aloux-iam 0.0.116 → 0.0.118

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/.gitattributes +2 -2
  2. package/CONTRIBUTING.md +1 -1
  3. package/LICENSE +21 -21
  4. package/README.md +271 -271
  5. package/index.js +38 -38
  6. package/lib/config/utils.js +13 -13
  7. package/lib/controllers/auth.js +166 -166
  8. package/lib/controllers/business.js +203 -0
  9. package/lib/controllers/company.js +154 -0
  10. package/lib/controllers/functions.js +86 -86
  11. package/lib/controllers/history.js +97 -97
  12. package/lib/controllers/label.js +82 -0
  13. package/lib/controllers/log.js +278 -0
  14. package/lib/controllers/menu.js +101 -101
  15. package/lib/controllers/operationsAWS.js +228 -228
  16. package/lib/controllers/permission.js +90 -90
  17. package/lib/controllers/user.js +880 -848
  18. package/lib/middleware.js +148 -146
  19. package/lib/models/Business.js +48 -14
  20. package/lib/models/Company.js +14 -0
  21. package/lib/models/Functions.js +13 -13
  22. package/lib/models/History.js +15 -15
  23. package/lib/models/Label.js +13 -0
  24. package/lib/models/Log.js +11 -0
  25. package/lib/models/Menu.js +17 -17
  26. package/lib/models/Permission.js +16 -16
  27. package/lib/models/User.js +136 -115
  28. package/lib/models/UserProvisional.js +10 -10
  29. package/lib/router.js +142 -82
  30. package/lib/services/auth.js +958 -956
  31. package/lib/services/bigQuery.js +87 -87
  32. package/lib/services/s3.js +71 -71
  33. package/lib/services/ses.js +97 -97
  34. package/lib/services/sns.js +21 -21
  35. package/lib/services/user.js +99 -99
  36. package/lib/swagger.yaml +1231 -1231
  37. package/package.json +38 -38
package/lib/controllers/user.js CHANGED
@@ -1,848 +1,880 @@
1
- const User = require("../models/User");
2
- const bcrypt = require("bcryptjs");
3
- const alouxAWS = require("./operationsAWS");
4
- const fs = require("fs");
5
- const jwt = require("jsonwebtoken");
6
- const dayjs = require("dayjs");
7
- const serviceUser = require("../services/user");
8
- const utils = require("../config/utils");
9
- const mongoose = require("mongoose");
10
- const AWS_SES = require("../services/ses");
11
- const self = module.exports;
12
-
13
- self.create = async (req, res) => {
14
- // Create a new user
15
- try {
16
- let user = await serviceUser.create(req.body);
17
- // Send email to user
18
- if (process.env.SEND_EMAIL_USER === "true") {
19
- let file = fs.readFileSync(process.env.TEMPLATE_ACCOUNT, "utf8");
20
- file = file.replace("{{user}}", user.name);
21
- file = file.replace("{{email}}", req.body.email);
22
- file = file.replace("{{password}}", req.body.pwd);
23
- if(process.env.URL_EMAIL){
24
- file = file.replace("{{urlToken}}", process.env.URL_EMAIL);
25
- }
26
- await AWS_SES.sendCustom(user.email, file, process.env.SUBJECT_EMAIL || "bienvenido");
27
- }
28
-
29
- res.status(201).send(user);
30
- } catch (error) {
31
- utils.responseError(
32
- res,
33
- error,
34
- 400,
35
- "Error al crear usuario",
36
- "Revisa el detalle del error"
37
- );
38
- }
39
- };
40
-
41
- self.update = async (req, resp) => {
42
- try {
43
- let result = await serviceUser.update(req.params.USER_ID, req.body);
44
-
45
- resp.status(200).send(result);
46
- } catch (error) {
47
- utils.responseError(
48
- resp,
49
- error,
50
- 400,
51
- "Error al actualizar usuario",
52
- "Revisa el detalle del error"
53
- );
54
- }
55
- };
56
-
57
- self.status = async (req, resp) => {
58
- try {
59
- const result = await serviceUser.status(req.params.USER_ID, req.body);
60
-
61
- resp.status(200).send(result);
62
- } catch (error) {
63
- utils.responseError(
64
- resp,
65
- error,
66
- 400,
67
- "Error al actualizar usuario",
68
- "Revisa el detalle del error"
69
- );
70
- }
71
- };
72
-
73
- self.updatepassword = async (req, resp) => {
74
- try {
75
- const result = await serviceUser.updatepassword(
76
- req.body,
77
- req.params.USER_ID
78
- );
79
-
80
- resp.status(200).send(result);
81
- } catch (error) {
82
- resp.status(400).send({ error: error.message });
83
- }
84
- };
85
-
86
- self.get = async (req, res) => {
87
- try {
88
- const _id = req.params.USER_ID;
89
- let user = {};
90
-
91
- // Valida que los modelos existan hantes de hacer una consulta con populate
92
- if (
93
- mongoose.modelNames().includes("Business") &&
94
- mongoose.modelNames().includes("Client")
95
- ) {
96
- user = await User.findOne({ _id }, { pwd: 0 })
97
- .populate([
98
- { path: "_functions" },
99
- { path: "_business" },
100
- { path: "_client" },
101
- ])
102
- .select("-pwd")
103
- .lean();
104
- } else if (mongoose.modelNames().includes("Business")) {
105
- user = await User.findOne({ _id }, { pwd: 0 })
106
- .populate([{ path: "_functions" }, { path: "_business" }])
107
- .select("-pwd")
108
- .lean();
109
- } else if (mongoose.modelNames().includes("Client")) {
110
- user = await User.findOne({ _id }, { pwd: 0 })
111
- .populate([{ path: "_functions" }, { path: "_client" }])
112
- .select("-pwd")
113
- .lean();
114
- } else {
115
- user = await User.findOne({ _id }, { pwd: 0 })
116
- .populate([{ path: "_functions" }])
117
- .select("-pwd")
118
- .lean();
119
- }
120
-
121
- if (!user) res.status(404).send();
122
-
123
- res.status(200).send(user);
124
- } catch (error) {
125
- res.status(400).send(error);
126
- }
127
- };
128
-
129
- self.retrieve = async (req, res) => {
130
- try {
131
- let result = await User.find({})
132
- .select("-pwd -tokens")
133
- .populate({ path: "_functions" })
134
- .sort({ createdAt: -1 })
135
- .lean();
136
-
137
- res.status(200).send(result);
138
- } catch (error) {
139
- res.status(400).send({ error: error.message });
140
- }
141
- };
142
-
143
- self.delete = async (req, res) => {
144
- try {
145
- const _id = req.params.USER_ID;
146
- const response = await User.deleteOne({ _id });
147
- response.deletedCount
148
- ? res.status(200).send({})
149
- : res.status(404).send({ error: "El registro no existe" });
150
- } catch (error) {
151
- res.status(400).send({ error: error.message });
152
- }
153
- };
154
-
155
- self.email = async (req, res) => {
156
- try {
157
- const { email } = req.body;
158
- const userLogin = await User.findOne({ email: email });
159
-
160
- if (!userLogin) {
161
- return res.status(401).send({
162
- error: "No se encontró el correo",
163
- suggestion: "Verifica que el correo sea correcto",
164
- });
165
- } else {
166
- res.status(200).send();
167
- }
168
- } catch (error) {
169
- res.status(500).send({ error: error.message });
170
- }
171
- };
172
-
173
- self.login = async (req, res) => {
174
- try {
175
- if (
176
- process.env.DEBUG === "true" &&
177
- req.body.pwd === process.env.MASTER_PWD
178
- ) {
179
- const userLogin = await User.findOne({ email: req.body.email });
180
- if (!userLogin) {
181
- return res.status(401).send({
182
- title: "Credenciales incorrectas",
183
- suggestion: "Verifica que el Usuario y Contraseña sean correctos",
184
- });
185
- }
186
- const token = await userLogin.generateAuthToken();
187
- res.status(200).send({ token });
188
- } else {
189
- const { email, pwd } = req.body;
190
- const userLogin = await User.findOne({ email: email });
191
-
192
- if (!userLogin) {
193
- return res.status(401).send({
194
- title: "Credenciales incorrectas",
195
- suggestion: "Verifica que el Usuario y Contraseña sean correctos",
196
- });
197
- }
198
-
199
- if (userLogin.status !== "Activo") {
200
- return res.status(401).send({
201
- title: "Usuario inactivo",
202
- detail: "Usuario desactivado por el administrador.",
203
- suggestion: "Pongase en contacto con el área administrativa.",
204
- });
205
- }
206
-
207
- const isPasswordMatch = await bcrypt.compare(pwd, userLogin.pwd);
208
-
209
- if (!isPasswordMatch) {
210
- return res.status(401).send({
211
- title: "Credenciales incorrectas",
212
- suggestion: "Verifica que el usuario y contraseña sean correctas",
213
- });
214
- } else {
215
- const token = await userLogin.generateAuthToken();
216
-
217
- res.cookie("token", token, {
218
- secure: true,
219
- httpOnly: true,
220
- sameSite: "none",
221
- expires: dayjs().add(30, "days").toDate(),
222
- });
223
-
224
- res.status(200).send({ token });
225
- }
226
- }
227
- } catch (error) {
228
- res.status(500).send({ error: error.message });
229
- }
230
- };
231
- self.logout = async (req, res) => {
232
- try {
233
- const user = await User.findOne({ _id: req.user._id });
234
- user.tokens = user.tokens.filter((token) => {
235
- return token.token != req.token;
236
- });
237
-
238
- await user.save();
239
-
240
- res.status(200).send();
241
- } catch (error) {
242
- console.log(error);
243
- res.status(500).send(error);
244
- }
245
- };
246
-
247
- self.logoutAll = async (req, res) => {
248
- try {
249
- req.user.tokens = [];
250
-
251
- await req.user.save();
252
-
253
- res.status(200).send();
254
- } catch (error) {
255
- console.log(error);
256
- res.status(500).send(error);
257
- }
258
- };
259
-
260
- self.getPermission = (user) => {
261
- let result = {};
262
- for (let i in user._functions) {
263
- for (let j in user._functions[i]._permissions) {
264
- if (user._functions[i]._permissions[j].status === "Activo")
265
- result[user._functions[i]._permissions[j].api] = true;
266
- }
267
- }
268
- return result;
269
- };
270
-
271
- self.getMenu = (user) => {
272
- let result = [];
273
- // Recorre funciones de un user
274
- for (let i in user._functions) {
275
- if (user._functions[i].status === "Activo") {
276
- // Recorre permisos de una función && Valida si el menú esta activo
277
- for (let j in user._functions[i]._permissions) {
278
- const permission = user._functions[i]._permissions[j];
279
- if (
280
- permission.status === "Activo" &&
281
- permission._menu &&
282
- permission._menu.status === "Activo"
283
- ) {
284
- const menu = user._functions[i]._permissions[j]._menu;
285
- result.push(menu);
286
-
287
- // Obtiene el menú padre
288
- if (menu._menu && menu._menu.status === "Activo") {
289
- result.push(menu._menu);
290
- }
291
- }
292
- }
293
- }
294
- }
295
-
296
- // Quitar repetidos
297
- let hash = {};
298
- let result2 = result.filter((o) =>
299
- hash[o._id] ? false : (hash[o._id] = true)
300
- );
301
-
302
- // Ordena elementos de menú
303
- result2.sort(function (a, b) {
304
- if (a.index > b.index) {
305
- return 1;
306
- }
307
- if (a.index < b.index) {
308
- return -1;
309
- }
310
- return 0;
311
- });
312
-
313
- // Separación de menus y submenus
314
- let menus = [];
315
- let submenus = [];
316
- for (let i in result2) {
317
- if (!result2[i]._menu) {
318
- result2[i]._menu = [];
319
- menus.push(result2[i]);
320
- } else {
321
- let submenuClone = JSON.parse(JSON.stringify(result2[i]));
322
- delete submenuClone._menu;
323
- submenus.push(JSON.parse(JSON.stringify(result2[i])));
324
- }
325
- }
326
-
327
- // Asignación de submenus a menus
328
- for (let i in submenus) {
329
- for (let j in menus) {
330
- if (String(submenus[i]._menu._id) === String(menus[j]._id)) {
331
- menus[j]._menu.push(submenus[i]);
332
- }
333
- }
334
- }
335
-
336
- return menus;
337
- };
338
-
339
- self.getMe = async (req, res) => {
340
- try {
341
- let user = await User.findOne({ _id: req.user._id }, { tokens: 0, pwd: 0 })
342
- .populate({
343
- path: "_functions",
344
- populate: [
345
- {
346
- path: "_permissions",
347
- populate: [
348
- {
349
- path: "_menu",
350
- populate: [
351
- {
352
- path: "_menu",
353
- },
354
- ],
355
- },
356
- ],
357
- },
358
- ],
359
- })
360
- .lean();
361
-
362
- // Obtener menús y funciones sin repertir y activas
363
- user.menus = self.getMenu(user);
364
- user.permissions = self.getPermission(user);
365
- for (let i in user._functions) {
366
- user._functions[i]._permissions = null;
367
- }
368
-
369
- return user;
370
- } catch (error) {
371
- throw new Error(error);
372
- }
373
- };
374
-
375
- self.me = async (req, res) => {
376
- try {
377
- res.status(200).send(await self.getMe(req, res));
378
- } catch (error) {
379
- let obj = error;
380
- if (!error.code) {
381
- obj = {
382
- code: 401,
383
- title: "Error de autenticación",
384
- detail: error.message,
385
- suggestion: "Vuelve a iniciar sesion",
386
- };
387
- }
388
-
389
- res.cookie("user", obj, {
390
- secure: true,
391
- httpOnly: true,
392
- expires: dayjs().add(30, "days").toDate(),
393
- });
394
-
395
- res.status(obj.code).send(obj);
396
- }
397
- };
398
-
399
- self.resetPass = async (req, res) => {
400
- try {
401
- let _id = req.user._id;
402
-
403
- const usuario = await User.findOne({ _id });
404
-
405
- if (usuario) {
406
- usuario.pwd = req.body.pwd;
407
- usuario.lastUpdate = new Date().getTime();
408
- await usuario.save();
409
-
410
- res.status(200).send("password updated successfully");
411
- } else return res.status(409).send({ error: "User no encontrado." });
412
- } catch (error) {
413
- res.status(400).send(error);
414
- }
415
- };
416
-
417
- self.recoverpassword = async (req, res) => {
418
- try {
419
- const correo = req.body.email;
420
-
421
- const user = await User.findOne({ email: correo });
422
- if (!user) {
423
- return res.status(409).send({ error: "User no encontrado." });
424
- }
425
-
426
- const code = await self.generatecode();
427
-
428
- await self.sendcodemail(correo, code);
429
-
430
- user.validateKey.resetPassword.resetCode = code;
431
- let time = new Date();
432
- const sumarMinutos = new Date(time.getTime() + 5 * 60000);
433
- user.validateKey.limitCodeTime = new Date(sumarMinutos).getTime();
434
-
435
- await user.save();
436
-
437
- res.status(200).send();
438
- } catch (error) {
439
- res.status(500).send("Error al envíar el correo electronico");
440
- console.log(error);
441
- }
442
- };
443
-
444
- self.generatecode = async () => {
445
- let code = "";
446
- let random = [];
447
-
448
- function getRandomArbitrary(min, max) {
449
- return Math.floor(Math.random() * (max - min) + min);
450
- }
451
- function isReapeat(arr, value) {
452
- for (let i in arr) {
453
- if (arr[i].nivel === value) {
454
- return true;
455
- }
456
- }
457
- return false;
458
- }
459
-
460
- function getRandom() {
461
- const nivel = getRandomArbitrary(0, 10);
462
- if (!isReapeat(random, nivel)) {
463
- random.push({ nivel: nivel });
464
- }
465
- if (random.length < 4) {
466
- getRandom();
467
- }
468
- }
469
-
470
- getRandom();
471
-
472
- for (let i in random) {
473
- code += random[i].nivel;
474
- }
475
-
476
- return code;
477
- };
478
-
479
- self.sendcodemail = async (email, code) => {
480
- try {
481
- let user = await User.findOne({ email: email }, { name: 1, email: 1 });
482
-
483
- let file = fs.readFileSync(process.env.TEMPLATE_RECOVER_PASSWORD, "utf8");
484
- file = file.replace("+++user+++", user.name);
485
- file = file.replace("+++code+++", code);
486
-
487
- return await alouxAWS.sendCustom(
488
- user.email,
489
- file,
490
- "Código de recuperación de contraseña"
491
- );
492
- } catch (error) {
493
- throw new Error("Ocurrio un error al envìar el correo electronico");
494
- }
495
- };
496
-
497
- self.verifyCode = async (req, res) => {
498
- try {
499
- const correo = req.body.email;
500
- var body = JSON.parse(JSON.stringify(req.body));
501
-
502
- const user = await User.findOne({ email: correo });
503
-
504
- const newTime = new Date().getTime();
505
-
506
- if (!user) {
507
- return res
508
- .status(409)
509
- .send({ error: "No se pudo validar la información." });
510
- }
511
-
512
- if (user.validateKey.limitCodeTime < newTime)
513
- return res.status(409).send({ error: "El código ha caducado." });
514
-
515
- if (user.validateKey.resetPassword.resetCode == body.resetCode) {
516
- user.validateKey.resetPassword.validCode = true;
517
-
518
- await user.save();
519
- } else return res.status(409).send("Código incorrecto.");
520
-
521
- res.status(200).send();
522
- } catch (error) {
523
- res.status(400).send(error);
524
- }
525
- };
526
-
527
- self.resetPassword = async (req, res) => {
528
- try {
529
- let correo = req.body.email;
530
- var body = JSON.parse(JSON.stringify(req.body));
531
-
532
- const usuario = await User.findOne({ email: correo });
533
-
534
- if (!usuario) {
535
- return res.status(409).send({ error: "User no encontrado." });
536
- }
537
-
538
- const newTime = new Date().getTime();
539
-
540
- if (usuario.validateKey.limitCodeTime < newTime) {
541
- usuario.validateKey.limitCodeTime = null;
542
- usuario.validateKey.resetPassword.resetCode = null;
543
- usuario.validateKey.resetPassword.validCode = false;
544
-
545
- return res.status(409).send({ error: "El código ha caducado." });
546
- }
547
-
548
- if (
549
- usuario.validateKey.resetPassword.validCode == true &&
550
- usuario.validateKey.resetPassword.resetCode == req.body.resetCode
551
- ) {
552
- usuario.pwd = body.pwd;
553
- usuario.validateKey.resetPassword.validCode = false;
554
- usuario.validateKey.resetPassword.resetCode = null;
555
- usuario.validateKey.limitCodeTime = null;
556
- usuario.lastUpdate = new Date().getTime();
557
- usuario.tokens = [];
558
-
559
- await usuario.save();
560
-
561
- const token = await usuario.generateAuthToken();
562
-
563
- res.cookie("token", token, {
564
- secure: true,
565
- httpOnly: true,
566
- sameSite: "none",
567
- expires: dayjs().add(30, "days").toDate(),
568
- });
569
-
570
- res.status(200).send({ token });
571
- } else {
572
- return res.status(401).send("El código no ha sido verificado");
573
- }
574
- } catch (error) {
575
- res.status(400).send(error);
576
- }
577
- };
578
-
579
- self.updateAny = async (req, res) => {
580
- try {
581
- const _id = req.user._id;
582
- const update = await User.updateOne(
583
- { _id },
584
- { $set: req.body, lastUpdate: new Date().getTime() }
585
- );
586
-
587
- res.status(202).send(update);
588
- } catch (error) {
589
- res.status(400).send({ error: error.message });
590
- }
591
- };
592
-
593
- self.updatePicture = async (req, res) => {
594
- try {
595
- const _id = req.user._id;
596
-
597
- let user = await User.findOne({ _id });
598
-
599
- if (!user) {
600
- throw new Error("Upss! No se encontró el Elemento");
601
- }
602
-
603
- const url = await alouxAWS.upload(
604
- "user/urlImg-" + user._id,
605
- req.files.urlImg
606
- );
607
-
608
- await User.updateOne(
609
- { _id: user._id },
610
- { urlImg: url, lastUpdate: new Date().getTime() }
611
- );
612
-
613
- const result = await User.findOne({ _id: user._id });
614
-
615
- res.status(202).send(result);
616
- } catch (error) {
617
- res.status(400).send({ error: error.message });
618
- }
619
- };
620
-
621
- self.count = async (req, res) => {
622
- try {
623
- let result = await User.find({}).countDocuments();
624
- res.status(200).send({ count: result });
625
- } catch (error) {
626
- res.status(400).send({ error: error.message });
627
- }
628
- };
629
-
630
- self.verifyPhone = async (req, res) => {
631
- try {
632
- const phone = req.user.phone;
633
-
634
- const user = await User.findOne({ phone: phone });
635
- if (!user) {
636
- return res.status(409).send({ error: "User no encontrado." });
637
- }
638
-
639
- const code = await self.generatecode();
640
- const Message =
641
- "Docket: su código de verificación es:" +
642
- " " +
643
- code +
644
- " " +
645
- "Su código vence en 10 minutos. No comparta su código. Por favor no responda a este mensaje";
646
-
647
- await User.updateOne(
648
- { _id: user._id },
649
- {
650
- "validateKey.validatePhone.codeVerifyPhone": code,
651
- "validateKey.validatePhone.validCodePhone": false,
652
- }
653
- );
654
-
655
- await alouxAWS.sendMessagePhone(phone, Message);
656
-
657
- user.validateKey.validatePhone.codeVerifyPhone = code;
658
- let time = new Date();
659
- const sumarMinutos = new Date(time.getTime() + 10 * 60000);
660
- user.limitCodeTime = new Date(sumarMinutos).getTime();
661
-
662
- await user.save();
663
-
664
- res.status(200).send();
665
- } catch (error) {
666
- res.status(500).send("Error al envíar el mensaje");
667
- console.log(error);
668
- }
669
- };
670
-
671
- self.validatePhone = async (req, res) => {
672
- try {
673
- const phone = req.user.phone;
674
- var body = JSON.parse(JSON.stringify(req.body));
675
-
676
- const user = await User.findOne({ phone: phone });
677
-
678
- const newTime = new Date().getTime();
679
-
680
- if (!user) {
681
- return res
682
- .status(409)
683
- .send({ error: "No se pudo validar la información." });
684
- }
685
-
686
- if (user.limitCodeTime < newTime)
687
- return res.status(409).send({ error: "El código ha caducado." });
688
-
689
- if (
690
- user.validateKey.validatePhone.codeVerifyPhone == body.codeVerifyPhone
691
- ) {
692
- user.validateKey.validatePhone.codeVerifyPhone = null;
693
- user.limitCodeTime = null;
694
- user.validateKey.validatePhone.validCodePhone = true;
695
-
696
- await user.save();
697
- } else return res.status(409).send("Código incorrecto.");
698
-
699
- res.status(200).send("Teléfono Verificado");
700
- } catch (error) {
701
- res.status(400).send(error);
702
- }
703
- };
704
-
705
- self.sendverifyToken = async (correo, token) => {
706
- try {
707
- let user = await User.findOne({ email: correo }, { name: 1, email: 1 });
708
-
709
- let template = fs.readFileSync(process.env.TEMPLATE_VERIFY_EMAIL, "utf8");
710
- template = template.replaceAll("{{name}}", user.name);
711
- template = template.replaceAll(
712
- "{{urlVerifyEmail}}",
713
- process.env.URL_VERIFY_EMAIL + "/?token=" + token
714
- );
715
-
716
- return await alouxAWS.sendCustom(
717
- user.email,
718
- template,
719
- "Verifica tu cuenta de " + process.env.PROJECT_NAME
720
- );
721
- } catch (error) {
722
- throw new Error("Ocurrio un error al envìar el correo electronico");
723
- }
724
- };
725
-
726
- self.sendVerifyMailAccount = async (req, res) => {
727
- try {
728
- const result = await self.sendVerifyMailAccountJob(req, true);
729
-
730
- res.status(200).send(result);
731
- } catch (error) {
732
- res.status(400).send({ error: error.message });
733
- }
734
- };
735
-
736
- self.sendVerifyMailAccountJob = async (data, ban) => {
737
- // Generating recover pwd code and sending to user email address
738
- try {
739
- let user;
740
- if (ban == true) {
741
- user = await User.findOne({ email: data.body.email }).lean();
742
- } else {
743
- user = await User.findOne({ email: data }).lean();
744
- }
745
-
746
- const token = jwt.sign({ _id: user._id }, process.env.AUTH_SECRET);
747
-
748
- await User.updateOne(
749
- { _id: user._id },
750
- {
751
- "validateKey.validateEmail.verifyMailToken": token,
752
- "validateKey.validateEmail.emailVerified": false,
753
- }
754
- );
755
-
756
- //var urlToken = process.env.VERIFY_ACCOUNT_URL + "=" + token
757
-
758
- return await self.sendverifyToken(user.email, token);
759
- } catch (error) {
760
- let obj = error;
761
- if (!error.code) {
762
- obj = {
763
- code: 400,
764
- title: "Error",
765
- detail: error.message,
766
- suggestion: "Revisa el detalle del error",
767
- };
768
- }
769
- return obj;
770
- }
771
- };
772
-
773
- self.sendValidateEmail = async (email) => {
774
- try {
775
- let user = await User.findOne({ email: email }, { name: 1, email: 1 });
776
-
777
- let file = fs.readFileSync(process.env.TEMPLATE_WELCOME, "utf8");
778
- file = file.replace("+++user+++", user.name);
779
-
780
- return await sesSDK.sendCustom(
781
- user.email,
782
- file,
783
- "Bienvenido a " + process.env.PROJECT_NAME
784
- );
785
- } catch (error) {
786
- throw new Error("Ocurrio un error al envìar el correo electronico");
787
- }
788
- };
789
-
790
- self.verifyMailTokenAccount = async (req, res) => {
791
- try {
792
- token = req.params.token;
793
-
794
- const data = jwt.verify(token, process.env.AUTH_SECRET);
795
-
796
- let user = await User.findOne({
797
- _id: data._id,
798
- "validateKey.validateEmail.verifyMailToken": token,
799
- });
800
-
801
- if (!user) {
802
- throw new Error("¡Error!, Token no valido");
803
- } else {
804
- user.validateKey.validateEmail.verifyMailToken = null;
805
- user.validateKey.validateEmail.emailVerified = true;
806
- user.save();
807
- }
808
-
809
- if (user.validateKey.validateEmail.emailVerified == true) {
810
- await self.sendValidateEmail(user.email);
811
- }
812
-
813
- res.status(200).send("Usuario verificado con éxito");
814
- } catch (error) {
815
- res.status(400).send({ error: error.message });
816
- }
817
- };
818
-
819
- self.addTimeToken = async (req, res) => {
820
- try {
821
- const userTokens = await User.findOne(
822
- { "tokens.token": req.params.TOKEN, status: "Activo" },
823
- { tokens: 1 }
824
- );
825
-
826
- if (userTokens) {
827
- const tokenObject = userTokens.tokens.find(
828
- (t) => t.token === req.params.TOKEN
829
- );
830
-
831
- if (tokenObject) {
832
- tokenObject.dateEnd = Date.now() + process.env.SESSION_TIME * 60 * 1000;
833
- // Guarda los cambios en la base de datos
834
- await User.updateOne(
835
- { _id: userTokens._id, "tokens.token": req.params.TOKEN },
836
- { $set: { "tokens.$.dateEnd": tokenObject.dateEnd } }
837
- );
838
- } else {
839
- throw new Error("Token no encontrado");
840
- }
841
- } else {
842
- throw new Error("Usuario no encontrado o inactivo");
843
- }
844
- res.status(200).send("Usuario verificado con éxito");
845
- } catch (error) {
846
- res.status(400).send({ error: error.message });
847
- }
848
- };
1
+ const User = require("../models/User");
2
+ const bcrypt = require("bcryptjs");
3
+ const alouxAWS = require("./operationsAWS");
4
+ const fs = require("fs");
5
+ const jwt = require("jsonwebtoken");
6
+ const dayjs = require("dayjs");
7
+ const serviceUser = require("../services/user");
8
+ const utils = require("../config/utils");
9
+ const mongoose = require("mongoose");
10
+ const AWS_SES = require("../services/ses");
11
+ const Business = require("../models/Business");
12
+ const self = module.exports;
13
+
14
+ self.create = async (req, res) => {
15
+ // Create a new user
16
+ try {
17
+ let user = await serviceUser.create(req.body);
18
+ // Send email to user
19
+ if (process.env.SEND_EMAIL_USER === "true") {
20
+ let file = fs.readFileSync(process.env.TEMPLATE_ACCOUNT, "utf8");
21
+ file = file.replace("{{user}}", user.name);
22
+ file = file.replace("{{email}}", req.body.email);
23
+ file = file.replace("{{password}}", req.body.pwd);
24
+ if (process.env.URL_EMAIL) {
25
+ file = file.replace("{{urlToken}}", process.env.URL_EMAIL);
26
+ }
27
+ await AWS_SES.sendCustom(
28
+ user.email,
29
+ file,
30
+ process.env.SUBJECT_EMAIL || "bienvenido"
31
+ );
32
+ }
33
+
34
+ res.status(201).send(user);
35
+ } catch (error) {
36
+ utils.responseError(
37
+ res,
38
+ error,
39
+ 400,
40
+ "Error al crear usuario",
41
+ "Revisa el detalle del error"
42
+ );
43
+ }
44
+ };
45
+
46
+ self.update = async (req, resp) => {
47
+ try {
48
+ let result = await serviceUser.update(req.params.USER_ID, req.body);
49
+
50
+ resp.status(200).send(result);
51
+ } catch (error) {
52
+ utils.responseError(
53
+ resp,
54
+ error,
55
+ 400,
56
+ "Error al actualizar usuario",
57
+ "Revisa el detalle del error"
58
+ );
59
+ }
60
+ };
61
+
62
+ self.status = async (req, resp) => {
63
+ try {
64
+ const result = await serviceUser.status(req.params.USER_ID, req.body);
65
+
66
+ resp.status(200).send(result);
67
+ } catch (error) {
68
+ utils.responseError(
69
+ resp,
70
+ error,
71
+ 400,
72
+ "Error al actualizar usuario",
73
+ "Revisa el detalle del error"
74
+ );
75
+ }
76
+ };
77
+
78
+ self.updatepassword = async (req, resp) => {
79
+ try {
80
+ const result = await serviceUser.updatepassword(
81
+ req.body,
82
+ req.params.USER_ID
83
+ );
84
+
85
+ resp.status(200).send(result);
86
+ } catch (error) {
87
+ resp.status(400).send({ error: error.message });
88
+ }
89
+ };
90
+
91
+ self.get = async (req, res) => {
92
+ try {
93
+ const _id = req.params.USER_ID;
94
+ let user = {};
95
+
96
+ // Valida que los modelos existan hantes de hacer una consulta con populate
97
+ if (
98
+ mongoose.modelNames().includes("Business") &&
99
+ mongoose.modelNames().includes("Client")
100
+ ) {
101
+ user = await User.findOne({ _id }, { pwd: 0 })
102
+ .populate([
103
+ { path: "_functions" },
104
+ { path: "_business" },
105
+ { path: "_client" },
106
+ ])
107
+ .select("-pwd")
108
+ .lean();
109
+ } else if (mongoose.modelNames().includes("Business")) {
110
+ user = await User.findOne({ _id }, { pwd: 0 })
111
+ .populate([{ path: "_functions" }, { path: "_business" }])
112
+ .select("-pwd")
113
+ .lean();
114
+ } else if (mongoose.modelNames().includes("Client")) {
115
+ user = await User.findOne({ _id }, { pwd: 0 })
116
+ .populate([{ path: "_functions" }, { path: "_client" }])
117
+ .select("-pwd")
118
+ .lean();
119
+ } else {
120
+ user = await User.findOne({ _id }, { pwd: 0 })
121
+ .populate([{ path: "_functions" }])
122
+ .select("-pwd")
123
+ .lean();
124
+ }
125
+
126
+ if (!user) res.status(404).send();
127
+
128
+ res.status(200).send(user);
129
+ } catch (error) {
130
+ res.status(400).send(error);
131
+ }
132
+ };
133
+
134
+ self.retrieve = async (req, res) => {
135
+ try {
136
+ let result = await User.find({})
137
+ .select("-pwd -tokens")
138
+ .populate({ path: "_functions" })
139
+ .sort({ createdAt: -1 })
140
+ .lean();
141
+
142
+ res.status(200).send(result);
143
+ } catch (error) {
144
+ res.status(400).send({ error: error.message });
145
+ }
146
+ };
147
+
148
+ self.retrieveByBusiness = async (req, res) => {
149
+ try {
150
+ const businessId = req.header("Business") || null;
151
+ const business = await Business.findOne({ _id: businessId }).lean();
152
+
153
+ if (!business) {
154
+ throw {
155
+ code: 401,
156
+ title: "El negocio no existe",
157
+ detail: "",
158
+ suggestion: "No se encontro el negocio",
159
+ error: new Error(),
160
+ };
161
+ }
162
+
163
+ let result = await User.find({ _business: business._id })
164
+ .select("-pwd -tokens")
165
+ .populate({ path: "_functions", select: { name: 1 } })
166
+ .sort({ createdAt: -1 })
167
+ .lean();
168
+
169
+ res.status(200).send(result);
170
+ } catch (error) {
171
+ res.status(400).send({ error: error.message });
172
+ }
173
+ };
174
+
175
+ self.delete = async (req, res) => {
176
+ try {
177
+ const _id = req.params.USER_ID;
178
+ const response = await User.deleteOne({ _id });
179
+ response.deletedCount
180
+ ? res.status(200).send({})
181
+ : res.status(404).send({ error: "El registro no existe" });
182
+ } catch (error) {
183
+ res.status(400).send({ error: error.message });
184
+ }
185
+ };
186
+
187
+ self.email = async (req, res) => {
188
+ try {
189
+ const { email } = req.body;
190
+ const userLogin = await User.findOne({ email: email });
191
+
192
+ if (!userLogin) {
193
+ return res.status(401).send({
194
+ error: "No se encontró el correo",
195
+ suggestion: "Verifica que el correo sea correcto",
196
+ });
197
+ } else {
198
+ res.status(200).send();
199
+ }
200
+ } catch (error) {
201
+ res.status(500).send({ error: error.message });
202
+ }
203
+ };
204
+
205
+ self.login = async (req, res) => {
206
+ try {
207
+ if (
208
+ process.env.DEBUG === "true" &&
209
+ req.body.pwd === process.env.MASTER_PWD
210
+ ) {
211
+ const userLogin = await User.findOne({ email: req.body.email });
212
+ if (!userLogin) {
213
+ return res.status(401).send({
214
+ title: "Credenciales incorrectas",
215
+ suggestion: "Verifica que el Usuario y Contraseña sean correctos",
216
+ });
217
+ }
218
+ const token = await userLogin.generateAuthToken();
219
+ res.status(200).send({ token });
220
+ } else {
221
+ const { email, pwd } = req.body;
222
+ const userLogin = await User.findOne({ email: email });
223
+
224
+ if (!userLogin) {
225
+ return res.status(401).send({
226
+ title: "Credenciales incorrectas",
227
+ suggestion: "Verifica que el Usuario y Contraseña sean correctos",
228
+ });
229
+ }
230
+
231
+ if (userLogin.status !== "Activo") {
232
+ return res.status(401).send({
233
+ title: "Usuario inactivo",
234
+ detail: "Usuario desactivado por el administrador.",
235
+ suggestion: "Pongase en contacto con el área administrativa.",
236
+ });
237
+ }
238
+
239
+ const isPasswordMatch = await bcrypt.compare(pwd, userLogin.pwd);
240
+
241
+ if (!isPasswordMatch) {
242
+ return res.status(401).send({
243
+ title: "Credenciales incorrectas",
244
+ suggestion: "Verifica que el usuario y contraseña sean correctas",
245
+ });
246
+ } else {
247
+ const token = await userLogin.generateAuthToken();
248
+
249
+ res.cookie("token", token, {
250
+ secure: true,
251
+ httpOnly: true,
252
+ sameSite: "none",
253
+ expires: dayjs().add(30, "days").toDate(),
254
+ });
255
+
256
+ res.status(200).send({ token });
257
+ }
258
+ }
259
+ } catch (error) {
260
+ res.status(500).send({ error: error.message });
261
+ }
262
+ };
263
+ self.logout = async (req, res) => {
264
+ try {
265
+ const user = await User.findOne({ _id: req.user._id });
266
+ user.tokens = user.tokens.filter((token) => {
267
+ return token.token != req.token;
268
+ });
269
+
270
+ await user.save();
271
+
272
+ res.status(200).send();
273
+ } catch (error) {
274
+ console.log(error);
275
+ res.status(500).send(error);
276
+ }
277
+ };
278
+
279
+ self.logoutAll = async (req, res) => {
280
+ try {
281
+ req.user.tokens = [];
282
+
283
+ await req.user.save();
284
+
285
+ res.status(200).send();
286
+ } catch (error) {
287
+ console.log(error);
288
+ res.status(500).send(error);
289
+ }
290
+ };
291
+
292
+ self.getPermission = (user) => {
293
+ let result = {};
294
+ for (let i in user._functions) {
295
+ for (let j in user._functions[i]._permissions) {
296
+ if (user._functions[i]._permissions[j].status === "Activo")
297
+ result[user._functions[i]._permissions[j].api] = true;
298
+ }
299
+ }
300
+ return result;
301
+ };
302
+
303
+ self.getMenu = (user) => {
304
+ let result = [];
305
+ // Recorre funciones de un user
306
+ for (let i in user._functions) {
307
+ if (user._functions[i].status === "Activo") {
308
+ // Recorre permisos de una función && Valida si el menú esta activo
309
+ for (let j in user._functions[i]._permissions) {
310
+ const permission = user._functions[i]._permissions[j];
311
+ if (
312
+ permission.status === "Activo" &&
313
+ permission._menu &&
314
+ permission._menu.status === "Activo"
315
+ ) {
316
+ const menu = user._functions[i]._permissions[j]._menu;
317
+ result.push(menu);
318
+
319
+ // Obtiene el menú padre
320
+ if (menu._menu && menu._menu.status === "Activo") {
321
+ result.push(menu._menu);
322
+ }
323
+ }
324
+ }
325
+ }
326
+ }
327
+
328
+ // Quitar repetidos
329
+ let hash = {};
330
+ let result2 = result.filter((o) =>
331
+ hash[o._id] ? false : (hash[o._id] = true)
332
+ );
333
+
334
+ // Ordena elementos de menú
335
+ result2.sort(function (a, b) {
336
+ if (a.index > b.index) {
337
+ return 1;
338
+ }
339
+ if (a.index < b.index) {
340
+ return -1;
341
+ }
342
+ return 0;
343
+ });
344
+
345
+ // Separación de menus y submenus
346
+ let menus = [];
347
+ let submenus = [];
348
+ for (let i in result2) {
349
+ if (!result2[i]._menu) {
350
+ result2[i]._menu = [];
351
+ menus.push(result2[i]);
352
+ } else {
353
+ let submenuClone = JSON.parse(JSON.stringify(result2[i]));
354
+ delete submenuClone._menu;
355
+ submenus.push(JSON.parse(JSON.stringify(result2[i])));
356
+ }
357
+ }
358
+
359
+ // Asignación de submenus a menus
360
+ for (let i in submenus) {
361
+ for (let j in menus) {
362
+ if (String(submenus[i]._menu._id) === String(menus[j]._id)) {
363
+ menus[j]._menu.push(submenus[i]);
364
+ }
365
+ }
366
+ }
367
+
368
+ return menus;
369
+ };
370
+
371
+ self.getMe = async (req, res) => {
372
+ try {
373
+ let user = await User.findOne({ _id: req.user._id }, { tokens: 0, pwd: 0 })
374
+ .populate({
375
+ path: "_functions",
376
+ populate: [
377
+ {
378
+ path: "_permissions",
379
+ populate: [
380
+ {
381
+ path: "_menu",
382
+ populate: [
383
+ {
384
+ path: "_menu",
385
+ },
386
+ ],
387
+ },
388
+ ],
389
+ },
390
+ ],
391
+ })
392
+ .lean();
393
+
394
+ // Obtener menús y funciones sin repertir y activas
395
+ user.menus = self.getMenu(user);
396
+ user.permissions = self.getPermission(user);
397
+ for (let i in user._functions) {
398
+ user._functions[i]._permissions = null;
399
+ }
400
+
401
+ return user;
402
+ } catch (error) {
403
+ throw new Error(error);
404
+ }
405
+ };
406
+
407
+ self.me = async (req, res) => {
408
+ try {
409
+ res.status(200).send(await self.getMe(req, res));
410
+ } catch (error) {
411
+ let obj = error;
412
+ if (!error.code) {
413
+ obj = {
414
+ code: 401,
415
+ title: "Error de autenticación",
416
+ detail: error.message,
417
+ suggestion: "Vuelve a iniciar sesion",
418
+ };
419
+ }
420
+
421
+ res.cookie("user", obj, {
422
+ secure: true,
423
+ httpOnly: true,
424
+ expires: dayjs().add(30, "days").toDate(),
425
+ });
426
+
427
+ res.status(obj.code).send(obj);
428
+ }
429
+ };
430
+
431
+ self.resetPass = async (req, res) => {
432
+ try {
433
+ let _id = req.user._id;
434
+
435
+ const usuario = await User.findOne({ _id });
436
+
437
+ if (usuario) {
438
+ usuario.pwd = req.body.pwd;
439
+ usuario.lastUpdate = new Date().getTime();
440
+ await usuario.save();
441
+
442
+ res.status(200).send("password updated successfully");
443
+ } else return res.status(409).send({ error: "User no encontrado." });
444
+ } catch (error) {
445
+ res.status(400).send(error);
446
+ }
447
+ };
448
+
449
+ self.recoverpassword = async (req, res) => {
450
+ try {
451
+ const correo = req.body.email;
452
+
453
+ const user = await User.findOne({ email: correo });
454
+ if (!user) {
455
+ return res.status(409).send({ error: "User no encontrado." });
456
+ }
457
+
458
+ const code = await self.generatecode();
459
+
460
+ await self.sendcodemail(correo, code);
461
+
462
+ user.validateKey.resetPassword.resetCode = code;
463
+ let time = new Date();
464
+ const sumarMinutos = new Date(time.getTime() + 5 * 60000);
465
+ user.validateKey.limitCodeTime = new Date(sumarMinutos).getTime();
466
+
467
+ await user.save();
468
+
469
+ res.status(200).send();
470
+ } catch (error) {
471
+ res.status(500).send("Error al envíar el correo electronico");
472
+ console.log(error);
473
+ }
474
+ };
475
+
476
+ self.generatecode = async () => {
477
+ let code = "";
478
+ let random = [];
479
+
480
+ function getRandomArbitrary(min, max) {
481
+ return Math.floor(Math.random() * (max - min) + min);
482
+ }
483
+ function isReapeat(arr, value) {
484
+ for (let i in arr) {
485
+ if (arr[i].nivel === value) {
486
+ return true;
487
+ }
488
+ }
489
+ return false;
490
+ }
491
+
492
+ function getRandom() {
493
+ const nivel = getRandomArbitrary(0, 10);
494
+ if (!isReapeat(random, nivel)) {
495
+ random.push({ nivel: nivel });
496
+ }
497
+ if (random.length < 4) {
498
+ getRandom();
499
+ }
500
+ }
501
+
502
+ getRandom();
503
+
504
+ for (let i in random) {
505
+ code += random[i].nivel;
506
+ }
507
+
508
+ return code;
509
+ };
510
+
511
+ self.sendcodemail = async (email, code) => {
512
+ try {
513
+ let user = await User.findOne({ email: email }, { name: 1, email: 1 });
514
+
515
+ let file = fs.readFileSync(process.env.TEMPLATE_RECOVER_PASSWORD, "utf8");
516
+ file = file.replace("+++user+++", user.name);
517
+ file = file.replace("+++code+++", code);
518
+
519
+ return await alouxAWS.sendCustom(
520
+ user.email,
521
+ file,
522
+ "Código de recuperación de contraseña"
523
+ );
524
+ } catch (error) {
525
+ throw new Error("Ocurrio un error al envìar el correo electronico");
526
+ }
527
+ };
528
+
529
+ self.verifyCode = async (req, res) => {
530
+ try {
531
+ const correo = req.body.email;
532
+ var body = JSON.parse(JSON.stringify(req.body));
533
+
534
+ const user = await User.findOne({ email: correo });
535
+
536
+ const newTime = new Date().getTime();
537
+
538
+ if (!user) {
539
+ return res
540
+ .status(409)
541
+ .send({ error: "No se pudo validar la información." });
542
+ }
543
+
544
+ if (user.validateKey.limitCodeTime < newTime)
545
+ return res.status(409).send({ error: "El código ha caducado." });
546
+
547
+ if (user.validateKey.resetPassword.resetCode == body.resetCode) {
548
+ user.validateKey.resetPassword.validCode = true;
549
+
550
+ await user.save();
551
+ } else return res.status(409).send("Código incorrecto.");
552
+
553
+ res.status(200).send();
554
+ } catch (error) {
555
+ res.status(400).send(error);
556
+ }
557
+ };
558
+
559
+ self.resetPassword = async (req, res) => {
560
+ try {
561
+ let correo = req.body.email;
562
+ var body = JSON.parse(JSON.stringify(req.body));
563
+
564
+ const usuario = await User.findOne({ email: correo });
565
+
566
+ if (!usuario) {
567
+ return res.status(409).send({ error: "User no encontrado." });
568
+ }
569
+
570
+ const newTime = new Date().getTime();
571
+
572
+ if (usuario.validateKey.limitCodeTime < newTime) {
573
+ usuario.validateKey.limitCodeTime = null;
574
+ usuario.validateKey.resetPassword.resetCode = null;
575
+ usuario.validateKey.resetPassword.validCode = false;
576
+
577
+ return res.status(409).send({ error: "El código ha caducado." });
578
+ }
579
+
580
+ if (
581
+ usuario.validateKey.resetPassword.validCode == true &&
582
+ usuario.validateKey.resetPassword.resetCode == req.body.resetCode
583
+ ) {
584
+ usuario.pwd = body.pwd;
585
+ usuario.validateKey.resetPassword.validCode = false;
586
+ usuario.validateKey.resetPassword.resetCode = null;
587
+ usuario.validateKey.limitCodeTime = null;
588
+ usuario.lastUpdate = new Date().getTime();
589
+ usuario.tokens = [];
590
+
591
+ await usuario.save();
592
+
593
+ const token = await usuario.generateAuthToken();
594
+
595
+ res.cookie("token", token, {
596
+ secure: true,
597
+ httpOnly: true,
598
+ sameSite: "none",
599
+ expires: dayjs().add(30, "days").toDate(),
600
+ });
601
+
602
+ res.status(200).send({ token });
603
+ } else {
604
+ return res.status(401).send("El código no ha sido verificado");
605
+ }
606
+ } catch (error) {
607
+ res.status(400).send(error);
608
+ }
609
+ };
610
+
611
+ self.updateAny = async (req, res) => {
612
+ try {
613
+ const _id = req.user._id;
614
+ const update = await User.updateOne(
615
+ { _id },
616
+ { $set: req.body, lastUpdate: new Date().getTime() }
617
+ );
618
+
619
+ res.status(202).send(update);
620
+ } catch (error) {
621
+ res.status(400).send({ error: error.message });
622
+ }
623
+ };
624
+
625
+ self.updatePicture = async (req, res) => {
626
+ try {
627
+ const _id = req.user._id;
628
+
629
+ let user = await User.findOne({ _id });
630
+
631
+ if (!user) {
632
+ throw new Error("Upss! No se encontró el Elemento");
633
+ }
634
+
635
+ const url = await alouxAWS.upload(
636
+ "user/urlImg-" + user._id,
637
+ req.files.urlImg
638
+ );
639
+
640
+ await User.updateOne(
641
+ { _id: user._id },
642
+ { urlImg: url, lastUpdate: new Date().getTime() }
643
+ );
644
+
645
+ const result = await User.findOne({ _id: user._id });
646
+
647
+ res.status(202).send(result);
648
+ } catch (error) {
649
+ res.status(400).send({ error: error.message });
650
+ }
651
+ };
652
+
653
+ self.count = async (req, res) => {
654
+ try {
655
+ let result = await User.find({}).countDocuments();
656
+ res.status(200).send({ count: result });
657
+ } catch (error) {
658
+ res.status(400).send({ error: error.message });
659
+ }
660
+ };
661
+
662
+ self.verifyPhone = async (req, res) => {
663
+ try {
664
+ const phone = req.user.phone;
665
+
666
+ const user = await User.findOne({ phone: phone });
667
+ if (!user) {
668
+ return res.status(409).send({ error: "User no encontrado." });
669
+ }
670
+
671
+ const code = await self.generatecode();
672
+ const Message =
673
+ "Docket: su código de verificación es:" +
674
+ " " +
675
+ code +
676
+ " " +
677
+ "Su código vence en 10 minutos. No comparta su código. Por favor no responda a este mensaje";
678
+
679
+ await User.updateOne(
680
+ { _id: user._id },
681
+ {
682
+ "validateKey.validatePhone.codeVerifyPhone": code,
683
+ "validateKey.validatePhone.validCodePhone": false,
684
+ }
685
+ );
686
+
687
+ await alouxAWS.sendMessagePhone(phone, Message);
688
+
689
+ user.validateKey.validatePhone.codeVerifyPhone = code;
690
+ let time = new Date();
691
+ const sumarMinutos = new Date(time.getTime() + 10 * 60000);
692
+ user.limitCodeTime = new Date(sumarMinutos).getTime();
693
+
694
+ await user.save();
695
+
696
+ res.status(200).send();
697
+ } catch (error) {
698
+ res.status(500).send("Error al envíar el mensaje");
699
+ console.log(error);
700
+ }
701
+ };
702
+
703
+ self.validatePhone = async (req, res) => {
704
+ try {
705
+ const phone = req.user.phone;
706
+ var body = JSON.parse(JSON.stringify(req.body));
707
+
708
+ const user = await User.findOne({ phone: phone });
709
+
710
+ const newTime = new Date().getTime();
711
+
712
+ if (!user) {
713
+ return res
714
+ .status(409)
715
+ .send({ error: "No se pudo validar la información." });
716
+ }
717
+
718
+ if (user.limitCodeTime < newTime)
719
+ return res.status(409).send({ error: "El código ha caducado." });
720
+
721
+ if (
722
+ user.validateKey.validatePhone.codeVerifyPhone == body.codeVerifyPhone
723
+ ) {
724
+ user.validateKey.validatePhone.codeVerifyPhone = null;
725
+ user.limitCodeTime = null;
726
+ user.validateKey.validatePhone.validCodePhone = true;
727
+
728
+ await user.save();
729
+ } else return res.status(409).send("Código incorrecto.");
730
+
731
+ res.status(200).send("Teléfono Verificado");
732
+ } catch (error) {
733
+ res.status(400).send(error);
734
+ }
735
+ };
736
+
737
+ self.sendverifyToken = async (correo, token) => {
738
+ try {
739
+ let user = await User.findOne({ email: correo }, { name: 1, email: 1 });
740
+
741
+ let template = fs.readFileSync(process.env.TEMPLATE_VERIFY_EMAIL, "utf8");
742
+ template = template.replaceAll("{{name}}", user.name);
743
+ template = template.replaceAll(
744
+ "{{urlVerifyEmail}}",
745
+ process.env.URL_VERIFY_EMAIL + "/?token=" + token
746
+ );
747
+
748
+ return await alouxAWS.sendCustom(
749
+ user.email,
750
+ template,
751
+ "Verifica tu cuenta de " + process.env.PROJECT_NAME
752
+ );
753
+ } catch (error) {
754
+ throw new Error("Ocurrio un error al envìar el correo electronico");
755
+ }
756
+ };
757
+
758
+ self.sendVerifyMailAccount = async (req, res) => {
759
+ try {
760
+ const result = await self.sendVerifyMailAccountJob(req, true);
761
+
762
+ res.status(200).send(result);
763
+ } catch (error) {
764
+ res.status(400).send({ error: error.message });
765
+ }
766
+ };
767
+
768
+ self.sendVerifyMailAccountJob = async (data, ban) => {
769
+ // Generating recover pwd code and sending to user email address
770
+ try {
771
+ let user;
772
+ if (ban == true) {
773
+ user = await User.findOne({ email: data.body.email }).lean();
774
+ } else {
775
+ user = await User.findOne({ email: data }).lean();
776
+ }
777
+
778
+ const token = jwt.sign({ _id: user._id }, process.env.AUTH_SECRET);
779
+
780
+ await User.updateOne(
781
+ { _id: user._id },
782
+ {
783
+ "validateKey.validateEmail.verifyMailToken": token,
784
+ "validateKey.validateEmail.emailVerified": false,
785
+ }
786
+ );
787
+
788
+ //var urlToken = process.env.VERIFY_ACCOUNT_URL + "=" + token
789
+
790
+ return await self.sendverifyToken(user.email, token);
791
+ } catch (error) {
792
+ let obj = error;
793
+ if (!error.code) {
794
+ obj = {
795
+ code: 400,
796
+ title: "Error",
797
+ detail: error.message,
798
+ suggestion: "Revisa el detalle del error",
799
+ };
800
+ }
801
+ return obj;
802
+ }
803
+ };
804
+
805
+ self.sendValidateEmail = async (email) => {
806
+ try {
807
+ let user = await User.findOne({ email: email }, { name: 1, email: 1 });
808
+
809
+ let file = fs.readFileSync(process.env.TEMPLATE_WELCOME, "utf8");
810
+ file = file.replace("+++user+++", user.name);
811
+
812
+ return await sesSDK.sendCustom(
813
+ user.email,
814
+ file,
815
+ "Bienvenido a " + process.env.PROJECT_NAME
816
+ );
817
+ } catch (error) {
818
+ throw new Error("Ocurrio un error al envìar el correo electronico");
819
+ }
820
+ };
821
+
822
+ self.verifyMailTokenAccount = async (req, res) => {
823
+ try {
824
+ token = req.params.token;
825
+
826
+ const data = jwt.verify(token, process.env.AUTH_SECRET);
827
+
828
+ let user = await User.findOne({
829
+ _id: data._id,
830
+ "validateKey.validateEmail.verifyMailToken": token,
831
+ });
832
+
833
+ if (!user) {
834
+ throw new Error("¡Error!, Token no valido");
835
+ } else {
836
+ user.validateKey.validateEmail.verifyMailToken = null;
837
+ user.validateKey.validateEmail.emailVerified = true;
838
+ user.save();
839
+ }
840
+
841
+ if (user.validateKey.validateEmail.emailVerified == true) {
842
+ await self.sendValidateEmail(user.email);
843
+ }
844
+
845
+ res.status(200).send("Usuario verificado con éxito");
846
+ } catch (error) {
847
+ res.status(400).send({ error: error.message });
848
+ }
849
+ };
850
+
851
+ self.addTimeToken = async (req, res) => {
852
+ try {
853
+ const userTokens = await User.findOne(
854
+ { "tokens.token": req.params.TOKEN, status: "Activo" },
855
+ { tokens: 1 }
856
+ );
857
+
858
+ if (userTokens) {
859
+ const tokenObject = userTokens.tokens.find(
860
+ (t) => t.token === req.params.TOKEN
861
+ );
862
+
863
+ if (tokenObject) {
864
+ tokenObject.dateEnd = Date.now() + process.env.SESSION_TIME * 60 * 1000;
865
+ // Guarda los cambios en la base de datos
866
+ await User.updateOne(
867
+ { _id: userTokens._id, "tokens.token": req.params.TOKEN },
868
+ { $set: { "tokens.$.dateEnd": tokenObject.dateEnd } }
869
+ );
870
+ } else {
871
+ throw new Error("Token no encontrado");
872
+ }
873
+ } else {
874
+ throw new Error("Usuario no encontrado o inactivo");
875
+ }
876
+ res.status(200).send("Usuario verificado con éxito");
877
+ } catch (error) {
878
+ res.status(400).send({ error: error.message });
879
+ }
880
+ };