const express = require('express'); const router = express.Router(); var { User } = require('../models/user'); var sendemail = require('../sendemail'); const tools = require('../tools/general'); const shared_consts = require('../tools/shared_nodejs'); var server_constants = require('../tools/server_constants'); const _ = require('lodash'); var reg = require('../reg/registration'); var { authenticate } = require('../middleware/authenticate'); var mongoose = require('mongoose'); const Subscription = mongoose.model('subscribers'); function existSubScribe(userId, access, browser) { return Subscription.findOne({ userId, access, browser }) .then(itemsub => { return itemsub }) .catch(err => { return null }) } // POST /users router.post('/', (req, res) => { tools.mylog("POST /users"); const body = _.pick(req.body, ['email', 'password', 'username', 'name', 'surname', 'idapp', 'keyappid', 'lang']); const user = new User(body); // tools.mylog("LANG PASSATO = " + user.lang, "IDAPP", user.idapp); user.linkreg = reg.getlinkregByEmail(body.idapp, body.email, body.username); user.verified_email = false; user.ipaddr = reg.getiPAddressUser(req); if (tools.testing()) { user.verified_email = true; } user.save().then(() => { User.findByUsername(user.idapp, user.username) .then((usertrovato) => { tools.mylog("TROVATO USERNAME ? ", user.username, usertrovato); if (usertrovato !== null) { return user.generateAuthToken(req); } else { res.status(11100).send(); return 0; } }).then((token) => { // tools.mylog("passo il TOKEN: ", token); res.header('x-auth', token).send(user); // tools.mylog("LINKREG = " + user.linkreg); // Invia un'email all'utente // tools.mylog('process.env.TESTING_ON', process.env.TESTING_ON); console.log('res.locale', res.locale); if (!tools.testing()) { sendemail.sendEmail_Registration(user.lang, user.email, user, user.idapp, user.linkreg); } }); }).catch((e) => { res.status(400).send(e); }) }); router.get('/:username/:idapp', (req, res) => { var username = req.params.username; const idapp = req.params.idapp; User.findByUsername(idapp, username).then((user) => { if (!user) { return res.status(404).send(); } res.status(200).send(); }).catch((e) => { res.status(400).send(); }); }); router.patch('/:id', authenticate, (req, res) => { const id = req.params.id; const body = _.pick(req.body.user, shared_consts.fieldsUserToChange()); tools.mylogshow('PATCH USER: ', id); if (!User.isAdmin(req.user)) { // If without permissions, exit return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' }); } User.findByIdAndUpdate(id, { $set: body }).then((user) => { tools.mylogshow(' USER TO MODIFY: ', user); if (!user) { return res.status(404).send(); } else { res.send({ code: server_constants.RIS_CODE_OK, msg: '' }); } }).catch((e) => { tools.mylogserr('Error patch USER: ', e); res.status(400).send(); }) }); router.post('/login', (req, res) => { var body = _.pick(req.body, ['username', 'password', 'idapp', 'keyappid', 'lang']); var user = new User(body); // const subs = _.pick(req.body, ['subs']); tools.mylog("LOGIN: username: " + user.username + " pwd = " + user.password); tools.mylog("user REC:", user); if (body.keyappid !== process.env.KEY_APP_ID) return res.status(400).send(); let resalreadysent = false; User.findByCredentials(user.idapp, user.username, user.password) .then((user) => { tools.mylog("CREDENZIALI ! "); if (!user) { tools.mylogshow("NOT FOUND !"); res.status(404).send({ code: server_constants.RIS_CODE_LOGIN_ERR }); } return user }) .then(user => { if (user) { return user.generateAuthToken(req).then((token) => { var usertosend = User(); usertosend.username = user.username; usertosend.name = user.name; usertosend.surname = user.surname; usertosend.email = user.email; usertosend._id = user._id.toHexString(); usertosend.verified_email = user.verified_email; usertosend.idapp = user.idapp; usertosend.perm = user.perm; usertosend.img = user.img; if (!User.isAdmin(req.user)) { usertosend.ipaddr = user.ipaddr; } // tools.mylog("user.verified_email:" + user.verified_email); tools.mylog("usertosend.userId", usertosend.userId); // tools.mylog("usertosend:"); // tools.mylog(usertosend); return { usertosend, token } }) .then((myris) => { const access = 'auth'; const browser = req.get('User-Agent'); // Check if already exist Subscribe return existSubScribe(myris.usertosend._id, access, browser).then(subscribe => { return (subscribe !== null) }).then(subsExistonDb => { return { usertosend: myris.usertosend, token: myris.token, subsExistonDb } }).catch(err => { return { usertosend: myris.usertosend, token: myris.token, subsExistonDb: false } }) }).then(myris => { console.log('res', myris.token, myris.usertosend); // SEND TOKEN AND CODE RESULT res.header('x-auth', myris.token).send({ usertosend: myris.usertosend, code: server_constants.RIS_CODE_OK, subsExistonDb: myris.subsExistonDb }); // tools.mylog("TROVATOOO!"); tools.mylog('FINE LOGIN') }); } }) .catch((e) => { tools.mylog("ERRORE IN LOGIN: " + e); if (!resalreadysent) res.status(400).send({ code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC }); }); }); router.delete('/me/token', authenticate, (req, res) => { tools.mylog("TOKENREM = " + req.token); req.user.removeToken(req.token).then(() => { res.status(200).send(); }, () => { res.status(400).send(); }); }); router.post('/setperm', authenticate, (req, res) => { const body = _.pick(req.body, ['idapp', 'username', 'perm']); tools.mylog("SETPERM = " + req.token); User.setPermissionsById(res.user._id, body).then(() => { res.status(200).send(); }, () => { res.status(400).send(); }); }); module.exports = router;