UNPKG

flexbiz-server

Version:

Flexible Server

46 lines (45 loc) 24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
const User=global.getModel("user"),log=global.getModel("log"),Customer=global.getModel("customer"),Endpoint=global.getModel("endpoint"),getNotifies=require("../../libs/getNotifies"),redisCache=require("../../libs/redis-cache"),underscore=require("underscore"),async=require("async"),fs=require("fs"),{isSupperAdmin,generatePasswordHash}=require("../../libs/utils"),permission=require("../../libs/permission"),validator=require("validator"),path=require("path"),Token=global.getModel("token"),sharp=require("sharp"), request=require("request"),findByToken=User.findByToken; module.exports=function($router$$){$router$$.route("/user").get(function($req$$,$res$$){const $usersAdmin$$=configs.admins,$access_token$$=$req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,function($e$$,$user$$){if($e$$)return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$});$user$$?($user$$.local=$user$$.local||{},$user$$.address=$user$$.local.address?$user$$.local.address:"",$user$$.phone=$user$$.local.phone? $user$$.local.phone:"",$user$$.use_pin=configs.use_pin_as_otp&&!!$user$$.local.pin,$user$$.token=$access_token$$,$user$$.admin=underscore.contains($usersAdmin$$,$user$$.email)||isSupperAdmin($user$$.email.toLowerCase()),!$user$$.picture&&$user$$.local.picture&&($user$$.picture=$user$$.local.picture),delete $user$$.tokens,delete $user$$.facebook,delete $user$$.google,delete $user$$.password,delete $user$$.pin,delete $user$$.local.pin,delete $user$$.local.rePassword,delete $user$$.local.password,$res$$.send($user$$)): $res$$.status(404).send({error:"Token kh\u00f4ng t\u1ed3n t\u1ea1i"})})});$router$$.route("/profile").get(function($req$$,$res$$){const $email$$=$req$$.query.email,$query$$={};async.parallel({e:function($callback$$){$email$$?($query$$.email=$email$$,User.findOne($query$$).lean().then(function($user$$){$callback$$(null,$user$$)}).catch($error$$=>{$callback$$($error$$)})):$callback$$()},t:function($callback$$){$email$$?$callback$$():findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]|| $req$$.connection.remoteAddress,($e$$,$user$$)=>{if($e$$)return $callback$$($e$$);$callback$$(null,$user$$)})}},function($e$$,$dk$$){if($e$$)return $res$$.state(400).send({error:$e$$.message||$e$$.error||$e$$});let $user$$=$dk$$.e||$dk$$.t;$user$$?(delete $user$$.local.password,delete $user$$.local.rspassword,delete $user$$.local.pin,delete $user$$.tokens,$user$$.local._id=$user$$._id,$user$$.local.invited=[],$user$$.local.email2=$user$$.email2,$user$$.local.picture||($user$$.local.picture="/images/avatar.jpg"), delete $user$$.token,User.find({partner:$user$$._id},{local:1}).lean().then(async $p$$=>{$p$$&&$p$$.forEach(function($u$$){delete $u$$.local.password;delete $u$$.local.rspassword;delete $u$$.tokens;delete $u$$.token;delete $u$$.local.pin;$user$$.local.invited.push($u$$.local)});$user$$.local.isOnline=await User.isOnline($user$$.email);$res$$.send($user$$.local)}).catch($e$$=>{Logger.error($e$$);$res$$.status(404).send({error:$e$$.message})})):$res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y th\u00f4ng tin c\u1ee7a t\u00e0i kho\u1ea3n n\u00e0y"})})}); $router$$.route("/avatar").get(function($req$$,$res$$){var $email$$=$req$$.query.email,$query$$={};async.parallel({e:function($callback$$){$email$$&&($query$$.email=$email$$);$callback$$()},t:function($callback$$){$email$$?$callback$$():Token.findOne({token:$req$$.query.access_token},function($e$$,$t$$){if($e$$)return $callback$$($e$$);$t$$&&($query$$.email=$t$$.email);$callback$$()})}},function($e$$){if($e$$)return $res$$.status(400).send({error:$e$$});let $size$$=Number($req$$.query.size)||240; $query$$.email||($query$$.tokens=$req$$.query.access_token);User.findOne($query$$,{picture:1}).lean().then(async function($imgPath_orgin_file_size_user$$){var $_gm_root_dir$$=configs.paths.images||path.join(path.dirname(path.dirname(__dirname)),"images");$imgPath_orgin_file_size_user$$&&$imgPath_orgin_file_size_user$$.picture?$imgPath_orgin_file_size_user$$.picture.indexOf("/getfile/")===0?($imgPath_orgin_file_size_user$$=$imgPath_orgin_file_size_user$$.picture.replace(/\/getfile\//g,""),$imgPath_orgin_file_size_user$$= path.join($_gm_root_dir$$,$imgPath_orgin_file_size_user$$),fs.existsSync($imgPath_orgin_file_size_user$$)?($_gm_root_dir$$=sharp($imgPath_orgin_file_size_user$$,{failOnError:!1}),($imgPath_orgin_file_size_user$$=await $_gm_root_dir$$.metadata())&&$size$$&&$size$$<$imgPath_orgin_file_size_user$$.width&&$size$$<$imgPath_orgin_file_size_user$$.height&&($_gm_root_dir$$=$_gm_root_dir$$.resize({width:$size$$}).rotate()),$imgPath_orgin_file_size_user$$&&$imgPath_orgin_file_size_user$$.format!="webp"&&($_gm_root_dir$$= $_gm_root_dir$$.webp({lossless:!1})),$_gm_root_dir$$.pipe($res$$)):$res$$.sendFile(path.join($_gm_root_dir$$,"avatar.jpg"))):$imgPath_orgin_file_size_user$$.picture.indexOf("http://")===0||$imgPath_orgin_file_size_user$$.picture.indexOf("https://")===0?request.get($imgPath_orgin_file_size_user$$.picture).pipe($res$$):$res$$.sendFile(path.join($_gm_root_dir$$,"avatar.jpg")):$res$$.sendFile(path.join($_gm_root_dir$$,"avatar.jpg"))}).catch($error$$=>{$res$$.status(400).send($error$$)})})});$router$$.route("/updateprofile").post(function($req$$, $res$$){findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async($error$jscomp$4_user$$,$_user$$)=>{if($error$jscomp$4_user$$)return $res$$.status(400).send({error:$error$jscomp$4_user$$.message||$error$jscomp$4_user$$.error||$error$jscomp$4_user$$});if($_user$$){$error$jscomp$4_user$$={local:$_user$$.local||{},email:$_user$$.email,name:$_user$$.name};let $profile$$=$req$$.body;if($profile$$.local)for(var $_phone_identify_key$$ in $profile$$.local)$_phone_identify_key$$!== "_id"&&$_phone_identify_key$$!=="active"&&$_phone_identify_key$$!=="password"&&$_phone_identify_key$$!=="rspassword"&&$_phone_identify_key$$!=="pin"&&($error$jscomp$4_user$$.local[$_phone_identify_key$$]=$profile$$.local[$_phone_identify_key$$],$profile$$[$_phone_identify_key$$]==void 0&&($profile$$[$_phone_identify_key$$]=$profile$$.local[$_phone_identify_key$$]));$profile$$.name&&($_phone_identify_key$$=await global.getModel("assuser_identity"),$_phone_identify_key$$&&$_phone_identify_key$$.trang_thai=== "1"||($error$jscomp$4_user$$.local.name=$profile$$.name,$error$jscomp$4_user$$.name=$profile$$.name));if($_phone_identify_key$$=$profile$$.phone){let $tmp_u$$=await User.findOne({$or:[{"local.phone":$_phone_identify_key$$,email:$_phone_identify_key$$}]});if($tmp_u$$&&$tmp_u$$.email!==$error$jscomp$4_user$$.email)return $res$$.status(400).send({error:`S\u1ed1 \u0111i\u1ec7n tho\u1ea1i ${$_phone_identify_key$$} \u0111\u00e3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng`})}$_phone_identify_key$$!=void 0&&($error$jscomp$4_user$$.local.phone= $_phone_identify_key$$);$profile$$.address!=void 0&&($error$jscomp$4_user$$.local.address=$profile$$.address);$profile$$.zalo!=void 0&&($error$jscomp$4_user$$.local.zalo=$profile$$.zalo);$profile$$.whatsapp!=void 0&&($error$jscomp$4_user$$.local.whatsapp=$profile$$.whatsapp);$profile$$.facebook!=void 0&&($error$jscomp$4_user$$.local.facebook=$profile$$.facebook);$profile$$.company!=void 0&&($error$jscomp$4_user$$.local.company=$profile$$.company);$profile$$.picture!=void 0&&($error$jscomp$4_user$$.local.picture= $profile$$.picture);if($profile$$.email2!=void 0){if($profile$$.email2&&!validator.isEmail($profile$$.email2))return $res$$.status(400).send({error:`Email ${$profile$$.email2} kh\u00f4ng h\u1ee3p l\u1ec7`});$error$jscomp$4_user$$.email2=$profile$$.email2}$error$jscomp$4_user$$.user_updated=$req$$.user.email;$error$jscomp$4_user$$.date_updated=new Date;User.findByIdAndUpdate($_user$$._id,$error$jscomp$4_user$$,async function($error$$,$rs$$){if($error$$||!$rs$$)return $res$$.status(400).send({error:$error$$|| "User kh\u00f4ng t\u1ed3n t\u1ea1i"});log.create({id_app:"CHANGEPROFILE",id_func:"CHANGEPROFILE",action:"CHANGEPROFILE"},$_user$$.email,$req$$.header("user-agent"),$req$$);Customer.findOne({of_user:$rs$$.email,ma_kh:$rs$$.email.toUpperCase()},($e$$,$cust$$)=>{$cust$$?($cust$$.ten_kh=$rs$$.name,$cust$$.save(($e$$,$_cust$$)=>{if($e$$)return Logger.error("can't update ten_kh for user",$rs$$.name,$e$$);global.clientRedis.set("flex:"+$_cust$$._id.toString(),"")})):Logger.error("Not found customer of user", $rs$$.email)});$_user$$=await User.findById($_user$$._id).lean();redisCache.set("user",$_user$$,function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis");$res$$.send("\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng")})})}else $res$$.status(404).send({error:"Not found"})})});$router$$.route("/activeByAdmin/:user").get(function($req$$,$res$$){const $usersAdmin$$=[...configs.admins,...(configs.subAdmins||[])];findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]|| $req$$.connection.remoteAddress,function($error$$,$user$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});if(!$user$$)return $res$$.status(400).send({error:"Token kh\u00f4ng c\u00f3 gi\u00e1 tr\u1ecb"});if(underscore.contains($usersAdmin$$,$user$$.email)||isSupperAdmin($user$$.email.toLowerCase()))User.findOne({email:$req$$.params.user},function($e$$,$u$$){if($e$$||!$u$$)return $res$$.status(400).send({error:$req$$.params.user+" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"}); $u$$.local=$u$$.local||{};$u$$.local.active=!0;$u$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);redisCache.set("user",$u$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 k\u00edch ho\u1ea1t th\u00e0nh c\u00f4ng"})})});else return $res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n k\u00edch ho\u1ea1t t\u00e0i kho\u1ea3n ng\u01b0\u1eddi d\u00f9ng"})})});$router$$.route("/unActiveByAdmin/:user").get(function($req$$, $res$$){const $usersAdmin$$=[...configs.admins,...(configs.subAdmins||[])];findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,function($error$$,$user$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});if(!$user$$)return $res$$.status(400).send({error:"Token kh\u00f4ng c\u00f3 gi\u00e1 tr\u1ecb"});if(underscore.contains($usersAdmin$$,$user$$.email)||isSupperAdmin($user$$.email.toLowerCase()))User.findOne({email:$req$$.params.user}, function($e$$,$u$$){if($e$$||!$u$$)return $res$$.status(400).send({error:$req$$.params.user+" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"});$u$$.local=$u$$.local||{};$u$$.local.active=!1;$u$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);redisCache.set("user",$u$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 hu\u1ef7 k\u00edch ho\u1ea1t th\u00e0nh c\u00f4ng"})})});else return $res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n hu\u1ef7 k\u00edch ho\u1ea1t t\u00e0i kho\u1ea3n ng\u01b0\u1eddi d\u00f9ng"})})}); $router$$.route("/changepasswordByAdmin").post(function($req$$,$res$$){const $usersAdmin$$=[...configs.admins,...(configs.subAdmins||[])];let $body$$=$req$$.body;if(!$body$$.newPassword)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u m\u1edbi"});if($body$$.newPassword){if($body$$.reNewPassword!==$body$$.newPassword)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($body$$.newPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"})}findByToken($req$$.query.access_token, $req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async function($error$$,$user$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});if(!$user$$)return $res$$.status(400).send({error:"token kh\u00f4ng c\u00f3 gi\u00e1 tr\u1ecb"});if(underscore.contains($usersAdmin$$,$user$$.email)||isSupperAdmin($user$$.email.toLowerCase()))User.findOne({email:$body$$.email},function($e$$,$u$$){if($e$$||!$u$$)return $res$$.status(400).send({error:$body$$.email+ " ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"});$u$$.local.password=$u$$.generateHash($u$$.email+$body$$.newPassword);$u$$.local.rspassword=null;$u$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);Token.deleteMany({email:$body$$.email,ip:{$in:["",null,void 0]}},$e$$=>{$e$$&&Logger.info("error when remove old tokens",$e$$)});log.create({id_app:"CHANGEPASSWORD",id_func:"CHANGEPASSWORD",action:"CHANGEPASSWORD"},$u$$.email,$req$$.header("user-agent"),$req$$);redisCache.set("user", $u$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})})});else return $body$$.id_app?await global.getModel("participant").findOne({email:$user$$.email.toLowerCase(),id_app:$body$$.id_app,admin:!0}).lean()?($error$$=await global.getModel("participant").findOne({email:$body$$.email.toLowerCase(),id_app:$body$$.id_app}))?($error$$.password=generatePasswordHash($error$$.email+ $body$$.newPassword),await $error$$.save(),Token.deleteMany({email:$body$$.email,$or:[{only_id_app:$body$$.id_app},{id_apps:$body$$.id_app}],ip:{$in:["",null,void 0]}},$e$$=>{$e$$&&Logger.info("error when remove old tokens",$e$$)}),log.create({id_app:"CHANGEPASSWORD",id_func:"CHANGEPASSWORD",action:"CHANGEPASSWORD"},$error$$.email,$req$$.header("user-agent"),$req$$),$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})):$res$$.status(400).send({error:"Ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i trong c\u00f4ng ty tr\u00ean"}): $res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n thay \u0111\u1ed5i m\u1eadt kh\u1ea9u c\u1ee7a ng\u01b0\u1eddi s\u1eed d\u1ee5ng n\u00e0y"}):$res$$.status(400).send({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n thay \u0111\u1ed5i m\u1eadt kh\u1ea9u c\u1ee7a ng\u01b0\u1eddi s\u1eed d\u1ee5ng n\u00e0y"})})});$router$$.route("/delete").get(function($req$$,$res$$){findByToken($req$$.query.access_token,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress, async function($error$$,$_user$$){if($error$$||!$_user$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$||"Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y t\u00e0i kho\u1ea3n n\u00e0y",code:1100});try{await permission.verifyOTP($_user$$.email,$req$$.query["otp-id"],$req$$.query["otp-code"]),await global.getModel("participant").deleteMany({email:$_user$$.email}),await global.getModel("user").deleteMany({email:$_user$$.email}),$res$$.send({ok:!0,message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c x\u00f3a th\u00e0nh c\u00f4ng"})}catch($e$$){return Logger.error($e$$), $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$,code:4001})}})});$router$$.route("/changepassword").post(function($req$$,$res$$){let $access_token$$=$req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async function($error$$,$_user$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});if($_user$$){let $user$$=await User.findOne({email:$_user$$.email});if(!$user$$)return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng "+ $_user$$.email});$error$$=$req$$.body;if(!(await Token.findOne({token:$access_token$$})||{}).once){let $otp_id$$=$error$$["otp-id"]||$req$$.query["otp-id"],$otp_code$$=$error$$["otp-code"]||$req$$.query["otp-code"];if($otp_id$$&&$otp_code$$){try{await permission.verifyOTP($_user$$.email,$otp_id$$,$otp_code$$)}catch($e$$){return Logger.error($e$$),$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$,code:4001})}if($user$$.local.password&&$error$$.oldPassword&&!$user$$.validPassword($error$$.oldPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u hi\u1ec7n t\u1ea1i kh\u00f4ng ch\u00ednh x\u00e1c"})}else if($user$$.local.password){if(!$error$$.oldPassword)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u hi\u1ec7n t\u1ea1i"}); if(!$user$$.validPassword($error$$.oldPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u hi\u1ec7n t\u1ea1i kh\u00f4ng ch\u00ednh x\u00e1c"})}}if($error$$.newPassword){if($error$$.reNewPassword!==$error$$.newPassword)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($error$$.newPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"})}else return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u m\u1edbi"}); $user$$.local.password=$user$$.generateHash($user$$.email+$error$$.newPassword);$user$$.local.rspassword=null;$user$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);Token.deleteMany({email:$user$$.email,token:{$ne:$access_token$$},ip:{$in:["",null,void 0]},note:{$in:["",null,void 0]}},$e$$=>{$e$$&&Logger.error("error when remove old tokens",$e$$)});log.create({id_app:"CHANGEPASSWORD",id_func:"CHANGEPASSWORD",action:"CHANGEPASSWORD"},$user$$.email,$req$$.header("user-agent"), $req$$);redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})})}else return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng n\u00e0y"})})});$router$$.route("/changepin").post(function($req$$,$res$$){let $access_token$$=$req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]|| $req$$.connection.remoteAddress,async function($error$jscomp$15_passwords$$,$_user$jscomp$3_token$$){if($error$jscomp$15_passwords$$)return $res$$.status(400).send({error:$error$jscomp$15_passwords$$.message||$error$jscomp$15_passwords$$.error||$error$jscomp$15_passwords$$});if($_user$jscomp$3_token$$){let $user$$=await User.findOne({email:$_user$jscomp$3_token$$.email});if(!$user$$)return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng "+$_user$jscomp$3_token$$.email}); $error$jscomp$15_passwords$$=$req$$.body;$_user$jscomp$3_token$$=await Token.findOne({token:$access_token$$})||{};if($user$$.local.password&&!$_user$jscomp$3_token$$.once){if(!$error$jscomp$15_passwords$$.oldPassword)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp m\u1eadt kh\u1ea9u"});if(!$user$$.validPassword($error$jscomp$15_passwords$$.oldPassword))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c"})}if($error$jscomp$15_passwords$$.newPin){if($error$jscomp$15_passwords$$.reNewPin!== $error$jscomp$15_passwords$$.newPin)return $res$$.status(400).send({error:"S\u1ed1 PIN x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPin($error$jscomp$15_passwords$$.newPin))return $res$$.status(400).send({error:"S\u1ed1 Pin kh\u00f4ng h\u1ee3p l\u1ec7"})}else return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp s\u1ed1 PIN"});$user$$.local.pin=$user$$.generateHash($user$$.email+$error$jscomp$15_passwords$$.newPin);$user$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$); log.create({id_app:"CHANGEPIN",id_func:"CHANGEPIN",action:"CHANGEPIN"},$user$$.email,$req$$.header("user-agent"),$req$$);redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")});$res$$.send({message:"\u0110\u00e3 c\u1eadp nh\u1eadt th\u00e0nh c\u00f4ng"})})}else return $res$$.status(404).send({error:"Kh\u00f4ng t\u00ecm th\u1ea5y ng\u01b0\u1eddi d\u00f9ng n\u00e0y"})})});$router$$.route("/user/logout").get(function($req$$,$res$$){var $access_token$$= $req$$.query.access_token;findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,function($error$$,$user$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});Token.deleteMany({token:$access_token$$},async function($clientIO_error$$){if($clientIO_error$$)return $res$$.status(400).send($clientIO_error$$);if(global.socketContainer.socketIO){var $client_sockets$$=[...(await global.socketContainer.socketIO.in($user$$.email).allSockets())]; $clientIO_error$$=await global.socketContainer.loadConnectionId();for(var $ep_id_id$$ of $client_sockets$$)($client_sockets$$=$clientIO_error$$[$ep_id_id$$])&&$client_sockets$$.token==$access_token$$&&global.socketContainer.socketIO.in($ep_id_id$$).fetchSockets().then($sockets$$=>{for(const $socket$$ of $sockets$$)$socket$$.disconnect()});global.socketContainer.saveConnectionId($clientIO_error$$)}log.create({id_app:"LOGOUT",id_func:"LOGOUT",action:"LOGOUT"},$user$$.email,$req$$.header("user-agent"), $req$$);$req$$.query.ep&&($ep_id_id$$=(new Buffer($req$$.query.ep)).toString("base64"),Endpoint.deleteMany({ep_id:$ep_id_id$$},function($e$$){$e$$&&Logger.info("error when log out endpoint",$e$$)}));$res$$.send({message:$user$$.email+" logged out"})})})});$router$$.route("/notifies").get(function($req$$,$res$$){getNotifies($req$$.user.email,function($error$$,$notifies$$){if($error$$)return $res$$.status(400).send({error:$error$$.message||$error$$.error||$error$$});$res$$.send($notifies$$)},$req$$.query.id_app)}); $router$$.route("/register-endpoint").get(function($req$$,$res$$){const $endpoint$$=$req$$.query.ep,$id_app$$=$req$$.query.id_app;if($endpoint$$){const $ep_id$$=(new Buffer($endpoint$$)).toString("base64");Endpoint.findOne({ep_id:$ep_id$$},function($e$$,$ep$$){if($e$$)return $res$$.status(400).send($e$$);$ep$$?($ep$$.user=$req$$.user.email,$ep$$.userAuth=$req$$.query.userAuth,$ep$$.userPublicKey=$req$$.query.userPublicKey,$ep$$.id_app=$id_app$$,$ep$$.app=$req$$.query.app):$ep$$=new Endpoint({ep_id:$ep_id$$, user:$req$$.user.email,endpoint:$endpoint$$,id_app:$id_app$$,userAuth:$req$$.query.userAuth,userPublicKey:$req$$.query.userPublicKey,app:$req$$.query.app});$ep$$.save(function($e$$,$rs$$){if($e$$)return $res$$.status(400).send($e$$);Logger.info("register successful endpoint",$endpoint$$,$req$$.user.email);$res$$.send($rs$$)})})}else $res$$.status(400).send({error:"H\u00e0m register-endpoint y\u00eau c\u1ea7u tham s\u1ed1 'ep'"})});$router$$.route("/remove-endpoint").get(function($req$$,$res$$){Endpoint.deleteMany({endpoint:$req$$.query.ep}, $e$$=>{if($e$$)return Logger.error($e$$);$res$$.send("success!")})});let $wallet$$=global.getModel("wallet");$router$$.route("/sign").post(function($req$$,$res$$){let $access_token$$=$req$$.query.access_token,$dataToSign$$=$req$$.body,$id_app$$=$dataToSign$$.id_app;if(!$id_app$$)return $res$$.status(400).send("Data for sign miss id_app");findByToken($access_token$$,$req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress,async function($error$$,$user$$){if($error$$)return $res$$.status(400).send($error$$); if($user$$)try{let $signature$$=await $wallet$$.sign($id_app$$,$user$$.email,$dataToSign$$);$res$$.send({signature:$signature$$})}catch($e$$){$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}else $res$$.status(400).send({error:"Not found user"})})})};