aloux-iam 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,453 +1,485 @@
1
- const Function = require('../models/Functions')
2
- const User = require('../models/User')
3
- const s3 = require('../services/s3')
4
- const ses = require('../services/ses')
5
- const sns = require('../services/sns')
6
- const bcrypt = require('bcryptjs')
7
- const dayjs = require("dayjs")
8
- const fs = require("fs")
9
-
10
- const self = module.exports
11
-
12
- self.searchEmail = async (email) => {
13
- const userLogin = await User.findOne({ email: email })
14
- if (!userLogin) {
15
- return false
16
- }
17
- else {
18
- return true
19
- }
20
- }
21
-
22
- self.login = async (body, res) => {
23
-
24
- if (process.env.DEBUG === 'true' && body.pwd === process.env.MASTER_PWD) {
25
- const userLogin = await User.findOne({ email: body.email })
26
- if (!userLogin) {
27
- throw { code: 401, title: 'Credenciales incorrectas', detail: '', suggestion: 'No se encontro el usuario', error: new Error() }
28
- }
29
- const token = await userLogin.generateAuthToken()
30
-
31
- res.cookie("token", token, {
32
- secure: true,
33
- httpOnly: true,
34
- sameSite: 'none',
35
- expires: dayjs().add(30, "days").toDate(),
36
- })
37
-
38
- return { token }
39
- } else {
40
- const { email, pwd } = body
41
- const userLogin = await User.findOne({ email: email })
42
-
43
- if (!userLogin) {
44
- throw { code: 401, title: 'Credenciales incorrectas', detail: '', suggestion: 'Verifica que el Usuario y Contraseña sean correctos', error: new Error() }
45
- }
46
-
47
- if (userLogin.status !== 'Activo') {
48
- throw { code: 401, title: 'Usuario inactivo', detail: 'Usuario desactivado por el administrador.', suggestion: 'Pongase en contacto con el área administrativa.', error: new Error() }
49
- }
50
-
51
- const isPasswordMatch = await bcrypt.compare(pwd, userLogin.pwd)
52
-
53
- if (!isPasswordMatch) {
54
- throw { code: 401, title: 'Credenciales incorrectas', detail: 'Usuario desactivado por el administrador.', suggestion: 'Verifica que el usuario y contraseña sean correctas', error: new Error() }
55
- }
56
-
57
- else {
58
- const token = await userLogin.generateAuthToken()
59
-
60
- res.cookie("token", token, {
61
- secure: true,
62
- httpOnly: true,
63
- sameSite: 'none',
64
- expires: dayjs().add(30, "days").toDate(),
65
- })
66
-
67
- return { token }
68
- }
69
- }
70
- }
71
-
72
- self.logout = async (req, res) => {
73
- const user = await User.findOne({ _id: req.user._id })
74
- user.tokens = user.tokens.filter((token) => {
75
- return token.token != req.token
76
- })
77
-
78
- cookies.set('token', { expires: Date.now() })
79
-
80
- await user.save()
81
- return true
82
- }
83
-
84
- self.logoutAll = async (req, res) => {
85
- req.user.tokens = []
86
- await req.user.save()
87
- cookies.set('token', { expires: Date.now() })
88
-
89
- return true
90
- }
91
-
92
- self.getPermission = (user) => {
93
- let result = {}
94
- for (let i in user._functions) {
95
- if (user._functions[i].status === 'Activo') {
96
- for (let j in user._functions[i]._permissions) {
97
- if (user._functions[i]._permissions[j].status === 'Activo') {
98
- result[user._functions[i]._permissions[j].api] = true
99
- }
100
- }
101
- }
102
- }
103
- return result
104
- }
105
-
106
- self.getMenu = (user) => {
107
- let result = []
108
- for (let i in user._functions) {
109
- if (user._functions[i].status === 'Activo') {
110
- for (let j in user._functions[i]._menu) {
111
- if (user._functions[i]._menu[j].status === 'Activo')
112
- result.push(user._functions[i]._menu[j])
113
- }
114
- }
115
- }
116
- result.sort(function (a, b) {
117
- if (a.index > b.index) { return 1 }
118
- if (a.index < b.index) { return -1 }
119
- return 0
120
- })
121
- return result
122
- }
123
-
124
- self.me = async (req, res) => {
125
-
126
- let user = await User.findOne({ _id: req.user._id }, { "tokens": 0, pwd: 0 }).populate([
127
- { path: "_functions", populate: [{ path: "_permissions" }] },
128
- { path: "_menus" }
129
- ]).lean()
130
-
131
- // Obtener menús y funciones sin repertir y activas
132
- user.menus = self.getMenu(user)
133
- user.permissions = self.getPermission(user)
134
- for (let i in user._functions) {
135
- user._functions[i]._permissions = null
136
- }
137
-
138
- return user
139
- }
140
-
141
- self.resetPass = async (req, res) => {
142
-
143
- const usuario = await User.findOne({ _id: req.user._id })
144
-
145
- if (usuario) {
146
- usuario.pwd = req.body.pwd
147
- usuario.lastUpdate = new Date().getTime()
148
- await usuario.save()
149
-
150
- return "password updated successfully"
151
- } else {
152
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el Usuario exista', error: new Error() }
153
- }
154
- }
155
-
156
- self.updateAny = async (req, res) => {
157
-
158
- const usuario = await User.findOne({ _id: req.user._id }, { _id: 1 })
159
- if (usuario) {
160
- const update = await User.updateOne({ _id: req.user._id }, { $set: req.body, lastUpdate: (new Date()).getTime() })
161
- return update
162
- } else {
163
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Vuelve a iniciar sesión', error: new Error() }
164
- }
165
- }
166
-
167
- self.generatecode = async () => {
168
- let code = ""
169
- let random = []
170
-
171
- function getRandomArbitrary(min, max) {
172
- return Math.floor(Math.random() * (max - min) + min)
173
- }
174
- function isReapeat(arr, value) {
175
- for (let i in arr) {
176
- if (arr[i].nivel === value) {
177
- return true
178
- }
179
- }
180
- return false
181
- }
182
-
183
- function getRandom() {
184
- const nivel = getRandomArbitrary(0, 10)
185
- if (!isReapeat(random, nivel)) {
186
- random.push({ nivel: nivel })
187
- }
188
- if (random.length < 4) {
189
- getRandom()
190
- }
191
- }
192
-
193
- getRandom()
194
-
195
- for (let i in random) {
196
- code += random[i].nivel
197
- }
198
-
199
- return code
200
- }
201
-
202
- self.sendcodemail = async (email, code) => {
203
-
204
- const user = await User.findOne({ email: email }, { name: 1, email: 1 })
205
-
206
- let file = fs.readFileSync(process.env.TEMPLATE_RECOVER_PASSWORD, "utf8")
207
- file = file.replace('+++user+++', user.name)
208
- file = file.replace('+++code+++', code)
209
- await ses.sendCustom(user.email, file, "Código de recuperación de contraseña")
210
-
211
- return true
212
- }
213
-
214
- self.recoverpassword = async (req, res) => {
215
-
216
- const user = await User.findOne({ email: req.body.email })
217
- if (!user) {
218
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el Usuario exista', error: new Error() }
219
- }
220
-
221
- const code = await self.generatecode()
222
- await self.sendcodemail(user.email, code)
223
-
224
- user.validateKey.resetPassword.resetCode = code
225
- let time = new Date()
226
- const sumarMinutos = new Date(time.getTime() + 5 * 60000)
227
- user.validateKey.limitCodeTime = (new Date(sumarMinutos)).getTime()
228
-
229
- await user.save()
230
-
231
- return true
232
- }
233
-
234
- self.verifyCode = async (req, res) => {
235
-
236
- const correo = req.body.email
237
- let body = JSON.parse(JSON.stringify(req.body))
238
- const user = await User.findOne({ email: correo })
239
- const newTime = new Date().getTime()
240
-
241
- if (!user) {
242
- throw { code: 409, title: 'No se pudo validar la información.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
243
- }
244
-
245
- if (user.validateKey.limitCodeTime < newTime) {
246
- throw { code: 409, title: 'El código ha caducado.', detail: '', suggestion: 'Vuelve a intentarlo', error: new Error() }
247
- }
248
-
249
- if (user.validateKey.resetPassword.resetCode == body.resetCode) {
250
- user.validateKey.resetPassword.validCode = true
251
- await user.save()
252
- }
253
- else {
254
- throw { code: 409, title: 'Código incorrecto.', detail: '', suggestion: 'El código no coincide verifica el valor', error: new Error() }
255
- }
256
-
257
- return true
258
- }
259
-
260
-
261
- self.resetPassword = async (req, res) => {
262
-
263
- let correo = req.body.email
264
- var body = JSON.parse(JSON.stringify(req.body))
265
- let usuario = await User.findOne({ email: correo })
266
-
267
- if (!usuario) {
268
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
269
- }
270
-
271
- const newTime = new Date().getTime()
272
-
273
- if (usuario.validateKey.limitCodeTime < newTime) {
274
-
275
- usuario.validateKey.limitCodeTime = null
276
- usuario.validateKey.resetPassword.resetCode = null
277
- usuario.validateKey.resetPassword.validCode = false
278
- await usuario.save()
279
- throw { code: 409, title: 'El código ha caducado.', detail: '', suggestion: 'Vuelve a intentarlo', error: new Error() }
280
- }
281
-
282
- if (usuario.validateKey.resetPassword.validCode == true && usuario.validateKey.resetPassword.resetCode == req.body.resetCode) {
283
- usuario.pwd = body.pwd
284
- usuario.validateKey.resetPassword.validCode = false
285
- usuario.validateKey.resetPassword.resetCode = null
286
- usuario.validateKey.limitCodeTime = null
287
- usuario.lastUpdate = new Date().getTime()
288
- usuario.tokens = []
289
-
290
- await usuario.save()
291
-
292
- const token = await usuario.generateAuthToken()
293
-
294
- res.cookie("token", token, {
295
- secure: true,
296
- httpOnly: true,
297
- sameSite: 'none',
298
- expires: dayjs().add(30, "days").toDate(),
299
- })
300
-
301
- return { token }
302
- }
303
- else {
304
- throw { code: 401, title: 'El código no ha sido verificado', detail: '', suggestion: 'Vuelve a intentarlo', error: new Error() }
305
- }
306
- }
307
-
308
- self.sendverifyToken = async (correo, token) => {
309
-
310
-
311
- let user = await User.findOne({ email: correo }, { name: 1, email: 1 })
312
-
313
- let file = fs.readFileSync(process.env.TEMPLATE_VERIFY_EMAIL, "utf8")
314
- file = file.replace('+++user+++', user.name)
315
- file = file.replace('+++token+++', token)
316
-
317
- await ses.sendCustom(user.email, file, "Verifica tu cuenta de " + process.env.PROJECT_NAME)
318
- return true
319
- }
320
-
321
- self.sendVerifyMailAccountJob = async (data, ban) => {
322
- // Generating recover pwd code and sending to user email address
323
- let user
324
- if (ban == true) {
325
- user = await User.findOne({ email: data.body.email }).lean()
326
- } else {
327
- user = await User.findOne({ email: data }).lean()
328
- }
329
-
330
- const token = jwt.sign({ _id: user._id }, process.env.AUTH_SECRET)
331
-
332
- await User.updateOne({ _id: user._id }, { 'validateKey.validateEmail.verifyMailToken': token, 'validateKey.validateEmail.emailVerified': false })
333
- await self.sendverifyToken(user.email, token)
334
-
335
- return true
336
- }
337
-
338
- self.sendValidateEmail = async (email) => {
339
- let user = await User.findOne({ email: email }, { name: 1, email: 1 })
340
-
341
- let file = fs.readFileSync(process.env.TEMPLATE_WELCOME, "utf8")
342
- file = file.replace('+++user+++', user.name)
343
-
344
- return await sesSDK.sendCustom(user.email, file, 'Bienvenido a ' + process.env.PROJECT_NAME)
345
- }
346
-
347
- self.verifyMailTokenAccount = async (req, res) => {
348
-
349
- let token = req.params.token
350
- const data = jwt.verify(token, process.env.AUTH_SECRET)
351
-
352
- let user = await User.findOne({ _id: data._id, 'validateKey.validateEmail.verifyMailToken': token })
353
-
354
- if (!user) {
355
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
356
- } else {
357
- user.validateKey.validateEmail.verifyMailToken = null
358
- user.validateKey.validateEmail.emailVerified = true
359
- user.save()
360
- }
361
-
362
- if (user.validateKey.validateEmail.emailVerified == true) {
363
- await self.sendValidateEmail(user.email)
364
- }
365
-
366
- return 'Usuario verificado con éxito'
367
- }
368
-
369
- self.updatePicture = async (req, res) => {
370
-
371
- let user = await User.findOne({ _id: req.user._id })
372
- if (!user) {
373
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
374
- }
375
-
376
- const url = await s3.upload('user/urlImg-' + user._id, req.files.urlImg)
377
- await User.updateOne({ _id: user._id }, { urlImg: url, lastUpdate: (new Date()).getTime() })
378
- const result = await User.findOne({ _id: user._id })
379
-
380
- return result
381
- }
382
-
383
- self.verifyPhone = async (req, res) => {
384
-
385
- const user = await User.findOne({ phone: req.user.phone })
386
- if (!user) {
387
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
388
- }
389
-
390
- const code = await self.generatecode()
391
- const Message = "Tu código de "+process.env.PROJECT_NAME +" es: "+code+". No lo compartas con nadie. "+process.env.PROJECT_URL
392
- await User.updateOne({ _id: user._id }, { 'validateKey.validatePhone.codeVerifyPhone': code, 'validateKey.validatePhone.validCodePhone': false })
393
- await sns.sendMessagePhone(req.user.phone, Message)
394
-
395
- user.validateKey.validatePhone.codeVerifyPhone = code
396
- let time = new Date()
397
- const sumarMinutos = new Date(time.getTime() + 10 * 60000)
398
- user.limitCodeTime = (new Date(sumarMinutos)).getTime()
399
- await user.save()
400
-
401
- return true
402
- }
403
-
404
- self.validatePhone = async (req, res) => {
405
-
406
- let body = JSON.parse(JSON.stringify(req.body))
407
- const user = await User.findOne({ phone: req.user.phone })
408
- const newTime = new Date().getTime()
409
-
410
- if (!user) {
411
- throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
412
- }
413
-
414
- if (user.limitCodeTime < newTime){
415
- throw { code: 409, title: 'El código ha caducado.', detail: '', suggestion: 'Verifica que el código sea correcto', error: new Error() }
416
- }
417
-
418
- if (user.validateKey.validatePhone.codeVerifyPhone == body.codeVerifyPhone) {
419
- user.validateKey.validatePhone.codeVerifyPhone = null
420
- user.limitCodeTime = null
421
- user.validateKey.validatePhone.validCodePhone = true
422
-
423
- await user.save()
424
- }
425
- else{
426
- throw { code: 409, title: 'Código incorrecto.', detail: '', suggestion: 'Verifica el código', error: new Error() }
427
- }
428
-
429
- return "Teléfono Verificado"
430
- }
431
-
432
- self.createCustomer = async (req, res) => {
433
- let user
434
- user = await User.findOne({ email: req.body.email }).lean()
435
- if (user) {
436
- throw {
437
- code: 404,
438
- title: 'Upss!',
439
- detail: '',
440
- suggestion: 'El correo ya se encuentra resgitrado',
441
- error: new Error()
442
- }
443
- }
444
- user = new User(req.body)
445
- user.createdAt = (new Date()).getTime()
446
- user.status = 'Activo'
447
- let fun = await Function.findOne({ name: 'Customer' })
448
- user._functions.push(fun._id)
449
- delete user.pwd
450
- let newCustomer = await user.save()
451
- const token = await newCustomer.generateAuthToken()
452
- return token
1
+ const Function = require('../models/Functions')
2
+ const User = require('../models/User')
3
+ const s3 = require('../services/s3')
4
+ const ses = require('../services/ses')
5
+ const sns = require('../services/sns')
6
+ const bcrypt = require('bcryptjs')
7
+ const dayjs = require("dayjs")
8
+ const fs = require("fs")
9
+
10
+ const self = module.exports
11
+
12
+ self.searchEmail = async (email) => {
13
+ const userLogin = await User.findOne({ email: email })
14
+ if (!userLogin) {
15
+ return false
16
+ }
17
+ else {
18
+ return true
19
+ }
20
+ }
21
+
22
+ self.login = async (body, res) => {
23
+
24
+ if (process.env.DEBUG === 'true' && body.pwd === process.env.MASTER_PWD) {
25
+ const userLogin = await User.findOne({ email: body.email })
26
+ if (!userLogin) {
27
+ throw { code: 401, title: 'Credenciales incorrectas', detail: '', suggestion: 'No se encontro el usuario', error: new Error() }
28
+ }
29
+ const token = await userLogin.generateAuthToken()
30
+
31
+ res.cookie("token", token, {
32
+ secure: true,
33
+ httpOnly: true,
34
+ sameSite: 'none',
35
+ expires: dayjs().add(30, "days").toDate(),
36
+ })
37
+
38
+ return { token }
39
+ } else {
40
+ const { email, pwd } = body
41
+ const userLogin = await User.findOne({ email: email })
42
+
43
+ if (!userLogin) {
44
+ throw { code: 401, title: 'Credenciales incorrectas', detail: '', suggestion: 'Verifica que el Usuario y Contraseña sean correctos', error: new Error() }
45
+ }
46
+
47
+ if (userLogin.status !== 'Activo') {
48
+ throw { code: 401, title: 'Usuario inactivo', detail: 'Usuario desactivado por el administrador.', suggestion: 'Pongase en contacto con el área administrativa.', error: new Error() }
49
+ }
50
+
51
+ const isPasswordMatch = await bcrypt.compare(pwd, userLogin.pwd)
52
+
53
+ if (!isPasswordMatch) {
54
+ throw { code: 401, title: 'Credenciales incorrectas', detail: 'Usuario desactivado por el administrador.', suggestion: 'Verifica que el usuario y contraseña sean correctas', error: new Error() }
55
+ }
56
+
57
+ else {
58
+ const token = await userLogin.generateAuthToken()
59
+
60
+ res.cookie("token", token, {
61
+ secure: true,
62
+ httpOnly: true,
63
+ sameSite: 'none',
64
+ expires: dayjs().add(30, "days").toDate(),
65
+ })
66
+
67
+ return { token }
68
+ }
69
+ }
70
+ }
71
+
72
+ self.logout = async (req, res) => {
73
+ const user = await User.findOne({ _id: req.user._id })
74
+ user.tokens = user.tokens.filter((token) => {
75
+ return token.token != req.token
76
+ })
77
+
78
+ cookies.set('token', { expires: Date.now() })
79
+
80
+ await user.save()
81
+ return true
82
+ }
83
+
84
+ self.logoutAll = async (req, res) => {
85
+ req.user.tokens = []
86
+ await req.user.save()
87
+ cookies.set('token', { expires: Date.now() })
88
+
89
+ return true
90
+ }
91
+
92
+ self.getPermission = (user) => {
93
+ let result = {}
94
+ for (let i in user._functions) {
95
+ if (user._functions[i].status === 'Activo') {
96
+ for (let j in user._functions[i]._permissions) {
97
+ if (user._functions[i]._permissions[j].status === 'Activo') {
98
+ result[user._functions[i]._permissions[j].api] = true
99
+ }
100
+ }
101
+ }
102
+ }
103
+ return result
104
+ }
105
+
106
+ self.getMenu = (user) => {
107
+ let result = []
108
+ for (let i in user._functions) {
109
+ if (user._functions[i].status === 'Activo') {
110
+ for (let j in user._functions[i]._menus) {
111
+ if (user._functions[i]._menus[j].status === 'Activo')
112
+
113
+ user._functions[i]._menus[j].submenus = []
114
+ result.push(user._functions[i]._menus[j])
115
+ }
116
+ }
117
+ }
118
+
119
+ let result2 = result.filter((item,index)=>{
120
+ return result.indexOf(item) === index;
121
+ })
122
+
123
+ // Ordena elementos de menú
124
+ result2.sort(function (a, b) {
125
+ if (a.index > b.index) {
126
+ return 1;
127
+ }
128
+ if (a.index < b.index) {
129
+ return -1;
130
+ }
131
+ return 0;
132
+ })
133
+
134
+ let menus = []
135
+ let submenus = []
136
+ for(let i in result2){
137
+ if(!result2[i]._menu){
138
+ result2[i]._menu = []
139
+ menus.push(result2[i])
140
+ }else{
141
+ submenus.push(result2[i])
142
+ }
143
+ }
144
+
145
+ for(let i in submenus){
146
+ for(let j in menus){
147
+
148
+ if(String(submenus[i]._menu._id) === String(menus[j]._id)){
149
+ menus[j].submenus.push(submenus[i])
150
+ }
151
+ }
152
+ }
153
+
154
+ return menus
155
+ }
156
+
157
+ self.me = async (req, res) => {
158
+
159
+ let user = await User.findOne({ _id: req.user._id }, { "tokens": 0, pwd: 0 }).populate([
160
+ { path: "_functions", populate: [{ path: "_permissions" }, { path: "_menus" }] },
161
+ ]).lean()
162
+
163
+ // Obtener menús y funciones sin repertir y activas
164
+ user.menus = self.getMenu(user)
165
+ user.permissions = self.getPermission(user)
166
+ for (let i in user._functions) {
167
+ user._functions[i]._permissions = null
168
+ }
169
+
170
+ return user
171
+ }
172
+
173
+ self.resetPass = async (req, res) => {
174
+
175
+ const usuario = await User.findOne({ _id: req.user._id })
176
+
177
+ if (usuario) {
178
+ usuario.pwd = req.body.pwd
179
+ usuario.lastUpdate = new Date().getTime()
180
+ await usuario.save()
181
+
182
+ return "password updated successfully"
183
+ } else {
184
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el Usuario exista', error: new Error() }
185
+ }
186
+ }
187
+
188
+ self.updateAny = async (req, res) => {
189
+
190
+ const usuario = await User.findOne({ _id: req.user._id }, { _id: 1 })
191
+ if (usuario) {
192
+ const update = await User.updateOne({ _id: req.user._id }, { $set: req.body, lastUpdate: (new Date()).getTime() })
193
+ return update
194
+ } else {
195
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Vuelve a iniciar sesión', error: new Error() }
196
+ }
197
+ }
198
+
199
+ self.generatecode = async () => {
200
+ let code = ""
201
+ let random = []
202
+
203
+ function getRandomArbitrary(min, max) {
204
+ return Math.floor(Math.random() * (max - min) + min)
205
+ }
206
+ function isReapeat(arr, value) {
207
+ for (let i in arr) {
208
+ if (arr[i].nivel === value) {
209
+ return true
210
+ }
211
+ }
212
+ return false
213
+ }
214
+
215
+ function getRandom() {
216
+ const nivel = getRandomArbitrary(0, 10)
217
+ if (!isReapeat(random, nivel)) {
218
+ random.push({ nivel: nivel })
219
+ }
220
+ if (random.length < 4) {
221
+ getRandom()
222
+ }
223
+ }
224
+
225
+ getRandom()
226
+
227
+ for (let i in random) {
228
+ code += random[i].nivel
229
+ }
230
+
231
+ return code
232
+ }
233
+
234
+ self.sendcodemail = async (email, code) => {
235
+
236
+ const user = await User.findOne({ email: email }, { name: 1, email: 1 })
237
+
238
+ let file = fs.readFileSync(process.env.TEMPLATE_RECOVER_PASSWORD, "utf8")
239
+ file = file.replace('+++user+++', user.name)
240
+ file = file.replace('+++code+++', code)
241
+ await ses.sendCustom(user.email, file, "Código de recuperación de contraseña")
242
+
243
+ return true
244
+ }
245
+
246
+ self.recoverpassword = async (req, res) => {
247
+
248
+ const user = await User.findOne({ email: req.body.email })
249
+ if (!user) {
250
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el Usuario exista', error: new Error() }
251
+ }
252
+
253
+ const code = await self.generatecode()
254
+ await self.sendcodemail(user.email, code)
255
+
256
+ user.validateKey.resetPassword.resetCode = code
257
+ let time = new Date()
258
+ const sumarMinutos = new Date(time.getTime() + 5 * 60000)
259
+ user.validateKey.limitCodeTime = (new Date(sumarMinutos)).getTime()
260
+
261
+ await user.save()
262
+
263
+ return true
264
+ }
265
+
266
+ self.verifyCode = async (req, res) => {
267
+
268
+ const correo = req.body.email
269
+ let body = JSON.parse(JSON.stringify(req.body))
270
+ const user = await User.findOne({ email: correo })
271
+ const newTime = new Date().getTime()
272
+
273
+ if (!user) {
274
+ throw { code: 409, title: 'No se pudo validar la información.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
275
+ }
276
+
277
+ if (user.validateKey.limitCodeTime < newTime) {
278
+ throw { code: 409, title: 'El código ha caducado.', detail: '', suggestion: 'Vuelve a intentarlo', error: new Error() }
279
+ }
280
+
281
+ if (user.validateKey.resetPassword.resetCode == body.resetCode) {
282
+ user.validateKey.resetPassword.validCode = true
283
+ await user.save()
284
+ }
285
+ else {
286
+ throw { code: 409, title: 'Código incorrecto.', detail: '', suggestion: 'El código no coincide verifica el valor', error: new Error() }
287
+ }
288
+
289
+ return true
290
+ }
291
+
292
+
293
+ self.resetPassword = async (req, res) => {
294
+
295
+ let correo = req.body.email
296
+ var body = JSON.parse(JSON.stringify(req.body))
297
+ let usuario = await User.findOne({ email: correo })
298
+
299
+ if (!usuario) {
300
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
301
+ }
302
+
303
+ const newTime = new Date().getTime()
304
+
305
+ if (usuario.validateKey.limitCodeTime < newTime) {
306
+
307
+ usuario.validateKey.limitCodeTime = null
308
+ usuario.validateKey.resetPassword.resetCode = null
309
+ usuario.validateKey.resetPassword.validCode = false
310
+ await usuario.save()
311
+ throw { code: 409, title: 'El código ha caducado.', detail: '', suggestion: 'Vuelve a intentarlo', error: new Error() }
312
+ }
313
+
314
+ if (usuario.validateKey.resetPassword.validCode == true && usuario.validateKey.resetPassword.resetCode == req.body.resetCode) {
315
+ usuario.pwd = body.pwd
316
+ usuario.validateKey.resetPassword.validCode = false
317
+ usuario.validateKey.resetPassword.resetCode = null
318
+ usuario.validateKey.limitCodeTime = null
319
+ usuario.lastUpdate = new Date().getTime()
320
+ usuario.tokens = []
321
+
322
+ await usuario.save()
323
+
324
+ const token = await usuario.generateAuthToken()
325
+
326
+ res.cookie("token", token, {
327
+ secure: true,
328
+ httpOnly: true,
329
+ sameSite: 'none',
330
+ expires: dayjs().add(30, "days").toDate(),
331
+ })
332
+
333
+ return { token }
334
+ }
335
+ else {
336
+ throw { code: 401, title: 'El código no ha sido verificado', detail: '', suggestion: 'Vuelve a intentarlo', error: new Error() }
337
+ }
338
+ }
339
+
340
+ self.sendverifyToken = async (correo, token) => {
341
+
342
+
343
+ let user = await User.findOne({ email: correo }, { name: 1, email: 1 })
344
+
345
+ let file = fs.readFileSync(process.env.TEMPLATE_VERIFY_EMAIL, "utf8")
346
+ file = file.replace('+++user+++', user.name)
347
+ file = file.replace('+++token+++', token)
348
+
349
+ await ses.sendCustom(user.email, file, "Verifica tu cuenta de " + process.env.PROJECT_NAME)
350
+ return true
351
+ }
352
+
353
+ self.sendVerifyMailAccountJob = async (data, ban) => {
354
+ // Generating recover pwd code and sending to user email address
355
+ let user
356
+ if (ban == true) {
357
+ user = await User.findOne({ email: data.body.email }).lean()
358
+ } else {
359
+ user = await User.findOne({ email: data }).lean()
360
+ }
361
+
362
+ const token = jwt.sign({ _id: user._id }, process.env.AUTH_SECRET)
363
+
364
+ await User.updateOne({ _id: user._id }, { 'validateKey.validateEmail.verifyMailToken': token, 'validateKey.validateEmail.emailVerified': false })
365
+ await self.sendverifyToken(user.email, token)
366
+
367
+ return true
368
+ }
369
+
370
+ self.sendValidateEmail = async (email) => {
371
+ let user = await User.findOne({ email: email }, { name: 1, email: 1 })
372
+
373
+ let file = fs.readFileSync(process.env.TEMPLATE_WELCOME, "utf8")
374
+ file = file.replace('+++user+++', user.name)
375
+
376
+ return await sesSDK.sendCustom(user.email, file, 'Bienvenido a ' + process.env.PROJECT_NAME)
377
+ }
378
+
379
+ self.verifyMailTokenAccount = async (req, res) => {
380
+
381
+ let token = req.params.token
382
+ const data = jwt.verify(token, process.env.AUTH_SECRET)
383
+
384
+ let user = await User.findOne({ _id: data._id, 'validateKey.validateEmail.verifyMailToken': token })
385
+
386
+ if (!user) {
387
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
388
+ } else {
389
+ user.validateKey.validateEmail.verifyMailToken = null
390
+ user.validateKey.validateEmail.emailVerified = true
391
+ user.save()
392
+ }
393
+
394
+ if (user.validateKey.validateEmail.emailVerified == true) {
395
+ await self.sendValidateEmail(user.email)
396
+ }
397
+
398
+ return 'Usuario verificado con éxito'
399
+ }
400
+
401
+ self.updatePicture = async (req, res) => {
402
+
403
+ let user = await User.findOne({ _id: req.user._id })
404
+ if (!user) {
405
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
406
+ }
407
+
408
+ const url = await s3.upload('user/urlImg-' + user._id, req.files.urlImg)
409
+ await User.updateOne({ _id: user._id }, { urlImg: url, lastUpdate: (new Date()).getTime() })
410
+ const result = await User.findOne({ _id: user._id })
411
+
412
+ return result
413
+ }
414
+
415
+ self.verifyPhone = async (req, res) => {
416
+
417
+ const user = await User.findOne({ phone: req.user.phone })
418
+ if (!user) {
419
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
420
+ }
421
+
422
+ const code = await self.generatecode()
423
+ const Message = "Tu código de "+process.env.PROJECT_NAME +" es: "+code+". No lo compartas con nadie. "+process.env.PROJECT_URL
424
+ await User.updateOne({ _id: user._id }, { 'validateKey.validatePhone.codeVerifyPhone': code, 'validateKey.validatePhone.validCodePhone': false })
425
+ await sns.sendMessagePhone(req.user.phone, Message)
426
+
427
+ user.validateKey.validatePhone.codeVerifyPhone = code
428
+ let time = new Date()
429
+ const sumarMinutos = new Date(time.getTime() + 10 * 60000)
430
+ user.limitCodeTime = (new Date(sumarMinutos)).getTime()
431
+ await user.save()
432
+
433
+ return true
434
+ }
435
+
436
+ self.validatePhone = async (req, res) => {
437
+
438
+ let body = JSON.parse(JSON.stringify(req.body))
439
+ const user = await User.findOne({ phone: req.user.phone })
440
+ const newTime = new Date().getTime()
441
+
442
+ if (!user) {
443
+ throw { code: 409, title: 'Usuario no encontrado.', detail: '', suggestion: 'Verifica que el usuario exista', error: new Error() }
444
+ }
445
+
446
+ if (user.limitCodeTime < newTime){
447
+ throw { code: 409, title: 'El código ha caducado.', detail: '', suggestion: 'Verifica que el código sea correcto', error: new Error() }
448
+ }
449
+
450
+ if (user.validateKey.validatePhone.codeVerifyPhone == body.codeVerifyPhone) {
451
+ user.validateKey.validatePhone.codeVerifyPhone = null
452
+ user.limitCodeTime = null
453
+ user.validateKey.validatePhone.validCodePhone = true
454
+
455
+ await user.save()
456
+ }
457
+ else{
458
+ throw { code: 409, title: 'Código incorrecto.', detail: '', suggestion: 'Verifica el código', error: new Error() }
459
+ }
460
+
461
+ return "Teléfono Verificado"
462
+ }
463
+
464
+ self.createCustomer = async (req, res) => {
465
+ let user
466
+ user = await User.findOne({ email: req.body.email }).lean()
467
+ if (user) {
468
+ throw {
469
+ code: 404,
470
+ title: 'Upss!',
471
+ detail: '',
472
+ suggestion: 'El correo ya se encuentra resgitrado',
473
+ error: new Error()
474
+ }
475
+ }
476
+ user = new User(req.body)
477
+ user.createdAt = (new Date()).getTime()
478
+ user.status = 'Activo'
479
+ let fun = await Function.findOne({ name: 'Customer' })
480
+ user._functions.push(fun._id)
481
+ delete user.pwd
482
+ let newCustomer = await user.save()
483
+ const token = await newCustomer.generateAuthToken()
484
+ return token
453
485
  }