diff --git a/.env.dev.pcb b/.env.dev.pcb index 00d8b5b..82a8e8c 100644 --- a/.env.dev.pcb +++ b/.env.dev.pcb @@ -33,7 +33,7 @@ PROJECT_DESCR_MAIN='__PROJECTS' SECRK=Askb38v23jjDFaoskBOWj92axXCQ SECRTK=prova123prova567ASDADASDAS TOKEN_LIFE=2h -REFRESH_TOKEN_LIFE=86400 +REFRESH_TOKEN_LIFE=7d FTPSERVER_HOST=139.162.166.31 FTPSERVER_PORT=21 FTPSERVER_USER=ftpusrsrv_ diff --git a/.env.dev.riso b/.env.dev.riso index d68b848..5c92bba 100644 --- a/.env.dev.riso +++ b/.env.dev.riso @@ -33,7 +33,7 @@ PROJECT_DESCR_MAIN='__PROJECTS' SECRK=Askb38v23jjDFaoskBOWj92axXCQ SECRTK=prova123prova567ASDADASDAS TOKEN_LIFE=2h -REFRESH_TOKEN_LIFE=86400 +REFRESH_TOKEN_LIFE=7d FTPSERVER_HOST=139.162.166.31 FTPSERVER_PORT=21 FTPSERVER_USER=ftpusrsrv_ diff --git a/.env.development b/.env.development index 00d8b5b..5c92bba 100644 --- a/.env.development +++ b/.env.development @@ -1,11 +1,11 @@ -DATABASE=test_PiuCheBuono +DATABASE=test_FreePlanet UDB=paofreeplanet PDB=mypassword@1A SEND_EMAIL=0 SEND_EMAIL_ORDERS=1 PORT=3000 -appTelegram_TEST=["1","17"] -appTelegram=["1","17"] +appTelegram_TEST=["1","13"] +appTelegram=["1","13"] DOMAIN=mongodb://localhost:27017/ AUTH_MONGODB=true MONGODB_USER=admin @@ -33,7 +33,7 @@ PROJECT_DESCR_MAIN='__PROJECTS' SECRK=Askb38v23jjDFaoskBOWj92axXCQ SECRTK=prova123prova567ASDADASDAS TOKEN_LIFE=2h -REFRESH_TOKEN_LIFE=86400 +REFRESH_TOKEN_LIFE=7d FTPSERVER_HOST=139.162.166.31 FTPSERVER_PORT=21 FTPSERVER_USER=ftpusrsrv_ diff --git a/.env.prod.pcb b/.env.prod.pcb index 1372389..1a841b9 100644 --- a/.env.prod.pcb +++ b/.env.prod.pcb @@ -31,5 +31,5 @@ PROJECT_DESCR_MAIN='__PROJECTS' SECRK=iUUb38v23jjDFaosWj92axkBOXCQ SECRTK=jAxKm02emx5SeJvz2IGmtRf6YqCgope TOKEN_LIFE=2h -REFRESH_TOKEN_LIFE=86400 +REFRESH_TOKEN_LIFE=7d AUTH_NEW_SITES=B234HDSAOJ734ndcsdKWNVZZ \ No newline at end of file diff --git a/.env.test.pcb b/.env.test.pcb index 57d8318..80fd07e 100644 --- a/.env.test.pcb +++ b/.env.test.pcb @@ -30,5 +30,5 @@ PROD=0 PROJECT_DESCR_MAIN='__PROJECTS' SECRK=iUUb38v23jjDFaosWj92axkBOXCQ TOKEN_LIFE=2h -REFRESH_TOKEN_LIFE=86400 +REFRESH_TOKEN_LIFE=7d AUTH_NEW_SITES=B234HDSAOJ734ndcsdKWNV \ No newline at end of file diff --git a/.env.test.risosrv b/.env.test.risosrv index 6a43f2c..f645183 100644 --- a/.env.test.risosrv +++ b/.env.test.risosrv @@ -27,5 +27,5 @@ PROD=0 PROJECT_DESCR_MAIN='__PROJECTS' SECRK=iUUb38v23jjDFaosWj92axkBOXCQ TOKEN_LIFE=2h -REFRESH_TOKEN_LIFE=86400 +REFRESH_TOKEN_LIFE=7d AUTH_NEW_SITES=B234HDSAOJ734ndcsdKWNV \ No newline at end of file diff --git a/emails/ecommerce/makeorder/it/html.pug b/emails/ecommerce/makeorder/it/html.pug index 3d025d1..84fb48f 100755 --- a/emails/ecommerce/makeorder/it/html.pug +++ b/emails/ecommerce/makeorder/it/html.pug @@ -75,6 +75,11 @@ html - var qty = rec.order.quantity - var qtypreordered = rec.order.quantitypreordered + if (rec.order.product.productInfo.sfuso && rec.order.product.productInfo.weight) + qtypreordered = (qtypreordered * rec.order.product.productInfo.weight); + else + qtypreordered = qtypreordered + ' x ' + rec.order.product.productInfo.weight; + - var unit = rec.order.product.productInfo.unitstr - index = index + 1 diff --git a/src/server/middleware/authenticate.js b/src/server/middleware/authenticate.js index fff3e2f..c8d445c 100755 --- a/src/server/middleware/authenticate.js +++ b/src/server/middleware/authenticate.js @@ -13,7 +13,7 @@ const auth_default = (req, res, next) => { const authenticate = (req, res, next) => { const token = req.header('x-auth'); - //const refreshToken = req.header('x-refrTok'); + //const refreshToken = req.header('x-refrtok'); // console.log('authenticate... '); @@ -55,7 +55,7 @@ const authenticate = (req, res, next) => { req.token = token; // req.refreshToken = refreshToken; req.access = access; - next(); + next(); // Esegui il codice successivo }); } // tools.mylog('userid', user._id); @@ -72,7 +72,7 @@ const authenticate = (req, res, next) => { const authenticate_noerror = (req, res, next) => { try { const token = req.header('x-auth'); - const refreshToken = req.header('x-refrTok'); + const refreshToken = req.header('x-refrtok'); const access = 'auth'; @@ -81,17 +81,21 @@ const authenticate_noerror = (req, res, next) => { req.user = null; req.token = null; req.access = null; + req.code = ris.code; } else { req.user = ris.user; req.token = token; req.refreshToken = refreshToken; req.access = access; + req.code = ris.code; } + // Vai avanti ad eseguire il codice, in ogni modo ! next(); }).catch((e) => { req.user = null; req.token = null; req.access = null; + req.code = 0; }); } catch (e) { console.error('Err', e); diff --git a/src/server/models/user.js b/src/server/models/user.js index 121d4ee..e750e01 100755 --- a/src/server/models/user.js +++ b/src/server/models/user.js @@ -63,6 +63,7 @@ const UserSchema = new mongoose.Schema({ type: String, required: true, }, + group: { type: Number, }, @@ -538,9 +539,11 @@ UserSchema.methods.generateAuthToken = function (req) { let token = null; + let numsec = process.env.TOKEN_LIFE; + if (attiva_scadenza) token = jwt.sign({ _id: prova, smart: user._id.toHexString(), access, un: user.username }, - process.env.SIGNCODE, { expiresIn: process.env.TOKEN_LIFE }).toString(); + process.env.SIGNCODE, { expiresIn: numsec }).toString(); else token = jwt.sign({ _id: prova, smart: user._id.toHexString(), access, un: user.username }, process.env.SIGNCODE).toString(); @@ -560,6 +563,7 @@ UserSchema.methods.generateAuthToken = function (req) { user.lasttimeonline = new Date(); return user.save().then(() => { + console.log('Salvato refreshToken su DB', refreshToken); // console.log("TOKEN CREATO IN LOGIN : " + token); return { token, refreshToken }; }).catch(err => { @@ -721,10 +725,9 @@ UserSchema.statics.findByToken = async function (token, typeaccess, con_auth) { if (e.expiredAt) { + code = server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED; if (con_auth) { - return { user: null, code: server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED }; - } else { - + return { user: null, code }; } } else { console.error('Err findByToken:', e); @@ -765,6 +768,7 @@ UserSchema.statics.findByTokenAnyAccess = function (token) { try { decoded = jwt.verify(token, process.env.SIGNCODE); } catch (e) { + console.error('Err findByTokenAnyAccess:', e); return Promise.resolve(null); } diff --git a/src/server/router/index_router.js b/src/server/router/index_router.js index 9cf70d0..da356b7 100755 --- a/src/server/router/index_router.js +++ b/src/server/router/index_router.js @@ -260,7 +260,7 @@ router.post(process.env.LINK_UPDATE_PWD, async (req, res) => { // Salva lo User user.save().then(() => { res.header('x-auth', ris.token) - .header('x-refrTok', ris.refreshToken) + .header('x-refrtok', ris.refreshToken) .send({ code: server_constants.RIS_CODE_OK }); // Ritorna il token di ritorno }); }); @@ -1384,12 +1384,12 @@ router.get('/loadsite/:userId/:idapp', authenticate_noerror, (req, res) => { }); router.get('/loadsite/:userId/:idapp/:vers', authenticate_noerror, - (req, res) => { + async (req, res) => { let versionstr = req.params.vers; let version = tools.getVersionint(versionstr); - load(req, res, version); + return await load(req, res, version); }); @@ -1397,6 +1397,12 @@ function load(req, res, version) { const userId = req.params.userId; const idapp = req.params.idapp; + let status = 200 + if (req.code === server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED) { + status = server_constants.RIS_CODE_HTTP_FORBIDDEN_TOKEN_EXPIRED + } + + if (!version) { version = '0'; } @@ -1585,7 +1591,7 @@ function load(req, res, version) { } catch (e) { } } if (version < 91) { - res.send({ + res.status(status).send({ bookedevent: arrdata[0], eventlist: arrdata[1], operators: arrdata[2], @@ -1612,7 +1618,7 @@ function load(req, res, version) { internalpages: arrdata[23], }); } else { - res.send({ + res.status(status).send({ bookedevent: arrdata[0], eventlist: arrdata[1], operators: arrdata[2], @@ -1663,6 +1669,7 @@ function load(req, res, version) { subcatprods: arrdata[46], catprods_gas: arrdata[47], catAI: arrdata[48], + code: req.code, }); const prova = 1; @@ -1680,7 +1687,7 @@ router.get(process.env.LINK_CHECK_UPDATES, authenticate_noerror, async (req, res // console.log("POST " + process.env.LINK_CHECK_UPDATES + " userId=" + userId); if (!req.user) { - return res.status(404).send(); + return res.status(200).send(); } await CfgServer.find({ idapp }).then((arrcfgrec) => { @@ -1702,7 +1709,7 @@ router.get(process.env.LINK_CHECK_UPDATES, authenticate_noerror, async (req, res if (!ObjectID.isValid(userId)) { return res.status(404).send(); } - + last_msgs = SendMsg.findLastGroupByUserIdAndIdApp(userId, req.user.username, idapp); last_notifs = SendNotif.findLastNotifsByUserIdAndIdApp(req.user.username, idapp, 40); diff --git a/src/server/router/users_router.js b/src/server/router/users_router.js index 26d06c6..e4b69bb 100755 --- a/src/server/router/users_router.js +++ b/src/server/router/users_router.js @@ -301,7 +301,7 @@ router.post('/', async (req, res) => { const { token, refreshToken } = await myuser.generateAuthToken(req); res .header('x-auth', token) - .header('x-refrTok', refreshToken) + .header('x-refrtok', refreshToken) .send(myuser); return true; } @@ -363,7 +363,7 @@ router.post('/', async (req, res) => { // } res .header('x-auth', ris.token) - .header('x-refrTok', ris.refreshToken) + .header('x-refrtok', ris.refreshToken) .send(user); return true; }); @@ -619,11 +619,13 @@ router.post('/newtok', async (req, res) => { // Ottieni l'utente in base al refreshtoken const recFound = await User.findOne({ 'tokens.refreshToken': refreshToken }); + console.log('recFound', recFound ? recFound.name : 'NOTFOUND', 'Token=', refreshToken); + if (recFound) { return recFound.generateAuthToken(req) .then((ris) => { return res.status(200).send({ - usertosend, + usertosend: recFound, token: ris.token, refreshToken: ris.refreshToken }); @@ -634,7 +636,7 @@ router.post('/newtok', async (req, res) => { console.error('Err', e); } - res.status(404).send({ code: server_constants.RIS_CODE_LOGIN_ERR }); + res.status(404).send({ code: server_constants.RIS_CODE_HTTP_INVALID_TOKEN }); }); @@ -722,7 +724,7 @@ router.post('/login', (req, res) => { // SEND TOKEN AND CODE RESULT return res .header('x-auth', myris.token) - .header('x-refrTok', myris.refreshToken) + .header('x-refrtok', myris.refreshToken) .send({ usertosend: myris.usertosend, code: server_constants.RIS_CODE_OK, diff --git a/src/server/server.js b/src/server/server.js index bdb2096..3dcf71d 100755 --- a/src/server/server.js +++ b/src/server/server.js @@ -157,7 +157,7 @@ myLoad().then(ris => { }); app.use(cors({ - exposedHeaders: ['x-auth', 'x-refrTok'], + exposedHeaders: ['x-auth', 'x-refrtok'], })); app.use(bodyParser.json());