surya/freeplanet_serverside
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Richiesta Cambio Password: ti manda il codice a 6 cifre e poterlo inserire sulla APP.

Browse Source
This commit is contained in:
Surya Paolo
2022-12-11 18:04:02 +01:00
parent 3eef70f3f3
commit 1d7a98fc3f
4 changed files with 102 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
emails/resetpwd/it/html.pug
View File

@@ -3,8 +3,24 @@ p #{nomeapp} recentemente ha ricevuto una richiesta per una password dimenticata
p Per cambiare la tua password di #{nomeapp} p Per cambiare la tua password di #{nomeapp}
p <a href=#{strlinksetpassword} target="_blank">Clicca QUI</a> p <a href=#{strlinksetpassword} target="_blank">Clicca QUI</a>
p Se non sei stato tu a richiedere questo cambiamento, non hai bisogno di fare niente. span Oppure inserisci il codice
span.grande #{tokenforgot_code}
span sulla APP
p
p P.S: Se non sei stato tu a richiedere questo cambiamento, non hai bisogno di fare niente.
p Questo link scadrà tra 4 ore.<br> p Questo link scadrà tra 4 ore.<br>
p Cordiali Saluti p Cordiali Saluti
p Supporto #{nomeapp} p Supporto #{nomeapp}
style(type="text/css").
html, body {
padding: 0;
margin: 0;
}
.grande {
font-size: 1.25rem;
font-weight: bold;
}

46
src/server/models/user.js
View File

@@ -139,6 +139,10 @@ const UserSchema = new mongoose.Schema({
tokenforgot_code: { tokenforgot_code: {
type: String, type: String,
}, },
retry_pwd: {
type: Number,
default: 0,
},
date_tokenreg: { date_tokenreg: {
type: Date, type: Date,
}, },
@@ -1178,14 +1182,26 @@ UserSchema.statics.findByLinkTokenforgotCode = function (idapp, email, tokenforg
}); });
}; };
UserSchema.statics.createNewRequestPwd = function (idapp, email) { UserSchema.statics.createNewRequestPwd = function (idapp, email, code) {
const User = this; const User = this;
const sendemail = require('../sendemail'); const sendemail = require('../sendemail');
if (code && code.length === 6) {
return User.findByLinkTokenforgotCode(idapp, email, code)
.then((user) => {
if (user)
return { ris: true, link: tools.getlinkRelativeRequestNewPassword(idapp, email, user.tokenforgot) };
else
return { ris: false };
}).catch((e) => {
console.log(' Err createNewRequestPwd', e.message);
res.status(400).send();
});
} else {
return User.findByEmail(idapp, email).then(async (user) => { return User.findByEmail(idapp, email).then(async (user) => {
if (!user) { if (!user) {
return false; return { ris: false };
} else { } else {
// Creo il tokenforgot // Creo il tokenforgot
user.tokenforgot = jwt.sign(user._id.toHexString(), process.env.SIGNCODE). user.tokenforgot = jwt.sign(user._id.toHexString(), process.env.SIGNCODE).
@@ -1196,11 +1212,12 @@ UserSchema.statics.createNewRequestPwd = function (idapp, email) {
return await user.save().then(async () => { return await user.save().then(async () => {
await sendemail.sendEmail_RequestNewPassword(user.lang, user, user.email, user.idapp, user.tokenforgot, user.tokenforgot_code); await sendemail.sendEmail_RequestNewPassword(user.lang, user, user.email, user.idapp, user.tokenforgot, user.tokenforgot_code);
return true; return { ris: true };
}); });
} }
}); });
}
}; };
UserSchema.statics.createNewRequestPwdByUsernameAndGetLink = async function (idapp, username) { UserSchema.statics.createNewRequestPwdByUsernameAndGetLink = async function (idapp, username) {
@@ -1436,7 +1453,7 @@ UserSchema.statics.getUserById = function (idapp, id) {
UserSchema.statics.getUserByUsername = function (idapp, username) { UserSchema.statics.getUserByUsername = function (idapp, username) {
const User = this; const User = this;
return User.findOne({ return User.findne({
idapp, idapp,
username, username,
$or: [{ deleted: { $exists: false } }, { deleted: { $exists: true, $eq: false } }], $or: [{ deleted: { $exists: false } }, { deleted: { $exists: true, $eq: false } }],
@@ -3715,7 +3732,7 @@ UserSchema.statics.getQueryUsersDiffusori = function (idapp) {
{ {
$replaceRoot: { $replaceRoot: {
newRoot: { newRoot: {
$mergeObjects: [ "$user", "$$ROOT" ], $mergeObjects: ["$user", "$$ROOT"],
}, },
}, },
}, },
@@ -4211,6 +4228,25 @@ UserSchema.statics.calcOtherByUser = async function (idapp, userId) {
}; };
UserSchema.statics.tooManyReqPassword = async function (idapp, email, set) {
const User = this;
const maxnum = 30;
const user = await User.findByEmail(idapp, email);
if (user) {
if (!user.retry_pwd)
user.retry_pwd = 0
if (set && user.retry_pwd <= maxnum) {
user.retry_pwd++;
await User.findOneAndUpdate({ _id: user._id }, { $set: { retry_pwd: user.retry_pwd } });
}
return user.retry_pwd > maxnum ;
}
};
UserSchema.statics.createNewSubRecord = async function (idapp, req) { UserSchema.statics.createNewSubRecord = async function (idapp, req) {
const User = this; const User = this;

24
src/server/router/index_router.js
View File

@@ -135,26 +135,34 @@ router.post(process.env.LINKVERIF_REG, (req, res) => {
// Faccio richiesta di una Nuova Password // Faccio richiesta di una Nuova Password
router.post(process.env.LINK_REQUEST_NEWPASSWORD, async (req, res) => { router.post(process.env.LINK_REQUEST_NEWPASSWORD, async (req, res) => {
const body = _.pick(req.body, ['idapp', 'email']);
try {
const body = _.pick(req.body, ['idapp', 'email', 'codetocheck']);
const idapp = body.idapp; const idapp = body.idapp;
const email = body.email.toLowerCase().trim(); const email = body.email.toLowerCase().trim();
const codetocheck = body.codetocheck ? body.codetocheck.trim() : '';
// Check if too many requests
if (await User.tooManyReqPassword(idapp, email, true)) {
console.log(process.env.LINK_REQUEST_NEWPASSWORD, 'TOO MANY REQUESTS !!! EXIT ', email);
res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: 'TOO MANY REQUESTS' });
return false;
}
console.log( console.log(
'POST ' + process.env.LINK_REQUEST_NEWPASSWORD + ' idapp= ' + idapp + 'POST ' + process.env.LINK_REQUEST_NEWPASSWORD + ' idapp= ' + idapp +
' email = ' + email); ' email = ' + email);
try { const reqpwd = await User.createNewRequestPwd(idapp, email, codetocheck);
const ris = await User.createNewRequestPwd(idapp, email); if (reqpwd && reqpwd.ris) {
if (ris) { res.send({ code: server_constants.RIS_CODE_OK, msg: '', link: reqpwd.link });
res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
} else { } else {
tools.snooze(5000);
return res.status(200). return res.status(200).
send({ code: server_constants.RIS_CODE_EMAIL_NOT_EXIST, msg: '' }); send({ code: server_constants.RIS_CODE_EMAIL_NOT_EXIST, msg: '' });
} }
} catch (e) { } catch (e) {
console.log(process.env.LINK_REQUEST_NEWPASSWORD, e.message); console.log(process.env.LINK_REQUEST_NEWPASSWORD, e.message);
res.status(400).send(); res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: e });
res.send({ code: server_constants.RIS_CODE_ERR, msg: e });
} }
}); });

9
src/server/tools/general.js
View File

@@ -3308,12 +3308,17 @@ module.exports = {
return msg; return msg;
}, },
getlinkRequestNewPassword: function(idapp, email, tokenforgot) { getlinkRelativeRequestNewPassword: function(idapp, email, tokenforgot) {
const strlinkreg = this.getHostByIdApp(idapp) + process.env.LINK_UPDATE_PASSWORD + const strlinkreg = process.env.LINK_UPDATE_PASSWORD +
`?idapp=${idapp}&email=${email}&tokenforgot=${tokenforgot}`; `?idapp=${idapp}&email=${email}&tokenforgot=${tokenforgot}`;
return strlinkreg; return strlinkreg;
}, },
getlinkRequestNewPassword: function(idapp, email, tokenforgot) {
const strlinkreg = this.getHostByIdApp(idapp) + this.getlinkRelativeRequestNewPassword(idapp, email, tokenforgot);
return strlinkreg;
},
execScript: function(idapp, msg, script, testo) { execScript: function(idapp, msg, script, testo) {
const {exec} = require('child_process'); const {exec} = require('child_process');
const telegrambot = require('../telegram/telegrambot'); const telegrambot = require('../telegram/telegrambot');