var express = require("express"); var router = express.Router(); var util = require("util"); var mysql = require("mysql"); var utils = require("../../../src/utils"); var crossCtl = require("../../../src/crossCtl"); var passport = require("passport"); // operation router.get("/s/:shortUrlId", function (req, res) { var uid = req.isAuthenticated() ? req.user.uid : utils.uuid("uid_" + req.sessionID); var shortUrlId = req.params.shortUrlId; crossCtl.getShortUrlInfo(uid, shortUrlId, function (error, shortUrlInfo) { if (error) { return req.workTag .res() .status(500) .send({ ...req.workTag.responsePacket, responseCode: 500, responseMessage: "Server error : " + (error.message ? error.message : error.toString()), }); } else { console.log("huk shortUrlInfo = ", shortUrlInfo); if (shortUrlInfo == null) { return req.workTag .res() .status(404) .send({ ...req.workTag.responsePacket, responseCode: 404, responseMessage: "link not found : " + shortUrlId, }); } else { return req.workTag.res().redirect("https://" + crossCtl.sConfig.baseUrl + shortUrlInfo.url); } } }); }); router.get("/ping", function (req, res) { res.send(JSON.stringify({ whoami: "pond-one" })); }); router.post("/report", function (req, res) { var targetTag = req.query.tag ? req.query.tag : ""; var uid = req.isAuthenticated() ? req.user.uid : utils.uuid("uid_" + req.sessionID); var data = req.body; var post = { site_id: crossCtl.sConfig.type, uid: uid, anonym_flag: req.isAuthenticated() ? 0 : 1, tag: targetTag, json: JSON.stringify(data), req_dump: utils.dumpReq(req), }; crossCtl.boom.log("old_report", post); return req.workTag .res() .status(200) .send({ ...req.workTag.responsePacket, responseCode: 200, responseMessage: "ok", }); /* var qry = 'INSERT INTO ' + crossCtl.db.options.database + '.tbl_report_list SET ?'; var response = {}; crossCtl.db.doEasyQueryPost(qry, post, function (error, results) { if (error) { utils.log( 'error', 'report save db error : ' + JSON.stringify(error) + ' ' + utils.__where() ); return req.workTag .res() .status(500) .send({ ...req.workTag.responsePacket, responseCode: 500, responseMessage: 'Server error : ' + error.message, }); } else { return req.workTag .res() .status(200) .send({ ...req.workTag.responsePacket, responseCode: 200, responseMessage: 'ok', }); } }); */ }); router.use(function (req, res, next) { if (crossCtl.inMaintenanceFlag) { // var userInfo = req.isAuthenticated() ? req.user.user_info : {} var ip = req.headers["x-forwarded-for"] || req.connection.remoteAddress || req.socket.remoteAddress || (req.connection.socket ? req.connection.socket.remoteAddress : null); ip = ip.replace("::ffff:", ""); // console.log('ip =', ip) // console.log('crossCtl.isItStaffIP(ip) =', crossCtl.isItStaffIP(ip)) if (crossCtl.isItStaffIP(ip)) { next(); } else { // console.log('utils.hostName=',utils.hostName) res.status(503).render("main/pages/error", { infos: req.infos, errorCode: 503, errorMessage: "Maintenance in progress...", }); } } else { next(); } }); /* router.get('/', function (req, res) { res.render('main/pages/index', { infos: req.infos }) }) */ /* router.get('/signin', function (req, res) { res.render('main/pages/signin', { infos: req.infos }); }); router.get('/signup', function (req, res) { res.render('main/pages/signup', { infos: req.infos }); }); router.get('/reset', function (req, res) { res.render('main/pages/reset', { infos: req.infos }); }); router.get('/reset/email', function (req, res) { var token = req.query.token; var qry = 'SELECT * FROM ' + crossCtl.db.options.database + '.tbl_reset_list WHERE token = ' + mysql.escape(token) + ' AND site_id = ' + mysql.escape(crossCtl.sConfig.type) + ' AND status = 0'; crossCtl.db.doEasyQuery(qry, function (err, results) { if (err) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, }); } else { if (results.length == 0) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 404, errorMessage: '유효하지 않은 링크 입니다.', }); } else { var uid = results[0].uid; var tmpPassword = utils.shortid.generate(); utils.getHash(tmpPassword, function (err, newPassToken) { if (err) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, }); } else { var post = { auth_token: newPassToken, }; qry = 'UPDATE ' + crossCtl.db.options.database + '.tbl_account_users SET ? WHERE uid = ' + mysql.escape(uid) + ' AND site_id = ' + mysql.escape(crossCtl.sConfig.type) + ' AND status = 0'; crossCtl.db.doEasyQueryPost(qry, post, function ( err, results ) { if (err) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, }); } else { if (results.affectedRows == 0) { res.status(500).render('main/pages/error', { errorCode: 500, errorMessage: '비밀번호 리셋에 실패하였습니다. 잠시 후 다시 시도해 주세요.', }); } else { qry = 'UPDATE ' + crossCtl.db.options.database + '.tbl_reset_list SET status = 1, used_hint = ' + mysql.escape(utils.dumpReq(req)); ' WHERE token = ' + mysql.escape(token); crossCtl.db.doEasyQuery(qry, function ( err, results ) { if (err) { res.status(500).render( 'main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, } ); } else { res.render('main/pages/next', { infos: req.infos, bigTitle: 'OK', smallTitle: '비밀번호 리셋 완료', nextTitle: '비밀번호가 ' + tmpPassword + ' 으로 변경되었습니다. 로그인 해 보세요.', nextUrl: '/signin', newPassToken: tmpPassword, }); } crossCtl.passEventToLocalHandler( 'resetDone', { uid: uid, user_info: JSON.parse( utils.dumpReq(req) ), }, function (error) { if (error) { utils.log( 'error', 'on crossCtl.passEventToLocalHandler(), error =', error ); } } ); }); } } }); } }); } } }); }); router.post('/reset/email', function (req, res) { res.render('main/pages/next', { infos: req.infos, bigTitle: 'OK', smallTitle: 'password reset email sent.', nextTitle: 'goto login screen', nextUrl: '/signin', }); }); router.post('/signin/email', function (req, res, next) { passport.authenticate('local', function (err, user, info) { // console.log('authenticate().local, err=', err) // console.log('authenticate().local, user=', user) // console.log('authenticate().local, info=', info) if (err) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, }); } else { if (user.auth_flag === false) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: 'authenticate failed : ' + user.reason, }); } else { req.login(user, (loginErr) => { if (loginErr) { utils.log( 'error', '#2 huk error : ' + util.inspect(loginErr) + ' ' + utils.__where() ); res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: loginErr, }); } else { req.session.user = user; // req.body.password = '******' // crossCtl.logUserAction(user.uid, 'login', 'login ok, req = ' + utils.dumpReq(req)) handlePostLogin(req); } }); } } })(req, res, next); }); router.post('/signup/email', function (req, res, next) { var type = 0; var key = req.body.userName; var token = req.body.password; var defaultLevel = 0; var qry = 'SELECT * FROM ' + crossCtl.db.options.database + '.tbl_white_list WHERE uid = ' + mysql.escape(key) + ' AND site_id = ' + mysql.escape(crossCtl.sConfig.type) + ' AND status = 0'; crossCtl.db.doEasyQuery(qry, function (err, results) { if (err) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, }); } else { if ( results.length !== 1 && crossCtl.sConfig.allowSignup === false ) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: 'not in a white list', }); } else { defaultLevel = results.length == 1 ? results[0].level : defaultLevel; utils.getHash(token, function (err, hash) { if (err) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, }); } else { var user_info = crossCtl.normalizeUserInfo( 'id/password', { email: key, password: key, } ); var prefDataJson = { account_info: user_info, newAccountFlag: true, }; var post = { site_id: crossCtl.sConfig.type, name: user_info.name, auth_type: type, auth_key: key, auth_token: hash, pref_data: JSON.stringify(prefDataJson), user_level: defaultLevel, }; qry = 'INSERT INTO ' + crossCtl.db.options.database + '.tbl_account_users SET ? '; crossCtl.db.doEasyQueryPost(qry, post, function ( err, results ) { if (err) { res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, }); } else { var serial = results.insertId; var uid = utils.uuid('uid_' + serial); req.body.password = '******'; crossCtl.logUserAction( uid, 'new', 'new account created. req = ' + utils.dumpReq(req) ); qry = 'UPDATE ' + crossCtl.db.options.database + '.tbl_account_users SET uid = ' + mysql.escape(uid) + ' WHERE serial = ' + serial; crossCtl.db.doEasyQuery(qry, function ( err, results ) { if (err) { res.status(500).render( 'main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: err, } ); } else { req.workTag.res().redirect('/signin'); } crossCtl.passEventToLocalHandler( 'addUser', { uid: uid, user_info: user_info }, function (error) { if (error) { utils.log( 'error', 'on crossCtl.passEventToLocalHandler(), error =', error ); } } ); }); } }); } }); } } }); }); */ router.get( "/signin/facebook", function (req, res, next) { // to return to '/#/returnHash', request this url: // http://example.com/auth/twitter?return_url=%2F%23%2FreturnHash // on the client you can get the hash value like this: // encodeURIComponent("/"+window.location.hash) req.session.return_loc = req.query.loc; console.log("req.query.loc=", req.query.loc); req.session.req_dump = utils.dumpReq(req); next(); }, passport.authenticate("facebook", { authType: "rerequest", scope: ["public_profile", "email"], }) ); router.get( "/signin/google", function (req, res, next) { // to return to '/#/returnHash', request this url: // http://example.com/auth/twitter?return_url=%2F%23%2FreturnHash // on the client you can get the hash value like this: // encodeURIComponent("/"+window.location.hash) req.session.return_loc = req.query.loc; console.log("req.query.loc=", req.query.loc); req.session.req_dump = utils.dumpReq(req); next(); }, passport.authenticate("google", { authType: "rerequest", scope: ["openid", "email"], }) ); router.get( "/signin/kakao", function (req, res, next) { // to return to '/#/returnHash', request this url: // http://example.com/auth/twitter?return_url=%2F%23%2FreturnHash // on the client you can get the hash value like this: // encodeURIComponent("/"+window.location.hash) req.session.return_loc = req.query.loc; console.log("req.query.loc=", req.query.loc); req.session.req_dump = utils.dumpReq(req); next(); }, passport.authenticate("kakao", { failureRedirect: "#!/login" }) ); router.get( "/signin/apple", function (req, res, next) { // to return to '/#/returnHash', request this url: // http://example.com/auth/twitter?return_url=%2F%23%2FreturnHash // on the client you can get the hash value like this: // encodeURIComponent("/"+window.location.hash) req.session.return_loc = req.query.loc; console.log("req.query.loc=", req.query.loc); req.session.req_dump = utils.dumpReq(req); next(); }, passport.authenticate("apple", { failureRedirect: "#!/login" }) ); // Name:Sign in with Apple key // Key ID:NLB2PB3RNR // Services:Sign in with Apple router.post("/signin/apple/callback", function (req, res, next) { passport.authenticate("apple", function (err, user, info) { if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else if (!user) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "no user info found", }); } else if (user.auth_flag === false) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "auth failed", }); } else { req.login(user, function (err) { if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else { handlePostLogin(req); } }); } })(req, res, next); }); router.get("/signin/facebook/callback", function (req, res, next) { passport.authenticate("facebook", function (err, user, info) { // console.log('after passport.facebook, err=', err) // console.log('after passport.facebook, user=', user) // console.log('after passport.facebook, info=', info) if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else if (!user) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "no user info found", }); } else if (user.auth_flag === false) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "auth failed", }); } else { req.login(user, function (err) { if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else { handlePostLogin(req); } }); } })(req, res, next); }); router.get("/signin/google/callback", function (req, res, next) { passport.authenticate("google", function (err, user, info) { // console.log('after passport.google, err=', err) // console.log('after passport.google, user=', user) // console.log('after passport.google, info=', info) if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else if (!user) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "no user info found", }); } else if (user.auth_flag === false) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "auth failed", }); } else { req.login(user, function (err) { if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else { handlePostLogin(req); } }); } })(req, res, next); }); router.get("/signin/kakao/callback", function (req, res, next) { passport.authenticate("kakao", function (err, user, info) { // console.log('after passport.kakao, err=', err) // console.log('after passport.kakao, user=', user) // console.log('after passport.kakao, info=', info) if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else if (!user) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "no user info found", }); } else if (user.auth_flag === false) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: "auth failed", }); } else { req.login(user, function (err) { if (err) { res.status(500).render("main/pages/error", { infos: req.infos, errorCode: 500, errorMessage: err.message, }); } else { handlePostLogin(req); } }); } })(req, res, next); }); function handlePostLogin(req) { // console.log('handlePostLogin(), req.session = ', req.session) // console.log('handlePostLogin(), req.session.user = ', req.session.user) if (req.isAuthenticated()) { if (req.user.newAccountFlag && req.user.firstLoginGiftFlag === undefined) { crossCtl.giveCreditToUser(req.user.uid, 0, 10, "first login gift", "system", function (error, result) { // console.log('giveCreditToUser(), error =', error) // console.log('giveCreditToUser(), result =', result) if (error) { utils.log("error", "giveCreditToUser(), first login gift, error =" + error); } else { req.user.firstLoginGiftFlag = true; } handleLoadDaily(req); }); } else { handleLoadDaily(req); } } else { utils.log("warn", "anonym at handlePostLogin() : " + req_dump ? req_dump : utils.dumpReq(req) + " " + utils.__where()); req.workTag.res().redirect("/"); } } function handleLoadDaily(req) { var uid = req.user.uid; if (req.body.password) { req.body.password = "******"; } var req_dump = req.session.req_dump; req.session.req_dump = undefined; crossCtl.logUserAction(uid, "signin", req_dump === undefined ? utils.dumpReq(req) : req_dump); crossCtl.loadUserDaily(uid, function (error, dailyJson) { if (error) { utils.log("error", "error at loadUserDaily() : " + req_dump ? req_dump : utils.dumpReq(req) + " " + utils.__where()); handleWelcomeRedirect(req); } else { crossCtl.doWorkOnDailyWithTransaction( uid, function (dailyJson, afterCallback) { // afterCallback(error, afterDailyJson, finalCallback) if (dailyJson.loginCount === undefined) { dailyJson.loginCount = 1; } else { dailyJson.loginCount += 1; } if (dailyJson.loginCount === 1) { crossCtl.giveCreditToUser(req.user.uid, 0, 1, "daily login gift", "system", function (error, result) { if (error) { utils.log("error", "giveCreditToUser(), daily login gift, error =" + error); } afterCallback(error, dailyJson, function (error, result) { handleWelcomeRedirect(req); }); }); } else { crossCtl.giveCreditToUser(req.user.uid, 1, 1, "daily login gift - bad value test", "system", function (error, result) { if (error) { utils.log("error", "giveCreditToUser(), daily login gift, error =" + error); } afterCallback(error, dailyJson, function (error, result) { handleWelcomeRedirect(req); }); }); } }, function (error, result) { if (error) { utils.log("error", "doWorkOnDailyWithTransaction(), error =" + error); } handleWelcomeRedirect(req); } ); } }); } function handleWelcomeRedirect(req) { var return_loc = req.session.return_loc; console.log("return_loc=", return_loc); req.session.return_loc = undefined; if (return_loc) { req.workTag.res().redirect(return_loc); } else { req.workTag.res().redirect("/"); } } /* POST home page. */ router.get("/signout", function (req, res, next) { if (req.isAuthenticated() == true) { crossCtl.logUserAction(req.user.uid, "signout", utils.dumpReq(req)); } req.logout(); if (req.session.fcmInfo !== undefined) { delete req.session.fcmInfo; } // res.render('pages/index', { user: { loginFlag: req.isAuthenticated() }, hostName: utils.hostName }) req.workTag.res().redirect("/"); }); /* router.get("/", function (req, res) { res.render("main/pages/index", { infos: req.infos }); }); */ /* router.get('/blank', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/sample', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); var moment = require('moment'); router.get('/notice', function (req, res) { var qry = 'SELECT * FROM ' + crossCtl.db.options.database + '.tbl_notice_list WHERE status = 0 AND site_id = ' + mysql.escape(crossCtl.sConfig.type) + ' ORDER BY serial DESC'; crossCtl.db.doEasyQuery(qry, function (error, results) { if (error) { utils.log('error', '/notice, error =', error, utils.__where()); res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: error, }); } else { var lang = req.infos.lang; // console.log('lang=', lang) moment.locale(lang); res.render('main/pages/index', { infos: req.infos, list: results, moment: moment, }); } }); }); router.get('/my', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/my/edit', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/my/new', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/note', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/note/edit', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/note/new', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/note/detail', function (req, res) { res.render('main/pages/index', { infos: req.infos }); }); router.get('/support', function (req, res) { var businessInfo = crossCtl.getBusinessInfo(); // console.log('businessInfo=', businessInfo) var qry = 'SELECT * FROM ' + crossCtl.db.options.database + '.tbl_faq_list WHERE status = 0 AND site_id = ' + mysql.escape(crossCtl.sConfig.type) + ' ORDER BY serial DESC'; crossCtl.db.doEasyQuery(qry, function (error, results) { if (error) { utils.log('error', '/support, error =', error, utils.__where()); res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: error, }); } else { var list = results; var lang = req.infos.lang; // console.log('lang=', lang) moment.locale(lang); var one2one = []; if (req.isAuthenticated() === false) { res.render('main/pages/index', { infos: req.infos, businessInfo: businessInfo, list: list, one2one: results, moment: moment, }); } else { var uid = req.user.uid; qry = 'SELECT * FROM ' + crossCtl.db.options.database + '.tbl_support_list WHERE uid = ' + mysql.escape(uid) + ' AND status = 0 AND site_id = ' + mysql.escape(crossCtl.sConfig.type) + ' ORDER BY serial ASC'; crossCtl.db.doEasyQuery(qry, function (error, results) { if (error) { utils.log( 'error', '/support, error =', error, utils.__where() ); res.status(500).render('main/pages/error', { infos: req.infos, errorCode: 500, errorMessage: error, }); } else { var one2one = []; for (var i = 0; i < results.length; i++) { one2one[one2one.length] = { type: results[i].type, name: results[i].name, message: results[i].message, }; } res.render('main/pages/index', { infos: req.infos, businessInfo: businessInfo, list: list, one2one: results, moment: moment, }); } }); } } }); }); router.get('/privacy', function (req, res) { var langTag = req.query.lang ? req.query.lang : 'ko'; res.render('main/pages/index', { infos: req.infos }); }); */ module.exports = router;