const express = require('express'); const router = express.Router(); const { User } = require('../models/user'); const { ExtraList } = require('../models/extralist'); const sendemail = require('../sendemail'); const tools = require('../tools/general'); const shared_consts = require('../tools/shared_nodejs'); const server_constants = require('../tools/server_constants'); const telegrambot = require('../telegram/telegrambot'); const _ = require('lodash'); const reg = require('../reg/registration'); const { authenticate } = require('../middleware/authenticate'); const mongoose = require('mongoose'); const Subscription = mongoose.model('subscribers'); function existSubScribe(userId, access, browser) { return Subscription.findOne({ userId, access, browser }) .then(itemsub => { return itemsub }) .catch(err => { return null }) } function getMobileComplete(user) { let str = user.profile.intcode_cell + user.profile.cell; str = str.replace(/\s+/g, ''); // str = str.replace(/.+/g, ''); // str = str.replace(/-+/g, ''); return str } // POST /users router.post('/', async (req, res) => { tools.mylog("POST /users"); const body = _.pick(req.body, ['email', 'password', 'username', 'name', 'surname', 'idapp', 'keyappid', 'lang', 'profile', 'aportador_solidario']); const user = new User(body); // tools.mylog("LANG PASSATO = " + user.lang, "IDAPP", user.idapp); user.linkreg = reg.getlinkregByEmail(body.idapp, body.email, body.username); user.verified_email = false; user.ipaddr = reg.getiPAddressUser(req); user.lasttimeonline = new Date(); user.date_reg = new Date(); user.date_temp_reg = new Date(); // user.perm = 3; if (tools.testing()) { user.verified_email = true; } let exit; // Check if already esist email or username exit = await User.findByUsername(user.idapp, user.username).then((useralreadyexist) => { if (useralreadyexist) { res.status(400).send({ code: server_constants.RIS_CODE_USERNAME_ALREADY_EXIST, msg: '' }); return 1; } }); if (exit === 1) return; exit = await User.findByEmail(user.idapp, user.email) .then((useralreadyexist) => { if (useralreadyexist) { res.status(400).send({ code: server_constants.RIS_CODE_EMAIL_ALREADY_EXIST, msg: '' }); return 1; } }); if (exit === 1) return; let recextra = null; recextra = await ExtraList.findByCellAndNameSurname(user.idapp, getMobileComplete(user), user.name, user.surname); let nomeaportador_corretto = ""; if (recextra) { nomeaportador_corretto = recextra.aportador_solidario_name_surname; if (nomeaportador_corretto === '') nomeaportador_corretto = recextra.aportador_solidario_originale_name_surname; } namesurname_aportador_reg = await User.getNameSurnameByUsername(user.idapp, user.aportador_solidario); if (recextra && namesurname_aportador_reg !== '' && namesurname_aportador_reg !== nomeaportador_corretto) { // Si sta tentando di registrare una persona sotto che non corrisponde! let msg = 'L\'utente ' + user.name + ' ' + user.surname + ' si sta registrando con il link di ' + user.aportador_solidario + ' (' + namesurname_aportador_reg + ') ' + 'invece รจ assegnato a ' + nomeaportador_corretto; telegrambot.sendMsgTelegramToTheManagers(user.idapp, msg); res.status(400).send({ code: server_constants.RIS_CODE_USER_NOT_THIS_APORTADOR, msg: '' }); return 1; } const already_registered = recextra; // Check if is an other people aportador_solidario if (already_registered) { // Check in the extraList if is present! if (!recextra) { res.status(400).send({ code: server_constants.RIS_CODE_USER_EXTRALIST_NOTFOUND, msg: '' }); return 1; } else { user.ind_order = recextra.ind_order; user.date_reg = recextra.date_reg; if (recextra.aportador_solidario_name_surname) user.aportador_solidario_nome_completo = recextra.aportador_solidario_name_surname; else user.aportador_solidario_nome_completo = recextra.aportador_solidario_originale_name_surname; user.aportador_solidario_ind_order = recextra.aportador_solidario_ind_order; user.note = recextra.note; if (recextra.is_staff) { user.perm = shared_consts.Permissions.Manager; } if (recextra.username === 'paoloar77') { user.perm = shared_consts.Permissions.Manager + shared_consts.Permissions.Admin; } const useraportador = await ExtraList.findByIndOrder(user.idapp, user.aportador_solidario_ind_order); if (useraportador) user.aportador_solidario = useraportador.username; } } return await user.save() .then(async () => { return await User.findByUsername(user.idapp, user.username) .then((usertrovato) => { // tools.mylog("TROVATO USERNAME ? ", user.username, usertrovato); if (usertrovato !== null) { return user.generateAuthToken(req); } else { res.status(400).send(); return 0; } }) .then(async (token) => { // tools.mylog("passo il TOKEN: ", token); if (recextra) { recextra.registered = true; recextra.username = user.username; await recextra.save(); await User.fixUsername(user.idapp, user.ind_order, user.username); } return token; }) .then(async (token) => { // tools.mylog("LINKREG = " + user.linkreg); // Invia un'email all'utente // tools.mylog('process.env.TESTING_ON', process.env.TESTING_ON); console.log('res.locale', res.locale); if (!tools.testing()) { await sendemail.sendEmail_Registration(user.lang, user.email, user, user.idapp, user.linkreg); } res.header('x-auth', token).send(user); return true; }); }).catch((e) => { res.status(400).send(e); }) }); router.get('/:idapp/:username', (req, res) => { var username = req.params.username; const idapp = req.params.idapp; User.findByUsername(idapp, username).then((user) => { if (!user) { return res.status(404).send(); } res.status(200).send(); }).catch((e) => { res.status(400).send(); }); }); router.patch('/:id', authenticate, (req, res) => { const id = req.params.id; const body = _.pick(req.body.user, shared_consts.fieldsUserToChange()); tools.mylogshow('PATCH USER: ', id); if (!User.isAdmin(req.user.perm)) { // If without permissions, exit return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' }); } User.findByIdAndUpdate(id, { $set: body }).then((user) => { tools.mylogshow(' USER TO MODIFY: ', user); if (!user) { return res.status(404).send(); } else { res.send({ code: server_constants.RIS_CODE_OK, msg: '' }); } }).catch((e) => { tools.mylogserr('Error patch USER: ', e); res.status(400).send(); }) }); router.post('/login', (req, res) => { var body = _.pick(req.body, ['username', 'password', 'idapp', 'keyappid', 'lang']); var user = new User(body); // const subs = _.pick(req.body, ['subs']); // tools.mylog("LOGIN: username: " + user.username + " pwd = " + user.password); // tools.mylog("user REC:", user); if (body.keyappid !== process.env.KEY_APP_ID) return res.status(400).send(); let resalreadysent = false; User.findByCredentials(user.idapp, user.username, user.password) .then((user) => { // tools.mylog("CREDENZIALI ! "); if (!user) { tools.mylogshow("NOT FOUND !"); res.status(404).send({ code: server_constants.RIS_CODE_LOGIN_ERR }); } return user }) .then(user => { if (user) { return user.generateAuthToken(req).then((token) => { var usertosend = User(); shared_consts.fieldsUserToChange().forEach((field) => { usertosend[field] = user[field] }); // usertosend._id = user._id.toHexString(); // if (!User.isAdmin(req.user)) { // usertosend.ipaddr = user.ipaddr; // } // tools.mylog("user.verified_email:" + user.verified_email); // tools.mylog("usertosend.userId", usertosend.userId); return { usertosend, token } }) .then((myris) => { const access = 'auth'; const browser = req.get('User-Agent'); // Check if already exist Subscribe return existSubScribe(myris.usertosend._id, access, browser).then(subscribe => { return (subscribe !== null) }).then(subsExistonDb => { return { usertosend: myris.usertosend, token: myris.token, subsExistonDb } }).catch(err => { return { usertosend: myris.usertosend, token: myris.token, subsExistonDb: false } }) }).then(myris => { // console.log('res', myris.token, myris.usertosend); // SEND TOKEN AND CODE RESULT res.header('x-auth', myris.token).send({ usertosend: myris.usertosend, code: server_constants.RIS_CODE_OK, subsExistonDb: myris.subsExistonDb }); // tools.mylog("TROVATOOO!"); // tools.mylog('FINE LOGIN') }); } }) .catch((e) => { tools.mylog("ERRORE IN LOGIN: " + e); if (!resalreadysent) res.status(400).send({ code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC }); }); }); router.delete('/me/token', authenticate, (req, res) => { // tools.mylog("TOKENREM = " + req.token); req.user.removeToken(req.token).then(() => { res.status(200).send(); }, () => { res.status(400).send(); }); }); router.post('/setperm', authenticate, (req, res) => { const body = _.pick(req.body, ['idapp', 'username', 'perm']); tools.mylog("SETPERM = " + req.token); User.setPermissionsById(res.user._id, body).then(() => { res.status(200).send(); }, () => { res.status(400).send(); }); }); router.post('/import_extralist', async (req, res) => { const strdata = req.body.strdata; idapp = req.body.idapp; locale = req.body.locale; const ris = await ExtraList.ImportData(locale, idapp, strdata); console.log('ris', ris); res.send(ris); }); module.exports = router;