Add Dark Mode, Password Hashing for better security , Settings Page, Policy PDF in Policy section,UI Changes

backend/src/controllers/generalControllers.js

@@ -4,6 +4,7 @@ import {
   applicantDesignations,
   validatorDesignations,
 } from "../config/designations.js";
+import bcrypt from "bcryptjs";
 
 const dataRoot = async (req, res) => {
   try {
@@ -98,7 +99,12 @@ const getApplicationsByStatus = async (req, res) => {
         }),
         ...(status === "ACCEPTED" && {
           AND: [
-            { OR: [{ facultyValidation: "ACCEPTED" }, { facultyValidation: null }] },
+            {
+              OR: [
+                { facultyValidation: "ACCEPTED" },
+                { facultyValidation: null },
+              ],
+            },
             { OR: [{ hodValidation: "ACCEPTED" }, { hodValidation: null }] },
             { OR: [{ hoiValidation: "ACCEPTED" }, { hoiValidation: null }] },
             { OR: [{ vcValidation: "ACCEPTED" }, { vcValidation: null }] },
@@ -185,15 +191,18 @@ const getApplicationsByStatus = async (req, res) => {
     }
 
     // Format response with selected fields
-    const responseApplications = applications.map((application) => ({
-      applicationId: application.applicationId,
-      applicantName: application.applicantName,
-      formData: {
-        eventName: application.formData.eventName,
-        applicantDepartment: application.formData.applicantDepartment,
-      },
-      createdAt: application.createdAt,
-    }));
+    const responseApplications = applications.map((application) => {
+      const parsedFormData = JSON.parse(application.formData);
+      return {
+        applicationId: application.applicationId,
+        applicantName: application.applicantName,
+        formData: {
+          eventName: parsedFormData.eventName,
+          applicantDepartment: parsedFormData.applicantDepartment,
+        },
+        createdAt: application.createdAt,
+      };
+    });
 
     return res.status(200).json({
       message: `${status} Applications Fetched Successfully`,
@@ -308,9 +317,14 @@ const getApplicationData = async (req, res) => {
     }
 
     // Respond with the full application data and current status
+    const parsedApplicationFull = {
+      ...applicationFull,
+      formData: JSON.parse(applicationFull.formData),
+    };
+
     return res.status(200).json({
       message: "Application data retrieved successfully",
-      data: { ...applicationFull, currentStatus },
+      data: { ...parsedApplicationFull, currentStatus },
     });
   } catch (error) {
     console.error("Error retrieving application data:", error);
@@ -436,4 +450,62 @@ const getFile = async (req, res) => {
   }
 };
 
-export { getApplicationData, getFile, dataRoot, getApplicationsByStatus };
+export {
+  getApplicationData,
+  getFile,
+  dataRoot,
+  getApplicationsByStatus,
+  changePassword,
+};
+
+const changePassword = async (req, res) => {
+  try {
+    const user = req.user;
+    const { oldPassword, newPassword } = req.body;
+
+    if (!user || !user.id) {
+      return res.status(401).json({ message: "Unauthorized" });
+    }
+
+    // Get the current user from DB to check password
+    const dbUser = await prisma.user.findUnique({
+      where: { profileId: user.id },
+    });
+
+    if (!dbUser) {
+      return res.status(404).json({ message: "User not found" });
+    }
+
+    let isPasswordCorrect = false;
+
+    // 1. Try bcrypt
+    try {
+      isPasswordCorrect = await bcrypt.compare(oldPassword, dbUser.password);
+    } catch (err) {
+      isPasswordCorrect = false;
+    }
+
+    // 2. Try plaintext (fallback)
+    if (!isPasswordCorrect && dbUser.password === oldPassword) {
+      isPasswordCorrect = true;
+    }
+
+    if (!isPasswordCorrect) {
+      return res.status(400).json({ message: "Incorrect old password" });
+    }
+
+    // Hash the new password
+    const salt = await bcrypt.genSalt(10);
+    const hashedPassword = await bcrypt.hash(newPassword, salt);
+
+    await prisma.user.update({
+      where: { profileId: user.id },
+      data: { password: hashedPassword },
+    });
+
+    return res.status(200).json({ message: "Password updated successfully" });
+  } catch (error) {
+    console.error(error);
+    return res.status(500).json({ message: "Internal Server Error" });
+  }
+};