flexbiz-server 12.0.15 → 12.0.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/server/auths/facebook.js +1 -1
- package/server/auths/google.js +1 -1
- package/server/auths/local.js +20 -19
- package/server/controllers/controller.js +82 -81
- package/server/controllers/controllerRPT.js +8 -8
- package/server/libs/blockchainconnect.js +3 -3
- package/server/libs/permission.js +3 -2
- package/server/libs/post-socai.js +4 -3
- package/server/libs/validate.js +2 -2
- package/server/models/assinvestment.js +4 -4
- package/server/models/listinfo.js +7 -2
- package/server/models/notification.js +2 -2
- package/server/models/user.js +5 -3
- package/server/modules/lists/ls-asscashwithdraw.js +5 -5
- package/server/modules/lists/ls-assinvestment.js +22 -22
- package/server/modules/lists/ls-asskey.js +9 -8
- package/server/modules/lists/ls-assneedtobuy.js +11 -11
- package/server/modules/lists/ls-assperiod.js +17 -12
- package/server/modules/lists/ls-assproduct.js +2 -2
- package/server/modules/lists/ls-assprofitsharing.js +2 -2
- package/server/modules/lists/ls-asssell.js +14 -14
- package/server/modules/lists/ls-asswithdraw.js +1 -1
- package/server/modules/lists/ls-financialroadmap.js +2 -3
- package/server/modules/reports/rp-chitiettaisan.js +8 -8
- package/server/modules/systems/sys-app.js +2 -2
- package/server/modules/systems/sys-user.js +23 -20
- package/server/modules/systems/sys-users.js +7 -6
- package/server/modules/vouchers/vo-bc1.js +21 -20
- package/server/modules/vouchers/vo-pkh.js +1 -1
- package/server/route.js +7 -6
package/package.json
CHANGED
package/server/auths/facebook.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
'use strict';const User=global.getModel("user"),Usergroup=global.getModel("usergroup"),Participant=global.getModel("participant"),Token=global.getModel("token"),Customer=global.getModel("customer"),App=global.getModel("app"),request=require("request");
|
|
2
2
|
module.exports=function($app$$){function $getProfile$$($access_token$$,$callback$$){request(`${"https://graph.facebook.com/me?fields=location,first_name,last_name,middle_name,name,gender,timezone,locale,about,address,age_range,birthday,cover,currency,email,id,languages,religion,sports,picture.type(large)"}&access_token=${$access_token$$}`,($e_profileUser$$,$res$$,$body$$)=>{if($e_profileUser$$)return $callback$$($e_profileUser$$);$e_profileUser$$=JSON.parse($body$$);if($e_profileUser$$.error)return $callback$$($e_profileUser$$);
|
|
3
|
-
$e_profileUser$$.emails&&0<$e_profileUser$$.emails.length&&!$e_profileUser$$.email&&($e_profileUser$$.email=$e_profileUser$$.emails[0]);$e_profileUser$$.displayName||($e_profileUser$$.displayName=$e_profileUser$$.name);$callback$$(null,$e_profileUser$$)})}function $addUserToCompany$$($body$$,$newUser$$){$body$$.id_app&&App.
|
|
3
|
+
$e_profileUser$$.emails&&0<$e_profileUser$$.emails.length&&!$e_profileUser$$.email&&($e_profileUser$$.email=$e_profileUser$$.emails[0]);$e_profileUser$$.displayName||($e_profileUser$$.displayName=$e_profileUser$$.name);$callback$$(null,$e_profileUser$$)})}function $addUserToCompany$$($body$$,$newUser$$){$body$$.id_app&&App.findById($body$$.id_app,async($e$jscomp$0$$,$app$$)=>{if($e$jscomp$0$$||!$app$$)return console.log("Can't find app",$body$$.id_app,$e$jscomp$0$$);$e$jscomp$0$$=$body$$.group_id;
|
|
4
4
|
if(!$e$jscomp$0$$)try{$e$jscomp$0$$=await Usergroup.getInfo($body$$.id_app,{status:!0,is_customer_group:!0},"_id")}catch($e$$){console.log($e$$.message)}Participant.createParticipant({id_app:$body$$.id_app,email:$newUser$$.email,group_id:$e$jscomp$0$$,active:!0},$cust_e$$=>{$cust_e$$&&console.log("can't add user",$newUser$$.email,"to company",$app$$.name,$cust_e$$);$cust_e$$={ten_kh:$newUser$$.name,email:$newUser$$.email,id_app:$body$$.id_app,user_created:$newUser$$.email,user_updated:$newUser$$.email,
|
|
5
5
|
kh_yn:!0,of_user:$newUser$$.email};try{Customer.asyncCreateCustomer($cust_e$$)}catch($e$$){console.log("Auto create new customer with error:",$e$$.message)}})})}async function $checkExistUser$$($email$$){return new Promise(($resolve$$,$reject$$)=>{User.findOne({email:$email$$.toLowerCase()},($e$$,$rs$$)=>{if($e$$)return $reject$$(Error($e$$.message));$rs$$?$resolve$$($rs$$.toObject()):$resolve$$(null)})})}async function $createUser$$($accessToken$$,$profile$$,$done$$){setImmediate(async function(){let $u$$=
|
|
6
6
|
await $checkExistUser$$($profile$$.email||$profile$$.id);if($u$$){if($u$$.facebook&&$u$$.facebook.id===$profile$$.id||$u$$.email===$profile$$.email){$addUserToCompany$$($profile$$,$u$$);(new Token({email:$u$$.email,token:$accessToken$$,service:"facebook"})).save(function($e$$){if($e$$)return $done$$($e$$);$done$$(null,$u$$)});return}return $done$$(`${$u$$.email} \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd tr\u00ean h\u1ec7 th\u1ed1ng`)}$profile$$.email||($profile$$.email=$profile$$.id);
|
package/server/auths/google.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
'use strict';const User=global.getModel("user"),Usergroup=global.getModel("usergroup"),Customer=global.getModel("customer"),Token=global.getModel("token"),App=global.getModel("app"),Participant=global.getModel("participant"),request=require("request");
|
|
2
2
|
module.exports=function($app$$){function $getProfile$$($token$$,$callback$$){request({url:$token$$.access_token?"https://www.googleapis.com/userinfo/v2/me":"https://oauth2.googleapis.com/tokeninfo?id_token="+$token$$.id_token,headers:{Authorization:$token$$.access_token?`Bearer ${$token$$.access_token}`:null}},($e_profileUser$$,$res$$,$body$$)=>{if($e_profileUser$$)return $callback$$($e_profileUser$$);$e_profileUser$$=JSON.parse($body$$);if($e_profileUser$$.error)return $callback$$($e_profileUser$$.error);
|
|
3
|
-
$e_profileUser$$.emails&&0<$e_profileUser$$.emails.length&&!$e_profileUser$$.email&&($e_profileUser$$.email=$e_profileUser$$.emails[0].value);$e_profileUser$$.emails||($e_profileUser$$.emails=[{value:$e_profileUser$$.email||$e_profileUser$$.id}]);$e_profileUser$$.displayName||($e_profileUser$$.displayName=$e_profileUser$$.name);$callback$$(null,$e_profileUser$$)})}function $addUserToCompany$$($body$$,$newUser$$){$body$$.id_app&&App.
|
|
3
|
+
$e_profileUser$$.emails&&0<$e_profileUser$$.emails.length&&!$e_profileUser$$.email&&($e_profileUser$$.email=$e_profileUser$$.emails[0].value);$e_profileUser$$.emails||($e_profileUser$$.emails=[{value:$e_profileUser$$.email||$e_profileUser$$.id}]);$e_profileUser$$.displayName||($e_profileUser$$.displayName=$e_profileUser$$.name);$callback$$(null,$e_profileUser$$)})}function $addUserToCompany$$($body$$,$newUser$$){$body$$.id_app&&App.findById($body$$.id_app,async($e$jscomp$0$$,$app$$)=>{if($e$jscomp$0$$||
|
|
4
4
|
!$app$$)return console.log("Can't find app",$body$$.id_app,$e$jscomp$0$$);$e$jscomp$0$$=$body$$.group_id;if(!$e$jscomp$0$$)try{$e$jscomp$0$$=await Usergroup.getInfo($body$$.id_app,{status:!0,is_customer_group:!0},"_id")}catch($e$$){console.log($e$$.message)}Participant.createParticipant({id_app:$body$$.id_app,email:$newUser$$.email,group_id:$e$jscomp$0$$,active:!0},$cust_e$$=>{$cust_e$$&&console.log("can't add user",$newUser$$.email,"to company",$app$$.name);$cust_e$$={ten_kh:$newUser$$.name,email:$newUser$$.email,
|
|
5
5
|
id_app:$body$$.id_app,user_created:$newUser$$.email,user_updated:$newUser$$.email,kh_yn:!0,of_user:$newUser$$.email};try{Customer.asyncCreateCustomer($cust_e$$)}catch($e$$){console.log("Auto create new customer with error:",$e$$.message)}})})}async function $checkExistUser$$($email$$){return new Promise(($resolve$$,$reject$$)=>{User.findOne({email:$email$$.toLowerCase()}).lean().exec(($e$$,$rs$$)=>{if($e$$)return $reject$$(Error($e$$.message));$rs$$?$resolve$$($rs$$):$resolve$$(null)})})}async function $createUser$$($accessToken$$,
|
|
6
6
|
$profile$$,$done$$){setImmediate(async()=>{let $u$$=await $checkExistUser$$($profile$$.emails[0].value);if($u$$){if($u$$.google&&$u$$.google.id===$profile$$.id||$u$$.email===$profile$$.email){$addUserToCompany$$($profile$$,$u$$);(new Token({email:$u$$.email,token:$accessToken$$,service:"google"})).save(function($e$$){if($e$$)return console.log("error create token",$e$$),$done$$($e$$);$done$$(null,$u$$)});return}console.error(`${$profile$$.email} \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd tr\u00ean h\u1ec7 th\u1ed1ng`,
|
package/server/auths/local.js
CHANGED
|
@@ -8,27 +8,28 @@ $username$$+" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd.");if($user$$
|
|
|
8
8
|
if(!$user$$.validPassword($password$$))return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null,$user$$)})})}));$app$$.get("/send-otp/:phone",$rateLimiter$$,async($req_url$$,$res$$)=>{const $Phone$$=$req_url$$.params.phone.trim();if("9999"===$Phone$$)saveOTP($Phone$$,"9999",($e$$,$rs$$)=>{if($e$$)return $res$$.status(400).send($e$$);$res$$.send($rs$$)});else{if(!await User.findOne({email:$Phone$$}))return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n ${$Phone$$} kh\u00f4ng t\u1ed3n t\u1ea1i`});
|
|
9
9
|
var $otp_code$$=generateOTP();validator.isEmail($Phone$$)?email.sendHtml({to:{address:$Phone$$},subject:"M\u00e3 x\u00e1c th\u1ef1c",html:`Xin vui l\u00f2ng g\u1eedi qu\u00fd kh\u00e1ch m\u00e3 x\u00e1c th\u1ef1c: ${$otp_code$$}. M\u00e3 n\u00e0y s\u1ebd h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng sau 5 ph\u00fat.`},function($error$$){$error$$?(console.error("Error send otp to email",$error$$),$res$$.status(400).send(`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi email ${$Phone$$}`)):
|
|
10
10
|
saveOTP($Phone$$,$otp_code$$,($e$$,$rs$$)=>{if($e$$)return $res$$.status(400).send($e$$);$res$$.send($rs$$)},5)},configs.sender_otp):($req_url$$=configs.sms.genUrlSendOTP($Phone$$,$otp_code$$),request({url:$req_url$$},($error$$,$response$$,$body$$)=>{$error$$||200!=$response$$.statusCode?$res$$.status(400).send($error$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi s\u1ed1 ${$Phone$$}`):($error$$=JSON.parse($body$$),"100"==$error$$.CodeResult?saveOTP($Phone$$,$otp_code$$,
|
|
11
|
-
($e$$,$rs$$)=>{if($e$$)return $res$$.status(400).send($e$$);$res$$.send($rs$$)}):(console.error("Error send sms",$error$$),$res$$.status(400).send(`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi s\u1ed1 ${$Phone$$}`)))}))}});$app$$.get("/verify-otp/:id/:otp",$rateLimiter$$,async function($req$$,$res$$){try{const $id$$=$req$$.params.id
|
|
12
|
-
(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",code:4001});await OTP.findOneAndUpdate({_id:$id$$},{verified:!0});let $is_new$$=!1;const $username$$=$otp$$.phone;let $user$$=await User.findOne({email:$username$$});
|
|
13
|
-
$otp$$.phone;$user$$.name=$otp$$.phone;$is_new$$=!0;try{await $user$$.save()}catch($e$$){return console.log("error verify otp, create user",$e$$),$res$$.status(500).send($e$$)}}else if(!$user$$.local||!$user$$.local.active){$user$$.local=$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save()}catch($e$$){return console.log("error verify otp, create user"
|
|
14
|
-
$app$$=await App.
|
|
15
|
-
$e$$.message)}})}const $accessToken$$=generateToken($user$$),$agent$$=$req$$.headers["user-agent"];console.log("create new token for user",$user$$.email);(new Token({email:$user$$.email,token:$accessToken$$,agent:$agent$$,ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0
|
|
16
|
-
$res$$.status(400).send($e$$.message)}});$app$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});$req$$.user=$user$$;$next$$()})($req$$,$res
|
|
17
|
-
if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$3_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});$app$$.get("/auth/local",$rateLimiter$$,
|
|
18
|
-
if(!$authorization$$)return $res$$.status(400).send({message:"Authorization is required"});$authorization$$=Buffer.from($authorization$$.replace("Basic ",""),"base64").toString("utf-8");$authorization$$=$authorization$$.split(":");if(1<$authorization$$.length){var $t_session$$="times_login_"
|
|
19
|
-
$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$):($req$$[$t_session$$]=$times_try$$,$req$$[$d_session$$]=$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$])
|
|
20
|
-
Math.round((18E6-$req$$)/6E4,0)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$,function($err$$,$reply$$){$reply$$?($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$,$times_try$$),
|
|
21
|
-
$d$$.getTime();if(18E6>$err$jscomp$3_time_wait$$&&10<$times_try$$)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai 10 l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.round((18E6-$err$jscomp$3_time_wait$$)/
|
|
22
|
-
|
|
23
|
-
action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);let $user$$=$req$$.user;if($req$$.query.id_app&&$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)){const $id_app$$=$req$$.query.id_app;$group_id$jscomp$1_session
|
|
24
|
-
name:$user$$.name,group_id:$group_id$jscomp$1_session$$,active:!0},$cust$jscomp$1_e$$=>{if($cust$jscomp$1_e$$)return console.log("can't add user",$user$$.email,"to company",$app$$.name);$cust$jscomp$1_e$$={ten_kh:$user$$.name,email:$user$$.email,id_app:$id_app$$,
|
|
25
|
-
$e$$.message)}})}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,token:$accessToken$$,agent:$agent$$,ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once
|
|
26
|
-
$
|
|
27
|
-
|
|
28
|
-
$
|
|
11
|
+
($e$$,$rs$$)=>{if($e$$)return $res$$.status(400).send($e$$);$res$$.send($rs$$)}):(console.error("Error send sms",$error$$),$res$$.status(400).send(`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi s\u1ed1 ${$Phone$$}`)))}))}});$app$$.get("/verify-otp/:id/:otp",$rateLimiter$$,async function($req$$,$res$$){try{const $id$$=$req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$.status(400).send({error:"ID c\u1ee7a m\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i",
|
|
12
|
+
code:4001});const $otp_code$$=$req$$.params.otp,$otp$$=await OTP.findById($id$$);if(!$otp$$||$otp$$.otp!=$otp_code$$||$otp$$.verified||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",code:4001});await OTP.findOneAndUpdate({_id:$id$$},{verified:!0});let $is_new$$=!1;const $username$$=$otp$$.phone;let $user$$=await User.findOne({email:$username$$});
|
|
13
|
+
if(!$user$$){$user$$=new User;$user$$.email=$username$$;$user$$.local={active:!0};$user$$.local.email=$otp$$.email;$user$$.local.phone=$otp$$.phone;$user$$.local.name=$otp$$.phone;$user$$.name=$otp$$.phone;$is_new$$=!0;try{await $user$$.save()}catch($e$$){return console.log("error verify otp, create user",$e$$),$res$$.status(500).send($e$$)}}else if(!$user$$.local||!$user$$.local.active){$user$$.local=$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save()}catch($e$$){return console.log("error verify otp, create user",
|
|
14
|
+
$e$$),$res$$.status(500).send($e$$)}}if($req$$.query.id_app&&$req$$.query.group_id){const $id_app$$=$req$$.query.id_app,$group_id$$=$req$$.query.group_id,$app$$=await App.findById($id_app$$);$app$$&&Participant.createParticipant({id_app:$id_app$$,email:$user$$.email,name:$user$$.name,group_id:$group_id$$,active:!0},$cust_e$$=>{if($cust_e$$)return console.log("can't add user",$user$$.email,"to company",$app$$.name);$cust_e$$={ten_kh:$user$$.name,email:$user$$.email,dien_thoai:$otp$$.phone,id_app:$id_app$$,
|
|
15
|
+
user_created:$user$$.email,user_updated:$user$$.email,kh_yn:!0,of_user:$user$$.email};try{Customer.asyncCreateCustomer($cust_e$$)}catch($e$$){console.log("Auto create new customer with error:",$e$$.message)}})}const $accessToken$$=generateToken($user$$),$agent$$=$req$$.headers["user-agent"];console.log("create new token for user",$user$$.email);(new Token({email:$user$$.email,token:$accessToken$$,agent:$agent$$,ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:
|
|
16
|
+
!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,is_new:$is_new$$,once:$rs$$.once})})}catch($e$$){console.log("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}});$app$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});$req$$.user=$user$$;$next$$()})($req$$,$res$$,
|
|
17
|
+
$next$$)},async($req$jscomp$3_user$$,$res$$)=>{let $data$$=$req$jscomp$3_user$$.body;$req$jscomp$3_user$$=$req$jscomp$3_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$3_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});$app$$.get("/auth/local",$rateLimiter$$,
|
|
18
|
+
function($req$$,$res$$,$next$$){let $ip$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).split(".").join("").split(":").join(""),$authorization$$=$req$$.headers.authorization;if(!$authorization$$)return $res$$.status(400).send({message:"Authorization is required"});$authorization$$=Buffer.from($authorization$$.replace("Basic ",""),"base64").toString("utf-8");$authorization$$=$authorization$$.split(":");if(1<$authorization$$.length){var $t_session$$="times_login_"+
|
|
19
|
+
$ip$$+"_"+$authorization$$[0].trim().toLowerCase(),$d_session$$="datetime_login_"+$ip$$+"_"+$authorization$$[0].trim().toLowerCase();$req$$.t_session=$t_session$$;$req$$.d_session=$d_session$$;var $now$$=new Date,$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$):($req$$[$t_session$$]=$times_try$$,$req$$[$d_session$$]=$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$]):
|
|
20
|
+
$req$$[$d_session$$]=$now$$;$req$$=$now$$.getTime()-$d$$.getTime();if(18E6>$req$$&&10<$times_try$$)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai 10 l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.round((18E6-$req$$)/6E4,0)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$,function($err$$,$reply$$){$reply$$?($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$,$times_try$$),
|
|
21
|
+
global.clientRedis.set($d_session$$,$now$$));global.clientRedis.get($d_session$$,function($err$jscomp$3_time_wait$$,$reply$$){$reply$$?$d$$=new Date($reply$$):global.clientRedis.set($d_session$$,$now$$);$err$jscomp$3_time_wait$$=$now$$.getTime()-$d$$.getTime();if(18E6>$err$jscomp$3_time_wait$$&&10<$times_try$$)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai 10 l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.round((18E6-$err$jscomp$3_time_wait$$)/
|
|
22
|
+
6E4,0)+" ph\u00fat"});$next$$()})})}},function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return $res$$.status(401).send({require_verify:!0});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$$,$res$$)=>{let $agent$$=$req$$.headers["user-agent"];if($req$$.headers.cookie){var $group_id$jscomp$1_session$$=
|
|
23
|
+
$req$$.session;$group_id$jscomp$1_session$$[$req$$.t_session]=0;$group_id$jscomp$1_session$$[$req$$.d_session]=""}else global.clientRedis.set($req$$.t_session,0),global.clientRedis.set($req$$.d_session,"");log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);let $user$$=$req$$.user;if($req$$.query.id_app&&$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)){const $id_app$$=$req$$.query.id_app;$group_id$jscomp$1_session$$=
|
|
24
|
+
$req$$.query.group_id;const $app$$=await App.findById($id_app$$),$group$$=await UserGroup.findOne({_id:$group_id$jscomp$1_session$$,is_customer_group:!0});$app$$&&$group$$&&Participant.createParticipant({id_app:$id_app$$,email:$user$$.email,name:$user$$.name,group_id:$group_id$jscomp$1_session$$,active:!0},$cust$jscomp$1_e$$=>{if($cust$jscomp$1_e$$)return console.log("can't add user",$user$$.email,"to company",$app$$.name);$cust$jscomp$1_e$$={ten_kh:$user$$.name,email:$user$$.email,id_app:$id_app$$,
|
|
25
|
+
user_created:$user$$.email,user_updated:$user$$.email,kh_yn:!0,of_user:$user$$.email};validator.isMobilePhone($user$$.email,["vi-VN"])&&($cust$jscomp$1_e$$.dien_thoai=$user$$.email);try{Customer.asyncCreateCustomer($cust$jscomp$1_e$$)}catch($e$$){console.log("Auto create new customer with error:",$e$$.message)}})}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,token:$accessToken$$,agent:$agent$$,ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?
|
|
26
|
+
!0:!1})).save(function($e$$,$rs$$){if($e$$)return $res$$.status(500).send($e$$);$res$$.send({token:$accessToken$$,once:$rs$$.once})})});$app$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){User.findOne({email:$req$$.params.email},{email:1,name:1,picture:1}).lean().exec(function($e$$,$user$$){if($e$$)return $res$$.status(400).send($e$$);$res$$.send($user$$)})});$app$$.post("/signup",$rateLimiter$$,async($req$$,$res$$)=>{var $body$$=$req$$.body;$body$$.json&&($body$$=JSON.parse($body$$.json));
|
|
27
|
+
if(!$body$$)return $res$$.status(400).send("Kh\u00f4ng c\u00f3 n\u1ed9i dung");if(!$body$$.email)return $res$$.status(400).send("L\u1ed7i: B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");$body$$.email=$body$$.email.trim().toLowerCase();if(!$body$$.name)return $res$$.status(400).send("L\u1ed7i: H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp");User.findOne({email:$body$$.email},function($error$jscomp$1$$,$result$$){if($error$jscomp$1$$)return $res$$.status(400).send($error$jscomp$1$$);if($result$$){if($result$$.local&&
|
|
28
|
+
$result$$.local.email==$body$$.email)return $res$$.status(400).send("L\u1ed7i: T\u00e0i kho\u1ea3n "+$body$$.email+" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd");$result$$.local||($result$$.local={})}else $result$$=new User,$result$$.email=$body$$.email,$result$$.local={};$result$$.local.email=$body$$.email;$result$$.local.name=$body$$.name;$result$$.partner=$body$$.partner;$result$$.name=$result$$.local.name;$body$$.picture?$result$$.local.picture=$body$$.picture:$result$$.local.picture||
|
|
29
|
+
($result$$.local.picture="/images/avatar.jpg");let $password$$;if($body$$.password){if($body$$.rePassword!==$body$$.password)return $res$$.status(400).send("L\u1ed7i: M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c");if(!User.teststrengthPassword($body$$.password))return $res$$.status(400).send("L\u1ed7i: M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng");
|
|
29
30
|
$password$$=$body$$.password}else $password$$=_crypto.createHash("md5").update($result$$.email+(new Date).toISOString()).digest("hex");$result$$.local.password=$result$$.generateHash($password$$);$result$$.save(function($app$jscomp$3_error$$,$newUser$$){if($app$jscomp$3_error$$)return $res$$.status(400).send("L\u1ed7i: Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd");log.create({id_app:"SIGNUP",id_func:"SIGNUP",action:"SIGNUP"},$result$$.email,$req$$.header("user-agent"),$req$$);if($body$$.cty_name){$app$jscomp$3_error$$=
|
|
30
31
|
new App;$app$jscomp$3_error$$.user_created=$result$$.email;$app$jscomp$3_error$$.user_updated=$result$$.email;$app$jscomp$3_error$$.name=$body$$.cty_name;var $d$jscomp$1_now$$=new Date;$app$jscomp$3_error$$.ngay_dn=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$app$jscomp$3_error$$.ngay_ks=new Date($d$jscomp$1_now$$.getFullYear()-1,12,0);$app$jscomp$3_error$$.nam_bd=$d$jscomp$1_now$$.getFullYear();$app$jscomp$3_error$$.ngay_ky1=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$d$jscomp$1_now$$=new Date;
|
|
31
|
-
$d$jscomp$1_now$$.setMonth($d$jscomp$1_now$$.getMonth()+3);$app$jscomp$3_error$$.expire_date=new Date($d$jscomp$1_now$$);$app$jscomp$3_error$$.save(function($error$jscomp$0$$,$obj$$){if($error$jscomp$0$$)return console.log("Khong tao duoc new app: "+$error$jscomp$0$$);require("../libs/initDatabase").init($obj$$._id,function($error$$){$error$$&&console.log("Can't init database \n"+$error$$)})})}$body$$.id_app&&App.
|
|
32
|
+
$d$jscomp$1_now$$.setMonth($d$jscomp$1_now$$.getMonth()+3);$app$jscomp$3_error$$.expire_date=new Date($d$jscomp$1_now$$);$app$jscomp$3_error$$.save(function($error$jscomp$0$$,$obj$$){if($error$jscomp$0$$)return console.log("Khong tao duoc new app: "+$error$jscomp$0$$);require("../libs/initDatabase").init($obj$$._id,function($error$$){$error$$&&console.log("Can't init database \n"+$error$$)})})}$body$$.id_app&&App.findById($body$$.id_app,($e$jscomp$0$$,$app$$)=>{if($e$jscomp$0$$||!$app$$)return console.log("Can't find app",
|
|
32
33
|
$body$$.id_app,$e$jscomp$0$$);Participant.createParticipant({id_app:$body$$.id_app,email:$body$$.email,group_id:$body$$.group_id,active:!0},$cust$jscomp$2_e$$=>{if($cust$jscomp$2_e$$)return console.log("can't add user",$body$$.email,"to company",$app$$.name);$cust$jscomp$2_e$$={ten_kh:$body$$.name,email:$newUser$$.email,id_app:$body$$.id_app,user_created:$newUser$$.email,user_updated:$newUser$$.email,kh_yn:!0,of_user:$newUser$$.email};try{Customer.asyncCreateCustomer($cust$jscomp$2_e$$)}catch($e$$){console.log("Auto create new customer with error:",
|
|
33
34
|
$e$$.message)}})});validator.isEmail($body$$.email)&&!$body$$.password?(loadTemplate("thong tin dang nhap.html",{email:$result$$.email,password:$password$$,receiver_name:$body$$.name},function($error$jscomp$0$$,$html$$){if($error$jscomp$0$$)return console.log($error$jscomp$0$$);email.sendHtml({to:{name:$result$$.name,address:$result$$.email},subject:"Th\u00f4ng tin t\u00e0i kho\u1ea3n",html:$html$$},function($error$$){$error$$&&console.error("Khong the gui email thon tin tai khoan cho nguoi dung\n"+
|
|
34
35
|
$error$$)})}),$res$$.send("T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp")):$res$$.send("T\u00e0i kho\u1ea3n "+$body$$.email+" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o")})})});$app$$.get("/resetpassword",$rateLimiter$$,async($req$$,$res$$)=>{let $address$$=$req$$.query.email;if(!$address$$)return $res$$.status(400).send("Y\u00eau c\u1ea7u m\u1ed9t email");$address$$=$address$$.toLowerCase();
|