flexbiz-server 12.3.31 → 12.3.33

package/install_centos7.sh

@@ -210,6 +210,8 @@ else
     echo "Cài đặt các dependencies và devDependencies..."
     npm install "blocked-at@^1.2.0" "flexbiz-server@latest" "http-proxy-middleware@3.0.5" # dependencies
     npm install --save-dev "@babel/cli" "@babel/core" "@babel/node" "@babel/preset-env" # devDependencies
+    npm i -g "web-push"
+
 
     echo "Tạo file .babelrc..."
     cat << EOF > "$PROJECT_PATH/.babelrc"

package/package.json

@@ -2,7 +2,7 @@
 	"name": "flexbiz-server",
 	"main": "./server/app.js",
 	"description": "Flexible Server",
-	"version": "12.3.31",
+	"version": "12.3.33",
 	"author": {
 		"name": "Van Truong Pham",
 		"email": "invncur@gmail.com"
@@ -41,6 +41,7 @@
 		"google-auth-library": "^9.15.1",
 		"google-translate": "^3.0.0",
 		"googleapis": "^144.0.0",
+		"imapflow": "^1.1.0",
 		"jsonwebtoken": "^8.5.1",
 		"jspdf": "^2.1.1",
 		"jszip": "^3.1.5",
@@ -52,7 +53,7 @@
 		"moment-timezone": "^0.5.33",
 		"mongodb-backup": "^1.6.9",
 		"mongodb-restore": "^1.6.2",
-		"mongoose": "^5.12.14",
+		"mongoose": "^8.17.1",
 		"morgan": "^1.10.0",
 		"multer": "^0.1.8",
 		"natives": "^1.1.6",

package/server/app.js

@@ -7,15 +7,16 @@ crypto.randomBytes(20).toString("hex"),$res$$.cookie("uid",$uid$$,{expires:new D
 $configs$$.limitFileSize||1048576;$app$$.use(function($req$jscomp$2_size$$,$res$$,$next$$){if(($req$jscomp$2_size$$=$req$jscomp$2_size$$.headers["content-lenght"])&&$req$jscomp$2_size$$>$limitFileSize$$)return $res$$.status(400).send({error:"File too large"});$next$$()});$_port_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=require("multer")({dest:$_port_compress_cookieParser_morgan_multer_root_dir_uploads_session$$,limits:{files:1,fileSize:$limitFileSize$$}});$app$$.use($_port_compress_cookieParser_morgan_multer_root_dir_uploads_session$$);
 $app$$.use(cors({credentials:!0,exposedHeaders:["set-cookie","uid"],origin:($origin$$,$callback$$)=>{$callback$$(null,!0)}}));$configs$$.paths||($configs$$.paths={});!0!==$options$$.lite&&($app$$.use("/",express.static($configs$$.paths.public||__dirname+"/public")),$app$$.use("/admin",express.static($configs$$.paths.admin||__dirname+"/admin")),$app$$.use("/templates",express.static($configs$$.paths.templates||__dirname+"/templates")),$app$$.use("/images",express.static($configs$$.paths.images||__dirname+
 "/images")));$app$$.use(bodyParser.json({limit:$configs$$.limitRequestSize||"1mb"}));$app$$.use(bodyParser.urlencoded({limit:$configs$$.limitRequestSize||"1mb",extended:!0}));$app$$.use(passport.initialize());$_port_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=require("morgan");var $accessLogStream_rfs$$=require("rotating-file-stream");const $logDirectory$$=$configs$$.paths.log||__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);$accessLogStream_rfs$$=
-$accessLogStream_rfs$$("access.log",{interval:"1d",path:$logDirectory$$});$app$$.use($_port_compress_cookieParser_morgan_multer_root_dir_uploads_session$$("combined",{stream:$accessLogStream_rfs$$,skip:function($req$$,$res$$){return 400>$res$$.statusCode}}));$app$$.use(function($err$$,$req$$,$res$$,$next$$){console.error($err$$.stack);$res$$.status(500).send("Server Error!")});global.mongoose.connect($configs$$.database.url,{useNewUrlParser:!0}).then(async()=>{console.log("Connected to Database");
-const $redis$$=require("redis");global.clientRedis=$redis$$.createClient();global.clientRedis.on("error",$err$$=>console.error("Redis Client Error",$err$$));global.clientRedis.on("end",()=>{console.error("Redis connection closed.")});global.clientRedis.on("connect",function(){console.log("redis connected");0!=$options$$.createRedisCache&&require("./libs/redis-cache").set();$options$$.start_abci_handler&&global.getModel("assabcihandler").start();!0!==$options$$.lite?require("./route")($app$$,()=>{if(!1!==
-$options$$.createServer){var $StaticPool$jscomp$0$$=require("sticky-session");$configs$$.use_ssl?($cpus_report_cpus_server_sslConfig$$=require("./sslConfig"),$cpus_report_cpus_server_sslConfig$$=https.createServer($cpus_report_cpus_server_sslConfig$$($options$$.sslDir),$app$$)):$cpus_report_cpus_server_sslConfig$$=http.createServer($app$$);$cpus_report_cpus_server_sslConfig$$.timeout=6E5;!1!==$options$$.useSocket?$User$$.initSocket($cpus_report_cpus_server_sslConfig$$):$User$$.initClientSockets();
-if(!1!==$options$$.cluster){if(!$StaticPool$jscomp$0$$.listen($cpus_report_cpus_server_sslConfig$$,global.port))$cpus_report_cpus_server_sslConfig$$.once("listening",function(){console.log("server started on",global.port)});$StaticPool$jscomp$0$$=require("cluster");$StaticPool$jscomp$0$$.on("exit",function($worker$$,$code$$,$signal$$){console.error("worker "+$worker$$.process.pid+" died",$code$$,$signal$$)});$StaticPool$jscomp$0$$.on("online",function($worker$$){console.info("worker "+$worker$$.process.pid+
-" is online")})}else $cpus_report_cpus_server_sslConfig$$.listen(global.port,()=>{console.log("server start at "+global.port+" port")})}var $cpus_report_cpus_server_sslConfig$$=os.cpus().length;$StaticPool$jscomp$0$$=$options$$.import_cpus||($options$$.start_import_data_pool?$options$$.start_report_pool||$options$$.start_input_data_pool?1:Math.round($cpus_report_cpus_server_sslConfig$$/2):0);var $StaticPool$jscomp$1$$=$options$$.input_cpus||($options$$.start_input_data_pool?Math.max(Math.round($cpus_report_cpus_server_sslConfig$$/
-2),2):0);$cpus_report_cpus_server_sslConfig$$=$options$$.report_cpus||($options$$.start_import_data_pool?Math.max(Math.min($cpus_report_cpus_server_sslConfig$$-$StaticPool$jscomp$1$$-$StaticPool$jscomp$0$$,Math.round($cpus_report_cpus_server_sslConfig$$/2))-1,2):0);if($StaticPool$jscomp$1$$){const $StaticPool$$=require("./libs/WorkerStaticPool");global.inputMainPool=new $StaticPool$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$jscomp$1$$,3E5,$StaticPool$jscomp$1$$,
-"input pool");global.inputMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.error("Crud pool ready")})}$StaticPool$jscomp$0$$&&($StaticPool$jscomp$1$$=require("./libs/WorkerStaticPool"),global.importDataMainPool=new $StaticPool$jscomp$1$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$jscomp$0$$,36E5,1,"import pool"),global.importDataMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.error("Import pool ready")}));$cpus_report_cpus_server_sslConfig$$&&
-($StaticPool$jscomp$0$$=require("./libs/WorkerStaticPool"),global.reportMainPool=new $StaticPool$jscomp$0$$(__dirname+"/workers/reportWorker.js",$options$$.max_queue_reports||0,$cpus_report_cpus_server_sslConfig$$,3E5,2,"report pool"),global.reportMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.error("Report pool ready")}));$callbackServer$$&&$callbackServer$$()}):require("./route")($app$$,()=>{$callbackServer$$&&$callbackServer$$()},!0)})}).catch($err$$=>{console.log("Not Connected to Database ERROR! ",
-$err$$)});return $app$$};process.on("SIGINT",async()=>{global.sharedRedisConnection&&await global.sharedRedisConnection.quit();process.exit(0)});process.on("uncaughtException",function($err$jscomp$3_error$$){console.error((new Date).toUTCString()+" uncaughtException:",$err$jscomp$3_error$$.message);console.error($err$jscomp$3_error$$.stack);$err$jscomp$3_error$$=`
+$accessLogStream_rfs$$("access.log",{interval:"1d",path:$logDirectory$$});$app$$.use($_port_compress_cookieParser_morgan_multer_root_dir_uploads_session$$("combined",{stream:$accessLogStream_rfs$$,skip:function($req$$,$res$$){return 400>$res$$.statusCode}}));$app$$.use(function($err$$,$req$$,$res$$,$next$$){console.error($err$$.stack);$res$$.status(500).send("Server Error!")});global.mongoose.connect($configs$$.database.url,{useNewUrlParser:!0}).then(async()=>{console.log("[app] Connected to Database");
+const $redis$$=require("redis"),{retryStrategyRedis:$retryStrategyRedis$$}=require("./libs/utils");global.clientRedis=$redis$$.createClient({host:"127.0.0.1",port:6379,retry_strategy:$retryStrategyRedis$$});global.clientRedis.on("error",$err$$=>console.error("Redis Client Error",$err$$));global.clientRedis.on("end",()=>{console.error("[app] Redis connection closed.")});global.clientRedis.on("connect",function(){console.log("[app] redis connected");$User$$.initClientSockets();0!=$options$$.createRedisCache&&
+require("./libs/redis-cache").set();$options$$.start_abci_handler&&global.getModel("assabcihandler").start();!0!==$options$$.lite?require("./route")($app$$,()=>{if(!1!==$options$$.createServer){var $StaticPool$jscomp$0$$=require("sticky-session");$configs$$.use_ssl?($cpus_report_cpus_server_sslConfig$$=require("./sslConfig"),$cpus_report_cpus_server_sslConfig$$=https.createServer($cpus_report_cpus_server_sslConfig$$($options$$.sslDir),$app$$)):$cpus_report_cpus_server_sslConfig$$=http.createServer($app$$);
+$cpus_report_cpus_server_sslConfig$$.timeout=6E5;!1!==$options$$.useSocket&&$User$$.initSocket($cpus_report_cpus_server_sslConfig$$);if(!1!==$options$$.cluster){if(!$StaticPool$jscomp$0$$.listen($cpus_report_cpus_server_sslConfig$$,global.port))$cpus_report_cpus_server_sslConfig$$.once("listening",function(){console.log("[app] server started on",global.port)});$StaticPool$jscomp$0$$=require("cluster");$StaticPool$jscomp$0$$.on("exit",function($worker$$,$code$$,$signal$$){console.error("[app] worker "+
+$worker$$.process.pid+" died",$code$$,$signal$$)});$StaticPool$jscomp$0$$.on("online",function($worker$$){console.info("[app] worker "+$worker$$.process.pid+" is online")})}else $cpus_report_cpus_server_sslConfig$$.listen(global.port,()=>{console.log("[app] server start at "+global.port+" port")})}var $cpus_report_cpus_server_sslConfig$$=os.cpus().length;$StaticPool$jscomp$0$$=$options$$.import_cpus||($options$$.start_import_data_pool?$options$$.start_report_pool||$options$$.start_input_data_pool?
+1:Math.round($cpus_report_cpus_server_sslConfig$$/2):0);var $StaticPool$jscomp$1$$=$options$$.input_cpus||($options$$.start_input_data_pool?Math.max(Math.round($cpus_report_cpus_server_sslConfig$$/2),2):0);$cpus_report_cpus_server_sslConfig$$=$options$$.report_cpus||($options$$.start_import_data_pool?Math.max(Math.min($cpus_report_cpus_server_sslConfig$$-$StaticPool$jscomp$1$$-$StaticPool$jscomp$0$$,Math.round($cpus_report_cpus_server_sslConfig$$/2))-1,2):0);if($StaticPool$jscomp$1$$){const $StaticPool$$=
+require("./libs/WorkerStaticPool");global.inputMainPool=new $StaticPool$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$jscomp$1$$,3E5,$StaticPool$jscomp$1$$,"input pool");global.inputMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.log("[app] Crud pool ready")})}$StaticPool$jscomp$0$$&&($StaticPool$jscomp$1$$=require("./libs/WorkerStaticPool"),global.importDataMainPool=new $StaticPool$jscomp$1$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||
+0,$StaticPool$jscomp$0$$,36E5,1,"import pool"),global.importDataMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.log("[app] Import pool ready")}));$cpus_report_cpus_server_sslConfig$$&&($StaticPool$jscomp$0$$=require("./libs/WorkerStaticPool"),global.reportMainPool=new $StaticPool$jscomp$0$$(__dirname+"/workers/reportWorker.js",$options$$.max_queue_reports||0,$cpus_report_cpus_server_sslConfig$$,3E5,2,"report pool"),global.reportMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},
+()=>{console.log("[app] Report pool ready")}));$callbackServer$$&&$callbackServer$$()}):require("./route")($app$$,()=>{$callbackServer$$&&$callbackServer$$()},!0)})}).catch($err$$=>{console.log("[app] Not Connected to Database ERROR! ",$err$$)});return $app$$};process.on("SIGINT",async()=>{global.sharedRedisConnection&&await global.sharedRedisConnection.quit();process.exit(0)});
+process.on("uncaughtException",function($err$jscomp$3_error$$){console.error((new Date).toUTCString()+" uncaughtException:",$err$jscomp$3_error$$.message);console.error($err$jscomp$3_error$$.stack);$err$jscomp$3_error$$=`
     Error: ${$err$jscomp$3_error$$.message}
     Stack: ${$err$jscomp$3_error$$.stack}
-  `;try{const $logDirectory$$=__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);fs.writeFile(`${$logDirectory$$}/error-${(new Date).getTime()}.txt`,$err$jscomp$3_error$$,()=>{console.log("wrote log error")})}catch($e$$){console.log($e$$)}process.exit(1)});module.exports=mainServer;
+  `;try{const $logDirectory$$=__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);fs.writeFile(`${$logDirectory$$}/error-${(new Date).getTime()}.txt`,$err$jscomp$3_error$$,()=>{console.log("[app] wrote log error")})}catch($e$$){console.log($e$$)}process.exit(1)});module.exports=mainServer;

package/server/auths/local.js

@@ -12,40 +12,40 @@ $username$$.toLowerCase();setImmediate(function(){findByUsername($username$$,asy
 $user$$.local.rspassword=void 0,User.findOneAndUpdate({email:$user$$.email},{local:$user$$.local},($e$$,$rs$$)=>{if($e$$)return console.error("Can't update password",$user$$.email,$e$$);console.log("updated new password",$user$$.email,$rs$$)});else{if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$=
 await $user$$.getAppOfPassword($password$$),0<$err_pars_pars$$.length?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}else{if(!$user$$.local.password)return $done$$("M\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i. H\u00e3y s\u1eed d\u1ee5ng t\u00ednh n\u0103ng kh\u00f4i ph\u1ee5c m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y");
 if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$=await $user$$.getAppOfPassword($password$$),0<$err_pars_pars$$.length?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null,
-$user$$)})})}));$app$jscomp$0$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,async($headers_req$$,$res$$)=>{var $address_receive_otp_app$jscomp$2_id_app$$=$headers_req$$.params.address_receive_otp.trim().toLowerCase();console.log("send otp to",$address_receive_otp_app$jscomp$2_id_app$$);if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$headers_req$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($headers_req$$.query["g-recaptcha-response"])}catch($e$$){return console.error("Can't verify recaptcha when send otp",
+$user$$)})})}));$app$jscomp$0$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,async($headers_req$$,$res$$)=>{var $address_receive_otp_app$jscomp$2_id_app$$=$headers_req$$.params.address_receive_otp.trim().toLowerCase();if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$headers_req$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($headers_req$$.query["g-recaptcha-response"])}catch($e$$){return console.error("Can't verify recaptcha when send otp",
 $e$$),$res$$.status(400).send($e$$.messag||$e$$.error||$e$$)}}var $data_u$$=await User.findOne({$or:[{email:$address_receive_otp_app$jscomp$2_id_app$$},{"local.phone":$address_receive_otp_app$jscomp$2_id_app$$}]});if(!$data_u$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n ${$address_receive_otp_app$jscomp$2_id_app$$} kh\u00f4ng t\u1ed3n t\u1ea1i`});const $username$$=$data_u$$.email;var $message_message$jscomp$1_otp_code$jscomp$1_url$$=generateOTP();let $phone$$;$address_receive_otp_app$jscomp$2_id_app$$!=
 $username$$&&utils.isMobilePhone($address_receive_otp_app$jscomp$2_id_app$$)?$phone$$=$address_receive_otp_app$jscomp$2_id_app$$:utils.isMobilePhone($username$$)?$phone$$=$username$$:utils.isMobilePhone(($data_u$$.local||{}).phone||"")&&($phone$$=($data_u$$.local||{}).phone);let $optObject$$;try{$optObject$$=await saveOTP($username$$,$message_message$jscomp$1_otp_code$jscomp$1_url$$)}catch($e$$){return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 t\u1ea1o m\u00e3 OTP"})}if($phone$$){if(($address_receive_otp_app$jscomp$2_id_app$$=
-$headers_req$$.query.id_app)&&isValidObjectId($address_receive_otp_app$jscomp$2_id_app$$)&&($address_receive_otp_app$jscomp$2_id_app$$=await global.getModel("app").findOne({_id:$address_receive_otp_app$jscomp$2_id_app$$}))&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_otp_template_id&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_app_id&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_secret_key&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token&&$address_receive_otp_app$jscomp$2_id_app$$.zalo_refresh_token){const {zalo_otp_template_id:$zalo_otp_template_id$$,
-zalo_app_id:$zalo_app_id$$,zalo_secret_key:$zalo_secret_key$$,zalo_refresh_token:$zalo_refresh_token$$,zalo_expires_in:$zalo_expires_in$$,zalo_updated:$zalo_updated$$}=$address_receive_otp_app$jscomp$2_id_app$$;if(moment().diff(moment($zalo_updated$$),"seconds")>$zalo_expires_in$$+1E3){$headers_req$$={"Content-Type":"application/x-www-form-urlencoded",secret_key:$zalo_secret_key$$};$data_u$$={refresh_token:$zalo_refresh_token$$,app_id:$zalo_app_id$$,grant_type:"refresh_token"};try{let $rs$$=await axios.post("https://oauth.zaloapp.com/v4/oa/access_token",
-querystring.stringify($data_u$$),{headers:$headers_req$$});if($rs$$.data.error)return $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP. L\u1ed7i: ${$rs$$.data.message}`});let $zalo_token$$=$rs$$.data;$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token=$zalo_token$$.access_token;$address_receive_otp_app$jscomp$2_id_app$$.zalo_refresh_token=$zalo_token$$.refresh_token;$address_receive_otp_app$jscomp$2_id_app$$.zalo_expires_in=$zalo_token$$.expires_in;$address_receive_otp_app$jscomp$2_id_app$$.zalo_updated=
-new Date;await $address_receive_otp_app$jscomp$2_id_app$$.save()}catch($e$$){return $message_message$jscomp$1_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,console.error("Can't get access token from zalo",$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo ${$username$$}`})}}try{const $headers$$={"Content-Type":"application/json",
-access_token:$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token};$phone$$="84"+$phone$$.toString().substring(1);const $data$$={phone:$phone$$,template_id:$zalo_otp_template_id$$,template_data:{otp:$message_message$jscomp$1_otp_code$jscomp$1_url$$},tracking_id:$optObject$$._id.toString()};let $rs$$=await axios({method:"post",url:"https://business.openapi.zalo.me/message/template",data:$data$$,headers:$headers$$});return $rs$$.data.error?(console.error("[local] [send otp via zalo]",JSON.stringify($rs$$,
-null,2),{url:"https://business.openapi.zalo.me/message/template",data:$data$$,headers:$headers$$}),$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP t\u1edbi zalo ${$phone$$}. L\u1ed7i: ${$rs$$.data.message}`})):$res$$.send($optObject$$.toObject())}catch($e$$){return $message_message$jscomp$1_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,console.error("Can't send message from zalo",$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message_message$jscomp$1_otp_code$jscomp$1_url$$||
-$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo ${$username$$}`})}}if(configs.sms&&(configs.sms.send||configs.sms.genUrlSendOTP))if(configs.sms.send)configs.sms.send($phone$$,$message_message$jscomp$1_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app).then($rs$$=>{$rs$$.error_message?$res$$.status(400).send({error:$rs$$.message||$rs$$.error||$rs$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`}):
-$res$$.send($optObject$$.toObject())}).catch($e$$=>{$e$$||($e$$={message:"Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP"});console.error("Error send sms",$e$$);$res$$.status(400).send({error:$e$$.ErrorMessage||$e$$.message||$e$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})});else if($message_message$jscomp$1_otp_code$jscomp$1_url$$=configs.sms.genUrlSendOTP($phone$$,$message_message$jscomp$1_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app))try{await axios.get($message_message$jscomp$1_otp_code$jscomp$1_url$$),
-$res$$.send($optObject$$.toObject())}catch($e$$){console.error($e$$),$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`});else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}else{let $email_address$$;
-validator.isEmail($address_receive_otp_app$jscomp$2_id_app$$)&&$address_receive_otp_app$jscomp$2_id_app$$!=$username$$?$email_address$$=$address_receive_otp_app$jscomp$2_id_app$$:validator.isEmail($username$$)?$email_address$$=$username$$:$data_u$$.email2&&validator.isEmail($data_u$$.email2)&&($email_address$$=$data_u$$.email2);$email_address$$?email.sendHtml({to:{address:$email_address$$},subject:"M\u00e3 x\u00e1c th\u1ef1c",html:`Xin vui l\u00f2ng g\u1eedi qu\u00fd kh\u00e1ch m\u00e3 x\u00e1c th\u1ef1c: ${$message_message$jscomp$1_otp_code$jscomp$1_url$$}. M\u00e3 n\u00e0y s\u1ebd h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng sau 5 ph\u00fat.`},
-function($error$$){$error$$?(console.error("Error send otp to email",$error$$),$res$$.status(400).send(`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi email ${$username$$}`)):$res$$.send($optObject$$.toObject())},configs.sender_otp):$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}});$app$jscomp$0$$.get("/verify-otp/:id/:otp",$rateLimiter$$,async function($req$$,$res$$){try{const $id$$=
-$req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$.status(400).send({error:"ID c\u1ee7a m\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng h\u1ee3p l\u1ec7",code:4001});const $otp_code$$=$req$$.params.otp,$otp$$=await OTP.findById($id$$);if(!$otp$$)return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});$otp$$.tried_number=($otp$$.tried_number||0)+1;await $otp$$.save();if($otp$$.otp!=$otp_code$$||$otp$$.verified||
-$otp$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",code:4001});await OTP.findOneAndUpdate({_id:$id$$},{verified:!0});let $user$$=await User.findOne({email:$otp$$.phone});if(!$user$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});if(!$user$$.local||
-!$user$$.local.active){$user$$.local=$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save(),redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")})}catch($e$$){return console.log("error verify otp, create user",$e$$),$res$$.status(500).send($e$$)}}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],
-ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,once:$rs$$.once})})}catch($e$$){console.error("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}});$app$jscomp$0$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||
-"Unauthorized"});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$3_user$$,$res$$)=>{let $data$$=$req$jscomp$3_user$$.body;$req$jscomp$3_user$$=$req$jscomp$3_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$3_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||
-$e$$)}});$app$jscomp$0$$.get("/auth/local",$rateLimiter$$,function($req$$,$res$$,$next$$){let $ip$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).split(".").join("").split(":").join("");var $authorization_password$$=$req$$.headers.authorization;if(!$authorization_password$$)return $res$$.status(400).send({message:"Authorization is required"});$authorization_password$$=Buffer.from($authorization_password$$.replace("Basic ",""),"base64").toString("utf-8");$authorization_password$$=
-$authorization_password$$.split(":");if(1<$authorization_password$$.length){let $username$$=$authorization_password$$[0].trim().toLowerCase();$authorization_password$$=$authorization_password$$[1].trim();$req$$.query.id_app&&0>$username$$.indexOf("@app=")&&($username$$=`${$username$$}@app=${$req$$.query.id_app}`,$req$$.headers.authorization=`Basic ${Buffer.from($username$$+":"+$authorization_password$$).toString("base64")}`);let $t_session$$="times_login_"+$ip$$+"_"+$username$$.toLowerCase(),$d_session$$=
-"datetime_login_"+$ip$$+"_"+$username$$.toLowerCase();$req$$.t_session=$t_session$$;$req$$.d_session=$d_session$$;let $now$$=new Date,$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$):($req$$[$t_session$$]=$times_try$$,$req$$[$d_session$$]=$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$]):$req$$[$d_session$$]=$now$$;$req$$=$now$$.getTime()-$d$$.getTime();
-if($req$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$req$$)/6E4,2)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$,function($err$$,$reply$$){$reply$$?($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$,
-$times_try$$),global.clientRedis.set($d_session$$,$now$$));global.clientRedis.get($d_session$$,function($err$jscomp$3_time_wait$$,$reply$$){$reply$$?$d$$=new Date($reply$$):global.clientRedis.set($d_session$$,$now$$);$err$jscomp$3_time_wait$$=$now$$.getTime()-$d$$.getTime();if($err$jscomp$3_time_wait$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+
-Math.roundBy((total_time_wait_login-$err$jscomp$3_time_wait$$)/6E4,2)+" ph\u00fat"});$next$$()})})}},function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async function($err$jscomp$4_p$$,$user$$){if($err$jscomp$4_p$$||!$user$$)return $res$$.status(401).send({message:$err$jscomp$4_p$$||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return $res$$.status(401).send({require_verify:!0});if($req$$.query.id_app&&($err$jscomp$4_p$$=await global.getModel("participant").findOne({id_app:$req$$.query.id_app,
-email:$user$$.email}).lean())&&!$err$jscomp$4_p$$.active&&!$err$jscomp$4_p$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$$,$res$$)=>{let $agent$$=$req$$.headers["user-agent"];$req$$.headers.cookie?($session$jscomp$1_user$$=$req$$.session,$session$jscomp$1_user$$[$req$$.t_session]=0,$session$jscomp$1_user$$[$req$$.d_session]=
-""):(global.clientRedis.set($req$$.t_session,0),global.clientRedis.set($req$$.d_session,""));log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);var $session$jscomp$1_user$$=$req$$.user;if($req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)){const $id_app$$=$req$$.query.id_app;let $group_id$$=$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0;
-const $app$$=await App.findById($id_app$$);var $active_group_query_group$$={id_app:$id_app$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$group_id$$?$active_group_query_group$$._id=$group_id$$:$active_group_query_group$$.default_group=!0;$active_group_query_group$$=await UserGroup.findOne($active_group_query_group$$).lean();if($app$$&&$active_group_query_group$$){$group_id$$=$active_group_query_group$$._id.toString();$active_group_query_group$$=$active_group_query_group$$.not_need_active;
-try{if(($p$jscomp$3_session_created$$=await Participant.asyncCreateParticipant({id_app:$id_app$$,email:$session$jscomp$1_user$$.email,name:$session$jscomp$1_user$$.name,group_id:$group_id$$,active:$active_group_query_group$$}))&&!$p$jscomp$3_session_created$$.active)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});let $cust$$={ten_kh:$session$jscomp$1_user$$.name||$session$jscomp$1_user$$.email,email:$session$jscomp$1_user$$.email,
-id_app:$id_app$$,user_created:$session$jscomp$1_user$$.email,user_updated:$session$jscomp$1_user$$.email,kh_yn:!0,of_user:$session$jscomp$1_user$$.email};utils.isMobilePhone($session$jscomp$1_user$$.email,["vi-VN"])&&($cust$$.dien_thoai=$session$jscomp$1_user$$.email);try{await Customer.asyncCreateCustomer($cust$$)}catch($e$$){console.error("Auto create new customer with error:",$e$$.message)}}catch($e$$){return console.error("can't add user",$session$jscomp$1_user$$.email,"to company",$app$$.name),
-$res$$.status(500).send($e$$)}}}const $accessToken$$=generateToken($session$jscomp$1_user$$);var $p$jscomp$3_session_created$$=($req$$.cookies||{}).uid;$p$jscomp$3_session_created$$&&User.updateOne({email:$session$jscomp$1_user$$.email,session_created:null},{session_created:$p$jscomp$3_session_created$$});(new Token({email:$session$jscomp$1_user$$.email,session_created:$p$jscomp$3_session_created$$,id_apps:$session$jscomp$1_user$$.token_id_apps,only_id_app:$session$jscomp$1_user$$.token_id_app,token:$accessToken$$,
-agent:$agent$$,ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:!1})).save(function($e$$,$rs$$){if($e$$)return $res$$.status(500).send($e$$);$res$$.send({token:$accessToken$$,once:$rs$$.once})})});$app$jscomp$0$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email;User.findOne({$or:[{email:$email$$},{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().exec(function($e$$,$user$$){if($e$$||!$user$$)return $res$$.status(400).send($e$$||
-`T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);$res$$.send($user$$)})});$app$jscomp$0$$.post("/signup",$rateLimiter$$,async($req$$,$res$$)=>{let $body$$=$req$$.body;$body$$.json&&($body$$=JSON.parse($body$$.json));if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"});if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send("id_app kh\u00f4ng h\u1ee3p l\u1ec7");if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$$=
-$body$$["g-recaptcha-response"]||$req$$.query["g-recaptcha-response"];if(!$app$$)return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($app$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$.error||$e$$)}}let $session_created$$=($req$$.cookies||{}).uid;if($session_created$$&&$body$$.id_app){$app$$=await App.findById($body$$.id_app);if(!$app$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});
+$headers_req$$.query.id_app)&&isValidObjectId($address_receive_otp_app$jscomp$2_id_app$$)){$address_receive_otp_app$jscomp$2_id_app$$=await global.getModel("app").findOne({_id:$address_receive_otp_app$jscomp$2_id_app$$});const {zalo_otp_template_id:$zalo_otp_template_id$$,zalo_app_id:$zalo_app_id$$,zalo_secret_key:$zalo_secret_key$$,zalo_refresh_token:$zalo_refresh_token$$,zalo_access_token:$zalo_access_token$$,zalo_expires_in:$zalo_expires_in$$,zalo_updated:$zalo_updated$$}=$address_receive_otp_app$jscomp$2_id_app$$||
+{};if($zalo_otp_template_id$$&&$zalo_app_id$$&&$zalo_secret_key$$&&$zalo_refresh_token$$){if(!$zalo_access_token$$||!$zalo_expires_in$$||!$zalo_updated$$||moment().diff(moment($zalo_updated$$),"seconds")>$zalo_expires_in$$-60){$headers_req$$={"Content-Type":"application/x-www-form-urlencoded",secret_key:$zalo_secret_key$$};$data_u$$={refresh_token:$zalo_refresh_token$$,app_id:$zalo_app_id$$,grant_type:"refresh_token"};try{let $rs$$=await axios.post("https://oauth.zaloapp.com/v4/oa/access_token",querystring.stringify($data_u$$),
+{headers:$headers_req$$});if($rs$$.data.error)return $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP. L\u1ed7i: ${$rs$$.data.message}`});let $zalo_token$$=$rs$$.data;$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token=$zalo_token$$.access_token;$address_receive_otp_app$jscomp$2_id_app$$.zalo_refresh_token=$zalo_token$$.refresh_token;$address_receive_otp_app$jscomp$2_id_app$$.zalo_expires_in=$zalo_token$$.expires_in;$address_receive_otp_app$jscomp$2_id_app$$.zalo_updated=
+new Date;await $address_receive_otp_app$jscomp$2_id_app$$.save()}catch($e$$){return $message_message$jscomp$1_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,console.error("[local] [send otp via zalo] Can't get access token from zalo",$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo ${$username$$}`})}}try{const $headers$$=
+{"Content-Type":"application/json",access_token:$address_receive_otp_app$jscomp$2_id_app$$.zalo_access_token};$phone$$="84"+$phone$$.toString().substring(1);const $data$$={phone:$phone$$,template_id:$zalo_otp_template_id$$,template_data:{otp:$message_message$jscomp$1_otp_code$jscomp$1_url$$},tracking_id:$optObject$$._id.toString()};let $rs$$=await axios({method:"post",url:"https://business.openapi.zalo.me/message/template",data:$data$$,headers:$headers$$});return $rs$$.data&&$rs$$.data.error?(console.error("[local] [send otp via zalo]",
+$rs$$.data,{url:"https://business.openapi.zalo.me/message/template",data:$data$$,headers:$headers$$}),$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP t\u1edbi zalo ${$phone$$}. L\u1ed7i: ${$rs$$.data.message}`})):$res$$.send($optObject$$.toObject())}catch($e$$){return $message_message$jscomp$1_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,console.error("[local] [send otp via zalo] Can't send message from zalo",$message_message$jscomp$1_otp_code$jscomp$1_url$$||
+$e$$),$res$$.status(400).send({error:$message_message$jscomp$1_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo ${$username$$}`})}}}if(configs.sms&&(configs.sms.send||configs.sms.genUrlSendOTP))if(configs.sms.send)configs.sms.send($phone$$,$message_message$jscomp$1_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app).then($rs$$=>{$rs$$.error_message?$res$$.status(400).send({error:$rs$$.message||$rs$$.error||$rs$$.error_message||
+`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`}):$res$$.send($optObject$$.toObject())}).catch($e$$=>{$e$$||($e$$={message:"Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP"});console.error("[local] [send otp via sms] Error send sms",$e$$);$res$$.status(400).send({error:$e$$.ErrorMessage||$e$$.message||$e$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})});else if($message_message$jscomp$1_otp_code$jscomp$1_url$$=
+configs.sms.genUrlSendOTP($phone$$,$message_message$jscomp$1_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app))try{await axios.get($message_message$jscomp$1_otp_code$jscomp$1_url$$),$res$$.send($optObject$$.toObject())}catch($e$$){console.error($e$$),$res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`});
+else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}else{let $email_address$$;validator.isEmail($address_receive_otp_app$jscomp$2_id_app$$)&&$address_receive_otp_app$jscomp$2_id_app$$!=$username$$?$email_address$$=$address_receive_otp_app$jscomp$2_id_app$$:validator.isEmail($username$$)?$email_address$$=$username$$:$data_u$$.email2&&validator.isEmail($data_u$$.email2)&&($email_address$$=$data_u$$.email2);
+$email_address$$?email.sendHtml({to:{address:$email_address$$},subject:"M\u00e3 x\u00e1c th\u1ef1c",html:`Xin vui l\u00f2ng g\u1eedi qu\u00fd kh\u00e1ch m\u00e3 x\u00e1c th\u1ef1c: ${$message_message$jscomp$1_otp_code$jscomp$1_url$$}. M\u00e3 n\u00e0y s\u1ebd h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng sau 5 ph\u00fat.`},function($error$$){$error$$?(console.error("Error send otp to email",$error$$),$res$$.status(400).send(`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi email ${$username$$}`)):
+$res$$.send($optObject$$.toObject())},configs.sender_otp):$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}`})}});$app$jscomp$0$$.get("/verify-otp/:id/:otp",$rateLimiter$$,async function($req$$,$res$$){try{const $id$$=$req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$.status(400).send({error:"ID c\u1ee7a m\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng h\u1ee3p l\u1ec7",code:4001});const $otp_code$$=
+$req$$.params.otp,$otp$$=await OTP.findById($id$$);if(!$otp$$)return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});$otp$$.tried_number=($otp$$.tried_number||0)+1;await $otp$$.save();if($otp$$.otp!=$otp_code$$||$otp$$.verified||$otp$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",
+code:4001});await OTP.findOneAndUpdate({_id:$id$$},{verified:!0});let $user$$=await User.findOne({email:$otp$$.phone});if(!$user$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});if(!$user$$.local||!$user$$.local.active){$user$$.local=$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save(),redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?console.error($e$$):console.log("cache user infomation to redis")})}catch($e$$){return console.log("error verify otp, create user",
+$e$$),$res$$.status(500).send($e$$)}}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,once:$rs$$.once})})}catch($e$$){console.error("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}});
+$app$jscomp$0$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$3_user$$,$res$$)=>{let $data$$=$req$jscomp$3_user$$.body;$req$jscomp$3_user$$=$req$jscomp$3_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");
+try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$3_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});$app$jscomp$0$$.get("/auth/local",$rateLimiter$$,function($req$$,$res$$,$next$$){let $ip$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).split(".").join("").split(":").join("");var $authorization_password$$=$req$$.headers.authorization;if(!$authorization_password$$)return $res$$.status(400).send({message:"Authorization is required"});
+$authorization_password$$=Buffer.from($authorization_password$$.replace("Basic ",""),"base64").toString("utf-8");$authorization_password$$=$authorization_password$$.split(":");if(1<$authorization_password$$.length){let $username$$=$authorization_password$$[0].trim().toLowerCase();$authorization_password$$=$authorization_password$$[1].trim();$req$$.query.id_app&&0>$username$$.indexOf("@app=")&&($username$$=`${$username$$}@app=${$req$$.query.id_app}`,$req$$.headers.authorization=`Basic ${Buffer.from($username$$+
+":"+$authorization_password$$).toString("base64")}`);let $t_session$$="times_login_"+$ip$$+"_"+$username$$.toLowerCase(),$d_session$$="datetime_login_"+$ip$$+"_"+$username$$.toLowerCase();$req$$.t_session=$t_session$$;$req$$.d_session=$d_session$$;let $now$$=new Date,$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$):($req$$[$t_session$$]=$times_try$$,$req$$[$d_session$$]=
+$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$]):$req$$[$d_session$$]=$now$$;$req$$=$now$$.getTime()-$d$$.getTime();if($req$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$req$$)/6E4,2)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$,function($err$$,$reply$$){$reply$$?
+($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$,$times_try$$),global.clientRedis.set($d_session$$,$now$$));global.clientRedis.get($d_session$$,function($err$jscomp$3_time_wait$$,$reply$$){$reply$$?$d$$=new Date($reply$$):global.clientRedis.set($d_session$$,$now$$);$err$jscomp$3_time_wait$$=$now$$.getTime()-$d$$.getTime();if($err$jscomp$3_time_wait$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+
+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$err$jscomp$3_time_wait$$)/6E4,2)+" ph\u00fat"});$next$$()})})}},function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async function($err$jscomp$4_p$$,$user$$){if($err$jscomp$4_p$$||!$user$$)return $res$$.status(401).send({message:$err$jscomp$4_p$$||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return $res$$.status(401).send({require_verify:!0});
+if($req$$.query.id_app&&($err$jscomp$4_p$$=await global.getModel("participant").findOne({id_app:$req$$.query.id_app,email:$user$$.email}).lean())&&!$err$jscomp$4_p$$.active&&!$err$jscomp$4_p$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$$,$res$$)=>{let $agent$$=$req$$.headers["user-agent"];$req$$.headers.cookie?($session$jscomp$1_user$$=
+$req$$.session,$session$jscomp$1_user$$[$req$$.t_session]=0,$session$jscomp$1_user$$[$req$$.d_session]=""):(global.clientRedis.set($req$$.t_session,0),global.clientRedis.set($req$$.d_session,""));log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);var $session$jscomp$1_user$$=$req$$.user;if($req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)){const $id_app$$=$req$$.query.id_app;let $group_id$$=$req$$.query.group_id&&
+global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0;const $app$$=await App.findById($id_app$$);var $active_group_query_group$$={id_app:$id_app$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$group_id$$?$active_group_query_group$$._id=$group_id$$:$active_group_query_group$$.default_group=!0;$active_group_query_group$$=await UserGroup.findOne($active_group_query_group$$).lean();if($app$$&&$active_group_query_group$$){$group_id$$=
+$active_group_query_group$$._id.toString();$active_group_query_group$$=$active_group_query_group$$.not_need_active;try{if(($p$jscomp$3_session_created$$=await Participant.asyncCreateParticipant({id_app:$id_app$$,email:$session$jscomp$1_user$$.email,name:$session$jscomp$1_user$$.name,group_id:$group_id$$,active:$active_group_query_group$$}))&&!$p$jscomp$3_session_created$$.active)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",
+active:!1});let $cust$$={ten_kh:$session$jscomp$1_user$$.name||$session$jscomp$1_user$$.email,email:$session$jscomp$1_user$$.email,id_app:$id_app$$,user_created:$session$jscomp$1_user$$.email,user_updated:$session$jscomp$1_user$$.email,kh_yn:!0,of_user:$session$jscomp$1_user$$.email};utils.isMobilePhone($session$jscomp$1_user$$.email,["vi-VN"])&&($cust$$.dien_thoai=$session$jscomp$1_user$$.email);try{await Customer.asyncCreateCustomer($cust$$)}catch($e$$){console.error("Auto create new customer with error:",
+$e$$.message)}}catch($e$$){return console.error("can't add user",$session$jscomp$1_user$$.email,"to company",$app$$.name),$res$$.status(500).send($e$$)}}}const $accessToken$$=generateToken($session$jscomp$1_user$$);var $p$jscomp$3_session_created$$=($req$$.cookies||{}).uid;$p$jscomp$3_session_created$$&&User.updateOne({email:$session$jscomp$1_user$$.email,session_created:null},{session_created:$p$jscomp$3_session_created$$});(new Token({email:$session$jscomp$1_user$$.email,session_created:$p$jscomp$3_session_created$$,
+id_apps:$session$jscomp$1_user$$.token_id_apps,only_id_app:$session$jscomp$1_user$$.token_id_app,token:$accessToken$$,agent:$agent$$,ip:"",once:1==$req$$.query.once||"true"==$req$$.query.once||"1"===$req$$.query.once?!0:!1})).save(function($e$$,$rs$$){if($e$$)return $res$$.status(500).send($e$$);$res$$.send({token:$accessToken$$,once:$rs$$.once})})});$app$jscomp$0$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email;User.findOne({$or:[{email:$email$$},
+{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().exec(function($e$$,$user$$){if($e$$||!$user$$)return $res$$.status(400).send($e$$||`T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);$res$$.send($user$$)})});$app$jscomp$0$$.post("/signup",$rateLimiter$$,async($req$$,$res$$)=>{let $body$$=$req$$.body;$body$$.json&&($body$$=JSON.parse($body$$.json));if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"});if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send("id_app kh\u00f4ng h\u1ee3p l\u1ec7");
+if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$$=$body$$["g-recaptcha-response"]||$req$$.query["g-recaptcha-response"];if(!$app$$)return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($app$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$.error||$e$$)}}let $session_created$$=($req$$.cookies||{}).uid;if($session_created$$&&$body$$.id_app){$app$$=await App.findById($body$$.id_app);if(!$app$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});
 if($app$$.options&&$app$$.options.one_account_per_device&&await Participant.findOne({session_created:$session_created$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"});$body$$.email=$body$$.email.trim().toLowerCase();if(!validator.isEmail($body$$.email)&&!utils.isMobilePhone($body$$.email,
 ["vi-VN"]))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp ph\u1ea3i l\u00e0 1 \u0111\u1ecba ch\u1ec9 email ho\u1eb7c 1 s\u1ed1 \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng"});if(!$body$$.name)return $res$$.status(400).send({error:"H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp"});if($body$$.introduce_code&&$body$$.id_app&&!await global.getModel("introducecode").findOne({id_app:$body$$.id_app,status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"});
 User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]},async function($error$jscomp$1$$,$result$$){if($error$jscomp$1$$)return $res$$.status(400).send($error$jscomp$1$$);if($result$$)if(!$result$$.local||configs.require_verify&&!$result$$.local.active||$result$$.local.email!=$body$$.email)$result$$.local||($result$$.local={});else if($body$$.id_app)try{if(await global.getModel("participant").findOne({id_app:$body$$.id_app,email:$body$$.email}))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n n\u00e0y \u0111\u00e3 t\u1ed3n t\u1ea1i"});

package/server/cluster.js

@@ -1,25 +1,26 @@
 'use strict';require("events").EventEmitter.defaultMaxListeners=1E7;
-const os=require("os"),express=require("express"),bodyParser=require("body-parser"),passport=require("passport"),https=require("https"),http=require("http"),fs=require("fs"),cors=require("cors"),crypto=require("crypto"),_global=require("./global"),defaultConfigs=require("./defaultConfigs"),sslConfig=require("./sslConfig"),clusterServer=function($app$$,$sslDir$$,$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$={},$_port_accessLogStream_rfs$$=9999,$options$$={start_import_data_pool:!1,
-start_report_pool:!0,useAgenda:!0,createRedisCache:!0}){const $configs$$=global.configs={...defaultConfigs,...$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$,cluster:0!=$options$$.cluster,lite:$options$$.lite,port:$_port_accessLogStream_rfs$$};$configs$$.admins||($configs$$.admins=$configs$$.adminUsers.map($u$$=>$u$$.email));$configs$$.supportUsers||($configs$$.supportUsers=[...$configs$$.admins]);$configs$$.public_token||($configs$$.public_token="flex.public.token");$configs$$.port=
-$_port_accessLogStream_rfs$$;global.port=$_port_accessLogStream_rfs$$;require("moment-timezone").tz.setDefault($configs$$.timezone||"Asia/Ho_Chi_Minh");$app$$||($app$$=express());$app$$.set("trust proxy",1);const $toobusy$$=require("toobusy-js");$configs$$.maxLag&&$toobusy$$.maxLag($configs$$.maxLag);$app$$.use(function($req$$,$res$$,$next$$){$toobusy$$()?(console.error("Server is busy right now. This request has been cancel:",$req$$.originalUrl),$res$$.status(503).send({error:"Server is busy right now, sorry."})):
-$next$$()});$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=require("express-session");$app$$.use($_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$({secret:"QV098PVT123456HLBN",resave:!1,saveUninitialized:!0,cookie:{secure:!1}}));$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=require("cookie-parser");$app$$.use($_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$());$app$$.use(function($req$$,$res$$,$next$$){let $uid$$=
-$req$$.cookies.uid;$uid$$||($uid$$=$req$$.headers.uid);$uid$$||($uid$$="uid:"+crypto.randomBytes(20).toString("hex"),$res$$.cookie("uid",$uid$$,{expires:new Date(Date.now()+31536E6),sameSite:"none",secure:!0}));$res$$.set("uid",$uid$$);$req$$.cookies.uid=$uid$$;$next$$()});$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=require("compression");$app$$.use($_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$());$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=
-$configs$$.paths.uploads||__dirname+"/uploads";const $limitFileSize$$=$configs$$.limitFileSize||1048576;$app$$.use(function($req$jscomp$2_size$$,$res$$,$next$$){if(($req$jscomp$2_size$$=$req$jscomp$2_size$$.headers["content-lenght"])&&$req$jscomp$2_size$$>$limitFileSize$$)return $res$$.status(400).send({error:"File too large"});$next$$()});$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=require("multer")({dest:$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$,
-limits:{files:1,fileSize:$limitFileSize$$}});$app$$.use($_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$);$app$$.use(cors({credentials:!0,exposedHeaders:["set-cookie","uid"],origin:($origin$$,$callback$$)=>{$callback$$(null,!0)}}));$configs$$.paths||($configs$$.paths={});$app$$.use("/",express.static($configs$$.paths.public||__dirname+"/public"));$app$$.use("/admin",express.static($configs$$.paths.admin||__dirname+"/admin"));$app$$.use("/templates",express.static($configs$$.paths.templates||
-__dirname+"/templates"));$app$$.use("/images",express.static($configs$$.paths.images||__dirname+"/images"));$app$$.use(bodyParser.json({limit:$configs$$.limitRequestSize||"1mb"}));$app$$.use(bodyParser.urlencoded({limit:$configs$$.limitRequestSize||"1mb",extended:!0}));$app$$.use(passport.initialize());$_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$=require("morgan");$_port_accessLogStream_rfs$$=require("rotating-file-stream");const $logDirectory$$=$configs$$.paths.log||__dirname+
-"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);$_port_accessLogStream_rfs$$=$_port_accessLogStream_rfs$$("access-cluster.log",{interval:"1d",path:$logDirectory$$});$app$$.use($_configs_compress_cookieParser_morgan_multer_root_dir_uploads_session$$("combined",{stream:$_port_accessLogStream_rfs$$,skip:function($req$$,$res$$){return 400>$res$$.statusCode}}));$app$$.use(function($err$$,$req$$,$res$$,$next$$){console.error($err$$.stack);$res$$.status(500).send("Server error!")});
-global.mongoose.connect($configs$$.database.url,{useNewUrlParser:!0}).then(async $clientMongo_redis$$=>{console.log("Connected to Database");global.clientMongo=$clientMongo_redis$$;$clientMongo_redis$$=require("redis");global.clientRedis=$clientMongo_redis$$.createClient();global.clientRedis.on("error",$err$$=>console.error("Redis Client Error",$err$$));global.clientRedis.on("end",()=>{console.error("Redis connection closed.")});global.clientRedis.on("connect",async function(){function $initSysData$$(){console.log("creating system data...");
-const $files$$=fs.readdirSync(__dirname+"/data/sys");$async$$.mapSeries($files$$,function($file$$,$callback$jscomp$0$$){setImmediate(()=>{if(".js"==$file$$.substr(-3)){const $data$$=JSON.parse(JSON.stringify(require("./data/sys/"+$file$$).data)),$model$$=global.getModel(""+$file$$);console.log("creating system data...",$file$$);$model$$.deleteMany({},$e$$=>{console.error($e$$);$async$$.mapSeries($data$$,function($r$$,$callback$$){delete $r$$._id;delete $r$$.__v;delete $r$$.collection_name;delete $r$$.pkey;
-$model$$.create($r$$,function($error$$){if($error$$)return $callback$$($error$$);$callback$$()})},function($error$$,$rs$$){$callback$jscomp$0$$($error$$,$rs$$)})})}else $callback$jscomp$0$$()})},function($error$$){if($error$$)return console.log($error$$);console.log("created system data")})}console.log("redis connected");0!=$options$$.createRedisCache&&require("./libs/redis-cache").set();global.getModel("schedule").start();$options$$.start_abci_handler&&global.getModel("assabcihandler").start();var $StaticPool$$=
-global.getModel("user"),$cpus_init_system_data_report_cpus_server$$=$configs$$.initSysData;$cpus_init_system_data_report_cpus_server$$||await $StaticPool$$.findOne({})||($cpus_init_system_data_report_cpus_server$$=!0);for($StaticPool$jscomp$0$$=0;$StaticPool$jscomp$0$$<$configs$$.adminUsers.length;$StaticPool$jscomp$0$$++){var $StaticPool_adminUser$$=$configs$$.adminUsers[$StaticPool$jscomp$0$$];let $u$$=await $StaticPool$$.findOne({email:$StaticPool_adminUser$$.email});$u$$||($StaticPool_adminUser$$.local=
-{name:$StaticPool_adminUser$$.name,email:$StaticPool_adminUser$$.email,active:!0},$u$$=new $StaticPool$$($StaticPool_adminUser$$),$u$$.local.password=$u$$.generateHash($StaticPool_adminUser$$.email+$StaticPool_adminUser$$.defaultPassword),$u$$.save(function($error$$,$user$$){if($error$$)return console.error($error$$);$user$$&&console.log("da tao thanh cong user "+$user$$.email)}))}const $async$$=require("async");$cpus_init_system_data_report_cpus_server$$&&$initSysData$$();require("./route")($app$$);
-$cpus_init_system_data_report_cpus_server$$=$configs$$.use_ssl?https.createServer(sslConfig($sslDir$$),$app$$):http.createServer($app$$);$cpus_init_system_data_report_cpus_server$$.timeout=6E5;$StaticPool$$.initSocket($cpus_init_system_data_report_cpus_server$$);if(!1!==$options$$.cluster){if(!require("sticky-session").listen($cpus_init_system_data_report_cpus_server$$,global.port))$cpus_init_system_data_report_cpus_server$$.once("listening",function(){console.log("server cluster started on",global.port)});
-$StaticPool$$=require("cluster");$StaticPool$$.on("exit",function($worker$$,$code$$,$signal$$){console.error("worker "+$worker$$.process.pid+" died",$code$$,$signal$$)});$StaticPool$$.on("online",function($worker$$){console.info("worker "+$worker$$.process.pid+" is online");global.clientRedis.set("lastworker",JSON.stringify({pid:$worker$$.process.pid}))})}else $cpus_init_system_data_report_cpus_server$$.listen(global.port,()=>{console.log("server start at "+global.port+" port")});$cpus_init_system_data_report_cpus_server$$=
-os.cpus().length;$StaticPool$$=$options$$.import_cpus||($options$$.start_import_data_pool?$options$$.start_report_pool||$options$$.start_input_data_pool?1:Math.round($cpus_init_system_data_report_cpus_server$$/2):0);var $StaticPool$jscomp$0$$=$options$$.input_cpus||($options$$.start_input_data_pool?Math.max(Math.round($cpus_init_system_data_report_cpus_server$$/2),2):0);$cpus_init_system_data_report_cpus_server$$=$options$$.report_cpus||($options$$.start_import_data_pool?Math.max(Math.min($cpus_init_system_data_report_cpus_server$$-
-$StaticPool$jscomp$0$$-$StaticPool$$,Math.round($cpus_init_system_data_report_cpus_server$$/2))-1,2):0);$StaticPool$jscomp$0$$&&($StaticPool_adminUser$$=require("./libs/WorkerStaticPool"),global.inputMainPool=new $StaticPool_adminUser$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$jscomp$0$$,3E5,$StaticPool$jscomp$0$$,"input pool"),global.inputMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.error("Crud pool ready")}));$StaticPool$$&&($StaticPool$jscomp$0$$=
-require("./libs/WorkerStaticPool"),global.importDataMainPool=new $StaticPool$jscomp$0$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$$,36E5,1,"import pool"),global.importDataMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.error("Import pool ready")}));$cpus_init_system_data_report_cpus_server$$&&($StaticPool$$=require("./libs/WorkerStaticPool"),global.reportMainPool=new $StaticPool$$(__dirname+"/workers/reportWorker.js",$options$$.max_queue_reports||
-0,$cpus_init_system_data_report_cpus_server$$,3E5,2,"report pool"),global.reportMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.error("Report pool ready")}))})}).catch($err$$=>{console.error("Not Connected to Database ERROR!",$err$$)})};process.on("SIGINT",async()=>{global.sharedRedisConnection&&await global.sharedRedisConnection.quit();process.exit(0)});
-process.on("uncaughtException",function($err$jscomp$3_error$$){console.error((new Date).toUTCString()+" uncaughtException:",$err$jscomp$3_error$$.message);console.error($err$jscomp$3_error$$.stack);$err$jscomp$3_error$$=`
+const os=require("os"),express=require("express"),bodyParser=require("body-parser"),passport=require("passport"),https=require("https"),http=require("http"),fs=require("fs"),crypto=require("crypto"),_global=require("./global"),defaultConfigs=require("./defaultConfigs"),sslConfig=require("./sslConfig"),clusterServer=function($app$$,$sslDir$$,$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$={},$_port_accessLogStream_rfs$$=9999,$options$$={start_import_data_pool:!1,start_report_pool:!0,
+useAgenda:!0,createRedisCache:!0}){const $configs$$=global.configs={...defaultConfigs,...$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$,cluster:0!=$options$$.cluster,lite:$options$$.lite,port:$_port_accessLogStream_rfs$$};$configs$$.admins||($configs$$.admins=$configs$$.adminUsers.map($u$$=>$u$$.email));$configs$$.supportUsers||($configs$$.supportUsers=[...$configs$$.admins]);$configs$$.public_token||($configs$$.public_token="flex.public.token");$configs$$.port=$_port_accessLogStream_rfs$$;
+global.port=$_port_accessLogStream_rfs$$;require("moment-timezone").tz.setDefault($configs$$.timezone||"Asia/Ho_Chi_Minh");$app$$||($app$$=express());$app$$.set("trust proxy",1);const $toobusy$$=require("toobusy-js");$configs$$.maxLag&&$toobusy$$.maxLag($configs$$.maxLag);$app$$.use(function($req$$,$res$$,$next$$){$toobusy$$()?(console.error("Server is busy right now. This request has been cancel:",$req$$.originalUrl),$res$$.status(503).send({error:"Server is busy right now, sorry."})):$next$$()});
+$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("express-session");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$({secret:"QV098PVT123456HLBN",resave:!1,saveUninitialized:!0,cookie:{secure:!1}}));$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("cookie-parser");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$());$app$$.use(function($req$$,$res$$,
+$next$$){let $uid$$=$req$$.cookies.uid;$uid$$||($uid$$=$req$$.headers.uid);$uid$$||($uid$$="uid:"+crypto.randomBytes(20).toString("hex"),$res$$.cookie("uid",$uid$$,{expires:new Date(Date.now()+31536E6),sameSite:"none",secure:!0}));$res$$.set("uid",$uid$$);$req$$.cookies.uid=$uid$$;$next$$()});$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("compression");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$());$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=
+$configs$$.paths.uploads||__dirname+"/uploads";const $limitFileSize$$=$configs$$.limitFileSize||1048576;$app$$.use(function($req$jscomp$2_size$$,$res$$,$next$$){if(($req$jscomp$2_size$$=$req$jscomp$2_size$$.headers["content-lenght"])&&$req$jscomp$2_size$$>$limitFileSize$$)return $res$$.status(400).send({error:"File too large"});$next$$()});$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("multer")({dest:$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$,
+limits:{files:1,fileSize:$limitFileSize$$}});$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$);$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("cors");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$({credentials:!0,exposedHeaders:["set-cookie","uid"],origin:($origin$$,$callback$$)=>{$callback$$(null,!0)}}));$configs$$.paths||($configs$$.paths={});$app$$.use("/",express.static($configs$$.paths.public||
+__dirname+"/public"));$app$$.use("/admin",express.static($configs$$.paths.admin||__dirname+"/admin"));$app$$.use("/templates",express.static($configs$$.paths.templates||__dirname+"/templates"));$app$$.use("/images",express.static($configs$$.paths.images||__dirname+"/images"));$app$$.use(bodyParser.json({limit:$configs$$.limitRequestSize||"1mb"}));$app$$.use(bodyParser.urlencoded({limit:$configs$$.limitRequestSize||"1mb",extended:!0}));$app$$.use(passport.initialize());$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=
+require("morgan");$_port_accessLogStream_rfs$$=require("rotating-file-stream");const $logDirectory$$=$configs$$.paths.log||__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);$_port_accessLogStream_rfs$$=$_port_accessLogStream_rfs$$("access-cluster.log",{interval:"1d",path:$logDirectory$$});$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$("combined",{stream:$_port_accessLogStream_rfs$$,skip:function($req$$,$res$$){return 400>$res$$.statusCode}}));
+$app$$.use(function($err$$,$req$$,$res$$,$next$$){console.error($err$$.stack);$res$$.status(500).send("Server error!")});global.mongoose.connect($configs$$.database.url,{useNewUrlParser:!0}).then(async $clientMongo_redis$$=>{console.log("[cluster] Connected to Database");global.clientMongo=$clientMongo_redis$$;$clientMongo_redis$$=require("redis");const {retryStrategyRedis:$retryStrategyRedis$$}=require("./libs/utils");global.clientRedis=$clientMongo_redis$$.createClient({host:"127.0.0.1",port:6379,
+retry_strategy:$retryStrategyRedis$$});global.clientRedis.on("error",$err$$=>console.error("[cluster] Redis Client Error",$err$$));global.clientRedis.on("end",()=>{console.error("[cluster] Redis connection closed.")});global.clientRedis.on("connect",async function(){function $initSysData$$(){console.log("[cluster] creating system data...");const $files$$=fs.readdirSync(__dirname+"/data/sys");$async$$.mapSeries($files$$,function($file$$,$callback$jscomp$0$$){setImmediate(()=>{if(".js"==$file$$.substr(-3)){const $data$$=
+JSON.parse(JSON.stringify(require("./data/sys/"+$file$$).data)),$model$$=global.getModel(""+$file$$);console.log("[cluster] creating system data...",$file$$);$model$$.deleteMany({},$e$$=>{console.error($e$$);$async$$.mapSeries($data$$,function($r$$,$callback$$){delete $r$$._id;delete $r$$.__v;delete $r$$.collection_name;delete $r$$.pkey;$model$$.create($r$$,function($error$$){if($error$$)return $callback$$($error$$);$callback$$()})},function($error$$,$rs$$){$callback$jscomp$0$$($error$$,$rs$$)})})}else $callback$jscomp$0$$()})},
+function($error$$){if($error$$)return console.log($error$$);console.log("[cluster] created system data")})}console.log("redis connected");0!=$options$$.createRedisCache&&require("./libs/redis-cache").set();global.getModel("schedule").start();$options$$.start_abci_handler&&global.getModel("assabcihandler").start();var $StaticPool$$=global.getModel("user"),$cpus_init_system_data_report_cpus_server$$=$configs$$.initSysData;$cpus_init_system_data_report_cpus_server$$||await $StaticPool$$.findOne({})||
+($cpus_init_system_data_report_cpus_server$$=!0);for($StaticPool$jscomp$0$$=0;$StaticPool$jscomp$0$$<$configs$$.adminUsers.length;$StaticPool$jscomp$0$$++){var $StaticPool_adminUser$$=$configs$$.adminUsers[$StaticPool$jscomp$0$$];let $u$$=await $StaticPool$$.findOne({email:$StaticPool_adminUser$$.email});$u$$||($StaticPool_adminUser$$.local={name:$StaticPool_adminUser$$.name,email:$StaticPool_adminUser$$.email,active:!0},$u$$=new $StaticPool$$($StaticPool_adminUser$$),$u$$.local.password=$u$$.generateHash($StaticPool_adminUser$$.email+
+$StaticPool_adminUser$$.defaultPassword),$u$$.save(function($error$$,$user$$){if($error$$)return console.error($error$$);$user$$&&console.log("[cluster] da tao thanh cong user "+$user$$.email)}))}const $async$$=require("async");$cpus_init_system_data_report_cpus_server$$&&$initSysData$$();require("./route")($app$$);$cpus_init_system_data_report_cpus_server$$=$configs$$.use_ssl?https.createServer(sslConfig($sslDir$$),$app$$):http.createServer($app$$);$cpus_init_system_data_report_cpus_server$$.timeout=
+6E5;$StaticPool$$.initSocket($cpus_init_system_data_report_cpus_server$$);$StaticPool$$.initClientSockets();if(!1!==$options$$.cluster){if(!require("sticky-session").listen($cpus_init_system_data_report_cpus_server$$,global.port))$cpus_init_system_data_report_cpus_server$$.once("listening",function(){console.log("[cluster] server cluster started on",global.port)});$StaticPool$$=require("cluster");$StaticPool$$.on("exit",function($worker$$,$code$$,$signal$$){console.error("[cluster] worker "+$worker$$.process.pid+
+" died",$code$$,$signal$$)});$StaticPool$$.on("online",function($worker$$){console.info("[cluster] worker "+$worker$$.process.pid+" is online");global.clientRedis.set("lastworker",JSON.stringify({pid:$worker$$.process.pid}))})}else $cpus_init_system_data_report_cpus_server$$.listen(global.port,()=>{console.log("[cluster] server start at "+global.port+" port")});$cpus_init_system_data_report_cpus_server$$=os.cpus().length;$StaticPool$$=$options$$.import_cpus||($options$$.start_import_data_pool?$options$$.start_report_pool||
+$options$$.start_input_data_pool?1:Math.round($cpus_init_system_data_report_cpus_server$$/2):0);var $StaticPool$jscomp$0$$=$options$$.input_cpus||($options$$.start_input_data_pool?Math.max(Math.round($cpus_init_system_data_report_cpus_server$$/2),2):0);$cpus_init_system_data_report_cpus_server$$=$options$$.report_cpus||($options$$.start_import_data_pool?Math.max(Math.min($cpus_init_system_data_report_cpus_server$$-$StaticPool$jscomp$0$$-$StaticPool$$,Math.round($cpus_init_system_data_report_cpus_server$$/
+2))-1,2):0);$StaticPool$jscomp$0$$&&($StaticPool_adminUser$$=require("./libs/WorkerStaticPool"),global.inputMainPool=new $StaticPool_adminUser$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$jscomp$0$$,3E5,$StaticPool$jscomp$0$$,"input pool"),global.inputMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.log("[cluster] Crud pool ready")}));$StaticPool$$&&($StaticPool$jscomp$0$$=require("./libs/WorkerStaticPool"),global.importDataMainPool=new $StaticPool$jscomp$0$$(__dirname+
+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$$,36E5,1,"import pool"),global.importDataMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{console.log("[cluster] Import pool ready")}));$cpus_init_system_data_report_cpus_server$$&&($StaticPool$$=require("./libs/WorkerStaticPool"),global.reportMainPool=new $StaticPool$$(__dirname+"/workers/reportWorker.js",$options$$.max_queue_reports||0,$cpus_init_system_data_report_cpus_server$$,3E5,2,"report pool"),global.reportMainPool.exec({load:!0,
+configs:JSON.stringify($configs$$)},()=>{console.log("[cluster] Report pool ready")}))})}).catch($err$$=>{console.error("[cluster] Not Connected to Database ERROR!",$err$$)})};process.on("SIGINT",async()=>{global.sharedRedisConnection&&await global.sharedRedisConnection.quit();process.exit(0)});
+process.on("uncaughtException",function($err$jscomp$3_error$$){console.error("[cluster]",(new Date).toUTCString()+" uncaughtException:",$err$jscomp$3_error$$.message);console.error($err$jscomp$3_error$$.stack);$err$jscomp$3_error$$=`
     Error: ${$err$jscomp$3_error$$.message}
     Stack: ${$err$jscomp$3_error$$.stack}
-  `;try{const $logDirectory$$=__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);fs.writeFile(`${$logDirectory$$}/error-${(new Date).getTime()}.txt`,$err$jscomp$3_error$$,()=>{console.log("wrote log error")})}catch($e$$){console.log($e$$)}process.exit(1)});module.exports=clusterServer;
+  `;try{const $logDirectory$$=__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);fs.writeFile(`${$logDirectory$$}/error-${(new Date).getTime()}.txt`,$err$jscomp$3_error$$,()=>{console.log("[cluster] wrote log error")})}catch($e$$){console.log($e$$)}process.exit(1)});module.exports=clusterServer;