UNPKG

flexbiz-server

Version:

Flexible Server

65 lines (64 loc) 33 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
'use strict';const User=global.getModel("user"),Participant=global.getModel("participant"),UserGroup=global.getModel("usergroup"),Customer=global.getModel("customer"),axios=require("axios"),log=global.getModel("log"),App=global.getModel("app"),Wallet=global.getModel("wallet"),Token=global.getModel("token"),BasicStrategy=require("passport-http").BasicStrategy,_crypto=require("crypto"),validator=require("validator"),email=require("../libs/email"),loadTemplate=require("../libs/load-template"),permission= require("../libs/permission"),OTP=global.getModel("otp"),DIGITS="0123456789",jwt=require("jsonwebtoken"),redisCache=require("../libs/redis-cache"),utils=require("../libs/utils"),Controler=require("../controllers/controller"),{isValidObjectId}=require("mongoose"),moment=require("moment"),querystring=require("querystring"),total_time_wait_login=36E5,total_time_try_login=3;function generateOTP(){let $OTP$$="";for(let $i$$=0;6>$i$$;$i$$++)$OTP$$+=DIGITS[Math.floor(10*Math.random())];return $OTP$$} function generateToken($accessToken_user$$){var $body_n$$={email:$accessToken_user$$.email};configs.APP_SECRET?$accessToken_user$$=jwt.sign({user:$body_n$$},configs.APP_SECRET):($body_n$$=new Date,$accessToken_user$$=_crypto.createHash("md5").update($accessToken_user$$.email+$body_n$$.toISOString()).digest("hex"));return $accessToken_user$$} function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})} function findByUsername($username$$,$fn$$){if(!$username$$)return $fn$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");User.findOne({$or:[{email:$username$$},{"local.phone":$username$$}]},function($error$$,$result$$){return!$error$$&&$result$$&&$result$$.local?$fn$$(null,$result$$):$fn$$($error$$||`T\u00e0i kho\u1ea3n ${$username$$} kh\u00f4ng t\u1ed3n t\u1ea1i`)})} async function addUserToApp($user$$,$body$$,$par_session_created_ug$$){if($body$$.id_app){if(!await App.findById($body$$.id_app))throw console.error("Can't find app",$body$$.id_app),"Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y th\u00f4ng tin c\u00f4ng ty n\u00e0y";$user$$.current_id_app=$body$$.id_app;$par_session_created_ug$$=await Participant.asyncCreateParticipant({id_app:$body$$.id_app,name:$body$$.name||$user$$.email,email:$body$$.email,group_id:$body$$.group_id,active:!0,session_created:$par_session_created_ug$$}); let $cust$$;await global.getModel("customer").findOne({id_app:$body$$.id_app,of_user:$user$$.email},{_id:1}).lean()||($cust$$={ten_kh:$body$$.name||$user$$.email,email:validator.isEmail($user$$.email)?$user$$.email:void 0},$body$$.customer_info&&($cust$$={...$cust$$,...$body$$.customer_info}),$cust$$.ten_kh||($cust$$.ten_kh=$body$$.name||$user$$.email),$cust$$={...$cust$$,id_app:$body$$.id_app,user_created:$user$$.email,user_updated:$user$$.email,kh_yn:!0,of_user:$user$$.email},$par_session_created_ug$$&& $par_session_created_ug$$.group_id&&($par_session_created_ug$$=await global.getModel("usergroup").findOne({id_app:$body$$.id_app,_id:$par_session_created_ug$$.group_id},{nh_kh:1}),$cust$$.nh_kh=($par_session_created_ug$$||{}).nh_kh));if($body$$.introduce_code){let $contrIntroducer$$=global.controllers.INTRODUCER;await new Promise(($rs$$,$rj$$)=>{Controler.create($user$$,$contrIntroducer$$,{introduce_code:$body$$.introduce_code},($e$$,$intr$$)=>{if($e$$)return $rj$$($e$$.message||$e$$.error||$e$$); $cust$$&&($cust$$.phu_trach=$intr$$.be_introduced_by);$rs$$()})})}$cust$$&&await Customer.asyncCreateCustomer($cust$$)}} module.exports=async function($app$jscomp$0$$,$passport$$){const $rateLimiter$$=await global.createRateLimiterMiddleware(configs.limitRequest.auth||{},"auth");$passport$$.use(new BasicStrategy(function($username$$,$password$$,$done$$){if(!$username$$)return $done$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");$username$$=$username$$.trim();let $id_app$$;if(0<$username$$.indexOf("@app=")){const $user_app$$=$username$$.split("@app=");$username$$=$user_app$$[0];$id_app$$=$user_app$$[1]}$username$$= $username$$.toLowerCase();setImmediate(function(){findByUsername($username$$,async function($err_pars_pars$$,$user$$){if($err_pars_pars$$)return $done$$($err_pars_pars$$);if(!$user$$)return $done$$("T\u00e0i kho\u1ea3n "+$username$$+" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd.");if(0==$user$$.status)return $done$$("T\u00e0i kho\u1ea3n n\u00e0y kh\u00f4ng c\u00f2n hi\u1ec7u l\u1ef1c");if($user$$.local.rspassword)if($user$$.validRspassword($password$$))$user$$.local.password=$user$$.local.rspassword, $user$$.local.rspassword=void 0,User.findOneAndUpdate({email:$user$$.email},{local:$user$$.local},($e$$,$rs$$)=>{if($e$$)return console.error("Can't update password",$user$$.email,$e$$);console.log("updated new password",$user$$.email,$rs$$)});else{if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$= await $user$$.getAppOfPassword($password$$),0<$err_pars_pars$$.length?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}else{if(!$user$$.local.password)return $done$$("M\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i. H\u00e3y s\u1eed d\u1ee5ng t\u00ednh n\u0103ng kh\u00f4i ph\u1ee5c m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y"); if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$=await $user$$.getAppOfPassword($password$$),0<$err_pars_pars$$.length?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null, $user$$)})})}));$app$jscomp$0$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,async($headers_req$$,$res$$)=>{var $address_receive_otp_app$jscomp$2_id_app$$=$headers_req$$.params.address_receive_otp.trim().toLowerCase();console.log("send otp to",$address_receive_otp_app$jscomp$2_id_app$$);if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$headers_req$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($headers_req$$.query["g-recaptcha-response"])}catch($e$$){return console.error("Can't verify recaptcha when send otp", $e$$),$res$$.status(400).send($e$$.messag||$e$$.error||$e$$)}}var $data_u$$=await User.findOne({$or:[{email:$address_receive_otp_app$jscomp$2_id_app$$},{"local.phone":$address_receive_otp_app$jscomp$2_id_app$$}]});if(!$data_u$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n ${$address_receive_otp_app$jscomp$2_id_app$$} kh\u00f4ng t\u1ed3n t\u1ea1i`});const $username$$=$data_u$$.email;var $message_message$jscomp$1_otp_code$jscomp$1_url$$=generateOTP();let $phone$$;$address_receive_otp_app$jscomp$2_id_app$$!= $username$$&&utils.isMobilePhone($address_receive_otp_app$jscomp$2_id_app$$)?$phone$$=$address_receive_otp_app$jscomp$2_id_app$$:utils.isMobilePhone($username$$)?$phone$$=$username$$:utils.isMobilePhone(($data_u$$.local||{}).phone||"")&&($phone$$=($data_u$$.local||{}).phone);let $optObject$$;try{$optObject$$=await saveOTP($username$$,$message_message$jscomp$1_otp_code$jscomp$1_url$$)}catch($e$$){return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 t\u1ea1o m\u00e3 OTP"})}if($phone$$){if(($address_receive_otp_app$jscomp$2_id_app$$= $headers_req$$.query.id_app)&&isValidObjectId($address_receive_otp_app$jscomp$2_id_app$$)&&($address_receive_otp_app$jscomp$2_id_app$$=await global.getModel("app").findOne({_id:$address_receive_otp_app$jscomp$2_id_app$$}))&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_otp_template_id&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_app_id&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_secret_key&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_refresh_token){const {zalo_otp_template_id:$zalo_otp_template_id$$, zalo_app_id:$zalo_app_id$$,zalo_secret_key:$zalo_secret_key$$,zalo_refresh_token:$zalo_refresh_token$$,zalo_expires_in:$zalo_expires_in$$,zalo_updated:$zalo_updated$$}=$address_receive_otp_app$jscomp$2_id_app$$;if(moment().diff(moment($zalo_updated$$),"seconds")>$zalo_expires_in$$+1E3){$headers_req$$={"Content-Type":"application/x-www-form-urlencoded",secret_key:$zalo_secret_key$$};$data_u$$={refresh_token:$zalo_refresh_token$$,app_id:$zalo_app_id$$,grant_type:"refresh_token"};try{let $rs$$=await axios.post("https://oauth.zaloapp.com/v4/oa/access_token", querystring.stringify($data_u$$),{headers:$headers_req$$});if($rs$$.data.error)return $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP. L\u1ed7i: ${$rs$$.data.message}`});let $zalo_token$$=$rs$$.data;$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token=$zalo_token$$.access_token;$address_receive_otp_app$jscomp$2_id_app$$.zalo_refresh_token=$zalo_token$$.refresh_token;$address_receive_otp_app$jscomp$2_id_app$$.zalo_expires_in=$zalo_token$$.expires_in;$address_receive_otp_app$jscomp$2_id_app$$.zalo_updated= new Date;await $address_receive_otp_app$jscomp$2_id_app$$.save()}catch($e$$){return $message_message$jscomp$1_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,console.error("Can't get access token from zalo",$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}}try{const $headers$$= {"Content-Type":"application/json",access_token:$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token};$phone$$="84"+$phone$$.toString().substring(1);let $rs$$=await axios({method:"post",url:"https://business.openapi.zalo.me/message/template",data:{phone:$phone$$,template_id:$zalo_otp_template_id$$,template_data:{otp:$message_message$jscomp$1_otp_code$jscomp$1_url$$},tracking_id:$optObject$$._id.toString()},headers:$headers$$});return $rs$$.data.error?$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP t\u1edbi ${$phone$$}. L\u1ed7i: ${$rs$$.data.message}`}): $res$$.send($optObject$$.toObject())}catch($e$$){return $message_message$jscomp$1_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,console.error("Can't send message from zalo",$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}}if(configs.sms&&(configs.sms.send||configs.sms.genUrlSendOTP))if(configs.sms.send)configs.sms.send($phone$$, $message_message$jscomp$1_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app).then($rs$$=>{$rs$$.error_message?$res$$.status(400).send({error:$rs$$.message||$rs$$.error||$rs$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`}):$res$$.send($optObject$$.toObject())}).catch($e$$=>{$e$$||($e$$={message:"Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP"});console.error("Error send sms",$e$$);$res$$.status(400).send({error:$e$$.ErrorMessage|| $e$$.message||$e$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})});else if($message_message$jscomp$1_otp_code$jscomp$1_url$$=configs.sms.genUrlSendOTP($phone$$,$message_message$jscomp$1_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app))try{await axios.get($message_message$jscomp$1_otp_code$jscomp$1_url$$),$res$$.send($optObject$$.toObject())}catch($e$$){console.error($e$$),$res$$.status(400).send({error:$e$$.message|| $e$$.error||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`});else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}else{let $email_address$$;validator.isEmail($address_receive_otp_app$jscomp$2_id_app$$)&& $address_receive_otp_app$jscomp$2_id_app$$!=$username$$?$email_address$$=$address_receive_otp_app$jscomp$2_id_app$$:validator.isEmail($username$$)?$email_address$$=$username$$:$data_u$$.email2&&validator.isEmail($data_u$$.email2)&&($email_address$$=$data_u$$.email2);$email_address$$?email.sendHtml({to:{address:$email_address$$},subject:"M\u00e3 x\u00e1c th\u1ef1c",html:`Xin vui l\u00f2ng g\u1eedi qu\u00fd kh\u00e1ch m\u00e3 x\u00e1c th\u1ef1c: ${$message_message$jscomp$1_otp_code$jscomp$1_url$$}. M\u00e3 n\u00e0y s\u1ebd h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng sau 5 ph\u00fat.`}, function($error$$){$error$$?(console.error("Error send otp to email",$error$$),$res$$.status(400).send(`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi email ${$username$$}`)):$res$$.send($optObject$$.toObject())},configs.sender_otp):$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}});$app$jscomp$0$$.get("/verify-otp/:id/:otp",$rateLimiter$$,async function($req$$,$res$$){try{const $id$$= $req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$.status(400).send({error:"ID c\u1ee7a m\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng h\u1ee3p l\u1ec7",code:4001});const $otp_code$$=$req$$.params.otp,$otp$$=await OTP.findById($id$$);if(!$otp$$)return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});$otp$$.tried_number=($otp$$.tried_number||0)+1;await $otp$$.save();if($otp$$.otp!=$otp_code$$||$otp$$.verified|| $otp$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",code:4001});await OTP.findOneAndUpdate({_id:$id$$},{verified:!0});let $user$$=await User.findOne({email:$otp$$.phone});if(!$user$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});if(!$user$$.local|| !$user$$.local.active){$user$$.local=$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save(),redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")})}catch($e$$){return console.log("error verify otp, create user",$e$$),$res$$.status(500).send($e$$)}}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"], ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,once:$rs$$.once})})}catch($e$$){console.error("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}});$app$jscomp$0$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$|| "Unauthorized"});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$3_user$$,$res$$)=>{let $data$$=$req$jscomp$3_user$$.body;$req$jscomp$3_user$$=$req$jscomp$3_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$3_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message|| $e$$)}});$app$jscomp$0$$.get("/auth/local",$rateLimiter$$,function($req$$,$res$$,$next$$){let $ip$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).split(".").join("").split(":").join("");var $authorization_password$$=$req$$.headers.authorization;if(!$authorization_password$$)return $res$$.status(400).send({message:"Authorization is required"});$authorization_password$$=Buffer.from($authorization_password$$.replace("Basic ",""),"base64").toString("utf-8");$authorization_password$$= $authorization_password$$.split(":");if(1<$authorization_password$$.length){let $username$$=$authorization_password$$[0].trim().toLowerCase();$authorization_password$$=$authorization_password$$[1].trim();$req$$.query.id_app&&0>$username$$.indexOf("@app=")&&($username$$=`${$username$$}@app=${$req$$.query.id_app}`,$req$$.headers.authorization=`Basic ${Buffer.from($username$$+":"+$authorization_password$$).toString("base64")}`);let $t_session$$="times_login_"+$ip$$+"_"+$username$$.toLowerCase(),$d_session$$= "datetime_login_"+$ip$$+"_"+$username$$.toLowerCase();$req$$.t_session=$t_session$$;$req$$.d_session=$d_session$$;let $now$$=new Date,$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$):($req$$[$t_session$$]=$times_try$$,$req$$[$d_session$$]=$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$]):$req$$[$d_session$$]=$now$$;$req$$=$now$$.getTime()-$d$$.getTime(); if($req$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$req$$)/6E4,2)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$,function($err$$,$reply$$){$reply$$?($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$, $times_try$$),global.clientRedis.set($d_session$$,$now$$));global.clientRedis.get($d_session$$,function($err$jscomp$3_time_wait$$,$reply$$){$reply$$?$d$$=new Date($reply$$):global.clientRedis.set($d_session$$,$now$$);$err$jscomp$3_time_wait$$=$now$$.getTime()-$d$$.getTime();if($err$jscomp$3_time_wait$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+ Math.roundBy((total_time_wait_login-$err$jscomp$3_time_wait$$)/6E4,2)+" ph\u00fat"});$next$$()})})}},function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async function($err$jscomp$4_p$$,$user$$){if($err$jscomp$4_p$$||!$user$$)return $res$$.status(401).send({message:$err$jscomp$4_p$$||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return $res$$.status(401).send({require_verify:!0});if($req$$.query.id_app&&($err$jscomp$4_p$$=await global.getModel("participant").findOne({id_app:$req$$.query.id_app, email:$user$$.email}).lean())&&!$err$jscomp$4_p$$.active&&!$err$jscomp$4_p$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$$,$res$$)=>{let $agent$$=$req$$.headers["user-agent"];$req$$.headers.cookie?($session$jscomp$1_user$$=$req$$.session,$session$jscomp$1_user$$[$req$$.t_session]=0,$session$jscomp$1_user$$[$req$$.d_session]= ""):(global.clientRedis.set($req$$.t_session,0),global.clientRedis.set($req$$.d_session,""));log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);var $session$jscomp$1_user$$=$req$$.user;if($req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)){const $id_app$$=$req$$.query.id_app;let $group_id$$=$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0; const $app$$=await App.findById($id_app$$);var $active_group_query_group$$={id_app:$id_app$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$group_id$$?$active_group_query_group$$._id=$group_id$$:$active_group_query_group$$.default_group=!0;$active_group_query_group$$=await UserGroup.findOne($active_group_query_group$$).lean();if($app$$&&$active_group_query_group$$){$group_id$$=$active_group_query_group$$._id.toString();$active_group_query_group$$=$active_group_query_group$$.not_need_active; try{if(($p$jscomp$3_session_created$$=await Participant.asyncCreateParticipant({id_app:$id_app$$,email:$session$jscomp$1_user$$.email,name:$session$jscomp$1_user$$.name,group_id:$group_id$$,active:$active_group_query_group$$}))&&!$p$jscomp$3_session_created$$.active)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});let $cust$$={ten_kh:$session$jscomp$1_user$$.name||$session$jscomp$1_user$$.email,email:$session$jscomp$1_user$$.email, id_app:$id_app$$,user_created:$session$jscomp$1_user$$.email,user_updated:$session$jscomp$1_user$$.email,kh_yn:!0,of_user:$session$jscomp$1_user$$.email};utils.isMobilePhone($session$jscomp$1_user$$.email,["vi-VN"])&&($cust$$.dien_thoai=$session$jscomp$1_user$$.email);try{await Customer.asyncCreateCustomer($cust$$)}catch($e$$){console.error("Auto create new customer with error:",$e$$.message)}}catch($e$$){return console.error("can't add user",$session$jscomp$1_user$$.email,"to company",$app$$.name), $res$$.status(500).send($e$$)}}}const $accessToken$$=generateToken($session$jscomp$1_user$$);var $p$jscomp$3_session_created$$=($req$$.cookies||{}).uid;$p$jscomp$3_session_created$$&&User.updateOne({email:$session$jscomp$1_user$$.email,session_created:null},{session_created:$p$jscomp$3_session_created$$});(new Token({email:$session$jscomp$1_user$$.email,session_created:$p$jscomp$3_session_created$$,id_apps:$session$jscomp$1_user$$.token_id_apps,only_id_app:$session$jscomp$1_user$$.token_id_app,token:$accessToken$$, agent:$agent$$,ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:!1})).save(function($e$$,$rs$$){if($e$$)return $res$$.status(500).send($e$$);$res$$.send({token:$accessToken$$,once:$rs$$.once})})});$app$jscomp$0$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email;User.findOne({$or:[{email:$email$$},{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().exec(function($e$$,$user$$){if($e$$||!$user$$)return $res$$.status(400).send($e$$|| `T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);$res$$.send($user$$)})});$app$jscomp$0$$.post("/signup",$rateLimiter$$,async($req$$,$res$$)=>{let $body$$=$req$$.body;$body$$.json&&($body$$=JSON.parse($body$$.json));if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"});if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send("id_app kh\u00f4ng h\u1ee3p l\u1ec7");if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$$= $body$$["g-recaptcha-response"]||$req$$.query["g-recaptcha-response"];if(!$app$$)return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($app$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$.error||$e$$)}}let $session_created$$=($req$$.cookies||{}).uid;if($session_created$$&&$body$$.id_app){$app$$=await App.findById($body$$.id_app);if(!$app$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"}); if($app$$.options&&$app$$.options.one_account_per_device&&await Participant.findOne({session_created:$session_created$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"});$body$$.email=$body$$.email.trim().toLowerCase();if(!validator.isEmail($body$$.email)&&!utils.isMobilePhone($body$$.email, ["vi-VN"]))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp ph\u1ea3i l\u00e0 1 \u0111\u1ecba ch\u1ec9 email ho\u1eb7c 1 s\u1ed1 \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng"});if(!$body$$.name)return $res$$.status(400).send({error:"H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp"});if($body$$.introduce_code&&$body$$.id_app&&!await global.getModel("introducecode").findOne({id_app:$body$$.id_app,status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"}); User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]},async function($error$jscomp$1$$,$result$$){if($error$jscomp$1$$)return $res$$.status(400).send($error$jscomp$1$$);if($result$$)if(!$result$$.local||configs.require_verify&&!$result$$.local.active||$result$$.local.email!=$body$$.email)$result$$.local||($result$$.local={});else if($body$$.id_app)try{if(await global.getModel("participant").findOne({id_app:$body$$.id_app,email:$body$$.email}))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n n\u00e0y \u0111\u00e3 t\u1ed3n t\u1ea1i"}); await addUserToApp($result$$,$body$$,$session_created$$);return $res$$.send("T\u00e0i kho\u1ea3n "+$body$$.email+" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd th\u00e0nh c\u00f4ng")}catch($e$$){return await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}),$res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}else return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n "+$body$$.email+" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"}); else $result$$=new User,$result$$.email=$body$$.email,$result$$.local={};$result$$.local.email=$body$$.email;$result$$.local.name=$body$$.name;$result$$.local.active=!configs.require_verify;$result$$.partner=$body$$.partner;$result$$.session_created=$session_created$$;$body$$.email2&&validator.isEmail($body$$.email2)&&($result$$.email2=$body$$.email2);$result$$.name=$result$$.local.name;$body$$.picture?$result$$.local.picture=$body$$.picture:$result$$.local.picture||($result$$.local.picture="/images/avatar.jpg"); let $password$$;if($body$$.password){if($body$$.rePassword!==$body$$.password)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($body$$.password))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"});$password$$=$body$$.password}else $password$$= _crypto.createHash("md5").update($result$$.email+(new Date).toISOString()).digest("hex");$result$$.local.password=$result$$.generateHash($result$$.email+$password$$);$result$$.save(async function($app$jscomp$5_error$$,$newUser$$){if($app$jscomp$5_error$$)return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"});log.create({id_app:"SIGNUP",id_func:"SIGNUP",action:"SIGNUP"},$result$$.email,$req$$.header("user-agent"),$req$$);if($body$$.cty_name){$app$jscomp$5_error$$=new App; $app$jscomp$5_error$$.user_created=$result$$.email;$app$jscomp$5_error$$.user_updated=$result$$.email;$app$jscomp$5_error$$.name=$body$$.cty_name;var $d$jscomp$1_now$$=new Date;$app$jscomp$5_error$$.ngay_dn=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$app$jscomp$5_error$$.ngay_ks=new Date($d$jscomp$1_now$$.getFullYear()-1,12,0);$app$jscomp$5_error$$.nam_bd=$d$jscomp$1_now$$.getFullYear();$app$jscomp$5_error$$.ngay_ky1=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$d$jscomp$1_now$$=new Date;$d$jscomp$1_now$$.setMonth($d$jscomp$1_now$$.getMonth()+ 3);$app$jscomp$5_error$$.expire_date=new Date($d$jscomp$1_now$$);$app$jscomp$5_error$$.save(function($error$jscomp$0$$,$obj$$){if($error$jscomp$0$$)return console.log("Khong tao duoc new app: "+$error$jscomp$0$$);require("../libs/initDatabase").init($obj$$._id,function($error$$){$error$$&&console.log("Can't init database \n"+$error$$)})})}try{await addUserToApp($newUser$$,$body$$,$session_created$$)}catch($e$$){return await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}), await User.deleteOne({email:$body$$.email}),$res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}let $accessToken$$;if($newUser$$.local.active)try{$accessToken$$=generateToken($newUser$$),await (new Token({email:$newUser$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:!1})).save()}catch($e$$){console.error("can't gen new token for new user:"+$newUser$$.email, $e$$)}validator.isEmail($body$$.email)&&!$body$$.password?(loadTemplate("thong tin dang nhap.html",{email:$result$$.email,password:$password$$,receiver_name:$body$$.name},function($error$jscomp$0$$,$html$$){if($error$jscomp$0$$)return console.log($error$jscomp$0$$);email.sendHtml({to:{name:$result$$.name,address:$result$$.email},subject:"Th\u00f4ng tin t\u00e0i kho\u1ea3n",html:$html$$},function($error$$){$error$$&&console.error("Khong the gui email thon tin tai khoan cho nguoi dung\n"+$error$$)})}), $res$$.send({msg:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp",token:$accessToken$$,active:$newUser$$.local.active})):$res$$.send({msg:"T\u00e0i kho\u1ea3n "+$body$$.email+" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o",token:$accessToken$$,active:$newUser$$.local.active})})})});$app$jscomp$0$$.get("/resetpassword",$rateLimiter$$,async($req$$,$res$$)=>{if(configs.GOOGLE_RECAPTCHA_SECRET_KEY)try{await permission.verifyReCaptcha($req$$.query["g-recaptcha-response"])}catch($e$$){return $res$$.status(400).send($e$$.message|| $e$$.error||$e$$)}let $address$$=$req$$.query.email;if(!$address$$)return $res$$.status(400).send("Y\u00eau c\u1ea7u m\u1ed9t \u0111\u1ecba ch\u1ec9 email ho\u1eb7c s\u1ed1 \u0111i\u1ec7n tho\u1ea1i");$address$$=$address$$.toLowerCase();User.findOne({$or:[{"local.email":$address$$},{email:$address$$},{email2:$address$$}]},function($error$jscomp$2$$,$result$$){if($error$jscomp$2$$)return $res$$.status(400).send($error$jscomp$2$$);if(!$result$$)return $res$$.status(400).send(`T\u00e0i kho\u1ea3n ${$address$$} ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`); let $newpassword$$=_crypto.createHash("md5").update((new Date).toISOString()).digest("hex");$result$$.local.rspassword=$result$$.generateHash($result$$.email+$newpassword$$);$result$$.save(function($error$jscomp$1$$){if($error$jscomp$1$$)return $res$$.status(400).send($error$jscomp$1$$);loadTemplate("reset mat khau.html",{receiver_name:$result$$.name,email:$result$$.email,password:$newpassword$$},function($error$jscomp$0$$,$html$$){if($error$jscomp$0$$)return $res$$.status(400).send($error$jscomp$0$$); $result$$.email&&validator.isEmail($result$$.email)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?console.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):console.log("send new password to",$result$$.email)});$result$$.email2&&validator.isEmail($result$$.email2)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email2},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u", html:$html$$},function($error$$){$error$$?console.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):console.log("send new password to",$result$$.email)});log.create({id_app:"RESETPASSWORD",id_func:"RESETPASSWORD",action:"RESETPASSWORD"},$result$$.email,$req$$.header("user-agent"),$req$$);$res$$.send("M\u1eadt kh\u1ea9u c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u1ed5i th\u00e0nh c\u00f4ng. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y m\u1eadt kh\u1ea9u m\u1edbi, sau \u0111\u00f3 b\u1ea1n n\u00ean \u0111\u1ed5i m\u1eadt kh\u1ea9u n\u00e0y")})})})})};