235 lines
6.3 KiB
JavaScript
235 lines
6.3 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
|
|
var { authenticate } = require('../middleware/authenticate');
|
|
|
|
const { ObjectID } = require('mongodb');
|
|
|
|
var mongoose = require('mongoose');
|
|
const cfgserver = mongoose.model('cfgserver');
|
|
|
|
const _ = require('lodash');
|
|
|
|
var { User } = require('../models/user');
|
|
|
|
|
|
const tools = require('../tools/general');
|
|
|
|
var server_constants = require('../tools/server_constants');
|
|
|
|
|
|
router.post(process.env.LINKVERIF_REG, (req, res) => {
|
|
var body = _.pick(req.body, ['idapp', 'idlink']);
|
|
var idapp = body.idapp;
|
|
var idlink = body.idlink;
|
|
console.log("LINKVERIF_REG POST " + process.env.LINKVERIF_REG + " idapp= " + idapp + " idlink = " + idlink);
|
|
|
|
// Cerco l'idlink se è ancora da Verificare
|
|
|
|
User.findByLinkreg(idapp, idlink).then((user) => {
|
|
if (!user) {
|
|
//console.log("NON TROVATO!");
|
|
return res.status(404).send();
|
|
} else {
|
|
if (user.verified_email) {
|
|
res.send({
|
|
code: server_constants.RIS_CODE_EMAIL_ALREADY_VERIFIED,
|
|
msg: res.__("L'Email è già stata Verificata.")
|
|
});
|
|
} else {
|
|
user.verified_email = true;
|
|
user.save().then(() => {
|
|
//console.log("TROVATOOOOOO!");
|
|
res.send({ code: server_constants.RIS_CODE_EMAIL_VERIFIED, msg: res.__('Email Verificata!') });
|
|
});
|
|
}
|
|
}
|
|
}).catch((e) => {
|
|
console.log(e);
|
|
res.status(400).send();
|
|
});
|
|
|
|
});
|
|
|
|
|
|
// Faccio richiesta di una Nuova Password
|
|
router.post(process.env.LINK_REQUEST_NEWPASSWORD, (req, res) => {
|
|
var body = _.pick(req.body, ['idapp', 'email']);
|
|
var idapp = body.idapp;
|
|
var email = body.email;
|
|
console.log("POST " + process.env.LINK_REQUEST_NEWPASSWORD + " idapp= " + idapp + " email = " + email);
|
|
|
|
User.findByEmail(idapp, email).then((user) => {
|
|
if (!user) {
|
|
return res.status(404).send();
|
|
} else {
|
|
// Creo il tokenforgot
|
|
user.tokenforgot = jwt.sign(user._id.toHexString(), process.env.SIGNCODE).toString();
|
|
user.date_tokenforgot = new Date();
|
|
user.save().then(() => {
|
|
sendemail.sendEmail_RequestNewPassword(res.locale, user.email, user.idapp, user.tokenforgot);
|
|
res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
|
|
});
|
|
}
|
|
}).catch((e) => {
|
|
console.log(e);
|
|
res.status(400).send();
|
|
res.send({ code: server_constants.RIS_CODE_ERR, msg: e });
|
|
});
|
|
|
|
});
|
|
|
|
router.get(process.env.LINK_CHECK_UPDATES, authenticate, (req, res) => {
|
|
const userId = req.user._id;
|
|
|
|
console.log("POST " + process.env.LINK_CHECK_UPDATES + " userId=" + userId);
|
|
|
|
if (!ObjectID.isValid(userId)) {
|
|
return res.status(404).send();
|
|
}
|
|
|
|
cfgserver.find().then((arrcfgrec) => {
|
|
|
|
if (!arrcfgrec)
|
|
return res.status(404).send();
|
|
|
|
// ++Todo: Add to Log Stat ....
|
|
|
|
if (req.user) {
|
|
// If User is Admin, then send user Lists
|
|
if (User.isAdmin(req.user)) {
|
|
// Send UsersList
|
|
return User.getUsersList(req.user.idapp).then(usersList => {
|
|
return res.send({ cfgServer: arrcfgrec, usersList });
|
|
})
|
|
}
|
|
}
|
|
|
|
res.send({ cfgServer: arrcfgrec });
|
|
|
|
}).catch((e) => {
|
|
console.log(e);
|
|
res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: e });
|
|
});
|
|
|
|
});
|
|
|
|
|
|
// Invio la Nuova Password richiesta dal reset!
|
|
// Ritorna il token per poter effettuare le chiamate...
|
|
router.post(process.env.LINK_UPDATE_PASSWORD, (req, res) => {
|
|
var body = _.pick(req.body, ['idapp', 'email', 'tokenforgot', 'password']);
|
|
var idapp = body.idapp;
|
|
var email = body.email;
|
|
var tokenforgot = body.tokenforgot;
|
|
var password = body.password;
|
|
console.log("POST " + process.env.LINK_UPDATE_PASSWORD + " idapp= " + idapp + " email = " + email + " tokenforgot = " + tokenforgot);
|
|
|
|
User.findByLinkTokenforgot(idapp, email, tokenforgot).then((user) => {
|
|
if (!user) {
|
|
return res.status(404).send();
|
|
} else {
|
|
// aggiorna la nuova password
|
|
user.password = password;
|
|
|
|
// Crea token
|
|
user.generateAuthToken(req).then(token => {
|
|
user.tokenforgot = ''; // Svuota il tokenforgot perché non ti servirà più...
|
|
|
|
// Salva lo User
|
|
user.save().then(() => {
|
|
res.header('x-auth', token).send({user}); // Ritorna il token di ritorno
|
|
});
|
|
})
|
|
}
|
|
}).catch((e) => {
|
|
console.log(e);
|
|
res.status(400).send();
|
|
});
|
|
|
|
});
|
|
|
|
function getTableByTableName(tablename) {
|
|
|
|
if (tablename === 'users')
|
|
mytable = User;
|
|
else if (tablename === 'booking')
|
|
mytable = Booking;
|
|
|
|
return mytable
|
|
}
|
|
|
|
router.post('/gettable', authenticate, (req, res) => {
|
|
const params = req.body;
|
|
const mytable = getTableByTableName(params.table);
|
|
|
|
return mytable.queryTable(req.user.idapp, params).then(ris => {
|
|
// tools.mylog('list', ris);
|
|
return res.send(ris);
|
|
}).catch((e) => {
|
|
console.log(e);
|
|
res.status(400).send(e);
|
|
});
|
|
|
|
});
|
|
|
|
router.patch('/chval', authenticate, (req, res) => {
|
|
// const idapp = req.body.idapp;
|
|
const id = req.body.data.id;
|
|
const mydata = req.body.data;
|
|
|
|
const mytable = getTableByTableName(mydata.table);
|
|
const fieldsvalue = mydata.fieldsvalue;
|
|
|
|
tools.mylogshow('PATCH CHVAL: ', id);
|
|
|
|
if (!User.isAdmin(req.user) && !User.isManager(req.user)) {
|
|
// If without permissions, exit
|
|
return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' });
|
|
}
|
|
|
|
mytable.findByIdAndUpdate(id, { $set: fieldsvalue }).then((rec) => {
|
|
tools.mylogshow(' REC TO MODIFY: ', rec);
|
|
if (!rec) {
|
|
return res.status(404).send();
|
|
} else {
|
|
res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
|
|
}
|
|
|
|
}).catch((e) => {
|
|
tools.mylogserr('Error patch USER: ', e);
|
|
res.status(400).send();
|
|
})
|
|
});
|
|
|
|
router.delete('/delrec/:table/:id', authenticate, (req, res) => {
|
|
const id = req.params.id;
|
|
const tablename = req.params.table;
|
|
// const idapp = req.body.idapp;
|
|
|
|
console.log('id', id , 'table', tablename);
|
|
|
|
const mytable = getTableByTableName(tablename);
|
|
|
|
if (!User.isAdmin(req.user) && !User.isManager(req.user)) {
|
|
// If without permissions, exit
|
|
return res.status(404).send({ code: server_constants.RIS_CODE_ERR_UNAUTHORIZED, msg: '' });
|
|
}
|
|
|
|
mytable.findByIdAndRemove(id).then((rec) => {
|
|
if (!rec) {
|
|
return res.status(404).send();
|
|
}
|
|
|
|
tools.mylog('DELETED ', rec._id);
|
|
|
|
res.send({ code: server_constants.RIS_CODE_OK, msg: '' });
|
|
}).catch((e) => {
|
|
res.status(400).send();
|
|
});
|
|
});
|
|
|
|
|
|
|
|
module.exports = router;
|