const express = require('express'); const router = express.Router(); var { authenticate } = require('../middleware/authenticate'); const { ObjectID } = require('mongodb'); var mongoose = require('mongoose'); const cfgserver = mongoose.model('cfgserver'); const _ = require('lodash'); var { User } = require('../models/user'); const tools = require('../tools/general'); var server_constants = require('../tools/server_constants'); router.post(process.env.LINKVERIF_REG, (req, res) => { var body = _.pick(req.body, ['idapp', 'idlink']); var idapp = body.idapp; var idlink = body.idlink; console.log("LINKVERIF_REG POST " + process.env.LINKVERIF_REG + " idapp= " + idapp + " idlink = " + idlink); // Cerco l'idlink se è ancora da Verificare User.findByLinkreg(idapp, idlink).then((user) => { if (!user) { //console.log("NON TROVATO!"); return res.status(404).send(); } else { if (user.verified_email) { res.send({ code: server_constants.RIS_CODE_EMAIL_ALREADY_VERIFIED, msg: res.__("L'Email è già stata Verificata.") }); } else { user.verified_email = true; user.save().then(() => { //console.log("TROVATOOOOOO!"); res.send({ code: server_constants.RIS_CODE_EMAIL_VERIFIED, msg: res.__('Email Verificata!') }); }); } } }).catch((e) => { console.log(e); res.status(400).send(); }); }); // Faccio richiesta di una Nuova Password router.post(process.env.LINK_REQUEST_NEWPASSWORD, (req, res) => { var body = _.pick(req.body, ['idapp', 'email']); var idapp = body.idapp; var email = body.email; console.log("POST " + process.env.LINK_REQUEST_NEWPASSWORD + " idapp= " + idapp + " email = " + email); User.findByEmail(idapp, email).then((user) => { if (!user) { return res.status(404).send(); } else { // Creo il tokenforgot user.tokenforgot = jwt.sign(user._id.toHexString(), process.env.SIGNCODE).toString(); user.date_tokenforgot = new Date(); user.save().then(() => { sendemail.sendEmail_RequestNewPassword(res.locale, user.email, user.idapp, user.tokenforgot); res.send({ code: server_constants.RIS_CODE_OK, msg: '' }); }); } }).catch((e) => { console.log(e); res.status(400).send(); res.send({ code: server_constants.RIS_CODE_ERR, msg: e }); }); }); router.get(process.env.LINK_CHECK_UPDATES, authenticate, (req, res) => { const userId = req.user._id; console.log("POST " + process.env.LINK_CHECK_UPDATES + " userId=" + userId); if (!ObjectID.isValid(userId)) { return res.status(404).send(); } cfgserver.find().then((arrcfgrec) => { if (!arrcfgrec) return res.status(404).send(); // ++Todo: Add to Log Stat .... if (req.user) { // If User is Admin, then send user Lists if (User.isAdmin(req.user)) { // Send UsersList return User.getUsersList(req.user.idapp).then(usersList => { return res.send({ cfgServer: arrcfgrec, usersList }); }) } } res.send({ cfgServer: arrcfgrec }); }).catch((e) => { console.log(e); res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: e }); }); }); // Invio la Nuova Password richiesta dal reset! // Ritorna il token per poter effettuare le chiamate... router.post(process.env.LINK_UPDATE_PASSWORD, (req, res) => { var body = _.pick(req.body, ['idapp', 'email', 'tokenforgot', 'password']); var idapp = body.idapp; var email = body.email; var tokenforgot = body.tokenforgot; var password = body.password; console.log("POST " + process.env.LINK_UPDATE_PASSWORD + " idapp= " + idapp + " email = " + email + " tokenforgot = " + tokenforgot); User.findByLinkTokenforgot(idapp, email, tokenforgot).then((user) => { if (!user) { return res.status(404).send(); } else { // aggiorna la nuova password user.password = password; // Crea token user.generateAuthToken(req).then(token => { user.tokenforgot = ''; // Svuota il tokenforgot perché non ti servirà più... // Salva lo User user.save().then(() => { res.header('x-auth', token).send({user}); // Ritorna il token di ritorno }); }) } }).catch((e) => { console.log(e); res.status(400).send(); }); }); function getTableByTableName(tablename) { if (tablename === 'users') mytable = User; else if (tablename === 'booking') mytable = Booking; return mytable } router.post('/gettable', authenticate, (req, res) => { const params = req.body; const mytable = getTableByTableName(params.table); return mytable.queryTable(req.user.idapp, params).then(ris => { // tools.mylog('list', ris); return res.send(ris); }).catch((e) => { console.log(e); res.status(400).send(e); }); }); router.patch('/chval', authenticate, (req, res) => { // const idapp = req.body.idapp; const id = req.body.data.id; const mydata = req.body.data; const mytable = getTableByTableName(mydata.table); const fieldsvalue = mydata.fieldsvalue; tools.mylogshow('PATCH CHVAL: ', id); if (!User.isAdmin(req.user) && !User.isManager(req.user)) { // If without permissions, exit return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' }); } mytable.findByIdAndUpdate(id, { $set: fieldsvalue }).then((rec) => { tools.mylogshow(' REC TO MODIFY: ', rec); if (!rec) { return res.status(404).send(); } else { res.send({ code: server_constants.RIS_CODE_OK, msg: '' }); } }).catch((e) => { tools.mylogserr('Error patch USER: ', e); res.status(400).send(); }) }); router.delete('/delrec/:table/:id', authenticate, (req, res) => { const id = req.params.id; const tablename = req.params.table; // const idapp = req.body.idapp; console.log('id', id , 'table', tablename); const mytable = getTableByTableName(tablename); if (!User.isAdmin(req.user) && !User.isManager(req.user)) { // If without permissions, exit return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' }); } mytable.findByIdAndRemove(id).then((rec) => { if (!rec) { return res.status(404).send(); } tools.mylog('DELETED ', rec._id); res.send({ code: server_constants.RIS_CODE_OK, msg: '' }); }).catch((e) => { res.status(400).send(); }); }); module.exports = router;