const Router = require('koa-router'); const router = new Router(); // import tools const crypto = require('../../libs/crypto.js'); const so = require('../../libs/storeObject'); const mongo = require('../../libs/mongo_model.js'); const mem = require('../../libs/memcache_lib'); const msgMng = require('./msgManager'); const sendmail = require('../../libs/sendmail'); router .post('/user', async(c, n) => { let arr = c.request.body; if (!arr.data) throw 'CE0000'; if (!arr.data.account) throw 'CE0001'; if (!arr.data.password) throw 'CE00002'; if (!arr.data.name) throw 'CE0004'; if (!arr.data.email) throw 'CE0005'; try { let query = "select count(*) as c from ??.?? where `account` = ?"; let param = ['lora', 'user', arr.data.account]; let count = await c.syncQuery(query, param); if (count.length == 0) throw 'SE0000'; if (count[0].c > 0) throw 'CE0006'; } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0000'; } let uid = 0; try { let query = "insert into ??.?? (`account`, `password`, `name`, `email`) values (?, ?, ?, ?)"; let param = ['lora', 'user', arr.data.account, arr.data.password, arr.data.name, arr.data.email]; let indata = await c.syncQuery(query, param); uid = indata.insertId; } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0001'; } c.body = { record: [{ uid }] } }) .get('/user/:uid', async(c, n) => { if (!await mongo.token.checkToken(c.token)) throw 'CE1000'; try { let t = await mongo.token.getToken(c.token); if (t.object.uid != c.params.uid) throw 'CE2000'; } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0000'; } try { let user = await c.syncQuery('select `uid`,`account`,`name`,`email` from ??.?? where `uid` = ?', ['lora', 'user', c.params.uid]); c.body = { record: user } } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0000'; } }) .put('/user/:uid', async(c, n) => { if (!await mongo.token.checkToken(c.token)) throw 'CE1000'; let arr = c.request.body; if (!arr.data) throw 'CE0000'; if (!arr.data.name) throw 'CE0004'; if (!arr.data.email) throw 'CE0005'; try { let t = await mongo.token.getToken(c.token); if (t.object.uid != c.params.uid) throw 'CE2000'; } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0000'; } try { let query = "update ??.?? set \ `name` = ?, \ `email` = ?" + (arr.data.password ? ',' : '') + " \ " + (arr.data.password ? "`password` = ?, " : '') + " \ where \ `uid` = ?"; let param = ['lora', 'user', arr.data.name, arr.data.email]; if (arr.data.password) param.push(crypto.genPassHash(arr.data.password)); param.push(c.params.uid); let updata = await c.syncQuery(query, param); } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0002'; } c.body = { record: [] }; }) .post('/login', async(c, n) => { let arr = c.request.body; if (!arr.data) throw 'CE0000'; if (!arr.data.account) throw 'CE0001'; if (!arr.data.password) throw 'CE0002'; try { let user = await c.syncQuery('select `uid`,`account`,`password`,`name`,`email` from ??.?? where `account` = ?', ['lora', 'user', arr.data.account]) if (user.length == 0) throw 'CE0003'; if (!crypto.comparePass(arr.data.password, user[0].password)) throw 'CE0003'; delete user[0].password; c.body = { record: user } } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0000'; } let u = c.body.record[0]; let token = new mongo.token({ object: u, expire: Date.now() + 86400000 }); token.save(); c.body.rt = { token: { id: token._id } } }) .post('/user/forgotpass', async(c, n) => { let arr = c.request.body; if (!arr.data) throw 'CE0000'; if (!arr.data.account) throw 'CE0001'; if (!arr.data.email) throw 'CE0005'; let user = []; try { let query = "select * from ??.?? where `account` = ? and `email` = ?"; let param = ['lora', 'user', arr.data.account, arr.data.email]; user = await c.syncQuery(query, param); } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0001'; } if (user.length == 0) throw 'CE0007'; let randomToken = crypto.random(10); try { await mem.setVal(randomToken, JSON.stringify(user[0]), 7200); } catch (err) { c.serr = err; throw 'SE0005'; } try { await sendmail(user[0].email, msgMng.getMailTemplate('forgotpass', c.headers['accept-language']), [randomToken]) } catch (err) { if (typeof err == 'string') throw err; c.serr = err; throw 'SE0006'; } c.body = { record: [] } }) .post('/user/resetpass', async(c, n) => { let arr = c.request.body; if (!arr.data) throw 'CE0000'; if (!arr.data.account) throw 'CE0001'; if (arr.data.resettype != 'pass' && arr.data.resettype != 'token') throw 'CE0008'; if (arr.data.resettype == 'pass') { if (!arr.data.password) throw 'CE0002'; } else { if (!arr.data.token) throw 'CE0009'; } if (!arr.data.newpass) throw 'CE0002'; }) module.exports = router;