lora-project/server-api/route/api/account.js

const Router = require('koa-router');
const router = new Router();

// import tools 
const crypto = require('../../libs/crypto.js');
const so = require('../../libs/storeObject');
const mongo = require('../../libs/mongo_model.js');
const mem = require('../../libs/memcache_lib');
const msgMng = require('./msgManager');
const sendmail = require('../../libs/sendmail');

router
    .post('/user', async(c, n) => {
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.account) throw 'CE0001';
        if (!arr.data.password) throw 'CE00002';
        if (!arr.data.name) throw 'CE0004';
        if (!arr.data.email) throw 'CE0005';

        try {
            let query = "select count(*) as c from ??.?? where `account` = ?";
            let param = ['lora', 'user', arr.data.account];
            let count = await c.syncQuery(query, param);
            if (count.length == 0) throw 'SE0000';
            if (count[0].c > 0) throw 'CE0006';
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        let uid = 0;
        try {
            let query = "insert into ??.?? (`account`, `password`, `name`, `email`) values (?, ?, ?, ?)";
            let param = ['lora', 'user', arr.data.account, arr.data.password, arr.data.name, arr.data.email];
            let indata = await c.syncQuery(query, param);
            uid = indata.insertId;
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0001';
        }

        c.body = {
            record: [{ uid }]
        }
    })
    .get('/user/:uid', async(c, n) => {
        if (!await mongo.token.checkToken(c.token)) throw 'CE1000';
        try {
            let t = await mongo.token.getToken(c.token);
            if (t.object.uid != c.params.uid) throw 'CE2000';
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        try {
            let user = await c.syncQuery('select `uid`,`account`,`name`,`email` from ??.?? where `uid` = ?', ['lora', 'user', c.params.uid]);

            c.body = {
                record: user
            }
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }
    })
    .put('/user/:uid', async(c, n) => {
        if (!await mongo.token.checkToken(c.token)) throw 'CE1000';
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.name) throw 'CE0004';
        if (!arr.data.email) throw 'CE0005';
        try {
            let t = await mongo.token.getToken(c.token);
            if (t.object.uid != c.params.uid) throw 'CE2000';
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        try {
            let query = "update ??.?? set \
                `name` = ?, \
                `email` = ?" + (arr.data.password ? ',' : '') + " \
                " + (arr.data.password ? "`password` = ?, " : '') + " \
                where \
                `uid` = ?";
            let param = ['lora', 'user', arr.data.name, arr.data.email];
            if (arr.data.password) param.push(crypto.genPassHash(arr.data.password));
            param.push(c.params.uid);

            let updata = await c.syncQuery(query, param);
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0002';
        }

        c.body = { record: [] };
    })
    .post('/login', async(c, n) => {
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.account) throw 'CE0001';
        if (!arr.data.password) throw 'CE0002';
        try {
            let user = await c.syncQuery('select `uid`,`account`,`password`,`name`,`email` from ??.?? where `account` = ?', ['lora', 'user', arr.data.account])

            if (user.length == 0) throw 'CE0003';

            if (!crypto.comparePass(arr.data.password, user[0].password)) throw 'CE0003';

            delete user[0].password;

            c.body = {
                record: user
            }
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        let u = c.body.record[0];
        let token = new mongo.token({ object: u, expire: Date.now() + 86400000 });
        token.save();
        c.body.rt = {
            token: {
                id: token._id
            }
        }
    })
    .post('/user/forgotpass', async(c, n) => {
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.account) throw 'CE0001';
        if (!arr.data.email) throw 'CE0005';

        let user = [];
        try {
            let query = "select * from ??.?? where `account` = ? and `email` = ?";
            let param = ['lora', 'user', arr.data.account, arr.data.email];
            user = await c.syncQuery(query, param);
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0001';
        }
        if (user.length == 0) throw 'CE0007';

        let randomToken = crypto.random(10);
        try {
            await mem.setVal(randomToken, JSON.stringify(user[0]), 7200);
        } catch (err) {
            c.serr = err;
            throw 'SE0005';
        }

        try {
            await sendmail(user[0].email, msgMng.getMailTemplate('forgotpass', c.headers['accept-language']), [randomToken])
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0006';
        }

        c.body = {
            record: []
        }
    })
    .post('/user/resetpass', async(c, n) => {
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.account) throw 'CE0001';
        if (arr.data.resettype != 'pass' && arr.data.resettype != 'token') throw 'CE0008';
        if (arr.data.resettype == 'pass') {
            if (!arr.data.password) throw 'CE0002';
        } else {
            if (!arr.data.token) throw 'CE0009';
        }
        if (!arr.data.newpass) throw 'CE0002';


    })


module.exports = router;
add user api 2017-06-01 14:37:51 +00:00			`const Router = require('koa-router');`
			`const router = new Router();`

			`// import tools`
			`const crypto = require('../../libs/crypto.js');`
add storeObject 2017-06-02 10:07:25 +00:00			`const so = require('../../libs/storeObject');`
add mongodb access lib 2017-06-02 14:53:34 +00:00			`const mongo = require('../../libs/mongo_model.js');`
update 2017-06-05 06:41:32 +00:00			`const mem = require('../../libs/memcache_lib');`
rename errorManager, fin forgotpass pai 2017-06-06 07:04:41 +00:00			`const msgMng = require('./msgManager');`
			`const sendmail = require('../../libs/sendmail');`
add user api 2017-06-01 14:37:51 +00:00
			`router`
update 2017-06-05 06:41:32 +00:00			`.post('/user', async(c, n) => {`
user api ok 2017-06-04 13:38:14 +00:00			`let arr = c.request.body;`
			`if (!arr.data) throw 'CE0000';`
			`if (!arr.data.account) throw 'CE0001';`
			`if (!arr.data.password) throw 'CE00002';`
			`if (!arr.data.name) throw 'CE0004';`
			`if (!arr.data.email) throw 'CE0005';`

			`try {`
			let query = "select count(*) as c from ??.?? where `account` = ?";
			`let param = ['lora', 'user', arr.data.account];`
			`let count = await c.syncQuery(query, param);`
			`if (count.length == 0) throw 'SE0000';`
			`if (count[0].c > 0) throw 'CE0006';`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0000';`
			`}`

			`let uid = 0;`
			`try {`
			let query = "insert into ??.?? (`account`, `password`, `name`, `email`) values (?, ?, ?, ?)";
			`let param = ['lora', 'user', arr.data.account, arr.data.password, arr.data.name, arr.data.email];`
			`let indata = await c.syncQuery(query, param);`
			`uid = indata.insertId;`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0001';`
			`}`

			`c.body = {`
			`record: [{ uid }]`
			`}`
			`})`
update 2017-06-05 06:41:32 +00:00			`.get('/user/:uid', async(c, n) => {`
user api ok 2017-06-04 13:38:14 +00:00			`if (!await mongo.token.checkToken(c.token)) throw 'CE1000';`
			`try {`
			`let t = await mongo.token.getToken(c.token);`
			`if (t.object.uid != c.params.uid) throw 'CE2000';`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0000';`
			`}`

			`try {`
			let user = await c.syncQuery('select `uid`,`account`,`name`,`email` from ??.?? where `uid` = ?', ['lora', 'user', c.params.uid]);

			`c.body = {`
			`record: user`
			`}`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0000';`
			`}`
			`})`
update 2017-06-05 06:41:32 +00:00			`.put('/user/:uid', async(c, n) => {`
user api ok 2017-06-04 13:38:14 +00:00			`if (!await mongo.token.checkToken(c.token)) throw 'CE1000';`
			`let arr = c.request.body;`
			`if (!arr.data) throw 'CE0000';`
			`if (!arr.data.name) throw 'CE0004';`
			`if (!arr.data.email) throw 'CE0005';`
			`try {`
			`let t = await mongo.token.getToken(c.token);`
			`if (t.object.uid != c.params.uid) throw 'CE2000';`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0000';`
			`}`

			`try {`
			`let query = "update ??.?? set \`
			`name` = ?, \
update 2017-06-05 06:41:32 +00:00			`email` = ?" + (arr.data.password ? ',' : '') + " \
user api ok 2017-06-04 13:38:14 +00:00			" + (arr.data.password ? "`password` = ?, " : '') + " \
			`where \`
			`uid` = ?";
			`let param = ['lora', 'user', arr.data.name, arr.data.email];`
			`if (arr.data.password) param.push(crypto.genPassHash(arr.data.password));`
			`param.push(c.params.uid);`

			`let updata = await c.syncQuery(query, param);`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0002';`
			`}`

			`c.body = { record: [] };`
			`})`
update 2017-06-05 06:41:32 +00:00			`.post('/login', async(c, n) => {`
add user api 2017-06-01 14:37:51 +00:00			`let arr = c.request.body;`
update errorManager 2017-06-04 03:54:25 +00:00			`if (!arr.data) throw 'CE0000';`
			`if (!arr.data.account) throw 'CE0001';`
			`if (!arr.data.password) throw 'CE0002';`
add user api 2017-06-01 14:37:51 +00:00			`try {`
			let user = await c.syncQuery('select `uid`,`account`,`password`,`name`,`email` from ??.?? where `account` = ?', ['lora', 'user', arr.data.account])

update errorManager 2017-06-04 03:54:25 +00:00			`if (user.length == 0) throw 'CE0003';`
add user api 2017-06-01 14:37:51 +00:00
update errorManager 2017-06-04 03:54:25 +00:00			`if (!crypto.comparePass(arr.data.password, user[0].password)) throw 'CE0003';`
add user api 2017-06-01 14:37:51 +00:00
			`delete user[0].password;`

			`c.body = {`
			`record: user`
			`}`
			`} catch (err) {`
user api ok 2017-06-04 13:38:14 +00:00			`if (typeof err == 'string') throw err;`
update errorManager 2017-06-04 03:54:25 +00:00			`c.serr = err;`
			`throw 'SE0000';`
add user api 2017-06-01 14:37:51 +00:00			`}`
add storeObject 2017-06-02 10:07:25 +00:00
			`let u = c.body.record[0];`
update api errormanager 2017-06-03 13:20:34 +00:00			`let token = new mongo.token({ object: u, expire: Date.now() + 86400000 });`
add mongodb access lib 2017-06-02 14:53:34 +00:00			`token.save();`
			`c.body.rt = {`
			`token: {`
			`id: token._id`
			`}`
add storeObject 2017-06-02 10:07:25 +00:00			`}`
add user api 2017-06-01 14:37:51 +00:00			`})`
update 2017-06-05 06:41:32 +00:00			`.post('/user/forgotpass', async(c, n) => {`
			`let arr = c.request.body;`
			`if (!arr.data) throw 'CE0000';`
			`if (!arr.data.account) throw 'CE0001';`
			`if (!arr.data.email) throw 'CE0005';`

			`let user = [];`
			`try {`
			let query = "select * from ??.?? where `account` = ? and `email` = ?";
			`let param = ['lora', 'user', arr.data.account, arr.data.email];`
			`user = await c.syncQuery(query, param);`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0001';`
			`}`
			`if (user.length == 0) throw 'CE0007';`

add android project 2017-06-05 07:21:18 +00:00			`let randomToken = crypto.random(10);`
			`try {`
			`await mem.setVal(randomToken, JSON.stringify(user[0]), 7200);`
			`} catch (err) {`
			`c.serr = err;`
			`throw 'SE0005';`
			`}`
rename errorManager, fin forgotpass pai 2017-06-06 07:04:41 +00:00
			`try {`
			`await sendmail(user[0].email, msgMng.getMailTemplate('forgotpass', c.headers['accept-language']), [randomToken])`
			`} catch (err) {`
			`if (typeof err == 'string') throw err;`
			`c.serr = err;`
			`throw 'SE0006';`
			`}`

add send mail lib 2017-06-05 10:25:48 +00:00			`c.body = {`
			`record: []`
			`}`
update 2017-06-05 06:41:32 +00:00			`})`
rename errorManager, fin forgotpass pai 2017-06-06 07:04:41 +00:00			`.post('/user/resetpass', async(c, n) => {`
			`let arr = c.request.body;`
			`if (!arr.data) throw 'CE0000';`
			`if (!arr.data.account) throw 'CE0001';`
			`if (arr.data.resettype != 'pass' && arr.data.resettype != 'token') throw 'CE0008';`
			`if (arr.data.resettype == 'pass') {`
			`if (!arr.data.password) throw 'CE0002';`
			`} else {`
			`if (!arr.data.token) throw 'CE0009';`
			`}`
			`if (!arr.data.newpass) throw 'CE0002';`


			`})`
update 2017-06-05 06:41:32 +00:00
add user api 2017-06-01 14:37:51 +00:00
user api ok 2017-06-04 13:38:14 +00:00
add user api 2017-06-01 14:37:51 +00:00			`module.exports = router;`