UNPKG

flexbiz-server

Version:

Flexible Server

61 lines (60 loc) 31.4 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
const User=global.getModel("user"),Participant=global.getModel("participant"),UserGroup=global.getModel("usergroup"),Customer=global.getModel("customer"),axios=require("axios"),log=global.getModel("log"),App=global.getModel("app"),Wallet=global.getModel("wallet"),Token=global.getModel("token"),BasicStrategy=require("passport-http").BasicStrategy,_crypto=require("crypto"),validator=require("validator"),email=require("../libs/email"),loadTemplate=require("../libs/load-template"),permission=require("../libs/permission"), OTP=global.getModel("otp"),DIGITS="0123456789",redisCache=require("../libs/redis-cache"),utils=require("../libs/utils"),Controler=require("../controllers/controller"),{isValidObjectId}=require("mongoose"),total_time_wait_login=36E5,total_time_try_login=3;function generateOTP(){let $OTP$$="";for(let $i$$=0;$i$$<6;$i$$++)$OTP$$+=DIGITS[Math.floor(Math.random()*10)];return $OTP$$} function generateToken($user$$){const $n$$=new Date;return _crypto.createHash("md5").update($user$$.email+$n$$.toISOString()).digest("hex")}function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})} function findByUsername($username$$,$fn$$){if(!$username$$)return $fn$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");User.findOne({$or:[{email:$username$$},{"local.phone":$username$$}]},function($error$$,$result$$){return!$error$$&&$result$$&&$result$$.local?$fn$$(null,$result$$):$fn$$($error$$||`T\u00e0i kho\u1ea3n ${$username$$} kh\u00f4ng t\u1ed3n t\u1ea1i`)})} async function addUserToApp($user$$,$body$$,$par_session_created$$){if($body$$.id_app){if(!await App.findById($body$$.id_app))throw Logger.error("[addUserToApp] Can't find app",$body$$.id_app),"Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y th\u00f4ng tin c\u00f4ng ty n\u00e0y";$user$$.current_id_app=$body$$.id_app;$par_session_created$$=await Participant.asyncCreateParticipant({id_app:$body$$.id_app,name:$body$$.name||$user$$.email,email:$body$$.email,group_id:$body$$.group_id,active:!0,session_created:$par_session_created$$, password:$body$$.password});let $cust$$;if(!await global.getModel("customer").findOne({id_app:$body$$.id_app,of_user:$user$$.email},{_id:1}).lean()&&($cust$$={ten_kh:$body$$.name||$user$$.email,email:validator.isEmail($user$$.email)?$user$$.email:void 0},$body$$.customer_info&&($cust$$={...$cust$$,...$body$$.customer_info}),$cust$$.ten_kh||($cust$$.ten_kh=$body$$.name||$user$$.email),$cust$$={...$cust$$,id_app:$body$$.id_app,user_created:$user$$.email,user_updated:$user$$.email,kh_yn:!0,of_user:$user$$.email}, $par_session_created$$&&$par_session_created$$.group_id)){let $ug$$=await global.getModel("usergroup").findOne({id_app:$body$$.id_app,_id:$par_session_created$$.group_id},{nh_kh:1});$cust$$.nh_kh=($ug$$||{}).nh_kh}if($body$$.introduce_code){let $contrIntroducer$$=global.controllers.INTRODUCER;await new Promise(($rs$$,$rj$$)=>{Controler.create($user$$,$contrIntroducer$$,{introduce_code:$body$$.introduce_code},($e$$,$intr$$)=>{if($e$$)return $rj$$($e$$.message||$e$$.error||$e$$);$cust$$&&($cust$$.phu_trach= $intr$$.be_introduced_by);$rs$$()})})}$cust$$&&await Customer.asyncCreateCustomer($cust$$);return $par_session_created$$}} module.exports=async function($app$$,$passport$$){const $rateLimiter$$=await global.createRateLimiterMiddleware(configs.limitRequest.auth||{},"auth");$passport$$.use(new BasicStrategy(function($username$$,$password$$,$done$$){if(!$username$$)return $done$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");$username$$=$username$$.trim();let $id_app$$;if($username$$.indexOf("@app=")>0){const $user_app$$=$username$$.split("@app=");$username$$=$user_app$$[0];$id_app$$=$user_app$$[1]}$username$$=$username$$.toLowerCase(); setImmediate(function(){findByUsername($username$$,async function($err_pars_pars$$,$user$$){if($err_pars_pars$$)return $done$$($err_pars_pars$$);if(!$user$$)return $done$$('T\u00e0i kho\u1ea3n "'+$username$$+'" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd.');if($user$$.status==0)return $done$$("T\u00e0i kho\u1ea3n n\u00e0y kh\u00f4ng c\u00f2n hi\u1ec7u l\u1ef1c");if($user$$.local.rspassword)if($user$$.validRspassword($password$$))$user$$.local.password=$user$$.local.rspassword,$user$$.local.rspassword= void 0,User.updateOne({email:$user$$.email},{local:$user$$.local},($e$$,$rs$$)=>{if($e$$)return Logger.error("Can't update password",$user$$.email,$e$$);Logger.info("updated new password",$user$$.email,$rs$$)});else{if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$=await $user$$.getAppOfPassword($password$$), $err_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}else{if(!$user$$.local.password)return $done$$("M\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i. H\u00e3y s\u1eed d\u1ee5ng t\u00ednh n\u0103ng kh\u00f4i ph\u1ee5c m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y"); if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$=await $user$$.getAppOfPassword($password$$),$err_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null, $user$$)})})}));$app$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,async($id_app$$,$res$$)=>{let $address_receive_otp$$=$id_app$$.params.address_receive_otp.trim().toLowerCase();if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$id_app$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($id_app$$.query["g-recaptcha-response"])}catch($e$$){return Logger.error("Can't verify recaptcha when send otp", $e$$),$res$$.status(400).send($e$$.messag||$e$$.error||$e$$)}}let $u$$=await User.findOne({$or:[{email:$address_receive_otp$$},{"local.phone":$address_receive_otp$$}]});if(!$u$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n ${$address_receive_otp$$} kh\u00f4ng t\u1ed3n t\u1ea1i`});const $username$$=$u$$.email;var $message$jscomp$9_otp_code$$=generateOTP();let $phone$$;$address_receive_otp$$!=$username$$&&utils.isMobilePhone($address_receive_otp$$)?$phone$$=$address_receive_otp$$:utils.isMobilePhone($username$$)? $phone$$=$username$$:utils.isMobilePhone(($u$$.local||{}).phone||"")&&($phone$$=($u$$.local||{}).phone);let $optObject$$;try{$optObject$$=await saveOTP($username$$,$message$jscomp$9_otp_code$$)}catch($e$$){return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 t\u1ea1o m\u00e3 OTP"})}if($phone$$){var $email_address_id_app$$=$id_app$$.query.id_app;if($email_address_id_app$$&&isValidObjectId($email_address_id_app$$)){var $app$$=await global.getModel("app").findOne({_id:$email_address_id_app$$}); const {zalo_otp_template_id:$zalo_otp_template_id$$,zalo_app_id:$zalo_app_id$$,zalo_secret_key:$zalo_secret_key$$,zalo_refresh_token:$zalo_refresh_token$$}=$app$$||{};if($zalo_otp_template_id$$&&$zalo_app_id$$&&$zalo_secret_key$$&&$zalo_refresh_token$$)try{return await utils.sendMessageZalo($email_address_id_app$$,$phone$$,$zalo_otp_template_id$$,{otp:$message$jscomp$9_otp_code$$}),$res$$.send($optObject$$.toObject())}catch($e$$){return $message$jscomp$9_otp_code$$=$e$$.message||$e$$.error||$e$$, Logger.error("[local] [send otp via zalo] Can't send message from zalo",$message$jscomp$9_otp_code$$),$res$$.status(400).send({error:$message$jscomp$9_otp_code$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})}}if(configs.sms&&(configs.sms.send||configs.sms.genUrlSendOTP))if(configs.sms.send)configs.sms.send($phone$$,$message$jscomp$9_otp_code$$,$id_app$$.query.id_app).then($rs$$=>{$rs$$.error_message?$res$$.status(400).send({error:$rs$$.message|| $rs$$.error||$rs$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`}):$res$$.send($optObject$$.toObject())}).catch($e$$=>{$e$$||={message:"Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP"};Logger.error("[local] [send otp via sms] Error send sms",$e$$);$res$$.status(400).send({error:$e$$.ErrorMessage||$e$$.message||$e$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})}); else if($message$jscomp$9_otp_code$$=configs.sms.genUrlSendOTP($phone$$,$message$jscomp$9_otp_code$$,$id_app$$.query.id_app))try{await axios.get($message$jscomp$9_otp_code$$),$res$$.send($optObject$$.toObject())}catch($e$$){Logger.error($e$$),$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})}else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`}); else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})}else validator.isEmail($address_receive_otp$$)&&$address_receive_otp$$!=$username$$?$email_address_id_app$$=$address_receive_otp$$:validator.isEmail($username$$)?$email_address_id_app$$=$username$$:$u$$.email2&&validator.isEmail($u$$.email2)&&($email_address_id_app$$=$u$$.email2),($id_app$$=$id_app$$.query.id_app)&& isValidObjectId($id_app$$)&&($app$$=await global.getModel("app").findOne({_id:$id_app$$}).lean()),$email_address_id_app$$?email.sendHtml({to:{address:$email_address_id_app$$},subject:"M\u00e3 x\u00e1c th\u1ef1c",html:`Xin vui l\u00f2ng g\u1eedi qu\u00fd kh\u00e1ch m\u00e3 x\u00e1c th\u1ef1c: ${$message$jscomp$9_otp_code$$}. M\u00e3 n\u00e0y s\u1ebd h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng sau 5 ph\u00fat.`,app_info:$app$$},function($error$$){$error$$?(Logger.error("Error send otp to email",$error$$),$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi email "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})): $res$$.send($optObject$$.toObject())},configs.sender_otp):$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})});$app$$.get("/verify-otp/:id/:otp",$rateLimiter$$,async function($req$$,$res$$){try{const $id$$=$req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$.status(400).send({error:"ID c\u1ee7a m\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng h\u1ee3p l\u1ec7", code:4001});const $otp_code$$=$req$$.params.otp,$otp$$=await OTP.findById($id$$);if(!$otp$$)return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});$otp$$.tried_number=($otp$$.tried_number||0)+1;await $otp$$.save();if($otp$$.otp!=$otp_code$$||$otp$$.verified||$otp$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c", code:4001});await OTP.updateOne({_id:$id$$},{verified:!0});let $user$$=await User.findOne({email:$otp$$.phone});if(!$user$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});if(!$user$$.local||!$user$$.local.active){$user$$.local=$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save(),redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")})}catch($e$$){return Logger.info("error verify otp, create user", $e$$),$res$$.status(500).send($e$$)}}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,once:$rs$$.once})})}catch($e$$){Logger.error("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}}); $app$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$3_user$$,$res$$)=>{let $data$$=$req$jscomp$3_user$$.body;$req$jscomp$3_user$$=$req$jscomp$3_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property"); try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$3_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});$app$$.get("/auth/local",$rateLimiter$$,function($req$$,$res$$,$next$$){let $ip$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).split(".").join("").split(":").join("");var $authorization_password$$=$req$$.headers.authorization;if(!$authorization_password$$)return $res$$.status(400).send({message:"Authorization is required"}); $authorization_password$$=Buffer.from($authorization_password$$.replace("Basic ",""),"base64").toString("utf-8");$authorization_password$$=$authorization_password$$.split(":");if($authorization_password$$.length>1){let $username$$=$authorization_password$$[0].trim().toLowerCase();$authorization_password$$=$authorization_password$$[1].trim();$req$$.query.id_app&&$username$$.indexOf("@app=")<0&&(Logger.info("[signin] add id_app into username",$username$$,$req$$.query.id_app),$username$$=`${$username$$}@app=${$req$$.query.id_app}`, $req$$.headers.authorization=`Basic ${Buffer.from($username$$+":"+$authorization_password$$).toString("base64")}`);let $t_session$$="times_login_"+$ip$$+"_"+$username$$.toLowerCase(),$d_session$$="datetime_login_"+$ip$$+"_"+$username$$.toLowerCase();$req$$.t_session=$t_session$$;$req$$.d_session=$d_session$$;let $now$$=new Date,$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$): ($req$$[$t_session$$]=$times_try$$,$req$$[$d_session$$]=$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$]):$req$$[$d_session$$]=$now$$;$req$$=$now$$.getTime()-$d$$.getTime();if($req$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$req$$)/6E4,2)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$, function($err$$,$reply$$){$reply$$?($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$,$times_try$$),global.clientRedis.set($d_session$$,$now$$));global.clientRedis.get($d_session$$,function($err$jscomp$3_time_wait$$,$reply$$){$reply$$?$d$$=new Date($reply$$):global.clientRedis.set($d_session$$,$now$$);$err$jscomp$3_time_wait$$=$now$$.getTime()-$d$$.getTime();if($err$jscomp$3_time_wait$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+ total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$err$jscomp$3_time_wait$$)/6E4,2)+" ph\u00fat"});$next$$()})})}},function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async function($err$jscomp$4_p$$,$user$$){if($err$jscomp$4_p$$||!$user$$)return $res$$.status(401).send({message:$err$jscomp$4_p$$||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return Logger.warn("[local] H\u1ec7 th\u1ed1ng y\u00eau c\u1ea7u x\u00e1c th\u1ef1c:", $user$$.email),$res$$.status(401).send({require_verify:!0});if($req$$.query.id_app&&($err$jscomp$4_p$$=await global.getModel("participant").findOne({id_app:$req$$.query.id_app,email:$user$$.email}).lean())&&!$err$jscomp$4_p$$.active&&!$err$jscomp$4_p$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$$,$res$$)=>{let $agent$$= $req$$.headers["user-agent"];if($req$$.headers.cookie){var $session$jscomp$1_user$$=$req$$.session;$session$jscomp$1_user$$[$req$$.t_session]=0;$session$jscomp$1_user$$[$req$$.d_session]=""}else global.clientRedis.set($req$$.t_session,0),global.clientRedis.set($req$$.d_session,"");log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);$session$jscomp$1_user$$=$req$$.user;if($req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)){const $id_app$$= $req$$.query.id_app;let $group_id$$=$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0;const $app$$=await App.findById($id_app$$);var $active_group_query_group$$={id_app:$id_app$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$group_id$$?$active_group_query_group$$._id=$group_id$$:$active_group_query_group$$.default_group=!0;$active_group_query_group$$=await UserGroup.findOne($active_group_query_group$$).lean(); if($app$$&&$active_group_query_group$$){$group_id$$=$active_group_query_group$$._id.toString();$active_group_query_group$$=$active_group_query_group$$.not_need_active;try{var $p$jscomp$3_session_created$$=await Participant.asyncCreateParticipant({id_app:$id_app$$,email:$session$jscomp$1_user$$.email,name:$session$jscomp$1_user$$.name,group_id:$group_id$$,active:$active_group_query_group$$});if($p$jscomp$3_session_created$$&&!$p$jscomp$3_session_created$$.active)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t", active:!1});let $cust$$={ten_kh:$session$jscomp$1_user$$.name||$session$jscomp$1_user$$.email,email:$session$jscomp$1_user$$.email,id_app:$id_app$$,user_created:$session$jscomp$1_user$$.email,user_updated:$session$jscomp$1_user$$.email,kh_yn:!0,of_user:$session$jscomp$1_user$$.email};utils.isMobilePhone($session$jscomp$1_user$$.email,["vi-VN"])&&($cust$$.dien_thoai=$session$jscomp$1_user$$.email);try{await Customer.asyncCreateCustomer($cust$$)}catch($e$$){Logger.error("[auth][local] Auto create new customer with error:", $e$$.message)}}catch($e$$){return Logger.error("[auth][local] can't add user",$session$jscomp$1_user$$.email,"to company",$app$$.name,$e$$.message||$e$$.error||$e$$),$res$$.status(500).send($e$$)}}}const $accessToken$$=generateToken($session$jscomp$1_user$$);($p$jscomp$3_session_created$$=($req$$.cookies||{}).uid)&&User.updateOne({email:$session$jscomp$1_user$$.email,session_created:null},{session_created:$p$jscomp$3_session_created$$}).catch(Logger.error);(new Token({email:$session$jscomp$1_user$$.email, session_created:$p$jscomp$3_session_created$$,id_apps:$session$jscomp$1_user$$.token_id_apps,only_id_app:$session$jscomp$1_user$$.token_id_app,token:$accessToken$$,agent:$agent$$,ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save(function($e$$,$rs$$){if($e$$)return $res$$.status(500).send($e$$);$res$$.send({token:$accessToken$$,once:$rs$$.once})})});$app$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email; User.findOne({$or:[{email:$email$$},{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().then(function($user$$){if(!$user$$)return $res$$.status(400).send(`T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);$res$$.send($user$$)}).catch($e$$=>{$res$$.status(400).send($e$$)})});$app$$.post("/signup",$rateLimiter$$,async($req$$,$res$$)=>{let $body$$=$req$$.body;$body$$.json&&($body$$=JSON.parse($body$$.json));if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"}); if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send({error:"id_app kh\u00f4ng h\u1ee3p l\u1ec7"});if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$$=$body$$["g-recaptcha-response"]||$req$$.query["g-recaptcha-response"];if(!$app$$)return $res$$.status(400).send({error:"Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token"});try{await permission.verifyReCaptcha($app$$)}catch($e$$){return $res$$.status(400).send({error:$e$$.message|| $e$$.error||$e$$})}}let $session_created$$=($req$$.cookies||{}).uid;if($session_created$$&&$body$$.id_app){$app$$=await App.findById($body$$.id_app);if(!$app$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});if($app$$.options&&$app$$.options.one_account_per_device&&await Participant.findOne({session_created:$session_created$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"}); $body$$.email=$body$$.email.trim().toLowerCase();if(!validator.isEmail($body$$.email)&&!utils.isMobilePhone($body$$.email,["vi-VN"]))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp ph\u1ea3i l\u00e0 1 \u0111\u1ecba ch\u1ec9 email ho\u1eb7c 1 s\u1ed1 \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng"});if(!$body$$.name)return $res$$.status(400).send({error:"H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp"});if($body$$.introduce_code&&$body$$.id_app&&!await global.getModel("introducecode").findOne({id_app:$body$$.id_app, status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"});Logger.info("[signup] \u0111ang \u0111\u0103ng k\u00fd t\u00e0i kho\u1ea3n",$body$$.email,"...");User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]},async function($error$$,$new_user$$){if($error$$)return $res$$.status(400).send($error$$);if($new_user$$)if(!$new_user$$.local||configs.require_verify&&!$new_user$$.local.active|| $new_user$$.local.email!=$body$$.email)$new_user$$.local||($new_user$$.local={});else if($body$$.id_app){Logger.info(`[signup] t\u00e0i kho\u1ea3n ${$body$$.email}. \u0110ang th\u00eam v\u00e0o c\u00f4ng ty "${$body$$.id_app}"...`);try{let $p$$=await global.getModel("participant").findOne({id_app:$body$$.id_app,email:$body$$.email});if($p$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n n\u00e0y \u0111\u00e3 t\u1ed3n t\u1ea1i"});$p$$=await addUserToApp($new_user$$,$body$$,$session_created$$); let $accessToken$$;if($new_user$$.local.active)try{$accessToken$$=generateToken($new_user$$),await (new Token({email:$new_user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save()}catch($e$$){Logger.error("[signup] can't gen new token for new user:"+$new_user$$.email,$e$$)}return $res$$.send({message:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd th\u00e0nh c\u00f4ng', token:$accessToken$$,active:$new_user$$.local.active})}catch($e$$){return await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}),$res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}}else return $res$$.status(400).send({error:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd'});else $new_user$$=new User,$new_user$$.email=$body$$.email,$new_user$$.local={};$new_user$$.local.email=$body$$.email;$new_user$$.local.name= $body$$.name;$new_user$$.local.active=!configs.require_verify;$new_user$$.partner=$body$$.partner;$new_user$$.session_created=$session_created$$;$body$$.email2&&validator.isEmail($body$$.email2)&&($new_user$$.email2=$body$$.email2);$new_user$$.name=$new_user$$.local.name;$body$$.picture?$new_user$$.local.picture=$body$$.picture:$new_user$$.local.picture||($new_user$$.local.picture="/images/avatar.jpg");let $password$$;if($body$$.password){if($body$$.rePassword!==$body$$.password)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"}); if(!User.teststrengthPassword($body$$.password))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"});$password$$=$body$$.password}else $password$$=_crypto.createHash("md5").update($new_user$$.email+(new Date).toISOString()).digest("hex");$new_user$$.local.password=$new_user$$.generateHash($new_user$$.email+ $password$$);$new_user$$.save(async function($app$jscomp$5_error$$,$newUser$$){if($app$jscomp$5_error$$)return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"});log.create({id_app:"SIGNUP",id_func:"SIGNUP",action:"SIGNUP"},$new_user$$.email,$req$$.header("user-agent"),$req$$);if($body$$.cty_name){$app$jscomp$5_error$$=new App;$app$jscomp$5_error$$.user_created=$new_user$$.email;$app$jscomp$5_error$$.user_updated=$new_user$$.email;$app$jscomp$5_error$$.name=$body$$.cty_name; var $d$jscomp$1_now$$=new Date;$app$jscomp$5_error$$.ngay_dn=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$app$jscomp$5_error$$.ngay_ks=new Date($d$jscomp$1_now$$.getFullYear()-1,12,0);$app$jscomp$5_error$$.nam_bd=$d$jscomp$1_now$$.getFullYear();$app$jscomp$5_error$$.ngay_ky1=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$d$jscomp$1_now$$=new Date;$d$jscomp$1_now$$.setMonth($d$jscomp$1_now$$.getMonth()+3);$app$jscomp$5_error$$.expire_date=new Date($d$jscomp$1_now$$);$app$jscomp$5_error$$.save(function($error$$, $obj$$){if($error$$)return Logger.error("[signup] Khong tao duoc new app: "+$error$$);require("../libs/initDatabase").init($obj$$._id,function($error$$){$error$$&&Logger.error("[signup] Can't init database \n"+$error$$)})})}try{await addUserToApp($newUser$$,$body$$,$session_created$$)}catch($e$$){return Logger.error("[signup] add user to app",$e$$.message||$e$$.error||$e$$),await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}),await User.deleteOne({email:$body$$.email}), $res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}let $accessToken$$;if($newUser$$.local.active)try{$accessToken$$=generateToken($newUser$$),await (new Token({email:$newUser$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save()}catch($e$$){Logger.error("[signup] can't gen new token for new user:"+$newUser$$.email,$e$$)}validator.isEmail($body$$.email)&& !$body$$.password?(loadTemplate("thong tin dang nhap.html",{email:$new_user$$.email,password:$password$$,receiver_name:$body$$.name},function($error$$,$html$$){if($error$$)return Logger.info($error$$);email.sendHtml({to:{name:$new_user$$.name,address:$new_user$$.email},subject:"Th\u00f4ng tin t\u00e0i kho\u1ea3n",html:$html$$},function($error$$){$error$$&&Logger.error("Khong the gui email thon tin tai khoan cho nguoi dung\n"+$error$$)})}),$res$$.send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp", token:$accessToken$$,active:$newUser$$.local.active})):$res$$.send({message:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o',token:$accessToken$$,active:$newUser$$.local.active})})})});$app$$.get("/resetpassword",$rateLimiter$$,async($req$$,$res$$)=>{if(configs.GOOGLE_RECAPTCHA_SECRET_KEY)try{await permission.verifyReCaptcha($req$$.query["g-recaptcha-response"])}catch($e$$){return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}let $address$$=$req$$.query.email; if(!$address$$)return $res$$.status(400).send({error:"Y\u00eau c\u1ea7u m\u1ed9t \u0111\u1ecba ch\u1ec9 email ho\u1eb7c s\u1ed1 \u0111i\u1ec7n tho\u1ea1i"});$address$$=$address$$.toLowerCase();User.findOne({$or:[{"local.email":$address$$},{email:$address$$},{email2:$address$$}]},function($error$$,$result$$){if($error$$)return $res$$.status(400).send($error$$);if(!$result$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$address$$}" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`}); let $newpassword$$=_crypto.createHash("md5").update((new Date).toISOString()).digest("hex");$result$$.local.rspassword=$result$$.generateHash($result$$.email+$newpassword$$);$result$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);loadTemplate("reset mat khau.html",{receiver_name:$result$$.name,email:$result$$.email,password:$newpassword$$},function($error$$,$html$$){if($error$$)return $res$$.status(400).send($error$$);$result$$.email&&validator.isEmail($result$$.email)&& email.sendHtml({to:{name:$result$$.name,address:$result$$.email},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):Logger.info("send new password to",$result$$.email)});$result$$.email2&&validator.isEmail($result$$.email2)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email2},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+ $error$$):Logger.info("send new password to",$result$$.email)});log.create({id_app:"RESETPASSWORD",id_func:"RESETPASSWORD",action:"RESETPASSWORD"},$result$$.email,$req$$.header("user-agent"),$req$$);$res$$.send({message:"M\u1eadt kh\u1ea9u c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u1ed5i th\u00e0nh c\u00f4ng. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y m\u1eadt kh\u1ea9u m\u1edbi, sau \u0111\u00f3 b\u1ea1n n\u00ean \u0111\u1ed5i m\u1eadt kh\u1ea9u n\u00e0y"})})})})})};