 KiB
JavaScript

const express = require('express');
const {
clearSessionValue,
emptyCart,
getCountryList,
getId,
sendEmail,
getEmailTemplate,
clearCustomer
} = require('../lib/common');
const { restrict, checkAccess } = require('../lib/auth');
const { indexOrders } = require('../lib/indexing');
const router = express.Router();
// Show orders
router.get('/admin/orders', restrict, async (req, res, next) => {
const db = req.app.db;
// Top 10 products
const orders = await db.orders.find({}).sort({ orderDate: -1 }).limit(10).toArray();
// If API request, return json
if(req.apiAuthenticated){
res.status(200).json({
orders
});
return;
}
res.render('orders', {
title: 'Cart',
orders: orders,
admin: true,
config: req.app.config,
session: req.session,
message: clearSessionValue(req.session, 'message'),
messageType: clearSessionValue(req.session, 'messageType'),
helpers: req.handlebars.helpers
});
});
// Admin section
router.get('/admin/orders/bystatus/:orderstatus', restrict, async (req, res, next) => {
const db = req.app.db;
if(typeof req.params.orderstatus === 'undefined'){
res.redirect('/admin/orders');
return;
}
// case insensitive search
const regex = new RegExp(['^', req.params.orderstatus, '$'].join(''), 'i');
const orders = await db.orders.find({ orderStatus: regex }).sort({ orderDate: -1 }).limit(10).toArray();
// If API request, return json
if(req.apiAuthenticated){
res.status(200).json({
orders
});
return;
}
res.render('orders', {
title: 'Cart',
orders: orders,
admin: true,
filteredOrders: true,
filteredStatus: req.params.orderstatus,
config: req.app.config,
session: req.session,
message: clearSessionValue(req.session, 'message'),
messageType: clearSessionValue(req.session, 'messageType'),
helpers: req.handlebars.helpers
});
});
// render the editor
router.get('/admin/order/view/:id', restrict, async (req, res) => {
const db = req.app.db;
const order = await db.orders.findOne({ _id: getId(req.params.id) });
res.render('order', {
title: 'View order',
result: order,
config: req.app.config,
session: req.session,
message: clearSessionValue(req.session, 'message'),
messageType: clearSessionValue(req.session, 'messageType'),
editor: true,
admin: true,
helpers: req.handlebars.helpers
});
});
// render the editor
router.get('/admin/order/create', restrict, async (req, res) => {
res.render('order-create', {
title: 'Create order',
config: req.app.config,
session: req.session,
message: clearSessionValue(req.session, 'message'),
messageType: clearSessionValue(req.session, 'messageType'),
countryList: getCountryList(),
editor: true,
admin: true,
helpers: req.handlebars.helpers
});
});
router.post('/admin/order/create', async (req, res, next) => {
const db = req.app.db;
const config = req.app.config;
// Check if cart is empty
if(!req.session.cart){
res.status(400).json({
message: 'The cart is empty. You will need to add items to the cart first.'
});
}
const orderDoc = {
orderPaymentId: getId(),
orderPaymentGateway: 'Instore',
orderPaymentMessage: 'Your payment was successfully completed',
orderTotal: req.session.totalCartAmount,
orderShipping: req.session.totalCartShipping,
orderItemCount: req.session.totalCartItems,
orderProductCount: req.session.totalCartProducts,
orderEmail: req.body.email || req.session.customerEmail,
orderFirstname: req.body.firstName || req.session.customerFirstname,
orderLastname: req.body.lastName || req.session.customerLastname,
orderAddr1: req.body.address1 || req.session.customerAddress1,
orderAddr2: req.body.address2 || req.session.customerAddress2,
orderCountry: req.body.country || req.session.customerCountry,
orderState: req.body.state || req.session.customerState,
orderPostcode: req.body.postcode || req.session.customerPostcode,
orderPhoneNumber: req.body.phone || req.session.customerPhone,
orderComment: req.body.orderComment || req.session.orderComment,
orderStatus: req.body.orderStatus,
orderDate: new Date(),
orderProducts: req.session.cart,
orderType: 'Single'
};
// insert order into DB
try{
const newDoc = await db.orders.insertOne(orderDoc);
// get the new ID
const orderId = newDoc.insertedId;
// add to lunr index
indexOrders(req.app)
.then(() => {
// set the results
req.session.messageType = 'success';
req.session.message = 'Your order was successfully placed. Payment for your order will be completed instore.';
req.session.paymentEmailAddr = newDoc.ops[0].orderEmail;
req.session.paymentApproved = true;
req.session.paymentDetails = `<p><strong>Order ID: </strong>${orderId}</p>
<p><strong>Transaction ID: </strong>${orderDoc.orderPaymentId}</p>`;
// set payment results for email
const paymentResults = {
message: req.session.message,
messageType: req.session.messageType,
paymentEmailAddr: req.session.paymentEmailAddr,
paymentApproved: true,
paymentDetails: req.session.paymentDetails
};
// clear the cart
if(req.session.cart){
emptyCart(req, res, 'function');
}
// Clear customer session
clearCustomer(req);
// send the email with the response
// TODO: Should fix this to properly handle result
sendEmail(req.session.paymentEmailAddr, `Your order with ${config.cartTitle}`, getEmailTemplate(paymentResults));
// redirect to outcome
res.status(200).json({
message: 'Order created successfully',
orderId
});
});
}catch(ex){
res.status(400).json({ err: 'Your order declined. Please try again' });
}
});
// Admin section
router.get('/admin/orders/filter/:search', restrict, async (req, res, next) => {
const db = req.app.db;
const searchTerm = req.params.search;
const ordersIndex = req.app.ordersIndex;
const lunrIdArray = [];
ordersIndex.search(searchTerm).forEach((id) => {
lunrIdArray.push(getId(id.ref));
});
// we search on the lunr indexes
const orders = await db.orders.find({ _id: { $in: lunrIdArray } }).toArray();
// If API request, return json
if(req.apiAuthenticated){
res.status(200).json({
orders
});
return;
}
res.render('orders', {
title: 'Order results',
orders: orders,
admin: true,
config: req.app.config,
session: req.session,
searchTerm: searchTerm,
message: clearSessionValue(req.session, 'message'),
messageType: clearSessionValue(req.session, 'messageType'),
helpers: req.handlebars.helpers
});
});
// order product
router.get('/admin/order/delete/:id', restrict, async(req, res) => {
const db = req.app.db;
// remove the order
try{
await db.orders.deleteOne({ _id: getId(req.params.id) });
// remove the index
indexOrders(req.app)
.then(() => {
if(req.apiAuthenticated){
res.status(200).json({
message: 'Order successfully deleted'
});
return;
}
// redirect home
req.session.message = 'Order successfully deleted';
req.session.messageType = 'success';
res.redirect('/admin/orders');
});
}catch(ex){
console.log('Cannot delete order', ex);
if(req.apiAuthenticated){
res.status(200).json({
message: 'Error deleting order'
});
return;
}
// redirect home
req.session.message = 'Error deleting order';
req.session.messageType = 'danger';
res.redirect('/admin/orders');
}
});
// update order status
router.post('/admin/order/statusupdate', restrict, checkAccess, async (req, res) => {
const db = req.app.db;
try{
await db.orders.updateOne({
_id: getId(req.body.order_id) },
{ $set: { orderStatus: req.body.status }
}, { multi: false });
return res.status(200).json({ message: 'Status successfully updated' });
}catch(ex){
console.info('Error updating status', ex);
return res.status(400).json({ message: 'Failed to update the order status' });
}
});
module.exports = router;