surya/freeplanet_serverside
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- aggiornato la guida per installare la App

Browse Source 
- aggiornato la Guida Completa e Breve di RISO.
- pagina per ricevere i RIS.
- sistemato problema creazione nuovi Circuiti (admin non corretti).
- corretto giro delle email, invitante, invitato e ricezione msg su telegram.
This commit is contained in:
Surya Paolo
2025-11-23 01:13:32 +01:00
parent 5b1f3eafbc
commit 00bdc278d8
23 changed files with 2765 additions and 701 deletions
Download Patch File Download Diff File Expand all files Collapse all files

254
src/controllers/UserController.js
View File

@@ -21,14 +21,14 @@ class UserController {
async register(req, res) {
try {
tools.mylog('POST /users - Registration');
// Validate input
const validationError = validateRegistration(req.body);
if (validationError) {
await tools.snooze(5000);
return res.status(400).send({
code: validationError.code,
msg: validationError.message
return res.status(400).send({
code: validationError.code,
msg: validationError.message,
});
}
@@ -38,33 +38,29 @@ class UserController {
// Check security (IP bans, block words, etc.)
const securityCheck = await this._performSecurityChecks(userData, req);
if (securityCheck.blocked) {
return res.status(securityCheck.status).send({
code: securityCheck.code,
msg: securityCheck.message
return res.status(securityCheck.status).send({
code: securityCheck.code,
msg: securityCheck.message,
});
}
// Process registration
const result = await this.registrationService.registerUser(userData, req);
if (result.error) {
return res.status(400).send({
code: result.code,
msg: result.message
return res.status(400).send({
code: result.code,
msg: result.message,
});
}
// Send response with tokens
res
.header('x-auth', result.token)
.header('x-refrtok', result.refreshToken)
.send(result.user);
res.header('x-auth', result.token).header('x-refrtok', result.refreshToken).send(result.user);
} catch (error) {
console.error('Error in registration:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -75,6 +71,7 @@ class UserController {
*/
async login(req, res) {
try {
console.log('LOGIN');
const { username, password, idapp, keyappid } = req.body;
// Validate API key
@@ -85,42 +82,35 @@ class UserController {
// Validate input
const validationError = validateLogin(req.body);
if (validationError) {
return res.status(400).send({
code: validationError.code,
msg: validationError.message
return res.status(400).send({
code: validationError.code,
msg: validationError.message,
});
}
// Attempt login
const result = await this.authService.authenticate(
idapp,
username,
password,
req
);
const result = await this.authService.authenticate(idapp, username, password, req);
console.log('attempt...', result);
if (result.error) {
return res.status(result.status).send({
code: result.code,
msg: result.message
return res.status(result.status).send({
code: result.code,
msg: result.message,
});
}
// Send response with tokens
res
.header('x-auth', result.token)
.header('x-refrtok', result.refreshToken)
.send({
usertosend: result.user,
code: server_constants.RIS_CODE_OK,
subsExistonDb: result.subsExistonDb
});
res.header('x-auth', result.token).header('x-refrtok', result.refreshToken).send({
usertosend: result.user,
code: server_constants.RIS_CODE_OK,
subsExistonDb: result.subsExistonDb,
});
} catch (error) {
console.error('Error in login:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC,
msgerr: error.message
res.status(400).send({
code: server_constants.RIS_CODE_LOGIN_ERR_GENERIC,
msgerr: error.message,
});
}
}
@@ -141,20 +131,14 @@ class UserController {
}
// Get user profile
const profile = await this.userService.getUserProfile(
idapp,
username,
usernameOrig,
perm
);
const profile = await this.userService.getUserProfile(idapp, username, usernameOrig, perm);
res.send(profile);
} catch (error) {
console.error('Error in getProfile:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -168,21 +152,14 @@ class UserController {
const username = req.user.username;
const { idapp, circuitId, groupname, lastdr } = req.body;
const result = await this.userService.updateUserBalance(
idapp,
username,
circuitId,
groupname,
lastdr
);
const result = await this.userService.updateUserBalance(idapp, username, circuitId, groupname, lastdr);
res.send({ ris: result });
} catch (error) {
console.error('Error in updateSaldo:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -197,14 +174,13 @@ class UserController {
const { idapp } = req.body;
const friends = await this.userService.getUserFriends(idapp, username);
res.send(friends);
res.send(friends);
} catch (error) {
console.error('Error in getFriends:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -220,28 +196,20 @@ class UserController {
// Security check
if (!this._canExecuteFriendCommand(req.user, usernameOrig, usernameDest, cmd)) {
return res.status(server_constants.RIS_CODE_ERR_UNAUTHORIZED).send({
code: server_constants.RIS_CODE_ERR_UNAUTHORIZED,
msg: ''
return res.status(server_constants.RIS_CODE_ERR_UNAUTHORIZED).send({
code: server_constants.RIS_CODE_ERR_UNAUTHORIZED,
msg: '',
});
}
const result = await this.userService.executeFriendCommand(
req,
idapp,
usernameOrig,
usernameDest,
cmd,
value
);
const result = await this.userService.executeFriendCommand(req, idapp, usernameOrig, usernameDest, cmd, value);
res.send(result);
} catch (error) {
console.error('Error in executeFriendCommand:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -256,14 +224,13 @@ class UserController {
const { idapp } = req.body;
const groups = await this.userService.getUserGroups(idapp, username, req);
res.send(groups);
res.send(groups);
} catch (error) {
console.error('Error in getGroups:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -277,20 +244,14 @@ class UserController {
const username = req.user.username;
const { idapp, nummovTodownload } = req.body;
const circuits = await this.userService.getUserCircuits(
idapp,
username,
req.user,
nummovTodownload
);
res.send(circuits);
const circuits = await this.userService.getUserCircuits(idapp, username, req.user, nummovTodownload);
res.send(circuits);
} catch (error) {
console.error('Error in getCircuits:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -315,9 +276,8 @@ class UserController {
res.status(200).send({
token: result.token,
refreshToken: result.refreshToken
refreshToken: result.refreshToken,
});
} catch (error) {
console.error('Error in refreshToken:', error.message);
res.status(500).send({ error: 'Errore interno del server' });
@@ -353,7 +313,6 @@ class UserController {
}
res.status(200).send();
} catch (error) {
console.error('Error in checkUsername:', error.message);
res.status(400).send();
@@ -371,11 +330,10 @@ class UserController {
await this.userService.setUserPermissions(req.user._id, {
idapp,
username,
perm
perm,
});
res.status(200).send();
} catch (error) {
console.error('Error in setPermissions:', error.message);
res.status(400).send();
@@ -392,28 +350,22 @@ class UserController {
// Check permissions
if (!this._hasAdminPermissions(req.user)) {
return res.status(404).send({
code: server_constants.RIS_CODE_ERR_UNAUTHORIZED
return res.status(404).send({
code: server_constants.RIS_CODE_ERR_UNAUTHORIZED,
});
}
const result = await this.userService.executeDbOperation(
idapp,
mydata,
req,
res
);
const result = await this.userService.executeDbOperation(idapp, mydata, req, res);
res.send({
code: server_constants.RIS_CODE_OK,
data: result
res.send({
code: server_constants.RIS_CODE_OK,
data: result,
});
} catch (error) {
console.error('Error in executeDbOperation:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -428,16 +380,15 @@ class UserController {
const mapData = await this.userService.getMapInformation(idapp);
res.send({
code: server_constants.RIS_CODE_OK,
ris: mapData
res.send({
code: server_constants.RIS_CODE_OK,
ris: mapData,
});
} catch (error) {
console.error('Error in getMapInfo:', error.message);
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message
res.status(400).send({
code: server_constants.RIS_CODE_ERR,
msg: error.message,
});
}
}
@@ -446,13 +397,21 @@ class UserController {
_extractUserData(body) {
const fields = [
'email', 'password', 'username', 'group', 'name',
'surname', 'idapp', 'keyappid', 'lang', 'profile',
'aportador_solidario'
'email',
'password',
'username',
'group',
'name',
'surname',
'idapp',
'keyappid',
'lang',
'profile',
'aportador_solidario',
];
const userData = {};
fields.forEach(field => {
fields.forEach((field) => {
if (body[field] !== undefined) {
userData[field] = body[field];
}
@@ -469,16 +428,14 @@ class UserController {
async _performSecurityChecks(userData, req) {
const { User } = require('../models/user');
// Check for blocked words
if (tools.blockwords(userData.username) ||
tools.blockwords(userData.name) ||
tools.blockwords(userData.surname)) {
if (tools.blockwords(userData.username) || tools.blockwords(userData.name) || tools.blockwords(userData.surname)) {
await tools.snooze(5000);
return {
blocked: true,
status: 404,
code: server_constants.RIS_CODE_ERR
return {
blocked: true,
status: 404,
code: server_constants.RIS_CODE_ERR,
};
}
@@ -492,11 +449,11 @@ class UserController {
tools.writeIPToBan(msg);
await telegrambot.sendMsgTelegramToTheAdmin(userData.idapp, '‼️ BAN: ' + msg, true);
await tools.snooze(5000);
return {
blocked: true,
status: 400,
code: server_constants.RIS_CODE_BANIP
return {
blocked: true,
status: 400,
code: server_constants.RIS_CODE_BANIP,
};
}
}
@@ -507,15 +464,12 @@ class UserController {
_canExecuteFriendCommand(user, usernameOrig, usernameDest, cmd) {
const { User } = require('../models/user');
if (User.isAdmin(user.perm) || User.isManager(user.perm)) {
return true;
}
const allowedCommands = [
shared_consts.FRIENDSCMD.SETFRIEND,
shared_consts.FRIENDSCMD.SETHANDSHAKE
];
const allowedCommands = [shared_consts.FRIENDSCMD.SETFRIEND, shared_consts.FRIENDSCMD.SETHANDSHAKE];
if (allowedCommands.includes(cmd)) {
return usernameOrig === user.username || usernameDest === user.username;
@@ -530,4 +484,4 @@ class UserController {
}
}
module.exports = UserController;
module.exports = UserController;