surya/freeplanet_serverside
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- risolto problema della non attesa della PWA durante la chiamata a Node.js.

Browse Source 
- risolto problema dell'ambiente in Locale HTTPS certificato installato aggiornato.
This commit is contained in:
Surya Paolo
2025-03-13 12:05:16 +01:00
parent 65b29a6eee
commit 0017f04e45
12 changed files with 370 additions and 223 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/server/router/cart_router.js
View File

@@ -351,7 +351,6 @@ router.post('/:userId/ordercartstatus', authenticate, async function (req, res,
let idapp = req.body.idapp;
let userId = req.params.userId;
let order_id = req.body.order_id;
const user = req.user;
let status = req.body.status;
let options = req.body.options;
@@ -403,7 +402,7 @@ router.post('/:userId/ordercartstatus', authenticate, async function (req, res,
let orderscart = null;
if (User.isManager(user.perm)) {
if (User.isManager(req.user.perm)) {
// Prende Tutti gli Ordini !
orderscart = await OrdersCart.getOrdersCartByUserId('ALL', idapp, 0, false);
} else {
@@ -424,7 +423,6 @@ router.post('/:userId/ordercartstatus', authenticate, async function (req, res,
//POST cart
router.post('/:userId/gestord', authenticate, async function (req, res, next) {
let idapp = req.body.idapp;
const user = req.user;
let idGasordine = req.body.idGasordine;
const { User } = require('../models/user');

25
src/server/router/index_router.js
View File

@@ -9,7 +9,7 @@ const i18n = require('i18n');
const sharp = require('sharp');
const { authenticate, authenticate_noerror } = require(
const { authenticate, authenticate_noerror, authenticate_noerror_WithUser, authenticate_noerror_WithUserLean } = require(
'../middleware/authenticate');
const { ObjectId } = require('mongodb');
@@ -1793,19 +1793,34 @@ router.post('/duprec/:table/:id', authenticate, async (req, res) => {
});
router.get('/loadsite/:userId/:idapp', authenticate_noerror, (req, res) => {
router.get('/loadsite/:userId/:idapp', authenticate_noerror_WithUserLean, (req, res) => {
load(req, res, '0');
});
router.get('/loadsite/:userId/:idapp/:vers', authenticate_noerror,
async (req, res) => {
router.get('/testpao', async (req, res) => {
try {
// Simulazione di un'operazione asincrona (es. chiamata a DB o altro)
// await new Promise(resolve => setTimeout(resolve, 2000));
res.status(200).send('OK');
} catch (error) {
console.error('Errore durante il caricamento del sito:', error);
res.status(500).json({ error: 'Errore interno del server: TEST' });
}
});
router.get('/loadsite/:userId/:idapp/:vers', authenticate_noerror_WithUserLean, async (req, res) => {
try {
let versionstr = req.params.vers;
let version = tools.getVersionint(versionstr);
return await load(req, res, version);
});
} catch (error) {
console.error('Errore durante il caricamento del sito:', error);
res.status(500).json({ error: 'Errore interno del server' });
}
});
async function load(req, res, version = '0') {
try {

197
src/server/router/users_router.js
View File

@@ -31,7 +31,7 @@ const _ = require('lodash');
const reg = require('../reg/registration');
const { authenticate, authenticate_noerror } = require('../middleware/authenticate');
const { authenticate, authenticate_noerror, authenticate_withUser } = require('../middleware/authenticate');
const Cart = require('../models/cart');
@@ -55,13 +55,13 @@ const mongoose = require('mongoose').set('debug', false);
const Subscription = require('../models/subscribers');
function existSubScribe(userId, access, browser) {
return Subscription.findOne({ userId, access, browser }).then(itemsub => {
async function existSubScribe(userId, access, browser) {
try {
const itemsub = await Subscription.findOne({ userId, access, browser }).lean();
return itemsub;
}).catch(err => {
} catch (err) {
return null;
});
}
}
function getMobileComplete(user) {
@@ -445,7 +445,6 @@ router.patch('/:id', authenticate, (req, res) => {
});
router.post('/lastmovs', authenticate, async (req, res) => {
const username = req.user ? req.user.username : '';
const nummov = req.body.nummov;
const idapp = req.body.idapp;
@@ -502,7 +501,6 @@ router.post('/profile', authenticate, (req, res) => {
const perm = req.user ? req.user.perm : tools.Perm.PERM_NONE;
const username = req.body['username'];
const idapp = req.body.idapp;
const locale = req.body.locale;
//++Todo: controlla che tipo di dati ha il permesso di leggere
@@ -712,11 +710,10 @@ function checkBlocked(req, res, next) {
next();
}
router.post('/login', checkBlocked, (req, res) => {
var body = _.pick(req.body,
router.post('/login', checkBlocked, async (req, res) => {
const body = _.pick(req.body,
['username', 'password', 'idapp', 'keyappid', 'lang']);
var user = new User(body);
const userpass = new User(body);
// const subs = _.pick(req.body, ['subs']);
// tools.mylog("LOG: u: " + user.username + " p:" + user.password);
@@ -728,135 +725,89 @@ router.post('/login', checkBlocked, (req, res) => {
let resalreadysent = false;
const myuser = user;
try {
const user = await User.findByCredentials(userpass.idapp, userpass.username, userpass.password);
return User.findByCredentials(user.idapp, user.username, user.password).
then(async (user) => {
// tools.mylog("CREDENZIALI ! ");
if (!user) {
if (!user) {
const rislogin = await User.tooManyLoginWrong(body.idapp, body.username, true);
const rislogin = await User.tooManyLoginWrong(body.idapp, body.username, true);
if (rislogin.troppilogin) {
let text = 'Troppe richieste di Login ERRATE: ' + body.username + ' [IP: ' + tools.getiPAddressUser(req) + '] Tentativi: ' + rislogin.retry_pwd;
telegrambot.sendMsgTelegramToTheManagers(body.idapp, text);
console.log('/login', text);
res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: text });
return false;
}
if (rislogin.troppilogin) {
let text = 'Troppe richieste di Login ERRATE: ' + body.username + ' [IP: ' + tools.getiPAddressUser(req) + '] Tentativi: ' + rislogin.retry_pwd;
telegrambot.sendMsgTelegramToTheManagers(body.idapp, text);
console.log('/login', text);
res.status(400).send({ code: server_constants.RIS_CODE_ERR, msg: text });
return;
}
await tools.snooze(3000);
await tools.snooze(2000);
if (!failedLoginAttempts[body.username]) {
failedLoginAttempts[body.username] = 1;
} else {
failedLoginAttempts[body.username]++;
}
if (!failedLoginAttempts[body.username]) {
failedLoginAttempts[body.username] = 1;
} else {
failedLoginAttempts[body.username]++;
}
let numvolteerrati = failedLoginAttempts[body.username];
let numvolteerrati = failedLoginAttempts[body.username];
if (numvolteerrati > 2) {
const msg = 'Tentativo (' + numvolteerrati + ') di Login ERRATO [' + body.username + ' , ' + ']\n' + '[IP: ' + tools.getiPAddressUser(req) + ']';
tools.mylogshow(msg);
await telegrambot.sendMsgTelegramToTheAdmin(myuser.idapp, msg, true);
tools.writeErrorLog(msg);
}
// telegrambot.sendMsgTelegramToTheManagers(body.idapp, msg);
if (numvolteerrati > 2) {
const msg = 'Tentativo (' + numvolteerrati + ') di Login ERRATO [' + body.username + ' , ' + ']\n' + '[IP: ' + tools.getiPAddressUser(req) + ']';
tools.mylogshow(msg);
await telegrambot.sendMsgTelegramToTheAdmin(myuser.idapp, msg, true);
tools.writeErrorLog(msg);
}
if (failedLoginAttempts[body.username] >= MAX_FAILED_ATTEMPTS) {
blockUser(body.username);
text = 'Troppi tentativi di accesso falliti. Utente bloccato (' + body.username + ')' + ' [IP: ' + tools.getiPAddressUser(req) + ']';
tools.mylogshow(text);
telegrambot.sendMsgTelegramToTheManagers(req.body.idapp, text);
res.status(403).json({ message: text });
resalreadysent = true;
}
res.status(401).send({ code: server_constants.RIS_CODE_LOGIN_ERR });
if (failedLoginAttempts[body.username] >= MAX_FAILED_ATTEMPTS) {
blockUser(body.username);
text = 'Troppi tentativi di accesso falliti. Utente bloccato (' + body.username + ')' + ' [IP: ' + tools.getiPAddressUser(req) + ']';
tools.mylogshow(text);
telegrambot.sendMsgTelegramToTheManagers(req.body.idapp, text);
res.status(403).json({ message: text });
resalreadysent = true;
}
return user;
}).
then(user => {
// console.log('Lgn-Ok');
if (user) {
return user.generateAuthToken(req).then((ris) => {
var usertosend = new User();
shared_consts.fieldsUserToChange().forEach((field) => {
usertosend[field] = user[field];
});
res.status(401).send({ code: server_constants.RIS_CODE_LOGIN_ERR });
resalreadysent = true;
}
// usertosend._id = user._id.toHexString();
// if (!User.isAdmin(req.user)) {
// usertosend.ipaddr = user.ipaddr;
// }
// tools.mylog("user.verified_email:" + user.verified_email);
// tools.mylog("usertosend.userId", usertosend.userId);
const myris = await user.generateAuthToken(req);
return { usertosend, token: ris.token, refreshToken: ris.refreshToken };
const usertosend = new User();
}).then((myris) => {
const access = 'auth';
const browser = req.get('User-Agent');
// Check if already exist Subscribe
return existSubScribe(myris.usertosend._id, access, browser).
then(subscribe => {
return (subscribe !== null);
}).
then(subsExistonDb => {
// console.log('ESEGUITO OK')
return {
usertosend: myris.usertosend,
token: myris.token,
refreshToken: myris.refreshToken,
subsExistonDb,
};
}).
catch(err => {
return {
usertosend: myris.usertosend,
token: myris.token,
refreshToken: myris.refreshToken,
subsExistonDb: false,
};
});
}).then(myris => {
// console.log('res', myris.token, myris.usertosend);
// SEND TOKEN AND CODE RESULT
return res
.header('x-auth', myris.token)
.header('x-refrtok', myris.refreshToken)
.send({
usertosend: myris.usertosend,
code: server_constants.RIS_CODE_OK,
subsExistonDb: myris.subsExistonDb,
});
// tools.mylog("TROVATOOO!");
// tools.mylog('FINE LOGIN')
});
}
}).
catch((e) => {
console.error('ERRORE IN LOGIN: ' + e.message);
if (!resalreadysent)
res.status(400).
send({ code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC, msgerr: e.message });
shared_consts.fieldsUserToChange().forEach((field) => {
usertosend[field] = user[field];
});
const subsExistonDb = await existSubScribe(usertosend._id, 'auth', req.get('User-Agent'));
res
.header('x-auth', myris.token)
.header('x-refrtok', myris.refreshToken)
.send({
usertosend,
code: server_constants.RIS_CODE_OK,
subsExistonDb,
});
} catch (e) {
console.error('ERRORE IN LOGIN: ' + e.message);
if (!resalreadysent)
res.status(400).
send({ code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC, msgerr: e.message });
}
});
router.delete('/me/token', authenticate, (req, res) => {
router.delete('/me/token', authenticate_withUser, (req, res) => {
// tools.mylog("TOKENREM = " + req.token);
req.user.removeToken(req.token).then(() => {
res.status(200).send();
}, () => {
res.status(400).send();
});
try {
req.user.removeToken(req.token).then(() => {
res.status(200).send();
}, () => {
res.status(400).send();
});
} catch (e) {
console.log('delete(/me/token', e.message);
}
});
router.post('/setperm', authenticate, (req, res) => {