UNPKG

flexbiz-server

Version:

Flexible Server

47 lines (46 loc) 24.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
'use strict';const User=global.getModel("user"),log=global.getModel("log"),Customer=global.getModel("customer"),Endpoint=global.getModel("endpoint"),getNotifies=require("../../libs/getNotifies"),redisCache=require("../../libs/redis-cache"),underscore=require("underscore"),async=require("async"),fs=require("fs"),{isSupperAdmin,generatePasswordHash}=require("../../libs/utils"),permission=require("../../libs/permission"),validator=require("validator"),path=require("path"),Token=global.getModel("token"), sharp=require("sharp"),request=require("request"),findByToken=User.findByToken; module.exports=function($router$$){$router$$.route("/user").get(function($req$$,$res$$){const $usersAdmin$$=configs.admins,$access_token$$=$req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,function($e$$,$user$$){if($e$$)return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$});$user$$?($user$$.local=$user$$.local||{},$user$$.address=$user$$.local.address?$user$$.local.address:"",$user$$.phone=$user$$.local.phone? $user$$.local.phone:"",$user$$.use_pin=configs.use_pin_as_otp&&!!$user$$.local.pin,$user$$.token=$access_token$$,$user$$.admin=underscore.contains($usersAdmin$$,$user$$.email)||isSupperAdmin($user$$.email.toLowerCase()),!$user$$.picture&&$user$$.local.picture&&($user$$.picture=$user$$.local.picture),delete $user$$.tokens,delete $user$$.facebook,delete $user$$.google,delete $user$$.password,delete $user$$.pin,delete $user$$.local.pin,delete $user$$.local.rePassword,delete $user$$.local.password,$res$$.send($user$$)): $res$$.status(404).send({error:"Token kh\u00f4ng t\u1ed3n t\u1ea1i"})})});$router$$.route("/profile").get(function($req$$,$res$$){const $email$$=$req$$.query.email,$query$$={};async.parallel({e:function($callback$$){$email$$?($query$$.email=$email$$,User.findOne($query$$).lean().exec(function($error$$,$user$$){if($error$$)return $callback$$($error$$);$callback$$(null,$user$$)})):$callback$$()},t:function($callback$$){$email$$?$callback$$():findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]|| $req$$.connection.remoteAddress,($e$$,$user$$)=>{if($e$$)return $callback$$($e$$);$callback$$(null,$user$$)})}},function($e$jscomp$0$$,$dk$$){if($e$jscomp$0$$)return $res$$.state(400).send({error:$e$jscomp$0$$.message||$e$jscomp$0$$.error||$e$jscomp$0$$});let $user$$=$dk$$.e||$dk$$.t;$user$$?(delete $user$$.local.password,delete $user$$.local.rspassword,delete $user$$.local.pin,delete $user$$.tokens,$user$$.local._id=$user$$._id,$user$$.local.invited=[],$user$$.local.email2=$user$$.email2,$user$$.local.picture|| ($user$$.local.picture="/images/avatar.jpg"),delete $user$$.token,User.find({partner:$user$$._id},{local:1}).lean().exec(async($e$$,$p$$)=>{$p$$&&$p$$.forEach(function($u$$){delete $u$$.local.password;delete $u$$.local.rspassword;delete $u$$.tokens;delete $u$$.token;delete $u$$.local.pin;$user$$.local.invited.push($u$$.local)});$user$$.local.isOnline=await User.isOnline($user$$.email);$res$$.send($user$$.local)})):$res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y th\u00f4ng tin c\u1ee7a t\u00e0i kho\u1ea3n n\u00e0y"})})}); $router$$.route("/avatar").get(function($req$$,$res$$){var $email$$=$req$$.query.email,$query$$={};async.parallel({e:function($callback$$){$email$$&&($query$$.email=$email$$);$callback$$()},t:function($callback$$){$email$$?$callback$$():Token.findOne({token:$req$$.query.access_token},function($e$$,$t$$){if($e$$)return $callback$$($e$$);$t$$&&($query$$.email=$t$$.email);$callback$$()})}},function($e$$){if($e$$)return $res$$.status(400).send({error:$e$$});let $size$$=Number($req$$.query.size)||240; $query$$.email||($query$$.tokens=$req$$.query.access_token);User.findOne($query$$,{picture:1}).lean().exec(async function($error$$,$_gm_imgPath_user$$){if($error$$)return $res$$.status(400).send($error$$);$error$$=configs.paths.images||path.join(path.dirname(path.dirname(__dirname)),"images");$_gm_imgPath_user$$&&$_gm_imgPath_user$$.picture?0===$_gm_imgPath_user$$.picture.indexOf("/getfile/")?($_gm_imgPath_user$$=$_gm_imgPath_user$$.picture.replace(/\/getfile\//g,""),$_gm_imgPath_user$$=path.join($error$$, $_gm_imgPath_user$$),fs.existsSync($_gm_imgPath_user$$)?($_gm_imgPath_user$$=sharp($_gm_imgPath_user$$,{failOnError:!1}),($error$$=await $_gm_imgPath_user$$.metadata())&&$size$$&&$size$$<$error$$.width&&$size$$<$error$$.height&&($_gm_imgPath_user$$=$_gm_imgPath_user$$.resize({width:$size$$}).rotate()),$error$$&&"webp"!=$error$$.format&&($_gm_imgPath_user$$=$_gm_imgPath_user$$.webp({lossless:!1})),$_gm_imgPath_user$$.pipe($res$$)):$res$$.sendFile(path.join($error$$,"avatar.jpg"))):0===$_gm_imgPath_user$$.picture.indexOf("http://")|| 0===$_gm_imgPath_user$$.picture.indexOf("https://")?request.get($_gm_imgPath_user$$.picture).pipe($res$$):$res$$.sendFile(path.join($error$$,"avatar.jpg")):$res$$.sendFile(path.join($error$$,"avatar.jpg"))})})});$router$$.route("/updateprofile").post(function($req$$,$res$$){findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async($error$jscomp$3_user$$,$_user$$)=>{if($error$jscomp$3_user$$)return $res$$.status(400).send({error:$error$jscomp$3_user$$.message|| $error$jscomp$3_user$$.error||$error$jscomp$3_user$$});if($_user$$){$error$jscomp$3_user$$={local:$_user$$.local||{},email:$_user$$.email,name:$_user$$.name};let $profile$$=$req$$.body;if($profile$$.local)for($_phone_identify_key$$ in $profile$$.local)"_id"!==$_phone_identify_key$$&&"active"!==$_phone_identify_key$$&&"password"!==$_phone_identify_key$$&&"rspassword"!==$_phone_identify_key$$&&"pin"!==$_phone_identify_key$$&&($error$jscomp$3_user$$.local[$_phone_identify_key$$]=$profile$$.local[$_phone_identify_key$$], void 0==$profile$$[$_phone_identify_key$$]&&($profile$$[$_phone_identify_key$$]=$profile$$.local[$_phone_identify_key$$]));$profile$$.name&&($_phone_identify_key$$=await global.getModel("assuser_identity"),$_phone_identify_key$$&&"1"===$_phone_identify_key$$.trang_thai||($error$jscomp$3_user$$.local.name=$profile$$.name,$error$jscomp$3_user$$.name=$profile$$.name));var $_phone_identify_key$$=$profile$$.phone;if($_phone_identify_key$$){let $tmp_u$$=await User.findOne({$or:[{"local.phone":$_phone_identify_key$$, email:$_phone_identify_key$$}]});if($tmp_u$$&&$tmp_u$$.email!==$error$jscomp$3_user$$.email)return $res$$.status(400).send({error:`S\u1ed1 \u0111i\u1ec7n tho\u1ea1i ${$_phone_identify_key$$} \u0111\u00e3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng`})}void 0!=$_phone_identify_key$$&&($error$jscomp$3_user$$.local.phone=$_phone_identify_key$$);void 0!=$profile$$.address&&($error$jscomp$3_user$$.local.address=$profile$$.address);void 0!=$profile$$.zalo&&($error$jscomp$3_user$$.local.zalo=$profile$$.zalo);void 0!= $profile$$.whatsapp&&($error$jscomp$3_user$$.local.whatsapp=$profile$$.whatsapp);void 0!=$profile$$.facebook&&($error$jscomp$3_user$$.local.facebook=$profile$$.facebook);void 0!=$profile$$.company&&($error$jscomp$3_user$$.local.company=$profile$$.company);void 0!=$profile$$.picture&&($error$jscomp$3_user$$.local.picture=$profile$$.picture);if(void 0!=$profile$$.email2){if($profile$$.email2&&!validator.isEmail($profile$$.email2))return $res$$.status(400).send({error:`Email ${$profile$$.email2} kh\u00f4ng h\u1ee3p l\u1ec7`}); $error$jscomp$3_user$$.email2=$profile$$.email2}$error$jscomp$3_user$$.user_updated=$req$$.user.email;$error$jscomp$3_user$$.date_updated=new Date;User.findByIdAndUpdate($_user$$._id,$error$jscomp$3_user$$,async function($error$$,$rs$$){if($error$$||!$rs$$)return $res$$.status(400).send({error:$error$$||"User kh\u00f4ng t\u1ed3n t\u1ea1i"});log.create({id_app:"CHANGEPROFILE",id_func:"CHANGEPROFILE",action:"CHANGEPROFILE"},$_user$$.email,$req$$.header("user-agent"),$req$$);Customer.findOne({of_user:$rs$$.email, ma_kh:$rs$$.email.toUpperCase()},($e$jscomp$0$$,$cust$$)=>{$cust$$?($cust$$.ten_kh=$rs$$.name,$cust$$.save(($e$$,$_cust$$)=>{if($e$$)return console.error("can't update ten_kh for user",$rs$$.name,$e$$);global.clientRedis.set("stp:"+$_cust$$._id.toString(),"")})):console.error("Not found customer of user",$rs$$.email)});$_user$$=await User.findById($_user$$._id).lean();redisCache.set("user",$_user$$,function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis");$res$$.send("\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng")})})}else $res$$.status(404).send({error:"Not found"})})}); $router$$.route("/activeByAdmin/:user").get(function($req$$,$res$$){const $usersAdmin$$=configs.admins;findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,function($error$jscomp$0$$,$user$$){if($error$jscomp$0$$)return $res$$.status(400).send({error:$error$jscomp$0$$.message||$error$jscomp$0$$.error||$error$jscomp$0$$});if(!$user$$)return $res$$.status(400).send({error:"Token kh\u00f4ng c\u00f3 gi\u00e1 tr\u1ecb"});if(underscore.contains($usersAdmin$$, $user$$.email)||isSupperAdmin($user$$.email.toLowerCase()))User.findOne({email:$req$$.params.user},function($e$jscomp$0$$,$u$$){if($e$jscomp$0$$||!$u$$)return $res$$.status(400).send({error:$req$$.params.user+" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"});$u$$.local=$u$$.local||{};$u$$.local.active=!0;$u$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);redisCache.set("user",$u$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")}); $res$$.send({message:"\u0110\u00e3 k\u00edch ho\u1ea1t th\u00e0nh c\u00f4ng"})})});else return $res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n k\u00edch ho\u1ea1t t\u00e0i kho\u1ea3n ng\u01b0\u1eddi d\u00f9ng"})})});$router$$.route("/unActiveByAdmin/:user").get(function($req$$,$res$$){const $usersAdmin$$=configs.admins;findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,function($error$jscomp$0$$,$user$$){if($error$jscomp$0$$)return $res$$.status(400).send({error:$error$jscomp$0$$.message|| $error$jscomp$0$$.error||$error$jscomp$0$$});if(!$user$$)return $res$$.status(400).send({error:"Token kh\u00f4ng c\u00f3 gi\u00e1 tr\u1ecb"});if(underscore.contains($usersAdmin$$,$user$$.email)||isSupperAdmin($user$$.email.toLowerCase()))User.findOne({email:$req$$.params.user},function($e$jscomp$0$$,$u$$){if($e$jscomp$0$$||!$u$$)return $res$$.status(400).send({error:$req$$.params.user+" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"});$u$$.local=$u$$.local||{};$u$$.local.active=!1;$u$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$); redisCache.set("user",$u$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 hu\u1ef7 k\u00edch ho\u1ea1t th\u00e0nh c\u00f4ng"})})});else return $res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n hu\u1ef7 k\u00edch ho\u1ea1t t\u00e0i kho\u1ea3n ng\u01b0\u1eddi d\u00f9ng"})})});$router$$.route("/changepasswordByAdmin").post(function($req$$,$res$$){const $usersAdmin$$=configs.admins;let $body$$= $req$$.body;if(!$body$$.newPassword)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u m\u1edbi"});if($body$$.newPassword){if($body$$.reNewPassword!==$body$$.newPassword)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($body$$.newPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"})}findByToken($req$$.query.access_token, $req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async function($error$jscomp$0$$,$user$$){if($error$jscomp$0$$)return $res$$.status(400).send({error:$error$jscomp$0$$.message||$error$jscomp$0$$.error||$error$jscomp$0$$});if(!$user$$)return $res$$.status(400).send({error:"token kh\u00f4ng c\u00f3 gi\u00e1 tr\u1ecb"});if(underscore.contains($usersAdmin$$,$user$$.email)||isSupperAdmin($user$$.email.toLowerCase()))User.findOne({email:$body$$.email},function($e$jscomp$0$$, $u$$){if($e$jscomp$0$$||!$u$$)return $res$$.status(400).send({error:$body$$.email+" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"});$u$$.local.password=$u$$.generateHash($u$$.email+$body$$.newPassword);$u$$.local.rspassword=null;$u$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);Token.deleteMany({email:$body$$.email,ip:{$in:["",null,void 0]}},$e$$=>{$e$$&&console.log("error when remove old tokens",$e$$)});log.create({id_app:"CHANGEPASSWORD",id_func:"CHANGEPASSWORD", action:"CHANGEPASSWORD"},$u$$.email,$req$$.header("user-agent"),$req$$);redisCache.set("user",$u$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})})});else return $body$$.id_app?await global.getModel("participant").findOne({email:$user$$.email.toLowerCase(),id_app:$body$$.id_app,admin:!0}).lean()?($error$jscomp$0$$=await global.getModel("participant").findOne({email:$body$$.email.toLowerCase(), id_app:$body$$.id_app}))?($error$jscomp$0$$.password=generatePasswordHash($error$jscomp$0$$.email+$body$$.newPassword),await $error$jscomp$0$$.save(),Token.deleteMany({email:$body$$.email,$or:[{only_id_app:$body$$.id_app},{id_apps:$body$$.id_app}],ip:{$in:["",null,void 0]}},$e$$=>{$e$$&&console.log("error when remove old tokens",$e$$)}),log.create({id_app:"CHANGEPASSWORD",id_func:"CHANGEPASSWORD",action:"CHANGEPASSWORD"},$error$jscomp$0$$.email,$req$$.header("user-agent"),$req$$),$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})): $res$$.status(400).send({error:"Ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i trong c\u00f4ng ty tr\u00ean"}):$res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n thay \u0111\u1ed5i m\u1eadt kh\u1ea9u c\u1ee7a ng\u01b0\u1eddi s\u1eed d\u1ee5ng n\u00e0y"}):$res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n thay \u0111\u1ed5i m\u1eadt kh\u1ea9u c\u1ee7a ng\u01b0\u1eddi s\u1eed d\u1ee5ng n\u00e0y"})})});$router$$.route("/delete").get(function($req$$, $res$$){findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async function($error$$,$_user$$){if($error$$||!$_user$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$||"Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y t\u00e0i kho\u1ea3n n\u00e0y",code:1100});try{await permission.verifyOTP($_user$$.email,$req$$.query["otp-id"],$req$$.query["otp-code"]),await global.getModel("participant").deleteMany({email:$_user$$.email}), await global.getModel("user").deleteMany({email:$_user$$.email}),$res$$.send({ok:!0,message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c x\u00f3a th\u00e0nh c\u00f4ng"})}catch($e$$){return console.error($e$$),$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$,code:4001})}})});$router$$.route("/changepassword").post(function($req$$,$res$$){let $access_token$$=$req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress, async function($error$jscomp$0$$,$_user$$){if($error$jscomp$0$$)return $res$$.status(400).send({error:$error$jscomp$0$$.message||$error$jscomp$0$$.error||$error$jscomp$0$$});if($_user$$){let $user$$=await User.findOne({email:$_user$$.email});if(!$user$$)return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng "+$_user$$.email});$error$jscomp$0$$=$req$$.body;if(!(await Token.findOne({token:$access_token$$})||{}).once){let $otp_id$$=$error$jscomp$0$$["otp-id"]|| $req$$.query["otp-id"],$otp_code$$=$error$jscomp$0$$["otp-code"]||$req$$.query["otp-code"];if($otp_id$$&&$otp_code$$){try{await permission.verifyOTP($_user$$.email,$otp_id$$,$otp_code$$)}catch($e$$){return console.error($e$$),$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$,code:4001})}if($user$$.local.password&&$error$jscomp$0$$.oldPassword&&!$user$$.validPassword($error$jscomp$0$$.oldPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u hi\u1ec7n t\u1ea1i kh\u00f4ng ch\u00ednh x\u00e1c"})}else if($user$$.local.password){if(!$error$jscomp$0$$.oldPassword)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u hi\u1ec7n t\u1ea1i"}); if(!$user$$.validPassword($error$jscomp$0$$.oldPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u hi\u1ec7n t\u1ea1i kh\u00f4ng ch\u00ednh x\u00e1c"})}}if($error$jscomp$0$$.newPassword){if($error$jscomp$0$$.reNewPassword!==$error$jscomp$0$$.newPassword)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($error$jscomp$0$$.newPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"})}else return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u m\u1edbi"}); $user$$.local.password=$user$$.generateHash($user$$.email+$error$jscomp$0$$.newPassword);$user$$.local.rspassword=null;$user$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);Token.deleteMany({email:$user$$.email,token:{$ne:$access_token$$},ip:{$in:["",null,void 0]},note:{$in:["",null,void 0]}},$e$$=>{$e$$&&console.error("error when remove old tokens",$e$$)});log.create({id_app:"CHANGEPASSWORD",id_func:"CHANGEPASSWORD",action:"CHANGEPASSWORD"},$user$$.email,$req$$.header("user-agent"), $req$$);redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})})}else return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng n\u00e0y"})})});$router$$.route("/changepin").post(function($req$$,$res$$){let $access_token$$=$req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]|| $req$$.connection.remoteAddress,async function($error$jscomp$14_passwords$$,$_user$jscomp$3_token$$){if($error$jscomp$14_passwords$$)return $res$$.status(400).send({error:$error$jscomp$14_passwords$$.message||$error$jscomp$14_passwords$$.error||$error$jscomp$14_passwords$$});if($_user$jscomp$3_token$$){let $user$$=await User.findOne({email:$_user$jscomp$3_token$$.email});if(!$user$$)return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng "+$_user$jscomp$3_token$$.email}); $error$jscomp$14_passwords$$=$req$$.body;$_user$jscomp$3_token$$=await Token.findOne({token:$access_token$$})||{};if($user$$.local.password&&!$_user$jscomp$3_token$$.once){if(!$error$jscomp$14_passwords$$.oldPassword)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u"});if(!$user$$.validPassword($error$jscomp$14_passwords$$.oldPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c"})}if($error$jscomp$14_passwords$$.newPin){if($error$jscomp$14_passwords$$.reNewPin!== $error$jscomp$14_passwords$$.newPin)return $res$$.status(400).send({error:"S\u1ed1 PIN x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPin($error$jscomp$14_passwords$$.newPin))return $res$$.status(400).send({error:"S\u1ed1 Pin kh\u00f4ng h\u1ee3p l\u1ec7"})}else return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp s\u1ed1 PIN"});$user$$.local.pin=$user$$.generateHash($user$$.email+$error$jscomp$14_passwords$$.newPin);$user$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$); log.create({id_app:"CHANGEPIN",id_func:"CHANGEPIN",action:"CHANGEPIN"},$user$$.email,$req$$.header("user-agent"),$req$$);redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})})}else return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng n\u00e0y"})})});$router$$.route("/user/logout").get(function($req$$,$res$$){var $access_token$$= $req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,function($error$$,$user$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});Token.deleteMany({token:$access_token$$},async function($clientIO_error$$){if($clientIO_error$$)return $res$$.status(400).send($clientIO_error$$);if(global.socketContainer.socketIO){var $client_sockets$$=[...(await global.socketContainer.socketIO.in($user$$.email).allSockets())]; $clientIO_error$$=await global.socketContainer.loadConnectionId();for($ep_id_id$$ of $client_sockets$$)($client_sockets$$=$clientIO_error$$[$ep_id_id$$])&&$client_sockets$$.token==$access_token$$&&global.socketContainer.socketIO.in($ep_id_id$$).fetchSockets().then($sockets$$=>{for(const $socket$$ of $sockets$$)$socket$$.disconnect()});global.socketContainer.saveConnectionId($clientIO_error$$)}log.create({id_app:"LOGOUT",id_func:"LOGOUT",action:"LOGOUT"},$user$$.email,$req$$.header("user-agent"),$req$$); if($req$$.query.ep){var $ep_id_id$$=(new Buffer($req$$.query.ep)).toString("base64");Endpoint.deleteMany({ep_id:$ep_id_id$$},function($e$$){$e$$&&console.log("error when log out endpoint",$e$$)})}$res$$.send({message:$user$$.email+" logged out"})})})});$router$$.route("/notifies").get(function($req$$,$res$$){getNotifies($req$$.user.email,function($error$$,$notifies$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});$res$$.send($notifies$$)})});$router$$.route("/register-endpoint").get(function($req$$, $res$$){const $endpoint$$=$req$$.query.ep,$id_app$$=$req$$.query.id_app;if($endpoint$$){const $ep_id$$=(new Buffer($endpoint$$)).toString("base64");Endpoint.findOne({ep_id:$ep_id$$},function($e$jscomp$0$$,$ep$$){if($e$jscomp$0$$)return $res$$.status(400).send($e$jscomp$0$$);$ep$$?($ep$$.user=$req$$.user.email,$ep$$.userAuth=$req$$.query.userAuth,$ep$$.userPublicKey=$req$$.query.userPublicKey,$ep$$.id_app=$id_app$$,$ep$$.app=$req$$.query.app):$ep$$=new Endpoint({ep_id:$ep_id$$,user:$req$$.user.email, endpoint:$endpoint$$,id_app:$id_app$$,userAuth:$req$$.query.userAuth,userPublicKey:$req$$.query.userPublicKey,app:$req$$.query.app});$ep$$.save(function($e$$,$rs$$){if($e$$)return $res$$.status(400).send($e$$);console.log("register successful endpoint",$endpoint$$,$req$$.user.email);$res$$.send($rs$$)})})}else $res$$.status(400).send({error:"H\u00e0m register-endpoint y\u00eau c\u1ea7u tham s\u1ed1 'ep'"})});$router$$.route("/remove-endpoint").get(function($req$$,$res$$){Endpoint.deleteMany({endpoint:$req$$.query.ep}, $e$$=>{if($e$$)return console.error($e$$);$res$$.send("success!")})});let $wallet$$=global.getModel("wallet");$router$$.route("/sign").post(function($req$$,$res$$){let $access_token$$=$req$$.query.access_token,$dataToSign$$=$req$$.body,$id_app$$=$dataToSign$$.id_app;if(!$id_app$$)return $res$$.status(400).send("Data for sign miss id_app");findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async function($error$$,$user$$){if($error$$)return $res$$.status(400).send($error$$); if($user$$)try{let $signature$$=await $wallet$$.sign($id_app$$,$user$$.email,$dataToSign$$);$res$$.send({signature:$signature$$})}catch($e$$){$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}else $res$$.status(400).send({error:"Not found user"})})})};