CRYPTOcoderAS
diff --git a/‎controllers/loanController.js
Lines changed: 10 additions & 2 deletions b/‎controllers/loanController.js
Lines changed: 10 additions & 2 deletions
diff --git a/‎controllers/userController.js
Lines changed: 20 additions & 4 deletions b/‎controllers/userController.js
Lines changed: 20 additions & 4 deletions
diff --git a/‎utils/validations.js
Lines changed: 96 additions & 0 deletions b/‎utils/validations.js
Lines changed: 96 additions & 0 deletions
@@ -1,9 +1,18 @@
 const Loan = require('../models/Loan');
+const { validateLoanData, validateObjectId } = require('../utils/validations');
 const { calculateEMISchedule } = require('../utils/loanCalculations');
-const { createCsvStringifier } = require('csv-writer');
 
 exports.createLoan = async (req, res) => {
   try {
+    const validationError = validateLoanData(req.body);
+    if (validationError) {
+      return res.status(400).json({ error: validationError });
+    }
+
+    if (!validateObjectId(req.body.userId)) {
+      return res.status(400).json({ error: 'Invalid user ID format' });
+    }
+
     const { userId, disbursementDate, amount, interestRate, tenure } = req.body;
     const emiSchedule = calculateEMISchedule(amount, interestRate, tenure, disbursementDate);
 
@@ -29,7 +38,6 @@ exports.createLoan = async (req, res) => {
     res.status(500).json({ error: 'Server error' });
   }
 };
-
 exports.getLoanLedger = async (req, res) => {
   try {
     const loan = await Loan.findById(req.params.id).populate('userId');
 
@@ -1,24 +1,40 @@
 const User = require('../models/User');
+const { validateUserData, validateObjectId } = require('../utils/validations');
 
 exports.createUser = async (req, res) => {
   try {
+    const validationError = validateUserData(req.body);
+    if (validationError) {
+      return res.status(400).json({ error: validationError });
+    }
+
     const user = new User(req.body);
     await user.save();
     res.status(201).json(user);
   } catch (error) {
     if (error.code === 11000) {
-      return res.status(400).json({ error: 'Duplicate entry found' });
+      return res.status(400).json({ 
+        error: 'Duplicate entry found. PAN, Aadhaar, GSTIN, or UDYAM already exists.' 
+      });
     }
     res.status(500).json({ error: 'Server error' });
   }
 };
 
 exports.getUser = async (req, res) => {
   try {
-    const user = await User.findById(req.params.id);
-    if (!user) return res.status(404).json({ error: 'User not found' });
+    const { id } = req.params;
+    
+    if (!validateObjectId(id)) {
+      return res.status(400).json({ error: 'Invalid user ID format' });
+    }
+
+    const user = await User.findById(id);
+    if (!user) {
+      return res.status(404).json({ error: 'User not found' });
+    }
     res.json(user);
   } catch (error) {
     res.status(500).json({ error: 'Server error' });
   }
-}; 
+};
@@ -0,0 +1,96 @@
+const validatePAN = (pan) => {
+    const panRegex = /^[A-Z]{5}[0-9]{4}[A-Z]{1}$/;
+    return panRegex.test(pan);
+  };
+  
+  const validateAadhaar = (aadhaar) => {
+    const aadhaarRegex = /^\d{12}$/;
+    return aadhaarRegex.test(aadhaar);
+  };
+  
+  const validateGSTIN = (gstin) => {
+    const gstinRegex = /^[0-9]{2}[A-Z]{5}[0-9]{4}[A-Z]{1}[1-9A-Z]{1}Z[0-9A-Z]{1}$/;
+    return gstinRegex.test(gstin);
+  };
+  
+  const validateUDYAM = (udyam) => {
+    const udyamRegex = /^UDYAM-[A-Z]{2}-\d{2}-\d{7}$/;
+    return udyamRegex.test(udyam);
+  };
+  
+  const validateAge = (dob) => {
+    const today = new Date();
+    const birthDate = new Date(dob);
+    let age = today.getFullYear() - birthDate.getFullYear();
+    const monthDiff = today.getMonth() - birthDate.getMonth();
+    
+    if (monthDiff < 0 || (monthDiff === 0 && today.getDate() < birthDate.getDate())) {
+      age--;
+    }
+    
+    return age >= 18;
+  };
+  
+  exports.validateUserData = (userData) => {
+    const { name, dob, pan, aadhaar, gstin, udyam } = userData;
+  
+    if (!name || name.trim().length < 2) {
+      return 'Name must be at least 2 characters long';
+    }
+  
+    if (!dob || !validateAge(dob)) {
+      return 'User must be at least 18 years old';
+    }
+  
+    if (!pan || !validatePAN(pan)) {
+      return 'Invalid PAN format. Should be like ABCDE1234F';
+    }
+  
+    if (!aadhaar || !validateAadhaar(aadhaar)) {
+      return 'Invalid Aadhaar format. Should be 12 digits';
+    }
+  
+    if (!gstin || !validateGSTIN(gstin)) {
+      return 'Invalid GSTIN format. Should be like 27AAPFU0939F1ZV';
+    }
+  
+    if (!udyam || !validateUDYAM(udyam)) {
+      return 'Invalid UDYAM format. Should be like UDYAM-MH-02-0000001';
+    }
+  
+    return null; 
+  };
+  
+  exports.validateLoanData = (loanData) => {
+    const { amount, interestRate, tenure, disbursementDate } = loanData;
+  
+    if (!amount || amount <= 0) {
+      return 'Loan amount must be greater than 0';
+    }
+  
+    if (!interestRate || interestRate <= 0 || interestRate > 100) {
+      return 'Interest rate must be between 0 and 100';
+    }
+  
+    if (!tenure || tenure <= 0) {
+      return 'Tenure must be greater than 0';
+    }
+  
+    if (!disbursementDate) {
+      return 'Disbursement date is required';
+    }
+  
+    const disbursementDateTime = new Date(disbursementDate).getTime();
+    const today = new Date().getTime();
+  
+    if (isNaN(disbursementDateTime) || disbursementDateTime < today) {
+      return 'Disbursement date must be today or a future date';
+    }
+  
+    return null; 
+  };
+  
+  exports.validateObjectId = (id) => {
+    const objectIdRegex = /^[0-9a-fA-F]{24}$/;
+    return objectIdRegex.test(id);
+  };