From 8e5e7addb7d3c02bdb00a1c5d78a497afffa8ee5 Mon Sep 17 00:00:00 2001 From: Paolo Arena Date: Tue, 5 Feb 2019 03:40:22 +0100 Subject: [PATCH] - PUSH Notification --- .env.production | 2 + package.json | 5 +- server/db/mongoose.js | 2 + server/middleware/authenticate.js | 2 +- server/models/subscribers.js | 22 +++ server/models/todo.js | 91 ++++++++- server/models/user.js | 10 +- server/router/email.js | 17 ++ server/router/index.js | 99 ++++++++++ server/router/push.js | 81 ++++++++ server/router/subscribe.js | 49 +++++ server/router/todos.js | 116 ++++++++++++ server/router/users.js | 118 ++++++++++++ server/server.js | 304 ++++++++---------------------- 14 files changed, 677 insertions(+), 241 deletions(-) create mode 100644 server/models/subscribers.js create mode 100644 server/router/email.js create mode 100644 server/router/index.js create mode 100644 server/router/push.js create mode 100644 server/router/subscribe.js create mode 100644 server/router/todos.js create mode 100644 server/router/users.js diff --git a/.env.production b/.env.production index 8c58231..9d7f924 100644 --- a/.env.production +++ b/.env.production @@ -11,3 +11,5 @@ SEND_EMAIL="1" DEBUG=true PATH_CERT_KEY=/etc/letsencrypt/live/freeplanet.app/privkey.pem PATH_SERVER_CRT=/etc/letsencrypt/live/freeplanet.app/fullchain.pem +PUBLIC_VAPI_KEY=BGxRrFWnPoa_ImUaWXmeEOFVI9VNKVKaAPsvsM1XY6wn24yxp9MyOQ4crNYCJKxSXV65Y1GblW5_VLoamedcZ1I +PRIVATE_VAPI_KEY=aDtJfPsXTQgA1GiLAAhs1ilNCJWxncgO-p2b591L-9o diff --git a/package.json b/package.json index 45b1097..0b7c3a3 100644 --- a/package.json +++ b/package.json @@ -7,7 +7,8 @@ "start": "nodemon server/server.js", "test": "export NODE_ENV=development || SET NODE_ENV=development && mocha server/**/*.test.js", "start:prod": "NODE_ENV=production node server/server.js", - "test-watch": "nodemon --exec 'npm test'" + "test-watch": "nodemon --exec 'npm test'", + "startpush": "node server/webpush.js" }, "engines": { "node": "6.2.2" @@ -24,6 +25,7 @@ "email-templates": "^5.0.1", "express": "^4.14.0", "i18n": "^0.8.3", + "jade": "^1.11.0", "js-md5": "^0.7.3", "jsonwebtoken": "^7.1.9", "lodash": "^4.15.0", @@ -34,6 +36,7 @@ "preview-email": "0.0.8", "pug": "^2.0.3", "validator": "^5.6.0", + "web-push": "^3.3.3", "xoauth2": "^1.2.0" }, "devDependencies": { diff --git a/server/db/mongoose.js b/server/db/mongoose.js index 5187461..a72ea7c 100644 --- a/server/db/mongoose.js +++ b/server/db/mongoose.js @@ -1,6 +1,8 @@ var mongoose = require('mongoose'); mongoose.Promise = global.Promise; + +mongoose.level = "F"; mongoose.connect(process.env.MONGODB_URI, { useMongoClient: true, promiseLibrary: require('bluebird') }) .then(() => console.log('connection succesful ' + process.env.MONGODB_URI + ' db: ' + process.env.DATABASE) diff --git a/server/middleware/authenticate.js b/server/middleware/authenticate.js index 26bf3a6..d767f72 100644 --- a/server/middleware/authenticate.js +++ b/server/middleware/authenticate.js @@ -1,4 +1,4 @@ -var {User} = require('./../models/user'); +var {User} = require('../models/user'); var authenticate = (req, res, next) => { var token = req.header('x-auth'); diff --git a/server/models/subscribers.js b/server/models/subscribers.js new file mode 100644 index 0000000..4048834 --- /dev/null +++ b/server/models/subscribers.js @@ -0,0 +1,22 @@ +const mongoose = require('mongoose'); +const Schema = mongoose.Schema; + +mongoose.Promise = global.Promise; +mongoose.level = "F"; + +// Resolving error Unknown modifier: $pushAll +mongoose.plugin(schema => { + schema.options.usePushEach = true +}); + + +const SubscriberSchema = new Schema({ + endpoint: String, + keys: Schema.Types.Mixed, + createDate: { + type: Date, + default: Date.now + } +}); + +mongoose.model('subscribers', SubscriberSchema); diff --git a/server/models/todo.js b/server/models/todo.js index 6f287a3..fe899f1 100644 --- a/server/models/todo.js +++ b/server/models/todo.js @@ -1,20 +1,93 @@ var mongoose = require('mongoose'); -var Todo = mongoose.model('Todo', { - text: { +const _ = require('lodash'); + + +mongoose.Promise = global.Promise; +mongoose.level = "F"; + +// Resolving error Unknown modifier: $pushAll +mongoose.plugin(schema => { + schema.options.usePushEach = true +}); + +mongoose.set('debug', process.env.DEBUG); + +var TodoSchema = new mongoose.Schema({ + userId: { type: String, - required: true, - minlength: 1, - trim: true + }, + pos: { + type: Number, + }, + category: { + type: String, + }, + descr: { + type: String, + }, + priority: { + type: Number, }, completed: { type: Boolean, default: false }, - completedAt: { + created_at: { + type: Date + }, + modify_at: { + type: Date + }, + completed_at: { + type: Date + }, + expiring_at: { + type: Date + }, + enableExpiring: { + type: Boolean, + default: false + }, + id_prev: { + type: String, + }, + id_next: { + type: String, + }, + progress: { type: Number, - default: null - } + }, + modified: { + type: Boolean, + }, }); -module.exports = {Todo}; +TodoSchema.methods.toJSON = function () { + var todo = this; + var todoObject = todo.toObject(); + + console.log(todoObject); + + return _.pick(todoObject, ['_id', 'userId', 'pos', 'category', 'descr', 'priority', 'completed', 'created_at', 'modify_at', + 'completed_at', 'expiring_at', 'enableExpiring', 'id_prev', 'id_next', 'progress', 'modified']); +}; + + +TodoSchema.statics.findAllByUserId = function (userId) { + var Todo = this; + + return Todo.find({ + 'userId': userId, + }); +}; + +TodoSchema.pre('save', function (next) { + next(); +}); + + +var Todo = mongoose.model('Todos', TodoSchema); + +module.exports = { Todo }; + diff --git a/server/models/user.js b/server/models/user.js index 9290e42..5a72bcd 100644 --- a/server/models/user.js +++ b/server/models/user.js @@ -1,16 +1,22 @@ var bcrypt = require('bcrypt'); - const mongoose = require('mongoose'); const validator = require('validator'); const jwt = require('jsonwebtoken'); const _ = require('lodash'); + +mongoose.Promise = global.Promise; + +mongoose.level = "F"; // Resolving error Unknown modifier: $pushAll mongoose.plugin(schema => { schema.options.usePushEach = true }); mongoose.set('debug', process.env.DEBUG); var UserSchema = new mongoose.Schema({ + userId: { + type: String, + }, email: { type: String, required: true, @@ -72,7 +78,7 @@ UserSchema.methods.toJSON = function () { var user = this; var userObject = user.toObject(); - return _.pick(userObject, ['_id', 'email', 'verified_email', 'username']); + return _.pick(userObject, ['_id', 'email', 'verified_email', 'username', 'userId']); }; UserSchema.methods.generateAuthToken = function () { diff --git a/server/router/email.js b/server/router/email.js new file mode 100644 index 0000000..b7d618d --- /dev/null +++ b/server/router/email.js @@ -0,0 +1,17 @@ +const express = require('express'); +const router = express.Router(); + +router.get('/:email', (req, res) => { + var email = req.params.email; + + User.findByEmail(email).then((user) => { + if (!user) { + return res.status(404).send(); + } + res.status(200).send(); + }).catch((e) => { + res.status(400).send(); + }); +}); + +module.exports = router; diff --git a/server/router/index.js b/server/router/index.js new file mode 100644 index 0000000..67b3dc0 --- /dev/null +++ b/server/router/index.js @@ -0,0 +1,99 @@ +const express = require('express'); +const router = express.Router(); + +router.post(process.env.LINKVERIF_REG, (req, res) => { + var body = _.pick(req.body, ['idapp', 'idlink']); + var idapp = body.idapp; + var idlink = body.idlink; + console.log("POST " + process.env.LINKVERIF_REG + " idapp= " + idapp + " idlink = " + idlink); + + // Cerco l'idlink se è ancora da Verificare + + User.findByLinkreg(idapp, idlink).then((user) => { + if (!user) { + //console.log("NON TROVATO!"); + return res.status(404).send(); + } else { + if (user.verified_email) { + res.send({ + code: server_constants.RIS_CODE_EMAIL_ALREADY_VERIFIED, + msg: res.__("L'Email è già stata Verificata.") + }); + } else { + user.verified_email = true; + user.save().then(() => { + //console.log("TROVATOOOOOO!"); + res.send({ code: server_constants.RIS_CODE_EMAIL_VERIFIED, msg: res.__('Email Verificata!') }); + }); + } + } + }).catch((e) => { + console.log(e); + res.status(400).send(); + }); + +}); + + +// Faccio richiesta di una Nuova Password +router.post(process.env.LINK_REQUEST_NEWPASSWORD, (req, res) => { + var body = _.pick(req.body, ['idapp', 'email']); + var idapp = body.idapp; + var email = body.email; + console.log("POST " + process.env.LINK_REQUEST_NEWPASSWORD + " idapp= " + idapp + " email = " + email); + + User.findByEmail(idapp, email).then((user) => { + if (!user) { + return res.status(404).send(); + } else { + // Creo il tokenforgot + user.tokenforgot = jwt.sign(user._id.toHexString(), process.env.SIGNCODE).toString(); + user.date_tokenforgot = new Date(); + user.save().then(() => { + sendemail.sendEmail_RequestNewPassword(getlang(res), user.email, user.idapp, user.tokenforgot); + res.send({ code: server_constants.RIS_CODE_OK, msg: '' }); + }); + } + }).catch((e) => { + console.log(e); + res.status(400).send(); + res.send({ code: server_constants.RIS_CODE_ERR, msg: e }); + }); + +}); + +// Invio la Nuova Password richiesta dal reset! +// Ritorna il token per poter effettuare le chiamate... +router.post(process.env.LINK_UPDATE_PASSWORD, (req, res) => { + var body = _.pick(req.body, ['idapp', 'email', 'tokenforgot', 'password']); + var idapp = body.idapp; + var email = body.email; + var tokenforgot = body.tokenforgot; + var password = body.password; + console.log("POST " + process.env.LINK_UPDATE_PASSWORD + " idapp= " + idapp + " email = " + email + " tokenforgot = " + tokenforgot); + + User.findByLinkTokenforgot(idapp, email, tokenforgot).then((user) => { + if (!user) { + return res.status(404).send(); + } else { + // aggiorna la nuova password + user.password = password; + + // Crea token + user.generateAuthToken().then(token => { + user.tokenforgot = ''; // Svuota il tokenforgot perché non ti servirà più... + + // Salva lo User + user.save().then(() => { + res.header('x-auth', token).send(user); // Ritorna il token di ritorno + }); + }) + } + }).catch((e) => { + console.log(e); + res.status(400).send(); + }); + +}); + +module.exports = router; diff --git a/server/router/push.js b/server/router/push.js new file mode 100644 index 0000000..e56047f --- /dev/null +++ b/server/router/push.js @@ -0,0 +1,81 @@ +const express = require('express'); +const router = express.Router(); +const mongoose = require('mongoose'); +const Subscription = mongoose.model('subscribers'); +// const q = require('q'); +const webpush = require('web-push'); + +router.post('/', (req, res) => { + const payload = { + title: req.body.title, + message: req.body.message, + url: req.body.url, + ttl: req.body.ttl, + icon: req.body.icon, + image: req.body.image, + badge: req.body.badge, + tag: req.body.tag + }; + + Subscription.find({}, (err, subscriptions) => { + if (err) { + console.error(`Error occurred while getting subscriptions`); + res.status(500).json({ + error: 'Technical error occurred' + }); + } else { + let parallelSubscriptionCalls = subscriptions.map((subscription) => { + return new Promise((resolve, reject) => { + const pushSubscription = { + endpoint: subscription.endpoint, + keys: { + p256dh: subscription.keys.p256dh, + auth: subscription.keys.auth + } + }; + + const pushPayload = JSON.stringify(payload); + const pushOptions = { + vapidDetails: { + subject: process.env.URLBASE_APP1, + privateKey: process.env.PRIVATE_VAPI_KEY, + publicKey: process.env.PUBLIC_VAPI_KEY, + }, + TTL: payload.ttl, + headers: {} + }; + webpush.sendNotification( + pushSubscription, + pushPayload, + pushOptions + ).then((value) => { + resolve({ + status: true, + endpoint: subscription.endpoint, + data: value + }); + }).catch((err) => { + reject({ + status: false, + endpoint: subscription.endpoint, + data: err + }); + }); + }); + }); + q.allSettled(parallelSubscriptionCalls).then((pushResults) => { + console.info(pushResults); + }); + res.json({ + data: 'Push triggered' + }); + } + }); +}); + +router.get('/', (req, res) => { + res.json({ + data: 'Invalid Request Bad' + }); +}); +module.exports = router; diff --git a/server/router/subscribe.js b/server/router/subscribe.js new file mode 100644 index 0000000..4af4a7c --- /dev/null +++ b/server/router/subscribe.js @@ -0,0 +1,49 @@ +const express = require('express'); +const router = express.Router(); +const mongoose = require('mongoose'); +const Subscription = mongoose.model('subscribers'); +const webpush = require('web-push'); + +router.post('/', (req, res) => { + const subscriptionModel = new Subscription(req.body); + subscriptionModel.save((err, subscription) => { + if (err) { + console.error(`Error occurred while saving subscription. Err: ${err}`); + res.status(500).json({ + error: 'Technical error occurred' + }); + } else { + // Send 201 - resource created + res.status(201).json({ data: 'Subscription saved.' }); + + sendBackNotif(subscription) + } + }); +}); + +function sendBackNotif(subscription) { + + // Create payload + const payload = JSON.stringify( + { + title: 'New Post HOLAAAA', + content: 'New Post added HOLAAAA!', + openUrl: '/help' + } + ); + + // Pass object into sendNotification + + webpush.sendNotification(subscription, payload).catch(err => console.error(err)); + +} + + + +router.get('/', (req, res) => { + res.json({ + data: 'Invalid Request Bad' + }); +}); + +module.exports = router; diff --git a/server/router/todos.js b/server/router/todos.js new file mode 100644 index 0000000..2e40964 --- /dev/null +++ b/server/router/todos.js @@ -0,0 +1,116 @@ +const express = require('express'); +const router = express.Router(); +const webpush = require('web-push'); + +var { authenticate } = require('../middleware/authenticate'); + +var { Todo } = require('../models/todo'); + +const _ = require('lodash'); + +const { ObjectID } = require('mongodb'); + +const allfieldTodo = ['userId', 'pos', 'category', 'descr', 'priority', 'completed', 'created_at', 'modify_at', + 'completed_at', 'expiring_at', 'enableExpiring', 'id_prev', 'id_next', 'progress', 'modified']; + +const allfieldTodoWithId = ['_id', ...allfieldTodo]; + + +router.post('/:id', authenticate, (req, res) => { + console.log('POST ', req.body); + + var body = _.pick(req.body, allfieldTodoWithId); + var todo = new Todo(body); + + todo.modified = false; + if (!todo.descr) { + console.log('RECORD NON VALIDO !?', req.body) + } + + sendNotificationToUser('New Post', 'New Post added!', '/' + todo.category); + + todo.save().then((doc) => { + res.send(doc); + }).catch((e) => { + console.log(e.message); + res.status(400).send(e); + }); +}); + +router.patch('/:id', authenticate, (req, res) => { + var id = req.params.id; + var body = _.pick(req.body, allfieldTodo); + + if (!ObjectID.isValid(id)) { + console.log('ERROR: id not VALID', id); + return res.status(404).send(); + } + + Todo.findByIdAndUpdate(id, {$set: body}, {new: true}).then((todo) => { + if (!todo) { + return res.status(404).send(); + } + + todo.modified = false + + res.send({todo}); + }).catch((e) => { + res.status(400).send(); + }) +}); + +function sendNotificationToUser(title, content, openUrl) { + + // Create payload + const payload = JSON.stringify( + { + title, + content, + openUrl + } + ); + + subscriptioncfg = {}; + + // Pass object into sendNotification + + webpush.sendNotification(subscriptioncfg, payload).catch(err => console.error(err)); + +} + + + +router.get('/:userId', authenticate, (req, res) => { + var userId = req.params.userId; + + console.log('GET : ', req, req.params); + + // Extract all the todos of the userId only + Todo.findAllByUserId(userId).then((todos) => { + res.send({ todos }); + }).catch((e) => { + console.log(e); + res.status(400).send(e); + }); + +}); + +router.delete('/:id', (req, res) => { + var id = req.params.id; + + if (!ObjectID.isValid(id)) { + return res.status(404).send(); + } + + Todo.findByIdAndRemove(id).then((todo) => { + if (!todo) { + return res.status(404).send(); + } + + res.send({todo}); + }).catch((e) => { + res.status(400).send(); + }); +}); + +module.exports = router; diff --git a/server/router/users.js b/server/router/users.js new file mode 100644 index 0000000..8f7eb25 --- /dev/null +++ b/server/router/users.js @@ -0,0 +1,118 @@ +const express = require('express'); +const router = express.Router(); + +var { User } = require('../models/user'); + +const _ = require('lodash'); + +var { authenticate } = require('../middleware/authenticate'); + + +// POST /users +router.post('/', (req, res) => { + console.log("POST /users"); + var body = _.pick(req.body, ['email', 'password', 'username', 'idapp', 'keyappid', 'lang']); + var user = new User(body); + + console.log("LANG PASSATO = " + user.lang); + console.log("IDAPP = " + user.idapp); + + user.linkreg = reg.getlinkregByEmail(body.email, body.username); + user.verified_email = false; + + user.save().then(() => { + User.findByUsername(user.username) + .then((usertrovato) => { + //console.log("USERNAME : " + user.username); + //console.log("TROVATO USERNAME ? " + usertrovato); + if (usertrovato !== null) { + //console.log("Non esiste ancora"); + // Non esiste ancora, allora genero il TOKEN ! + return user.generateAuthToken(); + } else { + //console.log("Esiste già! Quindi non creo lo user."); + // Esiste già! Quindi non creo lo user. + res.status(11100).send(); + return 0; + } + }).then((token) => { + // passo il token in x-auth + //console.log("USER"); + //console.log(user); + console.log("TOKEN: "); + console.log(token); + res.header('x-auth', token).send(user); + + console.log("LINKREG = " + user.linkreg); + // Invia un'email all'utente + sendemail.sendEmail_Registration(getlang(res), user.email, user.username, user.idapp, user.linkreg); + }); + }).catch((e) => { + res.status(400).send(e); + }) +}); + +router.get('/:username', (req, res) => { + var username = req.params.username; + + User.findByUsername(username).then((user) => { + if (!user) { + return res.status(404).send(); + } + res.status(200).send(); + }).catch((e) => { + res.status(400).send(); + }); +}); + + +router.post('/login', (req, res) => { + var body = _.pick(req.body, ['username', 'password', 'idapp', 'keyappid', 'lang']); + var user = new User(body); + + console.log("user: " + user.username + " pwd = " + user.password); + + if (body.keyappid !== process.env.KEY_APP_ID) + // Se non faccio la richesa con la IDAPP giusta, allora esco! + return res.status(400).send(); + + + User.findByCredentials(user.username, user.password) + .then((user) => { + console.log("CREDENZIALI ! "); + if (!user) { + console.log("NOT FOUND !"); + res.status(404).send({ code: server_constants.RIS_CODE_LOGIN_ERR }); + } else { + return user.generateAuthToken().then((token) => { + var usertosend = User(); + usertosend.username = user.username; + usertosend.email = user.email; + usertosend.userId = user._id.toHexString(); + usertosend.verified_email = user.verified_email; + + console.log("user.verified_email:" + user.verified_email); + console.log("usertosend.userId", usertosend.userId); + + console.log("usertosend:"); + console.log(usertosend); + res.header('x-auth', token).send(usertosend); + console.log("TROVATOOO!"); + }); + } + }).catch((e) => { + console.log("ERR: " + e); + res.status(400).send({ code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC }); + }); +}); + +router.delete('/me/token', authenticate, (req, res) => { + console.log("TOKENREM = " + req.token); + req.user.removeToken(req.token).then(() => { + res.status(200).send(); + }, () => { + res.status(400).send(); + }); +}); + +module.exports = router; diff --git a/server/server.js b/server/server.js index ba16a8c..c84e660 100644 --- a/server/server.js +++ b/server/server.js @@ -7,32 +7,41 @@ var fs = require('fs'); const port = process.env.PORT; -var express = require('express'); - i18n = require("i18n"); +const express = require('express'); +const bodyParser = require('body-parser'); +const path = require('path'); + +i18n = require("i18n"); if (process.env.NODE_ENV === 'production') { - var privateKey = fs.readFileSync(process.env.PATH_CERT_KEY, 'utf8'); + var privateKey = fs.readFileSync(process.env.PATH_CERT_KEY, 'utf8'); var certificate = fs.readFileSync(process.env.PATH_SERVER_CRT, 'utf8'); - var credentials = {key: privateKey, cert: certificate}; + var credentials = { key: privateKey, cert: certificate }; var https = require('https'); -}else{ +} else { var http = require('http'); } +require('./models/todo'); +require('./models/user'); +require('./models/subscribers'); +const { ObjectID } = require('mongodb'); + + +const index = require('./router'); +const push = require('./router/push'); +const subscribe = require('./router/subscribe'); +const email = require('./router/email'); +const todos = require('./router/todos'); +const users = require('./router/users'); + +require('./db/mongoose'); console.log("DB: " + process.env.DATABASE); console.log("PORT: " + port); console.log("MONGODB_URI: " + process.env.MONGODB_URI); -const bodyParser = require('body-parser'); -const { ObjectID } = require('mongodb'); - -var { mongoose } = require('./db/mongoose'); -var { Todo } = require('./models/todo'); -var { User } = require('./models/user'); -var { authenticate } = require('./middleware/authenticate'); - var sendemail = require('./sendemail'); var reg = require('./reg/registration'); var tools = require('./tools/general'); @@ -40,245 +49,84 @@ var server_constants = require('./tools/server_constants'); var app = express(); -var bcrypt = require('bcrypt'); +// app.use(express.static(path.join(__dirname, 'client'))); + +app.use(bodyParser.json()); + +// app.set('view engine', 'pug'); + +// Set static folder +// app.use(express.static(path.join(__dirname, 'public'))); + i18n.configure({ locales: ['it', 'en'], directory: __dirname + '/locales' }); - app.use(cors({ exposedHeaders: ['x-auth'], })); - app.use(bodyParser.json()); app.use(i18n.init); +const webpush = require('web-push'); + +const publicVapidKey = process.env.PUBLIC_VAPI_KEY; +const privateVapidKey = process.env.PRIVATE_VAPI_KEY; + +webpush.setVapidDetails('mailto:' + process.env.EMAIL_FROM, publicVapidKey, privateVapidKey); + + +// Use Routes + +app.use('/', index); +app.use('/subscribe', subscribe); +app.use('/push', push); +app.use('/email', email); +app.use('/todos', todos); +app.use('/users', users); + + +// catch 404 and forward to error handler +app.use(function (req, res, next) { + var err = new Error('Not Found'); + err.status = 404; + next(err); +}); + + +// app.set('views', path.join(__dirname, 'views')); +// app.set('view engine', 'pug'); + +// development error handler +// will print stacktrace +if (app.get('env') === 'development') { + app.use(function (err, req, res, next) { + console.log('Error: ', err.message) + console.trace(); + res.status(err.status || 500).send({error: err.message}); + // res.render('error', { + // message: err.message, + // error: err + // }); + }); +} + + function getlang(res) { return res.locale; } -app.post(process.env.LINKVERIF_REG, (req, res) => { - var body = _.pick(req.body, ['idapp', 'idlink']); - var idapp = body.idapp; - var idlink = body.idlink; - console.log("POST " + process.env.LINKVERIF_REG + " idapp= " + idapp + " idlink = " + idlink); - - // Cerco l'idlink se è ancora da Verificare - - User.findByLinkreg(idapp, idlink).then((user) => { - if (!user) { - //console.log("NON TROVATO!"); - return res.status(404).send(); - } else { - if (user.verified_email) { - res.send({ - code: server_constants.RIS_CODE_EMAIL_ALREADY_VERIFIED, - msg: res.__("L'Email è già stata Verificata.") - }); - } else { - user.verified_email = true; - user.save().then(() => { - //console.log("TROVATOOOOOO!"); - res.send({ code: server_constants.RIS_CODE_EMAIL_VERIFIED, msg: res.__('Email Verificata!') }); - }); - } - } - }).catch((e) => { - console.log(e); - res.status(400).send(); - }); - -}); - - -// Faccio richiesta di una Nuova Password -app.post(process.env.LINK_REQUEST_NEWPASSWORD, (req, res) => { - var body = _.pick(req.body, ['idapp', 'email']); - var idapp = body.idapp; - var email = body.email; - console.log("POST " + process.env.LINK_REQUEST_NEWPASSWORD + " idapp= " + idapp + " email = " + email); - - User.findByEmail(idapp, email).then((user) => { - if (!user) { - return res.status(404).send(); - } else { - // Creo il tokenforgot - user.tokenforgot = jwt.sign(user._id.toHexString(), process.env.SIGNCODE).toString(); - user.date_tokenforgot = new Date(); - user.save().then(() => { - sendemail.sendEmail_RequestNewPassword(getlang(res), user.email, user.idapp, user.tokenforgot); - res.send({ code: server_constants.RIS_CODE_OK, msg: '' }); - }); - } - }).catch((e) => { - console.log(e); - res.status(400).send(); - res.send({ code: server_constants.RIS_CODE_ERR, msg: e }); - }); - -}); - -// Invio la Nuova Password richiesta dal reset! -// Ritorna il token per poter effettuare le chiamate... -app.post(process.env.LINK_UPDATE_PASSWORD, (req, res) => { - var body = _.pick(req.body, ['idapp', 'email', 'tokenforgot', 'password']); - var idapp = body.idapp; - var email = body.email; - var tokenforgot = body.tokenforgot; - var password = body.password; - console.log("POST " + process.env.LINK_UPDATE_PASSWORD + " idapp= " + idapp + " email = " + email + " tokenforgot = " + tokenforgot); - - User.findByLinkTokenforgot(idapp, email, tokenforgot).then((user) => { - if (!user) { - return res.status(404).send(); - } else { - // aggiorna la nuova password - user.password = password; - - // Crea token - user.generateAuthToken().then(token => { - user.tokenforgot = ''; // Svuota il tokenforgot perché non ti servirà più... - - // Salva lo User - user.save().then(() => { - res.header('x-auth', token).send(user); // Ritorna il token di ritorno - }); - }) - } - }).catch((e) => { - console.log(e); - res.status(400).send(); - }); - -}); - -// POST /users -app.post('/users', (req, res) => { - console.log("POST /users"); - var body = _.pick(req.body, ['email', 'password', 'username', 'idapp', 'keyappid', 'lang']); - var user = new User(body); - - console.log("LANG PASSATO = " + user.lang); - console.log("IDAPP = " + user.idapp); - - user.linkreg = reg.getlinkregByEmail(body.email, body.username); - user.verified_email = false; - - user.save().then(() => { - User.findByUsername(user.username) - .then((usertrovato) => { - //console.log("USERNAME : " + user.username); - //console.log("TROVATO USERNAME ? " + usertrovato); - if (usertrovato !== null) { - //console.log("Non esiste ancora"); - // Non esiste ancora, allora genero il TOKEN ! - return user.generateAuthToken(); - } else { - //console.log("Esiste già! Quindi non creo lo user."); - // Esiste già! Quindi non creo lo user. - res.status(11100).send(); - return 0; - } - }).then((token) => { - // passo il token in x-auth - //console.log("USER"); - //console.log(user); - console.log("TOKEN: "); - console.log(token); - res.header('x-auth', token).send(user); - - console.log("LINKREG = " + user.linkreg); - // Invia un'email all'utente - sendemail.sendEmail_Registration(getlang(res), user.email, user.username, user.idapp, user.linkreg); - }); - }).catch((e) => { - res.status(400).send(e); - }) -}); - -app.get('/users/:username', (req, res) => { - var username = req.params.username; - - User.findByUsername(username).then((user) => { - if (!user) { - return res.status(404).send(); - } - res.status(200).send(); - }).catch((e) => { - res.status(400).send(); - }); -}); - -app.get('/email/:email', (req, res) => { - var email = req.params.email; - - User.findByEmail(email).then((user) => { - if (!user) { - return res.status(404).send(); - } - res.status(200).send(); - }).catch((e) => { - res.status(400).send(); - }); -}); - -app.post('/users/login', (req, res) => { - var body = _.pick(req.body, ['username', 'password', 'idapp', 'keyappid', 'lang']); - var user = new User(body); - - console.log("user: " + user.username + " pwd = " + user.password); - - if (body.keyappid !== process.env.KEY_APP_ID) - // Se non faccio la richesa con la IDAPP giusta, allora esco! - return res.status(400).send(); - - - User.findByCredentials(user.username, user.password) - .then((user) => { - console.log("CREDENZIALI ! "); - if (!user) { - console.log("NOT FOUND !"); - res.status(404).send({ code: server_constants.RIS_CODE_LOGIN_ERR }); - } else { - return user.generateAuthToken().then((token) => { - var usertosend = User(); - usertosend.username = user.username; - usertosend.email = user.email; - usertosend._id = user._id; - usertosend.verified_email = user.verified_email; - console.log("user.verified_email:" + user.verified_email); - - console.log("usertosend:"); - console.log(usertosend); - res.header('x-auth', token).send(usertosend); - console.log("TROVATOOO!"); - }); - } - }).catch((e) => { - console.log("ERR: " + e); - res.status(400).send({ code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC }); - }); -}); - -app.delete('/users/me/token', authenticate, (req, res) => { - console.log("TOKENREM = " + req.token); - req.user.removeToken(req.token).then(() => { - res.status(200).send(); - }, () => { - res.status(400).send(); - }); -}); if (process.env.NODE_ENV === 'production') { var httpsServer = https.createServer(credentials, app); console.log("httpsServer: port ", port); httpsServer.listen(port); -}else{ +} else { console.log("httpServer: port ", port); var httpServer = http.createServer(app); httpServer.listen(port);