lora-project/server-api/route/api/account.js

const Router = require('koa-router');
const router = new Router();

// import tools 
const crypto = require('../../libs/crypto.js');
const so = require('../../libs/storeObject');
const mongo = require('../../libs/mongo_model.js');
const mem = require('../../libs/memcache_lib');

router
    .post('/user', async(c, n) => {
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.account) throw 'CE0001';
        if (!arr.data.password) throw 'CE00002';
        if (!arr.data.name) throw 'CE0004';
        if (!arr.data.email) throw 'CE0005';

        try {
            let query = "select count(*) as c from ??.?? where `account` = ?";
            let param = ['lora', 'user', arr.data.account];
            let count = await c.syncQuery(query, param);
            if (count.length == 0) throw 'SE0000';
            if (count[0].c > 0) throw 'CE0006';
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        let uid = 0;
        try {
            let query = "insert into ??.?? (`account`, `password`, `name`, `email`) values (?, ?, ?, ?)";
            let param = ['lora', 'user', arr.data.account, arr.data.password, arr.data.name, arr.data.email];
            let indata = await c.syncQuery(query, param);
            uid = indata.insertId;
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0001';
        }

        c.body = {
            record: [{ uid }]
        }
    })
    .get('/user/:uid', async(c, n) => {
        if (!await mongo.token.checkToken(c.token)) throw 'CE1000';
        try {
            let t = await mongo.token.getToken(c.token);
            if (t.object.uid != c.params.uid) throw 'CE2000';
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        try {
            let user = await c.syncQuery('select `uid`,`account`,`name`,`email` from ??.?? where `uid` = ?', ['lora', 'user', c.params.uid]);

            c.body = {
                record: user
            }
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }
    })
    .put('/user/:uid', async(c, n) => {
        if (!await mongo.token.checkToken(c.token)) throw 'CE1000';
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.name) throw 'CE0004';
        if (!arr.data.email) throw 'CE0005';
        try {
            let t = await mongo.token.getToken(c.token);
            if (t.object.uid != c.params.uid) throw 'CE2000';
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        try {
            let query = "update ??.?? set \
                `name` = ?, \
                `email` = ?" + (arr.data.password ? ',' : '') + " \
                " + (arr.data.password ? "`password` = ?, " : '') + " \
                where \
                `uid` = ?";
            let param = ['lora', 'user', arr.data.name, arr.data.email];
            if (arr.data.password) param.push(crypto.genPassHash(arr.data.password));
            param.push(c.params.uid);

            let updata = await c.syncQuery(query, param);
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0002';
        }

        c.body = { record: [] };
    })
    .post('/login', async(c, n) => {
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.account) throw 'CE0001';
        if (!arr.data.password) throw 'CE0002';
        try {
            let user = await c.syncQuery('select `uid`,`account`,`password`,`name`,`email` from ??.?? where `account` = ?', ['lora', 'user', arr.data.account])

            if (user.length == 0) throw 'CE0003';

            if (!crypto.comparePass(arr.data.password, user[0].password)) throw 'CE0003';

            delete user[0].password;

            c.body = {
                record: user
            }
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0000';
        }

        let u = c.body.record[0];
        let token = new mongo.token({ object: u, expire: Date.now() + 86400000 });
        token.save();
        c.body.rt = {
            token: {
                id: token._id
            }
        }
    })
    .post('/user/forgotpass', async(c, n) => {
        let arr = c.request.body;
        if (!arr.data) throw 'CE0000';
        if (!arr.data.account) throw 'CE0001';
        if (!arr.data.email) throw 'CE0005';

        let user = [];
        try {
            let query = "select * from ??.?? where `account` = ? and `email` = ?";
            let param = ['lora', 'user', arr.data.account, arr.data.email];
            user = await c.syncQuery(query, param);
        } catch (err) {
            if (typeof err == 'string') throw err;
            c.serr = err;
            throw 'SE0001';
        }
        if (user.length == 0) throw 'CE0007';

        let randomToken = crypto.random(10);
        try {
            await mem.setVal(randomToken, JSON.stringify(user[0]), 7200);
        } catch (err) {
            c.serr = err;
            throw 'SE0005';
        }
    })



module.exports = router;