diff --git a/.env.development b/.env.development index 90e93b8..7013049 100644 --- a/.env.development +++ b/.env.development @@ -29,7 +29,7 @@ GCM_API_KEY="" PROD=0 PROJECT_DESCR_MAIN='__PROJECTS' SECRK=Askb38v23jjDFaoskBOWj92axXCQ -TOKEN_LIFE=2h +TOKEN_LIFE=1m REFRESH_TOKEN_LIFE=14d FTPSERVER_HOST=139.162.166.31 FTPSERVER_PORT=21 diff --git a/src/server/middleware/authenticate.js b/src/server/middleware/authenticate.js index a501889..5b7a82a 100755 --- a/src/server/middleware/authenticate.js +++ b/src/server/middleware/authenticate.js @@ -11,256 +11,58 @@ const auth_default = (req, res, next) => { }; -const authenticate = async (req, res, next) => { - const token = req.header('x-auth'); - //const refreshToken = req.header('x-refrtok'); - - // console.log('authenticate... '); - - let noaut = false; - - if (req.body.hasOwnProperty('noaut')) { - noaut = req.body.noaut; - } - - if (noaut) { - next(); - return; - } - - const access = 'auth'; - - //const idapp = getIdApp(req); - - try { - const ris = await User.findByToken(token, access, true, false); - if (ris && ris.user && !!ris.user.deleted) { - if (ris.user.deleted) - ris.user = null; - } - - if (ris.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { - return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); - } - - if (!ris.user) { - return res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send(); - } - - if (!!ris.user) { - // crea una funzione per aggiornare il lasttimeonline e useragent - // Save last time online - const myuser = await User.updateLastTimeAndUserAgent(ris.user._id, req.get('User-Agent')); - req.user = myuser; - req.token = token; - // req.refreshToken = refreshToken; - req.access = access; - - next(); // Esegui il codice successivo - } - } catch (e) { - tools.mylog("ERR authenticate invalid Token =", e); - if (e === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { - return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); - } - res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send(); - } -}; - -const authenticate_withUser = async (req, res, next) => { - const token = req.header('x-auth'); - //const refreshToken = req.header('x-refrtok'); - - // console.log('authenticate... '); - - let noaut = false; - - if (req.body.hasOwnProperty('noaut')) { - noaut = req.body.noaut; - } - - if (noaut) { - next(); - return; - } - - const access = 'auth'; - - //const idapp = getIdApp(req); - - try { - console.log(' ### authenticate_withUser: token', !!token); - - const ris = await User.findByToken(token, access, true, true); - if (ris && ris.user && !!ris.user.deleted) { - if (ris.user.deleted) - ris.user = null; - } - - if (ris.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { - return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); - } - - if (!ris.user) { - return res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send(); - } - - if (!!ris.user) { - console.log(' AUTH 2) '); - // crea una funzione per aggiornare il lasttimeonline e useragent - // Save last time online - await User.updateLastTimeAndUserAgent(ris.user._id, req.get('User-Agent')); - req.user = ris.user; - req.token = token; - // req.refreshToken = refreshToken; - req.access = access; - - console.log(' AUTH_WITHUSER 3) NEXT... '); - next(); // Esegui il codice successivo - } - } catch (e) { - tools.mylog("ERR authenticate invalid Token =", e); - if (e === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { - return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); - } - res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send(); - } -}; - -const getIdApp = (req) => { - let idapp = null; - try { - idapp = req.query.idapp; - } catch (e) { - console.log('IDAPP NON TROVATO !'); - } - return idapp; - -} - -const authenticate_noerror = async (req, res, next) => { +const authenticateMiddleware = async (req, res, next, withUser = false, lean = false, noError = false) => { try { const token = req.header('x-auth'); const refreshToken = req.header('x-refrtok'); - // console.log(' ### Authenticate_noerror: token', !!token); + const logPrefix = noError ? (withUser ? (lean ? 'WITHUSERLEAN' : 'WITHUSER') : 'NOERROR') : 'AUTH'; if (!token) { req.user = null; req.token = null; req.code = server_constants.RIS_CODE_HTTP_INVALID_TOKEN; - console.log(' ## TOKEN INVALIDO ❌ ...'); - return next(); + console.log(` ## ${logPrefix}_TOKEN INVALIDO ❌ ...`); + return noError ? next() : res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send(); } - const ris = await User.findByToken(token, 'auth', false, false); - - if (ris.code !== server_constants.RIS_CODE_OK) { + const user = await User.findByToken(token, 'auth', false, withUser, lean); + + if (user.code !== server_constants.RIS_CODE_OK) { req.user = null; req.token = null; - req.code = ris.code; + req.code = user.code; } else { - req.user = ris.user; + req.user = user.user; req.token = token; req.refreshToken = refreshToken; - req.code = ris.code; + req.code = user.code; } - - if (ris.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { - return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); + + if (user.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { + console.log(` TOKEN SCADUTO ! `); + if (noError) { + return next() + } else { + return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); + } } - - // console.log(' ## NEXT ! AVANTI...'); + + // console.log(` ## ${logPrefix} NEXT ! AVANTI...`); next(); } catch (e) { console.error('Errore nel middleware di autenticazione:', e); req.user = null; req.token = null; req.code = server_constants.RIS_CODE_HTTP_INVALID_TOKEN; - next(); - } -}; -const authenticate_noerror_WithUser = async (req, res, next) => { - try { - const token = req.header('x-auth'); - const refreshToken = req.header('x-refrtok'); - // console.log(' ### authenticate_noerror_WithUser: token', !!token); - - if (!token) { - req.user = null; - req.token = null; - req.code = server_constants.RIS_CODE_HTTP_INVALID_TOKEN; - console.log(' ## WITHUSER_TOKEN INVALIDO ❌ ...'); - return next(); - } - - const ris = await User.findByToken(token, 'auth', false, true); - - if (ris.code !== server_constants.RIS_CODE_OK) { - req.user = null; - req.token = null; - req.code = ris.code; - } else { - req.user = ris.user; - req.token = token; - req.refreshToken = refreshToken; - req.code = ris.code; - } - - if (ris.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { - return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); - } - - console.log(' ## NEXT ! AVANTI...'); - next(); - } catch (e) { - console.error('Errore nel middleware di autenticazione:', e); - req.user = null; - req.token = null; - req.code = server_constants.RIS_CODE_HTTP_INVALID_TOKEN; - next(); + noError ? next() : res.status(server_constants.RIS_CODE_HTTP_INVALID_TOKEN).send(); } }; -const authenticate_noerror_WithUserLean = async (req, res, next) => { - try { - const token = req.header('x-auth'); - const refreshToken = req.header('x-refrtok'); - // console.log(' ### authenticate_noerror_WithUserLean: token', !!token); - - if (!token) { - req.user = null; - req.token = null; - req.code = server_constants.RIS_CODE_HTTP_INVALID_TOKEN; - console.log(' ## WITHUSER_TOKEN INVALIDO ❌ ...'); - return next(); - } - - const ris = await User.findByToken(token, 'auth', false, true, true); - - if (ris.code !== server_constants.RIS_CODE_OK) { - req.user = null; - req.token = null; - req.code = ris.code; - } else { - req.user = ris.user; - req.token = token; - req.refreshToken = refreshToken; - req.code = ris.code; - } - - if (ris.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { - return res.status(server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED).send(); - } - - console.log(' ## NEXT ! AVANTI...'); - next(); - } catch (e) { - console.error('Errore nel middleware di autenticazione:', e); - req.user = null; - req.token = null; - req.code = server_constants.RIS_CODE_HTTP_INVALID_TOKEN; - next(); - } -}; +const authenticate = (req, res, next) => authenticateMiddleware(req, res, next); +const authenticate_withUser = (req, res, next) => authenticateMiddleware(req, res, next, true); +const authenticate_withUserLean = (req, res, next) => authenticateMiddleware(req, res, next, true, true); +const authenticate_noerror = (req, res, next) => authenticateMiddleware(req, res, next, false, false, true); +const authenticate_noerror_WithUser = (req, res, next) => authenticateMiddleware(req, res, next, true, false, true); +const authenticate_noerror_WithUserLean = (req, res, next) => authenticateMiddleware(req, res, next, true, true, true); module.exports = { authenticate, authenticate_noerror, auth_default, authenticate_withUser, authenticate_noerror_WithUser, authenticate_noerror_WithUserLean }; diff --git a/src/server/models/account.js b/src/server/models/account.js index e4ec3fc..30a720a 100755 --- a/src/server/models/account.js +++ b/src/server/models/account.js @@ -657,7 +657,7 @@ AccountSchema.statics.updateQtaMax = async function (idapp, username, groupname, else risult = await Account.updateOne({ idapp, username, circuitId }, { $set: paramstoupdate }); - return risult && risult.nModified > 0; + return risult && risult.modifiedCount > 0; }; AccountSchema.statics.getAccountsCircuitiNazionali = async function (idapp) { diff --git a/src/server/models/circuit.js b/src/server/models/circuit.js index 4b1e984..1317048 100755 --- a/src/server/models/circuit.js +++ b/src/server/models/circuit.js @@ -1341,7 +1341,7 @@ CircuitSchema.statics.setFido = async function (idapp, username, circuitName, gr const ris = await Account.updateFido(idapp, username, groupname, circuitId, fido); if (ris) { - return { qta_maxConcessa: qtamax, fidoConcesso: fido, changed: variato || (ris && ris.nModified > 0) }; + return { qta_maxConcessa: qtamax, fidoConcesso: fido, changed: variato || (ris && ris.modifiedCount > 0) }; } } } diff --git a/src/server/models/city.js b/src/server/models/city.js index 05e9c50..724f7b1 100755 --- a/src/server/models/city.js +++ b/src/server/models/city.js @@ -256,7 +256,7 @@ CitySchema.statics.insertGeojsonToMongoDB = async function (nomefilejson) { if (reccity) { const ris = await City.updateOne({ _id: reccity._id }, { $set: { geojson: citta } }); - if (ris.ok === 1) { + if (ris.acknowledged === 1) { inseriti++; } } diff --git a/src/server/models/myhosp.js b/src/server/models/myhosp.js index 6e5d76b..9488d3c 100755 --- a/src/server/models/myhosp.js +++ b/src/server/models/myhosp.js @@ -353,7 +353,7 @@ MyHospSchema.statics.SettaAdTypeOffro_In_Hosps = async function () { try { // Set all records 'adType' to shared_consts.AdType.OFFRO const result = await MyHosp.updateMany({}, { $set: { adType: shared_consts.AdType.OFFRO } }); - console.log('Successfully updated adType for', result.nModified, 'records'); + console.log('Successfully updated adType for', result.modifiedCount, 'records'); } catch (err) { console.error('Error updating adType:', err); } diff --git a/src/server/models/product.js b/src/server/models/product.js index 0242a32..2af3560 100755 --- a/src/server/models/product.js +++ b/src/server/models/product.js @@ -1029,7 +1029,7 @@ module.exports.singlerecconvert_AfterImport_AndSave = async function (idapp, pro ris = await Product.updateOne({ _id: new ObjectId(prod._id) }, { $unset: objDelete }) - if (ris && ris.nModified > 0) { + if (ris && ris.modifiedCount > 0) { console.log('Modificato: ', objtoset.name); } diff --git a/src/server/models/reaction.js b/src/server/models/reaction.js index 2d475f5..34d97bb 100755 --- a/src/server/models/reaction.js +++ b/src/server/models/reaction.js @@ -304,7 +304,7 @@ reactionSchema.statics.addFavorite = async function (req, idapp, username, id, t fav: true, } }) - ok = ris.ok; + ok = ris.acknowledged; } const { SendNotif } = require('../models/sendnotif'); diff --git a/src/server/models/user.js b/src/server/models/user.js index d35a094..a5cca29 100755 --- a/src/server/models/user.js +++ b/src/server/models/user.js @@ -568,8 +568,6 @@ UserSchema.methods.generateAuthToken = function (req) { user.lasttimeonline = new Date(); return user.save().then(() => { - // console.log('Salvato refreshToken su DB', refreshToken); - // console.log("TOKEN CREATO IN LOGIN : " + token); return { token, refreshToken }; }).catch(err => { console.log('Error', err.message); diff --git a/src/server/populate/populate.js b/src/server/populate/populate.js index 33ee3a2..b5c6ea6 100644 --- a/src/server/populate/populate.js +++ b/src/server/populate/populate.js @@ -81,7 +81,7 @@ module.exports = { } else { // Il documento esiste, lo aggiorniamo const ris = await table.updateOne({ _id: existingDoc._id }, { $set: rec }); - if (ris && ris.nModified > 0) + if (ris && ris.modifiedCount > 0) numupdated++; } } catch (e) { diff --git a/src/server/router/index_router.js b/src/server/router/index_router.js index a68f4e0..a1da18a 100755 --- a/src/server/router/index_router.js +++ b/src/server/router/index_router.js @@ -514,7 +514,7 @@ router.post('/settable', authenticate, async (req, res) => { }) .then(async (risult) => { let rec = null; - if (risult && risult.ok === 1) { + if (risult && risult.acknowledged === 1) { rec = await mytable.findById(mytablerec._id).lean(); } else { rec = risult; @@ -990,7 +990,7 @@ async function upsertRecord(table, record, appId, newIdPage = null) { record.idPage = newIdPage; } const modif = await table.updateOne({ _id: record._id }, { $set: { ...record, idapp: appId } }); - wasModified = modif.nModified > 0; + wasModified = modif.modifiedCount > 0; } else { // Se sono sulla tabella mypages if (table.modelName === 'MyPage') { diff --git a/src/server/router/reactions_router.js b/src/server/router/reactions_router.js index d13e5af..b07ddba 100755 --- a/src/server/router/reactions_router.js +++ b/src/server/router/reactions_router.js @@ -99,7 +99,7 @@ router.post('/cmd', authenticate_noerror, async (req, res) => { } - let state = (value && ris && ris.ok === 1) ? 1 : ((!value && ris && ris.ok === 1) ? -1 : 0); + let state = (value && ris && ris.acknowledged === 1) ? 1 : ((!value && ris && ris.acknowledged === 1) ? -1 : 0); const risreac = await Reaction.calcReactions(idapp, id, tab); if (risreac) { diff --git a/src/server/server.js b/src/server/server.js index 918cef0..348c39f 100755 --- a/src/server/server.js +++ b/src/server/server.js @@ -805,7 +805,7 @@ connectToDatabase(connectionUrl, options) `https://api.${domain.hostname}`, `https://test.${domain.hostname}`, `https://testapi.${domain.hostname}`, - `https://freeplanet.app:3000`, + `https://comunitanuovomondo.app`, `https://freeplanet.app:3001`, `http://${domain.hostname}`, `http://api.${domain.hostname}`, diff --git a/src/server/telegram/telegrambot.js b/src/server/telegram/telegrambot.js index 6a63a3f..2c3b64c 100755 --- a/src/server/telegram/telegrambot.js +++ b/src/server/telegram/telegrambot.js @@ -4638,6 +4638,7 @@ if (true) { } } else if (data.action === InlineConferma.RISPOSTA_SI + shared_consts.CallFunz.RICHIESTA_CIRCUIT) { + console.log(' CLICK per Aggiungere ', data.username, 'nel circuito', circuit?.name); if (circuit) { // Aggiungilo nel Circuito cmd = shared_consts.CIRCUITCMD.SET; diff --git a/src/server/version.txt b/src/server/version.txt index 5ab1538..f37ae4a 100644 --- a/src/server/version.txt +++ b/src/server/version.txt @@ -1 +1 @@ -1.2.18 \ No newline at end of file +1.2.19 \ No newline at end of file