flexbiz-server 12.6.6 → 12.6.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/server/app.js +8 -7
- package/server/auths/local.js +51 -49
- package/server/cluster.js +19 -19
- package/server/controllers/controller.js +33 -31
- package/server/controllers/controllerUtils.js +21 -22
- package/server/controllers/createHandler.js +18 -15
- package/server/controllers/deleteHandler.js +2 -1
- package/server/controllers/findHandler.js +58 -53
- package/server/controllers/rptExcelHandler.js +2 -2
- package/server/controllers/rptHandler.js +13 -13
- package/server/controllers/updateHandler.js +9 -9
- package/server/controllers/viewHandler.js +13 -15
- package/server/defaultConfigs.js +1 -1
- package/server/global.js +8 -8
- package/server/libs/cdpskh.js +14 -11
- package/server/libs/cdpsnphep.js +4 -4
- package/server/libs/cdpstk.js +1 -1
- package/server/libs/ckcn.js +12 -9
- package/server/libs/cknphep.js +4 -4
- package/server/libs/databanle.js +3 -2
- package/server/libs/databanlenpp.js +3 -3
- package/server/libs/databanletheongay.js +5 -5
- package/server/libs/dkcn.js +14 -11
- package/server/libs/dknphep.js +5 -5
- package/server/libs/initDatabase.js +2 -2
- package/server/libs/joinData.js +2 -2
- package/server/libs/kpistatus.js +30 -30
- package/server/libs/logger.js +1 -1
- package/server/libs/mongooseSecurityPlugin.js +14 -0
- package/server/libs/permission.js +36 -34
- package/server/libs/post-book.js +17 -16
- package/server/libs/post-sokho.js +2 -2
- package/server/libs/queryBuilding.js +4 -3
- package/server/libs/redis-cache.js +7 -5
- package/server/libs/tuoinophaithu.js +6 -6
- package/server/libs/tuoinophaitra.js +6 -7
- package/server/libs/utils.js +6 -6
- package/server/models/approve.js +10 -9
- package/server/models/bds_nhadat.js +3 -1
- package/server/models/bds_nhadat_moigioi_ban.js +3 -3
- package/server/models/cacheDataReport.js +2 -0
- package/server/models/cacheSessionReport.js +1 -0
- package/server/models/cdkh.js +2 -2
- package/server/models/cdkhtheongay.js +2 -2
- package/server/models/customer.js +10 -9
- package/server/models/customer_care.js +2 -0
- package/server/models/deal.js +2 -0
- package/server/models/dmnv.js +3 -3
- package/server/models/file.js +3 -3
- package/server/models/introducecode.js +2 -2
- package/server/models/notification.js +2 -2
- package/server/models/participant.js +8 -7
- package/server/models/phucap.js +2 -2
- package/server/models/user.js +18 -16
- package/server/modules/lists/ls-bds_nhadat.js +16 -14
- package/server/modules/lists/ls-bds_nhadat_moigioi_ban.js +8 -6
- package/server/modules/lists/ls-checkin.js +24 -344
- package/server/modules/lists/ls-customer.js +18 -16
- package/server/modules/lists/ls-customer_care.js +2 -0
- package/server/modules/lists/ls-datlich.js +5 -5
- package/server/modules/lists/ls-deal.js +4 -0
- package/server/modules/lists/ls-dmdt.js +4 -4
- package/server/modules/lists/ls-file.js +12 -7
- package/server/modules/lists/ls-introducecode.js +4 -4
- package/server/modules/lists/ls-participant.js +8 -8
- package/server/modules/lists/ls-rpt.js +1 -1
- package/server/modules/reports/calc-tinhluong.js +54 -49
- package/server/modules/reports/rp-analyzedata.js +3 -3
- package/server/modules/reports/rp-bds_hoahongctv.js +5 -0
- package/server/modules/reports/rp-kcsns.js +13 -13
- package/server/modules/reports/rp-kgchamcong.js +11 -8
- package/server/modules/reports/rp-khoaso.js +9 -11
- package/server/modules/reports/rp-phanbochitienchohoadon.js +4 -4
- package/server/modules/reports/rp-phanbothutienchohoadon.js +5 -4
- package/server/modules/reports/rp-referredusers.js +5 -1
- package/server/modules/reports/rp-sctcnkh.js +18 -10
- package/server/modules/reports/rp-thbanhangkempk.js +3 -3
- package/server/modules/reports/rp-thnxt.js +10 -11
- package/server/modules/systems/sys-app.js +18 -18
- package/server/modules/systems/sys-users.js +9 -9
- package/server/modules/vouchers/vo-hd1.js +6 -5
- package/server/modules/vouchers/vo-hd2.js +1 -1
- package/server/modules/vouchers/vo-hde.js +2 -2
- package/server/modules/vouchers/vo-lenhcapphat.js +2 -2
- package/server/modules/vouchers/vo-so7.js +13 -13
- package/server/route.js +47 -47
- package/server/workers/inputWorker.js +1 -1
- package/server/workers/reportWorker.js +2 -2
package/package.json
CHANGED
package/server/app.js
CHANGED
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
require("events").EventEmitter.defaultMaxListeners=1E7;const os=require("os"),express=require("express"),bodyParser=require("body-parser"),crypto=require("crypto"),passport=require("passport"),https=require("https"),http=require("http"),fs=require("fs"),cors=require("cors");require("./global");
|
|
2
2
|
const defaultConfigs=require("./defaultConfigs"),mainServer=function($app$$,$options$$={cluster:!1,port:443,useSocket:!0},$callbackServer$$=null){const $configs$$=global.configs={...defaultConfigs,...$options$$.configs,lite:$options$$.lite};$configs$$.database.url=process.env.MONGO_URI||$configs$$.database.url;$configs$$.admins||($configs$$.admins=$configs$$.adminUsers.map($u$$=>$u$$.email));$configs$$.supportUsers||($configs$$.supportUsers=[...$configs$$.admins]);$configs$$.public_token||($configs$$.public_token=
|
|
3
|
-
"flex.public.token");var $
|
|
4
|
-
require("toobusy-js");$configs$$.maxLag&&$toobusy$$.maxLag($configs$$.maxLag);$app$$.use(function($req$$,$res$$,$next$$){$toobusy$$()?(Logger.error("Server is busy right now. This request has been cancel:",$req$$.originalUrl),$res$$.status(503).send({error:"Server is busy right now, sorry."})):$next$$()});$
|
|
5
|
-
resave:!1,saveUninitialized:!0,cookie:{secure:!1}}));$
|
|
6
|
-
|
|
7
|
-
$req$jscomp$2_size$$>$limitFileSize$$)return $res$$.status(400).send({error:"File too large"});$next$$()});$
|
|
8
|
-
|
|
9
|
-
"
|
|
3
|
+
"flex.public.token");var $_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=$options$$.port||$configs$$.port||$configs$$.PORT||443;$configs$$.port=$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$;global.port=$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$;const $User$$=global.getModel("user");require("moment-timezone").tz.setDefault($configs$$.timezone||"Asia/Ho_Chi_Minh");$app$$||=express();
|
|
4
|
+
$app$$.set("trust proxy",1);const $toobusy$$=require("toobusy-js");$configs$$.maxLag&&$toobusy$$.maxLag($configs$$.maxLag);$app$$.use(function($req$$,$res$$,$next$$){$toobusy$$()?(Logger.error("Server is busy right now. This request has been cancel:",$req$$.originalUrl),$res$$.status(503).send({error:"Server is busy right now, sorry."})):$next$$()});$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=require("express-session");$app$$.use($_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$({secret:"QV098PVT123456HLBN",
|
|
5
|
+
resave:!1,saveUninitialized:!0,cookie:{secure:!1}}));$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=require("cookie-parser");$app$$.use($_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$());$app$$.use(function($req$$,$res$$,$next$$){let $uid$$=$req$$.cookies.uid;$uid$$||=$req$$.headers.uid;$uid$$||($uid$$="uid:"+crypto.randomBytes(20).toString("hex"),$res$$.cookie("uid",$uid$$,{expires:new Date(Date.now()+31536E6),sameSite:"none",
|
|
6
|
+
secure:!0}));$res$$.set("uid",$uid$$);$req$$.cookies.uid=$uid$$;$next$$()});$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=require("compression");$app$$.use($_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$());$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=$configs$$.paths.uploads||__dirname+"/uploads";const $limitFileSize$$=$configs$$.limitFileSize||5242880;Logger.warn("[app] [limitFileSize]",
|
|
7
|
+
$limitFileSize$$);$app$$.use(function($req$jscomp$2_size$$,$res$$,$next$$){if(($req$jscomp$2_size$$=$req$jscomp$2_size$$.headers["content-lenght"])&&$req$jscomp$2_size$$>$limitFileSize$$)return $res$$.status(400).send({error:"File too large"});$next$$()});$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=require("multer")({dest:$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$,limits:{files:1,fileSize:$limitFileSize$$}});$app$$.use($_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$);
|
|
8
|
+
$app$$.use(cors({credentials:!0,exposedHeaders:["set-cookie","uid"],origin:($origin$$,$callback$$)=>{$callback$$(null,!0)}}));$configs$$.paths||($configs$$.paths={});$options$$.lite!==!0&&($app$$.use("/",express.static($configs$$.paths.public||__dirname+"/public")),$app$$.use("/admin",express.static($configs$$.paths.admin||__dirname+"/admin")),$app$$.use("/templates",express.static($configs$$.paths.templates||__dirname+"/templates")),$app$$.use("/images",express.static($configs$$.paths.images||__dirname+
|
|
9
|
+
"/images")));$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=$configs$$.limitRequestSize||"1mb";Logger.warn("[app] [limitRequestSize]",$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$);$app$$.use(bodyParser.json({limit:$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$}));$app$$.use(bodyParser.urlencoded({limit:$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$,
|
|
10
|
+
extended:!0}));$app$$.use(passport.initialize());$_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$=require("morgan");var $accessLogStream_rfs$$=require("rotating-file-stream");const $logDirectory$$=$configs$$.paths.log||__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);$accessLogStream_rfs$$=$accessLogStream_rfs$$("access.log",{interval:"1d",path:$logDirectory$$});$app$$.use($_port_compress_cookieParser_limitRequestSize_morgan_multer_root_dir_uploads_session$$("combined",
|
|
10
11
|
{stream:$accessLogStream_rfs$$,skip:function($req$$,$res$$){return $res$$.statusCode<400}}));$app$$.use(function($err$$,$req$$,$res$$,$next$$){Logger.error($err$$.stack);$res$$.status(500).send("Server Error!")});Logger.info("[app] connect to mongodb",$configs$$.database.url);$configs$$.database.url||(Logger.error("[app] thi\u1ebfu \u0111\u01b0\u1eddng d\u1eabn k\u1ebft n\u1ed1i v\u1edbi database trong file config"),process.exit(1));global.mongoose.connect($configs$$.database.url,{useNewUrlParser:!0,
|
|
11
12
|
useFindAndModify:!1,useUnifiedTopology:!0}).then(async()=>{var $redis_result$$=await mongoose.connection.getClient().db().admin().command({setParameter:1,transactionLifetimeLimitSeconds:$options$$.transactionLifetimeLimitSeconds||600});Logger.info("[app] T\u0103ng th\u1eddi gian ho\u1ea1t \u0111\u1ed9ng c\u1ee7a m\u1ed9t transaction:",$redis_result$$);Logger.info("[app] Connected to Database");$redis_result$$=require("redis");const {retryStrategyRedis:$retryStrategyRedis$$}=require("./libs/utils");
|
|
12
13
|
global.clientRedis=$redis_result$$.createClient({host:"127.0.0.1",port:6379,retry_strategy:$retryStrategyRedis$$});global.clientRedis.on("error",$err$$=>{Logger.error("Redis Client Error",$err$$);process.exit(1)});global.clientRedis.on("end",()=>{Logger.error("[app] Redis connection closed.")});global.clientRedis.on("connect",function(){Logger.info("[app] redis connected");$User$$.initClientSockets();if($options$$.lite!==!0){$options$$.createRedisCache&&require("./libs/redis-cache").set();$options$$.start_abci_handler&&
|
package/server/auths/local.js
CHANGED
|
@@ -1,64 +1,66 @@
|
|
|
1
1
|
const User=global.getModel("user"),Participant=global.getModel("participant"),UserGroup=global.getModel("usergroup"),Customer=global.getModel("customer"),axios=require("axios"),log=global.getModel("log"),App=global.getModel("app"),Wallet=global.getModel("wallet"),Token=global.getModel("token"),BasicStrategy=require("passport-http").BasicStrategy,_crypto=require("crypto"),validator=require("validator"),email=require("../libs/email"),loadTemplate=require("../libs/load-template"),permission=require("../libs/permission"),
|
|
2
|
-
OTP=global.getModel("otp"),DIGITS="0123456789",
|
|
3
|
-
function generateToken($
|
|
4
|
-
function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})}
|
|
2
|
+
OTP=global.getModel("otp"),DIGITS="0123456789",redisCache=require("../libs/redis-cache"),utils=require("../libs/utils"),Controler=require("../controllers/controller"),{isValidObjectId}=require("mongoose"),moment=require("moment"),querystring=require("querystring"),total_time_wait_login=36E5,total_time_try_login=3;function generateOTP(){let $OTP$$="";for(let $i$$=0;$i$$<6;$i$$++)$OTP$$+=DIGITS[Math.floor(Math.random()*10)];return $OTP$$}
|
|
3
|
+
function generateToken($user$$){const $n$$=new Date;return _crypto.createHash("md5").update($user$$.email+$n$$.toISOString()).digest("hex")}function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})}
|
|
5
4
|
function findByUsername($username$$,$fn$$){if(!$username$$)return $fn$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");User.findOne({$or:[{email:$username$$},{"local.phone":$username$$}]},function($error$$,$result$$){return!$error$$&&$result$$&&$result$$.local?$fn$$(null,$result$$):$fn$$($error$$||`T\u00e0i kho\u1ea3n ${$username$$} kh\u00f4ng t\u1ed3n t\u1ea1i`)})}
|
|
6
|
-
async function addUserToApp($user$$,$body$$,$
|
|
7
|
-
let $cust$$;await global.getModel("customer").findOne({id_app:$body$$.id_app,of_user:$user$$.email},{_id:1}).lean()
|
|
8
|
-
$
|
|
9
|
-
$
|
|
5
|
+
async function addUserToApp($user$$,$body$$,$par_session_created$$){if($body$$.id_app){if(!await App.findById($body$$.id_app))throw Logger.error("[addUserToApp] Can't find app",$body$$.id_app),"Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y th\u00f4ng tin c\u00f4ng ty n\u00e0y";$user$$.current_id_app=$body$$.id_app;$par_session_created$$=await Participant.asyncCreateParticipant({id_app:$body$$.id_app,name:$body$$.name||$user$$.email,email:$body$$.email,group_id:$body$$.group_id,active:!0,session_created:$par_session_created$$,
|
|
6
|
+
password:$body$$.password});let $cust$$;if(!await global.getModel("customer").findOne({id_app:$body$$.id_app,of_user:$user$$.email},{_id:1}).lean()&&($cust$$={ten_kh:$body$$.name||$user$$.email,email:validator.isEmail($user$$.email)?$user$$.email:void 0},$body$$.customer_info&&($cust$$={...$cust$$,...$body$$.customer_info}),$cust$$.ten_kh||($cust$$.ten_kh=$body$$.name||$user$$.email),$cust$$={...$cust$$,id_app:$body$$.id_app,user_created:$user$$.email,user_updated:$user$$.email,kh_yn:!0,of_user:$user$$.email},
|
|
7
|
+
$par_session_created$$&&$par_session_created$$.group_id)){let $ug$$=await global.getModel("usergroup").findOne({id_app:$body$$.id_app,_id:$par_session_created$$.group_id},{nh_kh:1});$cust$$.nh_kh=($ug$$||{}).nh_kh}if($body$$.introduce_code){let $contrIntroducer$$=global.controllers.INTRODUCER;await new Promise(($rs$$,$rj$$)=>{Controler.create($user$$,$contrIntroducer$$,{introduce_code:$body$$.introduce_code},($e$$,$intr$$)=>{if($e$$)return $rj$$($e$$.message||$e$$.error||$e$$);$cust$$&&($cust$$.phu_trach=
|
|
8
|
+
$intr$$.be_introduced_by);$rs$$()})})}$cust$$&&await Customer.asyncCreateCustomer($cust$$);return $par_session_created$$}}
|
|
10
9
|
module.exports=async function($app$$,$passport$$){const $rateLimiter$$=await global.createRateLimiterMiddleware(configs.limitRequest.auth||{},"auth");$passport$$.use(new BasicStrategy(function($username$$,$password$$,$done$$){if(!$username$$)return $done$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");$username$$=$username$$.trim();let $id_app$$;if($username$$.indexOf("@app=")>0){const $user_app$$=$username$$.split("@app=");$username$$=$user_app$$[0];$id_app$$=$user_app$$[1]}$username$$=$username$$.toLowerCase();
|
|
11
|
-
setImmediate(function(){findByUsername($username$$,async function($err_pars_pars$$,$user$$){if($err_pars_pars$$)return $done$$($err_pars_pars$$);if(!$user$$)return $done$$(
|
|
10
|
+
setImmediate(function(){findByUsername($username$$,async function($err_pars_pars$$,$user$$){if($err_pars_pars$$)return $done$$($err_pars_pars$$);if(!$user$$)return $done$$('T\u00e0i kho\u1ea3n "'+$username$$+'" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd.');if($user$$.status==0)return $done$$("T\u00e0i kho\u1ea3n n\u00e0y kh\u00f4ng c\u00f2n hi\u1ec7u l\u1ef1c");if($user$$.local.rspassword)if($user$$.validRspassword($password$$))$user$$.local.password=$user$$.local.rspassword,$user$$.local.rspassword=
|
|
12
11
|
void 0,User.updateOne({email:$user$$.email},{local:$user$$.local},($e$$,$rs$$)=>{if($e$$)return Logger.error("Can't update password",$user$$.email,$e$$);Logger.info("updated new password",$user$$.email,$rs$$)});else{if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$=await $user$$.getAppOfPassword($password$$),
|
|
13
12
|
$err_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}else{if(!$user$$.local.password)return $done$$("M\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i. H\u00e3y s\u1eed d\u1ee5ng t\u00ednh n\u0103ng kh\u00f4i ph\u1ee5c m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y");
|
|
14
13
|
if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err_pars_pars$$=await $user$$.getAppOfPassword($password$$),$err_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null,
|
|
15
|
-
$user$$)})})}));$app$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,async($headers_req$$,$res$$)=>{
|
|
16
|
-
$e$$),$res$$.status(400).send($e$$.messag||$e$$.error||$e$$)}}
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
new Date;await $
|
|
22
|
-
{"Content-Type":"application/json",access_token:$
|
|
23
|
-
(Logger.error("[local] [send otp via zalo]",$rs$$.data,{url:"https://business.openapi.zalo.me/message/template",data:$data$$,headers:$headers$$}),$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP t\u1edbi zalo ${$
|
|
24
|
-
$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo ${$username$$}
|
|
25
|
-
$res$$.status(400).send({error:$rs$$.message||$rs$$.error||$rs$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}
|
|
26
|
-
else if($message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$=configs.sms.genUrlSendOTP($
|
|
27
|
-
else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n ${$username$$}
|
|
28
|
-
$
|
|
29
|
-
|
|
30
|
-
$
|
|
14
|
+
$user$$)})})}));$app$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,async($headers_req$$,$res$$)=>{let $address_receive_otp$$=$headers_req$$.params.address_receive_otp.trim().toLowerCase();if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$headers_req$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($headers_req$$.query["g-recaptcha-response"])}catch($e$$){return Logger.error("Can't verify recaptcha when send otp",
|
|
15
|
+
$e$$),$res$$.status(400).send($e$$.messag||$e$$.error||$e$$)}}let $u$$=await User.findOne({$or:[{email:$address_receive_otp$$},{"local.phone":$address_receive_otp$$}]});if(!$u$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n ${$address_receive_otp$$} kh\u00f4ng t\u1ed3n t\u1ea1i`});const $username$$=$u$$.email;var $message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$=generateOTP();if($address_receive_otp$$!=$username$$&&utils.isMobilePhone($address_receive_otp$$))var $id_app$$=$address_receive_otp$$;
|
|
16
|
+
else utils.isMobilePhone($username$$)?$id_app$$=$username$$:utils.isMobilePhone(($u$$.local||{}).phone||"")&&($id_app$$=($u$$.local||{}).phone);let $optObject$$;try{$optObject$$=await saveOTP($username$$,$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$)}catch($e$$){return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 t\u1ea1o m\u00e3 OTP"})}if($id_app$$){var $app$jscomp$2_email_address_id_app$$=$headers_req$$.query.id_app;if($app$jscomp$2_email_address_id_app$$&&isValidObjectId($app$jscomp$2_email_address_id_app$$)){$app$jscomp$2_email_address_id_app$$=
|
|
17
|
+
await global.getModel("app").findOne({_id:$app$jscomp$2_email_address_id_app$$});const {zalo_otp_template_id:$zalo_otp_template_id$$,zalo_app_id:$zalo_app_id$$,zalo_secret_key:$zalo_secret_key$$,zalo_refresh_token:$zalo_refresh_token$$,zalo_access_token:$zalo_access_token$$,zalo_expires_in:$zalo_expires_in$$,zalo_updated:$zalo_updated$$}=$app$jscomp$2_email_address_id_app$$||{};if($zalo_otp_template_id$$&&$zalo_app_id$$&&$zalo_secret_key$$&&$zalo_refresh_token$$){if(!$zalo_access_token$$||!$zalo_expires_in$$||
|
|
18
|
+
!$zalo_updated$$||moment().diff(moment($zalo_updated$$),"seconds")>$zalo_expires_in$$-60){$headers_req$$={"Content-Type":"application/x-www-form-urlencoded",secret_key:$zalo_secret_key$$};var $app_info_data$$={refresh_token:$zalo_refresh_token$$,app_id:$zalo_app_id$$,grant_type:"refresh_token"};try{let $rs$$=await axios.post("https://oauth.zaloapp.com/v4/oa/access_token",querystring.stringify($app_info_data$$),{headers:$headers_req$$});if($rs$$.data.error)return Logger.error("[local][send-otp]",JSON.stringify($rs$$.data,
|
|
19
|
+
null,2)),$res$$.status(400).send({error:"R\u1ea5t l\u1ea5y l\u00e0m ti\u1ebfc hi\u1ec7n t\u1ea1i h\u1ec7 th\u1ed1ng kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP. Vui l\u00f2ng th\u1eed l\u1ea1i sau."});let $zalo_token$$=$rs$$.data;$app$jscomp$2_email_address_id_app$$.zalo_access_token=$zalo_token$$.access_token;$app$jscomp$2_email_address_id_app$$.zalo_refresh_token=$zalo_token$$.refresh_token;$app$jscomp$2_email_address_id_app$$.zalo_expires_in=$zalo_token$$.expires_in;$app$jscomp$2_email_address_id_app$$.zalo_updated=
|
|
20
|
+
new Date;await $app$jscomp$2_email_address_id_app$$.save()}catch($e$$){return $message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,Logger.error("[local] [send otp via zalo] Can't get access token from zalo",$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo ${$username$$}`})}}try{const $headers$$=
|
|
21
|
+
{"Content-Type":"application/json",access_token:$app$jscomp$2_email_address_id_app$$.zalo_access_token};$id_app$$="84"+$id_app$$.toString().substring(1);const $data$$={phone:$id_app$$,template_id:$zalo_otp_template_id$$,template_data:{otp:$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$},tracking_id:$optObject$$._id.toString()};let $rs$$=await axios({method:"post",url:"https://business.openapi.zalo.me/message/template",data:$data$$,headers:$headers$$});return $rs$$.data&&$rs$$.data.error?
|
|
22
|
+
(Logger.error("[local] [send otp via zalo]",$rs$$.data,{url:"https://business.openapi.zalo.me/message/template",data:$data$$,headers:$headers$$}),$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP t\u1edbi zalo "${$id_app$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})):$res$$.send($optObject$$.toObject())}catch($e$$){return $message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$=(($e$$.response||{}).data||{}).message,Logger.error("[local] [send otp via zalo] Can't send message from zalo",
|
|
23
|
+
$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$||$e$$),$res$$.status(400).send({error:$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$||$e$$.message||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi zalo "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})}}}if(configs.sms&&(configs.sms.send||configs.sms.genUrlSendOTP))if(configs.sms.send)configs.sms.send($id_app$$,$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app).then($rs$$=>
|
|
24
|
+
{$rs$$.error_message?$res$$.status(400).send({error:$rs$$.message||$rs$$.error||$rs$$.error_message||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`}):$res$$.send($optObject$$.toObject())}).catch($e$$=>{$e$$||={message:"Kh\u00f4ng th\u1ec3 g\u1eedi m\u00e3 OTP"};Logger.error("[local] [send otp via sms] Error send sms",$e$$);$res$$.status(400).send({error:$e$$.ErrorMessage||$e$$.message||$e$$.error_message||
|
|
25
|
+
`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})});else if($message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$=configs.sms.genUrlSendOTP($id_app$$,$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$,$headers_req$$.query.id_app))try{await axios.get($message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$),$res$$.send($optObject$$.toObject())}catch($e$$){Logger.error($e$$),$res$$.status(400).send({error:$e$$.message||
|
|
26
|
+
$e$$.error||$e$$||`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})}else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`});else $res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})}else validator.isEmail($address_receive_otp$$)&&
|
|
27
|
+
$address_receive_otp$$!=$username$$?$app$jscomp$2_email_address_id_app$$=$address_receive_otp$$:validator.isEmail($username$$)?$app$jscomp$2_email_address_id_app$$=$username$$:$u$$.email2&&validator.isEmail($u$$.email2)&&($app$jscomp$2_email_address_id_app$$=$u$$.email2),($id_app$$=$headers_req$$.query.id_app)&&isValidObjectId($id_app$$)&&($app_info_data$$=await global.getModel("app").findOne({_id:$id_app$$}).lean()),$app$jscomp$2_email_address_id_app$$?email.sendHtml({to:{address:$app$jscomp$2_email_address_id_app$$},
|
|
28
|
+
subject:"M\u00e3 x\u00e1c th\u1ef1c",html:`Xin vui l\u00f2ng g\u1eedi qu\u00fd kh\u00e1ch m\u00e3 x\u00e1c th\u1ef1c: ${$message$jscomp$10_message$jscomp$9_otp_code$jscomp$1_url$$}. M\u00e3 n\u00e0y s\u1ebd h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng sau 5 ph\u00fat.`,app_info:$app_info_data$$},function($error$$){$error$$?(Logger.error("Error send otp to email",$error$$),$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi email "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})):
|
|
29
|
+
$res$$.send($optObject$$.toObject())},configs.sender_otp):$res$$.status(400).send({error:`Kh\u00f4ng th\u1ec3 g\u1eedi \u0111\u01b0\u1ee3c m\u00e3 OTP t\u1edbi t\u00e0i kho\u1ea3n "${$username$$}". Vui l\u00f2ng th\u1eed l\u1ea1i sau.`})});$app$$.get("/verify-otp/:id/:otp",$rateLimiter$$,async function($req$$,$res$$){try{const $id$$=$req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$.status(400).send({error:"ID c\u1ee7a m\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng h\u1ee3p l\u1ec7",
|
|
30
|
+
code:4001});const $otp_code$$=$req$$.params.otp,$otp$$=await OTP.findById($id$$);if(!$otp$$)return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});$otp$$.tried_number=($otp$$.tried_number||0)+1;await $otp$$.save();if($otp$$.otp!=$otp_code$$||$otp$$.verified||$otp$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",
|
|
31
31
|
code:4001});await OTP.updateOne({_id:$id$$},{verified:!0});let $user$$=await User.findOne({email:$otp$$.phone});if(!$user$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});if(!$user$$.local||!$user$$.local.active){$user$$.local=$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save(),redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")})}catch($e$$){return Logger.info("error verify otp, create user",
|
|
32
32
|
$e$$),$res$$.status(500).send($e$$)}}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,once:$rs$$.once})})}catch($e$$){Logger.error("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}});
|
|
33
33
|
$app$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$3_user$$,$res$$)=>{let $data$$=$req$jscomp$3_user$$.body;$req$jscomp$3_user$$=$req$jscomp$3_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");
|
|
34
34
|
try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$3_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});$app$$.get("/auth/local",$rateLimiter$$,function($req$$,$res$$,$next$$){let $ip$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).split(".").join("").split(":").join("");var $authorization_password$$=$req$$.headers.authorization;if(!$authorization_password$$)return $res$$.status(400).send({message:"Authorization is required"});
|
|
35
|
-
$authorization_password$$=Buffer.from($authorization_password$$.replace("Basic ",""),"base64").toString("utf-8");$authorization_password$$=$authorization_password$$.split(":");if($authorization_password$$.length>1){let $username$$=$authorization_password$$[0].trim().toLowerCase();$authorization_password$$=$authorization_password$$[1].trim();$req$$.query.id_app&&$username$$.indexOf("@app=")<0&&(
|
|
36
|
-
":"+$authorization_password$$).toString("base64")}`);let $t_session$$="times_login_"+$ip$$+"_"+$username$$.toLowerCase(),$d_session$$="datetime_login_"+$ip$$+"_"+$username$$.toLowerCase();$req$$.t_session=$t_session$$;$req$$.d_session=$d_session$$;let $now$$=new Date,$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$):
|
|
37
|
-
$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$]):$req$$[$d_session$$]=$now$$;$req$$=$now$$.getTime()-$d$$.getTime();if($req$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$req$$)/6E4,2)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$,
|
|
38
|
-
($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$,$times_try$$),global.clientRedis.set($d_session$$,$now$$));global.clientRedis.get($d_session$$,function($err$jscomp$3_time_wait$$,$reply$$){$reply$$?$d$$=new Date($reply$$):global.clientRedis.set($d_session$$,$now$$);$err$jscomp$3_time_wait$$=$now$$.getTime()-$d$$.getTime();if($err$jscomp$3_time_wait$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+
|
|
39
|
-
total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$err$jscomp$3_time_wait$$)/6E4,2)+" ph\u00fat"});$next$$()})})}},function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async function($err$jscomp$4_p$$,$user$$){if($err$jscomp$4_p$$||!$user$$)return $res$$.status(401).send({message:$err$jscomp$4_p$$||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return
|
|
40
|
-
if($req$$.query.id_app&&($err$jscomp$4_p$$=await global.getModel("participant").findOne({id_app:$req$$.query.id_app,email:$user$$.email}).lean())&&!$err$jscomp$4_p$$.active&&!$err$jscomp$4_p$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$$,$res$$)=>{let $agent
|
|
41
|
-
$req$$.session;$session$jscomp$1_user$$[$req$$.t_session]=0;$session$jscomp$1_user$$[$req$$.d_session]=""}else global.clientRedis.set($req$$.t_session,0),global.clientRedis.set($req$$.d_session,"");log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);$session$jscomp$1_user$$=$req$$.user;if($req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)){const $id_app
|
|
42
|
-
global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0;const $app$$=await App.findById($id_app$$);var $active_group_query_group$$={id_app:$id_app$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$group_id$$?$active_group_query_group$$._id=$group_id$$:$active_group_query_group$$.default_group=!0;$active_group_query_group$$=await UserGroup.findOne($active_group_query_group$$).lean();
|
|
43
|
-
$active_group_query_group$$._id.toString();$active_group_query_group$$=$active_group_query_group$$.not_need_active;try{var $p$jscomp$3_session_created$$=await Participant.asyncCreateParticipant({id_app:$id_app$$,email:$session$jscomp$1_user$$.email,name:$session$jscomp$1_user$$.name,group_id:$group_id$$,active:$active_group_query_group$$});if($p$jscomp$3_session_created$$&&!$p$jscomp$3_session_created$$.active)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",
|
|
35
|
+
$authorization_password$$=Buffer.from($authorization_password$$.replace("Basic ",""),"base64").toString("utf-8");$authorization_password$$=$authorization_password$$.split(":");if($authorization_password$$.length>1){let $username$$=$authorization_password$$[0].trim().toLowerCase();$authorization_password$$=$authorization_password$$[1].trim();$req$$.query.id_app&&$username$$.indexOf("@app=")<0&&(Logger.info("[signin] add id_app into username",$username$$,$req$$.query.id_app),$username$$=`${$username$$}@app=${$req$$.query.id_app}`,
|
|
36
|
+
$req$$.headers.authorization=`Basic ${Buffer.from($username$$+":"+$authorization_password$$).toString("base64")}`);let $t_session$$="times_login_"+$ip$$+"_"+$username$$.toLowerCase(),$d_session$$="datetime_login_"+$ip$$+"_"+$username$$.toLowerCase();$req$$.t_session=$t_session$$;$req$$.d_session=$d_session$$;let $now$$=new Date,$d$$=$now$$,$times_try$$=1;if($req$$.headers.cookie&&$req$$.session){$req$$=$req$$.session;$req$$[$t_session$$]?($times_try$$=$req$$[$t_session$$]+1,$req$$[$t_session$$]=$times_try$$):
|
|
37
|
+
($req$$[$t_session$$]=$times_try$$,$req$$[$d_session$$]=$now$$);$req$$[$d_session$$]?$d$$=new Date($req$$[$d_session$$]):$req$$[$d_session$$]=$now$$;$req$$=$now$$.getTime()-$d$$.getTime();if($req$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$req$$)/6E4,2)+" ph\u00fat"});$next$$()}else global.clientRedis.get($t_session$$,
|
|
38
|
+
function($err$$,$reply$$){$reply$$?($times_try$$=Number($reply$$)+1,global.clientRedis.set($t_session$$,$times_try$$)):(global.clientRedis.set($t_session$$,$times_try$$),global.clientRedis.set($d_session$$,$now$$));global.clientRedis.get($d_session$$,function($err$jscomp$3_time_wait$$,$reply$$){$reply$$?$d$$=new Date($reply$$):global.clientRedis.set($d_session$$,$now$$);$err$jscomp$3_time_wait$$=$now$$.getTime()-$d$$.getTime();if($err$jscomp$3_time_wait$$<total_time_wait_login&&$times_try$$>total_time_try_login)return $res$$.status(400).send({message:"B\u1ea1n \u0111\u0103ng nh\u1eadp sai "+
|
|
39
|
+
total_time_try_login+" l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau "+Math.roundBy((total_time_wait_login-$err$jscomp$3_time_wait$$)/6E4,2)+" ph\u00fat"});$next$$()})})}},function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async function($err$jscomp$4_p$$,$user$$){if($err$jscomp$4_p$$||!$user$$)return $res$$.status(401).send({message:$err$jscomp$4_p$$||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return Logger.warn("[local] H\u1ec7 th\u1ed1ng y\u00eau c\u1ea7u x\u00e1c th\u1ef1c:",
|
|
40
|
+
$user$$.email),$res$$.status(401).send({require_verify:!0});if($req$$.query.id_app&&($err$jscomp$4_p$$=await global.getModel("participant").findOne({id_app:$req$$.query.id_app,email:$user$$.email}).lean())&&!$err$jscomp$4_p$$.active&&!$err$jscomp$4_p$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1});$req$$.user=$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$$,$res$$)=>{let $agent$$=
|
|
41
|
+
$req$$.headers["user-agent"];if($req$$.headers.cookie){var $session$jscomp$1_user$$=$req$$.session;$session$jscomp$1_user$$[$req$$.t_session]=0;$session$jscomp$1_user$$[$req$$.d_session]=""}else global.clientRedis.set($req$$.t_session,0),global.clientRedis.set($req$$.d_session,"");log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$req$$.user.email,$req$$.header("user-agent"),$req$$);$session$jscomp$1_user$$=$req$$.user;if($req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)){const $id_app$$=
|
|
42
|
+
$req$$.query.id_app;let $group_id$$=$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0;const $app$$=await App.findById($id_app$$);var $active_group_query_group$$={id_app:$id_app$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$group_id$$?$active_group_query_group$$._id=$group_id$$:$active_group_query_group$$.default_group=!0;$active_group_query_group$$=await UserGroup.findOne($active_group_query_group$$).lean();
|
|
43
|
+
if($app$$&&$active_group_query_group$$){$group_id$$=$active_group_query_group$$._id.toString();$active_group_query_group$$=$active_group_query_group$$.not_need_active;try{var $p$jscomp$3_session_created$$=await Participant.asyncCreateParticipant({id_app:$id_app$$,email:$session$jscomp$1_user$$.email,name:$session$jscomp$1_user$$.name,group_id:$group_id$$,active:$active_group_query_group$$});if($p$jscomp$3_session_created$$&&!$p$jscomp$3_session_created$$.active)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",
|
|
44
44
|
active:!1});let $cust$$={ten_kh:$session$jscomp$1_user$$.name||$session$jscomp$1_user$$.email,email:$session$jscomp$1_user$$.email,id_app:$id_app$$,user_created:$session$jscomp$1_user$$.email,user_updated:$session$jscomp$1_user$$.email,kh_yn:!0,of_user:$session$jscomp$1_user$$.email};utils.isMobilePhone($session$jscomp$1_user$$.email,["vi-VN"])&&($cust$$.dien_thoai=$session$jscomp$1_user$$.email);try{await Customer.asyncCreateCustomer($cust$$)}catch($e$$){Logger.error("[auth][local] Auto create new customer with error:",
|
|
45
45
|
$e$$.message)}}catch($e$$){return Logger.error("[auth][local] can't add user",$session$jscomp$1_user$$.email,"to company",$app$$.name,$e$$.message||$e$$.error||$e$$),$res$$.status(500).send($e$$)}}}const $accessToken$$=generateToken($session$jscomp$1_user$$);($p$jscomp$3_session_created$$=($req$$.cookies||{}).uid)&&User.updateOne({email:$session$jscomp$1_user$$.email,session_created:null},{session_created:$p$jscomp$3_session_created$$}).catch(Logger.error);(new Token({email:$session$jscomp$1_user$$.email,
|
|
46
46
|
session_created:$p$jscomp$3_session_created$$,id_apps:$session$jscomp$1_user$$.token_id_apps,only_id_app:$session$jscomp$1_user$$.token_id_app,token:$accessToken$$,agent:$agent$$,ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save(function($e$$,$rs$$){if($e$$)return $res$$.status(500).send($e$$);$res$$.send({token:$accessToken$$,once:$rs$$.once})})});$app$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email;
|
|
47
47
|
User.findOne({$or:[{email:$email$$},{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().then(function($user$$){if(!$user$$)return $res$$.status(400).send(`T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);$res$$.send($user$$)}).catch($e$$=>{$res$$.status(400).send($e$$)})});$app$$.post("/signup",$rateLimiter$$,async($req$$,$res$$)=>{let $body$$=$req$$.body;$body$$.json&&($body$$=JSON.parse($body$$.json));if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"});
|
|
48
|
-
if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send("id_app kh\u00f4ng h\u1ee3p l\u1ec7");if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$$=$body$$["g-recaptcha-response"]||$req$$.query["g-recaptcha-response"];if(!$app$$)return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($app$$)}catch($e$$){return $res$$.status(400).send(
|
|
49
|
-
$e$$)}}let $session_created$$=($req$$.cookies||{}).uid;if($session_created$$&&$body$$.id_app){$app$$=await App.findById($body$$.id_app);if(!$app$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});if($app$$.options&&$app$$.options.one_account_per_device&&await Participant.findOne({session_created:$session_created$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"});
|
|
48
|
+
if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send({error:"id_app kh\u00f4ng h\u1ee3p l\u1ec7"});if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$$=$body$$["g-recaptcha-response"]||$req$$.query["g-recaptcha-response"];if(!$app$$)return $res$$.status(400).send({error:"Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token"});try{await permission.verifyReCaptcha($app$$)}catch($e$$){return $res$$.status(400).send({error:$e$$.message||
|
|
49
|
+
$e$$.error||$e$$})}}let $session_created$$=($req$$.cookies||{}).uid;if($session_created$$&&$body$$.id_app){$app$$=await App.findById($body$$.id_app);if(!$app$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});if($app$$.options&&$app$$.options.one_account_per_device&&await Participant.findOne({session_created:$session_created$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"});
|
|
50
50
|
$body$$.email=$body$$.email.trim().toLowerCase();if(!validator.isEmail($body$$.email)&&!utils.isMobilePhone($body$$.email,["vi-VN"]))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp ph\u1ea3i l\u00e0 1 \u0111\u1ecba ch\u1ec9 email ho\u1eb7c 1 s\u1ed1 \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng"});if(!$body$$.name)return $res$$.status(400).send({error:"H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp"});if($body$$.introduce_code&&$body$$.id_app&&!await global.getModel("introducecode").findOne({id_app:$body$$.id_app,
|
|
51
|
-
status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"});User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]},async function($error$$,$
|
|
52
|
-
email
|
|
53
|
-
$
|
|
54
|
-
|
|
55
|
-
$
|
|
56
|
-
|
|
57
|
-
$
|
|
58
|
-
$
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
{
|
|
64
|
-
|
|
51
|
+
status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"});Logger.info("[signup] \u0111ang \u0111\u0103ng k\u00fd t\u00e0i kho\u1ea3n",$body$$.email,"...");User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]},async function($error$$,$new_user$$){if($error$$)return $res$$.status(400).send($error$$);if($new_user$$)if(!$new_user$$.local||configs.require_verify&&!$new_user$$.local.active||
|
|
52
|
+
$new_user$$.local.email!=$body$$.email)$new_user$$.local||($new_user$$.local={});else if($body$$.id_app){Logger.info(`[signup] t\u00e0i kho\u1ea3n ${$body$$.email}. \u0110ang th\u00eam v\u00e0o c\u00f4ng ty "${$body$$.id_app}"...`);try{let $p$$=await global.getModel("participant").findOne({id_app:$body$$.id_app,email:$body$$.email});if($p$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n n\u00e0y \u0111\u00e3 t\u1ed3n t\u1ea1i"});$p$$=await addUserToApp($new_user$$,$body$$,$session_created$$);
|
|
53
|
+
let $accessToken$$;if($new_user$$.local.active)try{$accessToken$$=generateToken($new_user$$),await (new Token({email:$new_user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save()}catch($e$$){Logger.error("[signup] can't gen new token for new user:"+$new_user$$.email,$e$$)}return $res$$.send({message:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd th\u00e0nh c\u00f4ng',
|
|
54
|
+
token:$accessToken$$,active:$new_user$$.local.active})}catch($e$$){return await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}),$res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}}else return $res$$.status(400).send({error:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd'});else $new_user$$=new User,$new_user$$.email=$body$$.email,$new_user$$.local={};$new_user$$.local.email=$body$$.email;$new_user$$.local.name=
|
|
55
|
+
$body$$.name;$new_user$$.local.active=!configs.require_verify;$new_user$$.partner=$body$$.partner;$new_user$$.session_created=$session_created$$;$body$$.email2&&validator.isEmail($body$$.email2)&&($new_user$$.email2=$body$$.email2);$new_user$$.name=$new_user$$.local.name;$body$$.picture?$new_user$$.local.picture=$body$$.picture:$new_user$$.local.picture||($new_user$$.local.picture="/images/avatar.jpg");let $password$$;if($body$$.password){if($body$$.rePassword!==$body$$.password)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});
|
|
56
|
+
if(!User.teststrengthPassword($body$$.password))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"});$password$$=$body$$.password}else $password$$=_crypto.createHash("md5").update($new_user$$.email+(new Date).toISOString()).digest("hex");$new_user$$.local.password=$new_user$$.generateHash($new_user$$.email+
|
|
57
|
+
$password$$);$new_user$$.save(async function($app$jscomp$5_error$$,$newUser$$){if($app$jscomp$5_error$$)return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"});log.create({id_app:"SIGNUP",id_func:"SIGNUP",action:"SIGNUP"},$new_user$$.email,$req$$.header("user-agent"),$req$$);if($body$$.cty_name){$app$jscomp$5_error$$=new App;$app$jscomp$5_error$$.user_created=$new_user$$.email;$app$jscomp$5_error$$.user_updated=$new_user$$.email;$app$jscomp$5_error$$.name=$body$$.cty_name;
|
|
58
|
+
var $d$jscomp$1_now$$=new Date;$app$jscomp$5_error$$.ngay_dn=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$app$jscomp$5_error$$.ngay_ks=new Date($d$jscomp$1_now$$.getFullYear()-1,12,0);$app$jscomp$5_error$$.nam_bd=$d$jscomp$1_now$$.getFullYear();$app$jscomp$5_error$$.ngay_ky1=new Date($d$jscomp$1_now$$.getFullYear(),0,1);$d$jscomp$1_now$$=new Date;$d$jscomp$1_now$$.setMonth($d$jscomp$1_now$$.getMonth()+3);$app$jscomp$5_error$$.expire_date=new Date($d$jscomp$1_now$$);$app$jscomp$5_error$$.save(function($error$$,
|
|
59
|
+
$obj$$){if($error$$)return Logger.error("[signup] Khong tao duoc new app: "+$error$$);require("../libs/initDatabase").init($obj$$._id,function($error$$){$error$$&&Logger.error("[signup] Can't init database \n"+$error$$)})})}try{await addUserToApp($newUser$$,$body$$,$session_created$$)}catch($e$$){return Logger.error("[signup] add user to app",$e$$.message||$e$$.error||$e$$),await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}),await User.deleteOne({email:$body$$.email}),
|
|
60
|
+
$res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}let $accessToken$$;if($newUser$$.local.active)try{$accessToken$$=generateToken($newUser$$),await (new Token({email:$newUser$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save()}catch($e$$){Logger.error("[signup] can't gen new token for new user:"+$newUser$$.email,$e$$)}validator.isEmail($body$$.email)&&
|
|
61
|
+
!$body$$.password?(loadTemplate("thong tin dang nhap.html",{email:$new_user$$.email,password:$password$$,receiver_name:$body$$.name},function($error$$,$html$$){if($error$$)return Logger.info($error$$);email.sendHtml({to:{name:$new_user$$.name,address:$new_user$$.email},subject:"Th\u00f4ng tin t\u00e0i kho\u1ea3n",html:$html$$},function($error$$){$error$$&&Logger.error("Khong the gui email thon tin tai khoan cho nguoi dung\n"+$error$$)})}),$res$$.send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp",
|
|
62
|
+
token:$accessToken$$,active:$newUser$$.local.active})):$res$$.send({message:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o',token:$accessToken$$,active:$newUser$$.local.active})})})});$app$$.get("/resetpassword",$rateLimiter$$,async($req$$,$res$$)=>{if(configs.GOOGLE_RECAPTCHA_SECRET_KEY)try{await permission.verifyReCaptcha($req$$.query["g-recaptcha-response"])}catch($e$$){return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}let $address$$=$req$$.query.email;
|
|
63
|
+
if(!$address$$)return $res$$.status(400).send({error:"Y\u00eau c\u1ea7u m\u1ed9t \u0111\u1ecba ch\u1ec9 email ho\u1eb7c s\u1ed1 \u0111i\u1ec7n tho\u1ea1i"});$address$$=$address$$.toLowerCase();User.findOne({$or:[{"local.email":$address$$},{email:$address$$},{email2:$address$$}]},function($error$$,$result$$){if($error$$)return $res$$.status(400).send($error$$);if(!$result$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$address$$}" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`});
|
|
64
|
+
let $newpassword$$=_crypto.createHash("md5").update((new Date).toISOString()).digest("hex");$result$$.local.rspassword=$result$$.generateHash($result$$.email+$newpassword$$);$result$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);loadTemplate("reset mat khau.html",{receiver_name:$result$$.name,email:$result$$.email,password:$newpassword$$},function($error$$,$html$$){if($error$$)return $res$$.status(400).send($error$$);$result$$.email&&validator.isEmail($result$$.email)&&
|
|
65
|
+
email.sendHtml({to:{name:$result$$.name,address:$result$$.email},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):Logger.info("send new password to",$result$$.email)});$result$$.email2&&validator.isEmail($result$$.email2)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email2},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+
|
|
66
|
+
$error$$):Logger.info("send new password to",$result$$.email)});log.create({id_app:"RESETPASSWORD",id_func:"RESETPASSWORD",action:"RESETPASSWORD"},$result$$.email,$req$$.header("user-agent"),$req$$);$res$$.send({message:"M\u1eadt kh\u1ea9u c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u1ed5i th\u00e0nh c\u00f4ng. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y m\u1eadt kh\u1ea9u m\u1edbi, sau \u0111\u00f3 b\u1ea1n n\u00ean \u0111\u1ed5i m\u1eadt kh\u1ea9u n\u00e0y"})})})})})};
|
package/server/cluster.js
CHANGED
|
@@ -3,25 +3,25 @@ const defaultConfigs=require("./defaultConfigs"),sslConfig=require("./sslConfig"
|
|
|
3
3
|
port:$_port_accessLogStream_rfs$$};$configs$$.database.url=process.env.MONGO_URI||$configs$$.database.url;$configs$$.admins||($configs$$.admins=$configs$$.adminUsers.map($u$$=>$u$$.email));$configs$$.supportUsers||($configs$$.supportUsers=[...$configs$$.admins]);$configs$$.public_token||($configs$$.public_token="flex.public.token");$configs$$.port=$_port_accessLogStream_rfs$$;global.port=$_port_accessLogStream_rfs$$;require("moment-timezone").tz.setDefault($configs$$.timezone||"Asia/Ho_Chi_Minh");
|
|
4
4
|
$app$$||=express();$app$$.set("trust proxy",1);const $toobusy$$=require("toobusy-js");$configs$$.maxLag&&$toobusy$$.maxLag($configs$$.maxLag);$app$$.use(function($req$$,$res$$,$next$$){$toobusy$$()?(Logger.error("Server is busy right now. This request has been cancel:",$req$$.originalUrl),$res$$.status(503).send({error:"Server is busy right now, sorry."})):$next$$()});$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("express-session");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$({secret:"QV098PVT123456HLBN",
|
|
5
5
|
resave:!1,saveUninitialized:!0,cookie:{secure:!1}}));$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("cookie-parser");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$());$app$$.use(function($req$$,$res$$,$next$$){let $uid$$=$req$$.cookies.uid;$uid$$||=$req$$.headers.uid;$uid$$||($uid$$="uid:"+crypto.randomBytes(20).toString("hex"),$res$$.cookie("uid",$uid$$,{expires:new Date(Date.now()+31536E6),sameSite:"none",secure:!0}));
|
|
6
|
-
$res$$.set("uid",$uid$$);$req$$.cookies.uid=$uid$$;$next$$()});$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("compression");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$());$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=$configs$$.paths.uploads||__dirname+"/uploads";const $limitFileSize$$=$configs$$.limitFileSize||1048576;$app$$.use(function($req$jscomp$2_size
|
|
7
|
-
$req$jscomp$2_size$$.headers["content-lenght"])&&$req$jscomp$2_size$$>$limitFileSize$$)return $res$$.status(400).send({error:"File too large"});$next$$()});$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("multer")({dest:$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$,limits:{files:1,fileSize:$limitFileSize$$}});$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$)
|
|
8
|
-
require("cors");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$({credentials:!0,exposedHeaders:["set-cookie","uid"],origin:($origin$$,$callback$$)=>{$callback$$(null,!0)}}));$configs$$.paths||($configs$$.paths={});$app$$.use("/",express.static($configs$$.paths.public||__dirname+"/public"));$app$$.use("/admin",express.static($configs$$.paths.admin||__dirname+"/admin"));$app$$.use("/templates",
|
|
9
|
-
$app$$.use("/images",express.static($configs$$.paths.images||__dirname+"/images"));$app$$.use(bodyParser.json({limit:$configs$$.limitRequestSize||"1mb"}));$app$$.use(bodyParser.urlencoded({limit:$configs$$.limitRequestSize||"1mb",extended:!0}));$app$$.use(passport.initialize());$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("morgan");$_port_accessLogStream_rfs$$=require("rotating-file-stream");
|
|
10
|
-
fs.mkdirSync($logDirectory$$);$_port_accessLogStream_rfs$$=$_port_accessLogStream_rfs$$("access-cluster.log",{interval:"1d",path:$logDirectory$$});$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$("combined",{stream:$_port_accessLogStream_rfs$$,skip:function($req$$,$res$$){return $res$$.statusCode<400}}));$app$$.use(function($err$$,$req$$,$res$$,$next$$){Logger.error($err$$.stack)
|
|
11
|
-
$configs$$.database.url);$configs$$.database.url||(Logger.error("[cluster] thi\u1ebfu \u0111\u01b0\u1eddng d\u1eabn k\u1ebft n\u1ed1i v\u1edbi database trong file configs"),process.exit(1));global.mongoose.connect($configs$$.database.url,{useNewUrlParser:!0,useFindAndModify:!1,useUnifiedTopology:!0}).then(async $clientMongo_redis$$=>{Logger.info("[cluster] Connected to Database");var $result_retryStrategyRedis$$=
|
|
12
|
-
600});Logger.info("[cluster] T\u0103ng th\u1eddi gian ho\u1ea1t \u0111\u1ed9ng c\u1ee7a m\u1ed9t transaction:",$result_retryStrategyRedis$$);global.clientMongo=$clientMongo_redis$$;$clientMongo_redis$$=require("redis");({retryStrategyRedis:$result_retryStrategyRedis$$}=require("./libs/utils"));global.clientRedis=$clientMongo_redis$$.createClient({host:"127.0.0.1",
|
|
13
|
-
|
|
14
|
-
$file$$);Logger.info("[cluster] creating system data...",$file$$);$model$$.deleteMany({},$e$$=>{Logger.error($e$$);$async$$.mapSeries($data$$,function($r$$,$callback$$){delete $r$$._id;delete $r$$.__v;delete $r$$.collection_name;delete $r$$.pkey;$model$$.create($r$$,function($error$$){if($error$$)return $callback$$($error$$);$callback$$()})},function($error$$,$rs$$){$callback$$($error
|
|
15
|
-
Logger.info("redis connected");$options$$.createRedisCache&&require("./libs/redis-cache").set();global.getModel("schedule").start();$options$$.start_abci_handler&&global.getModel("assabcihandler").start();var {recoverBackgroundTasks:$StaticPool$$}=require("./libs/optimizeBookkeeping");$StaticPool$$().catch(console.error);$StaticPool$$=global.getModel("user");
|
|
16
|
-
($cpus_init_system_data_report_cpus_server$$=!0);for(var $StaticPool$jscomp$0$$=0;$StaticPool$jscomp$0$$<$configs$$.adminUsers.length;$StaticPool$jscomp$0$$++){var $StaticPool_adminUser$$=$configs$$.adminUsers[$StaticPool$jscomp$0$$];let $u$$=await $StaticPool$$.findOne({email:$StaticPool_adminUser$$.email});$u$$||($StaticPool_adminUser$$.local={name:$StaticPool_adminUser$$.name,
|
|
17
|
-
$StaticPool_adminUser$$.defaultPassword),$u$$.save(function($error$$,$user$$){if($error$$)return Logger.error($error$$);$user$$&&Logger.info("[cluster] da tao thanh cong user "+$user$$.email)}))}const $async$$=require("async");$cpus_init_system_data_report_cpus_server$$&&$initSysData$$();require("./route")($app$$);$cpus_init_system_data_report_cpus_server
|
|
18
|
-
6E5;$StaticPool$$.initSocket($cpus_init_system_data_report_cpus_server$$);$StaticPool$$.initClientSockets();if($options$$.cluster){if(!require("sticky-session").listen($cpus_init_system_data_report_cpus_server$$,global.port))$cpus_init_system_data_report_cpus_server$$.once("listening",function(){Logger.info("[cluster] server cluster started on",
|
|
19
|
-
" died",$code$$,$signal$$)});$StaticPool$$.on("online",function($worker$$){console.info("[cluster] worker "+$worker$$.process.pid+" is online");global.clientRedis.set("lastworker",JSON.stringify({pid:$worker$$.process.pid}))})}else $cpus_init_system_data_report_cpus_server$$.listen(global.port,()=>{Logger.info("[cluster] server start at "+
|
|
20
|
-
$options$$.start_input_data_pool?1:Math.round($cpus_init_system_data_report_cpus_server$$/2):0);$StaticPool$jscomp$0$$=$options$$.input_cpus||($options$$.start_input_data_pool?Math.max(Math.round($cpus_init_system_data_report_cpus_server$$/2),2):0);$cpus_init_system_data_report_cpus_server$$=$options$$.report_cpus||
|
|
21
|
-
2))-1,2):0);$StaticPool$jscomp$0$$&&($StaticPool_adminUser$$=require("./libs/WorkerStaticPool"),global.inputMainPool=new $StaticPool_adminUser$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$jscomp$0$$,3E5,$StaticPool$jscomp$0$$,"input pool"),global.inputMainPool.exec({load:!0,
|
|
22
|
-
new $StaticPool$jscomp$0$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$$,36E5,1,"import pool"),global.importDataMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{Logger.info("[cluster] Import pool ready")}));$cpus_init_system_data_report_cpus_server$$&&
|
|
23
|
-
3E5,2,"report pool"),global.reportMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{Logger.info("[cluster] Report pool ready")}))})}).catch($err$$=>{Logger.error("[cluster] Not Connected to Database ERROR!",$err$$);process.exit(1)})};
|
|
24
|
-
process.on("uncaughtException",function($err$jscomp$3_error$$){Logger.error("[cluster]",(new Date).toUTCString()+" uncaughtException:",$err$jscomp$3_error$$.message);Logger.error($err$jscomp$3_error$$.stack);$err$jscomp$3_error$$=`
|
|
6
|
+
$res$$.set("uid",$uid$$);$req$$.cookies.uid=$uid$$;$next$$()});$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("compression");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$());$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=$configs$$.paths.uploads||__dirname+"/uploads";const $limitFileSize$$=$configs$$.limitFileSize||$configs$$.limitRequestSize||1048576;$app$$.use(function($req$jscomp$2_size$$,
|
|
7
|
+
$res$$,$next$$){if(($req$jscomp$2_size$$=$req$jscomp$2_size$$.headers["content-lenght"])&&$req$jscomp$2_size$$>$limitFileSize$$)return $res$$.status(400).send({error:"File too large"});$next$$()});$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("multer")({dest:$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$,limits:{files:1,fileSize:$limitFileSize$$}});$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$);
|
|
8
|
+
$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("cors");$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$({credentials:!0,exposedHeaders:["set-cookie","uid"],origin:($origin$$,$callback$$)=>{$callback$$(null,!0)}}));$configs$$.paths||($configs$$.paths={});$app$$.use("/",express.static($configs$$.paths.public||__dirname+"/public"));$app$$.use("/admin",express.static($configs$$.paths.admin||__dirname+"/admin"));$app$$.use("/templates",
|
|
9
|
+
express.static($configs$$.paths.templates||__dirname+"/templates"));$app$$.use("/images",express.static($configs$$.paths.images||__dirname+"/images"));$app$$.use(bodyParser.json({limit:$configs$$.limitRequestSize||"1mb"}));$app$$.use(bodyParser.urlencoded({limit:$configs$$.limitRequestSize||"1mb",extended:!0}));$app$$.use(passport.initialize());$_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$=require("morgan");$_port_accessLogStream_rfs$$=require("rotating-file-stream");
|
|
10
|
+
const $logDirectory$$=$configs$$.paths.log||__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);$_port_accessLogStream_rfs$$=$_port_accessLogStream_rfs$$("access-cluster.log",{interval:"1d",path:$logDirectory$$});$app$$.use($_configs_compress_cookieParser_cors_morgan_multer_root_dir_uploads_session$$("combined",{stream:$_port_accessLogStream_rfs$$,skip:function($req$$,$res$$){return $res$$.statusCode<400}}));$app$$.use(function($err$$,$req$$,$res$$,$next$$){Logger.error($err$$.stack);
|
|
11
|
+
$res$$.status(500).send("Server error!")});Logger.info("[cluster] connect to mongodb",$configs$$.database.url);$configs$$.database.url||(Logger.error("[cluster] thi\u1ebfu \u0111\u01b0\u1eddng d\u1eabn k\u1ebft n\u1ed1i v\u1edbi database trong file configs"),process.exit(1));global.mongoose.connect($configs$$.database.url,{useNewUrlParser:!0,useFindAndModify:!1,useUnifiedTopology:!0}).then(async $clientMongo_redis$$=>{Logger.info("[cluster] Connected to Database");var $result_retryStrategyRedis$$=
|
|
12
|
+
await mongoose.connection.getClient().db().admin().command({setParameter:1,transactionLifetimeLimitSeconds:$options$$.transactionLifetimeLimitSeconds||600});Logger.info("[cluster] T\u0103ng th\u1eddi gian ho\u1ea1t \u0111\u1ed9ng c\u1ee7a m\u1ed9t transaction:",$result_retryStrategyRedis$$);global.clientMongo=$clientMongo_redis$$;$clientMongo_redis$$=require("redis");({retryStrategyRedis:$result_retryStrategyRedis$$}=require("./libs/utils"));global.clientRedis=$clientMongo_redis$$.createClient({host:"127.0.0.1",
|
|
13
|
+
port:6379,retry_strategy:$result_retryStrategyRedis$$});global.clientRedis.on("error",$err$$=>{Logger.error("[cluster] Redis Client Error",$err$$);process.exit(1)});global.clientRedis.on("end",()=>{Logger.error("[cluster] Redis connection closed.")});global.clientRedis.on("connect",async function(){function $initSysData$$(){Logger.info("[cluster] creating system data...");const $files$$=fs.readdirSync(__dirname+"/data/sys");$async$$.mapSeries($files$$,function($file$$,$callback$$){setImmediate(()=>
|
|
14
|
+
{if($file$$.substr(-3)==".js"){const $data$$=JSON.parse(JSON.stringify(require("./data/sys/"+$file$$).data)),$model$$=global.getModel(""+$file$$);Logger.info("[cluster] creating system data...",$file$$);$model$$.deleteMany({},$e$$=>{Logger.error($e$$);$async$$.mapSeries($data$$,function($r$$,$callback$$){delete $r$$._id;delete $r$$.__v;delete $r$$.collection_name;delete $r$$.pkey;$model$$.create($r$$,function($error$$){if($error$$)return $callback$$($error$$);$callback$$()})},function($error$$,$rs$$){$callback$$($error$$,
|
|
15
|
+
$rs$$)})})}else $callback$$()})},function($error$$){if($error$$)return Logger.info($error$$);Logger.info("[cluster] created system data")})}Logger.info("redis connected");$options$$.createRedisCache&&require("./libs/redis-cache").set();global.getModel("schedule").start();$options$$.start_abci_handler&&global.getModel("assabcihandler").start();var {recoverBackgroundTasks:$StaticPool$$}=require("./libs/optimizeBookkeeping");$StaticPool$$().catch(console.error);$StaticPool$$=global.getModel("user");
|
|
16
|
+
var $cpus_init_system_data_report_cpus_server$$=$configs$$.initSysData;$cpus_init_system_data_report_cpus_server$$||await $StaticPool$$.findOne({})||($cpus_init_system_data_report_cpus_server$$=!0);for(var $StaticPool$jscomp$0$$=0;$StaticPool$jscomp$0$$<$configs$$.adminUsers.length;$StaticPool$jscomp$0$$++){var $StaticPool_adminUser$$=$configs$$.adminUsers[$StaticPool$jscomp$0$$];let $u$$=await $StaticPool$$.findOne({email:$StaticPool_adminUser$$.email});$u$$||($StaticPool_adminUser$$.local={name:$StaticPool_adminUser$$.name,
|
|
17
|
+
email:$StaticPool_adminUser$$.email,active:!0},$u$$=new $StaticPool$$($StaticPool_adminUser$$),$u$$.local.password=$u$$.generateHash($StaticPool_adminUser$$.email+$StaticPool_adminUser$$.defaultPassword),$u$$.save(function($error$$,$user$$){if($error$$)return Logger.error($error$$);$user$$&&Logger.info("[cluster] da tao thanh cong user "+$user$$.email)}))}const $async$$=require("async");$cpus_init_system_data_report_cpus_server$$&&$initSysData$$();require("./route")($app$$);$cpus_init_system_data_report_cpus_server$$=
|
|
18
|
+
$configs$$.use_ssl&&$sslDir$$?https.createServer(sslConfig($sslDir$$),$app$$):http.createServer($app$$);$cpus_init_system_data_report_cpus_server$$.timeout=6E5;$StaticPool$$.initSocket($cpus_init_system_data_report_cpus_server$$);$StaticPool$$.initClientSockets();if($options$$.cluster){if(!require("sticky-session").listen($cpus_init_system_data_report_cpus_server$$,global.port))$cpus_init_system_data_report_cpus_server$$.once("listening",function(){Logger.info("[cluster] server cluster started on",
|
|
19
|
+
global.port)});$StaticPool$$=require("cluster");$StaticPool$$.on("exit",function($worker$$,$code$$,$signal$$){Logger.error("[cluster] worker "+$worker$$.process.pid+" died",$code$$,$signal$$)});$StaticPool$$.on("online",function($worker$$){console.info("[cluster] worker "+$worker$$.process.pid+" is online");global.clientRedis.set("lastworker",JSON.stringify({pid:$worker$$.process.pid}))})}else $cpus_init_system_data_report_cpus_server$$.listen(global.port,()=>{Logger.info("[cluster] server start at "+
|
|
20
|
+
global.port+" port")});$cpus_init_system_data_report_cpus_server$$=os.cpus().length;$StaticPool$$=$options$$.import_cpus||($options$$.start_import_data_pool?$options$$.start_report_pool||$options$$.start_input_data_pool?1:Math.round($cpus_init_system_data_report_cpus_server$$/2):0);$StaticPool$jscomp$0$$=$options$$.input_cpus||($options$$.start_input_data_pool?Math.max(Math.round($cpus_init_system_data_report_cpus_server$$/2),2):0);$cpus_init_system_data_report_cpus_server$$=$options$$.report_cpus||
|
|
21
|
+
($options$$.start_import_data_pool?Math.max(Math.min($cpus_init_system_data_report_cpus_server$$-$StaticPool$jscomp$0$$-$StaticPool$$,Math.round($cpus_init_system_data_report_cpus_server$$/2))-1,2):0);$StaticPool$jscomp$0$$&&($StaticPool_adminUser$$=require("./libs/WorkerStaticPool"),global.inputMainPool=new $StaticPool_adminUser$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$jscomp$0$$,3E5,$StaticPool$jscomp$0$$,"input pool"),global.inputMainPool.exec({load:!0,
|
|
22
|
+
configs:JSON.stringify($configs$$)},()=>{Logger.info("\ud83d\udd25 [cluster] Crud pool ready")}));$StaticPool$$&&($StaticPool$jscomp$0$$=require("./libs/WorkerStaticPool"),global.importDataMainPool=new $StaticPool$jscomp$0$$(__dirname+"/workers/inputWorker.js",$options$$.max_queue_imports||0,$StaticPool$$,36E5,1,"import pool"),global.importDataMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{Logger.info("[cluster] Import pool ready")}));$cpus_init_system_data_report_cpus_server$$&&
|
|
23
|
+
($StaticPool$$=require("./libs/WorkerStaticPool"),global.reportMainPool=new $StaticPool$$(__dirname+"/workers/reportWorker.js",$options$$.max_queue_reports||0,$cpus_init_system_data_report_cpus_server$$,3E5,2,"report pool"),global.reportMainPool.exec({load:!0,configs:JSON.stringify($configs$$)},()=>{Logger.info("[cluster] Report pool ready")}))})}).catch($err$$=>{Logger.error("[cluster] Not Connected to Database ERROR!",$err$$);process.exit(1)})};
|
|
24
|
+
process.on("SIGINT",async()=>{global.sharedRedisConnection&&await global.sharedRedisConnection.quit();process.exit(0)});process.on("uncaughtException",function($err$jscomp$3_error$$){Logger.error("[cluster]",(new Date).toUTCString()+" uncaughtException:",$err$jscomp$3_error$$.message);Logger.error($err$jscomp$3_error$$.stack);$err$jscomp$3_error$$=`
|
|
25
25
|
Error: ${$err$jscomp$3_error$$.message}
|
|
26
26
|
Stack: ${$err$jscomp$3_error$$.stack}
|
|
27
27
|
`;try{const $logDirectory$$=__dirname+"/log";fs.existsSync($logDirectory$$)||fs.mkdirSync($logDirectory$$);fs.writeFile(`${$logDirectory$$}/error-${(new Date).getTime()}.txt`,$err$jscomp$3_error$$,()=>{Logger.info("[cluster] wrote log error")})}catch($e$$){Logger.info($e$$)}process.exit(1)});module.exports=clusterServer;
|