UNPKG

78.3 kBJavaScriptView Raw
1"use strict";
2
3var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
4
5Object.defineProperty(exports, "__esModule", {
6 value: true
7});
8exports["default"] = exports.AuthApi = void 0;
9
10var _objectWithoutProperties2 = _interopRequireDefault(require("@babel/runtime/helpers/objectWithoutProperties"));
11
12var _regenerator = _interopRequireDefault(require("@babel/runtime/regenerator"));
13
14var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/defineProperty"));
15
16var _asyncToGenerator2 = _interopRequireDefault(require("@babel/runtime/helpers/asyncToGenerator"));
17
18var _classCallCheck2 = _interopRequireDefault(require("@babel/runtime/helpers/classCallCheck"));
19
20var _createClass2 = _interopRequireDefault(require("@babel/runtime/helpers/createClass"));
21
22var _get2 = _interopRequireDefault(require("@babel/runtime/helpers/get"));
23
24var _inherits2 = _interopRequireDefault(require("@babel/runtime/helpers/inherits"));
25
26var _possibleConstructorReturn2 = _interopRequireDefault(require("@babel/runtime/helpers/possibleConstructorReturn"));
27
28var _getPrototypeOf2 = _interopRequireDefault(require("@babel/runtime/helpers/getPrototypeOf"));
29
30var _env = require("@lskjs/env");
31
32var _err = _interopRequireDefault(require("@lskjs/err"));
33
34var _serverApi = _interopRequireDefault(require("@lskjs/server-api"));
35
36var _canonizeParams = _interopRequireDefault(require("@lskjs/utils/canonizeParams"));
37
38var _getReqOrigin = _interopRequireDefault(require("@lskjs/utils/getReqOrigin"));
39
40var _transliterate = _interopRequireDefault(require("@lskjs/utils/transliterate"));
41
42var _validateEmail = _interopRequireDefault(require("@lskjs/utils/validateEmail"));
43
44var _bluebird = _interopRequireDefault(require("bluebird"));
45
46var _get3 = _interopRequireDefault(require("lodash/get"));
47
48var _map = _interopRequireDefault(require("lodash/map"));
49
50var _merge = _interopRequireDefault(require("lodash/merge"));
51
52var _omit = _interopRequireDefault(require("lodash/omit"));
53
54var _random = _interopRequireDefault(require("lodash/random"));
55
56var _set = _interopRequireDefault(require("lodash/set"));
57
58var _unset = _interopRequireDefault(require("lodash/unset"));
59
60var _excluded = ["password"];
61
62function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof Symbol !== "undefined" && o[Symbol.iterator] || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it["return"] != null) it["return"](); } finally { if (didErr) throw err; } } }; }
63
64function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = Object.prototype.toString.call(o).slice(8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return Array.from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
65
66function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
67
68function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) { symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); } keys.push.apply(keys, symbols); } return keys; }
69
70function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { (0, _defineProperty2["default"])(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; }
71
72function _createSuper(Derived) { var hasNativeReflectConstruct = _isNativeReflectConstruct(); return function _createSuperInternal() { var Super = (0, _getPrototypeOf2["default"])(Derived), result; if (hasNativeReflectConstruct) { var NewTarget = (0, _getPrototypeOf2["default"])(this).constructor; result = Reflect.construct(Super, arguments, NewTarget); } else { result = Super.apply(this, arguments); } return (0, _possibleConstructorReturn2["default"])(this, result); }; }
73
74function _isNativeReflectConstruct() { if (typeof Reflect === "undefined" || !Reflect.construct) return false; if (Reflect.construct.sham) return false; if (typeof Proxy === "function") return true; try { Boolean.prototype.valueOf.call(Reflect.construct(Boolean, [], function () {})); return true; } catch (e) { return false; } }
75
76var AuthApi = /*#__PURE__*/function (_BaseApi) {
77 (0, _inherits2["default"])(AuthApi, _BaseApi);
78
79 var _super = _createSuper(AuthApi);
80
81 function AuthApi() {
82 var _this;
83
84 (0, _classCallCheck2["default"])(this, AuthApi);
85
86 for (var _len = arguments.length, args = new Array(_len), _key = 0; _key < _len; _key++) {
87 args[_key] = arguments[_key];
88 }
89
90 _this = _super.call.apply(_super, [this].concat(args));
91 _this.loginCreds = ['username', 'email', 'phone', 'login'];
92 return _this;
93 }
94
95 (0, _createClass2["default"])(AuthApi, [{
96 key: "init",
97 value: function () {
98 var _init = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee() {
99 return _regenerator["default"].wrap(function _callee$(_context) {
100 while (1) {
101 switch (_context.prev = _context.next) {
102 case 0:
103 _context.next = 2;
104 return (0, _get2["default"])((0, _getPrototypeOf2["default"])(AuthApi.prototype), "init", this).call(this);
105
106 case 2:
107 _context.next = 4;
108 return this.app.module('auth');
109
110 case 4:
111 this.authModule = _context.sent;
112 this.helpers = this.authModule.helpers;
113
114 case 6:
115 case "end":
116 return _context.stop();
117 }
118 }
119 }, _callee, this);
120 }));
121
122 function init() {
123 return _init.apply(this, arguments);
124 }
125
126 return init;
127 }()
128 }, {
129 key: "getRoutes",
130 value: function getRoutes() {
131 // const { isAuth } = this.app.middlewares;
132 return _objectSpread(_objectSpread({}, (0, _get2["default"])((0, _getPrototypeOf2["default"])(AuthApi.prototype), "getRoutes", this).call(this)), {}, {
133 '/login': this.login.bind(this),
134 '/signup': this.signup.bind(this),
135 // POST
136 '/updateToken': this.updateToken.bind(this),
137 '/permit': this.getPermit.bind(this),
138 // '/confirm': this.confirmPermit.bind(this),
139 '/permit/confirm': this.confirmPermit.bind(this),
140 // // '/loginToken': this.loginToken.bind(this),
141 '/restorePassword': this.restorePassword.bind(this),
142 // '/setPassword': this.setPassword.bind(this), => confirm
143 // '/email/confirm': this.confirmEmail.bind(this), // (req, res) => res.redirect('/cabinet'));
144 // '/phone/code': this.phoneCode.bind(this),
145 // '/phone/approve': this.phoneApprove.bind(this), => confirm
146 // '/phone/login': this.phoneLogin.bind(this),
147 //
148 '/status': this.status.bind(this),
149 '/session': this.session.bind(this),
150 '/check': this.check.bind(this),
151 // Регистрация пользователя через соц сеть
152 // '/social': this.getSocials.bind(this), // isAuth,
153 // '/social/signup': this.socialLogin.bind(this),
154 // '/social/login': this.socialLogin.bind(this),
155 // '/social/bind': this.socialBind.bind(this), // Добавление соц.сетей к пользователю // isAuth,
156 // '/social/unbind': this.socialUnbind.bind(this), // isAuth,
157 // '/passport/getByToken': this.getPassportByToken.bind(this),
158 // '/passports/detach': this.passportsDetach.bind(this),
159 // '/restorePasswordPermit': this.restorePasswordPermit.bind(this),
160 '/info': this.info.bind(this),
161 // social auth init
162 '/:provider': this.socialAuth.bind(this),
163 '/:provider/auth': this.socialAuth.bind(this),
164 '/:provider/callback': this.socialCallback.bind(this)
165 });
166 } // getRoutes() {
167 // return {
168 // '/login': this.login.bind(this),
169 // '/accountkit': this.accountkit.bind(this),
170 // '/facebook': this.facebook.bind(this),
171 // '/social': this.social.bind(this),
172 // // '/vkontakte': this.vkontakte.bind(this),
173 // '/phone': this.phoneOrEmail.bind(this),
174 // '/email': this.phoneOrEmail.bind(this),
175 // '/confirm': this.confirm.bind(this),
176 // '/status': this.status.bind(this),
177 // '/check': this.check.bind(this),
178 // };
179 // }
180 // async login() {
181 // return { asd: 12 };
182 // }
183
184 }, {
185 key: "updateToken",
186 value: function () {
187 var _updateToken = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee2(req) {
188 var UserModel, userId, user, token;
189 return _regenerator["default"].wrap(function _callee2$(_context2) {
190 while (1) {
191 switch (_context2.prev = _context2.next) {
192 case 0:
193 _context2.next = 2;
194 return this.app.module('models.UserModel');
195
196 case 2:
197 UserModel = _context2.sent;
198 userId = req.user && req.user._id;
199
200 if (userId) {
201 _context2.next = 6;
202 break;
203 }
204
205 throw new _err["default"]('auth.tokenIncorrect', {
206 status: 404
207 });
208
209 case 6:
210 _context2.next = 8;
211 return UserModel.findById(userId);
212
213 case 8:
214 user = _context2.sent;
215
216 if (user) {
217 _context2.next = 11;
218 break;
219 }
220
221 throw new _err["default"]('auth.userNotFound', {
222 status: 404
223 });
224
225 case 11:
226 req.user = user;
227 token = this.helpers.generateAuthToken(user);
228 _context2.next = 15;
229 return UserModel.prepare(user, {
230 req: req,
231 withAppState: true
232 });
233
234 case 15:
235 _context2.t0 = _context2.sent;
236 _context2.t1 = token;
237 return _context2.abrupt("return", {
238 user: _context2.t0,
239 token: _context2.t1
240 });
241
242 case 18:
243 case "end":
244 return _context2.stop();
245 }
246 }
247 }, _callee2, this);
248 }));
249
250 function updateToken(_x) {
251 return _updateToken.apply(this, arguments);
252 }
253
254 return updateToken;
255 }()
256 }, {
257 key: "status",
258 value: function () {
259 var _status = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee3() {
260 return _regenerator["default"].wrap(function _callee3$(_context3) {
261 while (1) {
262 switch (_context3.prev = _context3.next) {
263 case 0:
264 return _context3.abrupt("return", {});
265
266 case 1:
267 case "end":
268 return _context3.stop();
269 }
270 }
271 }, _callee3);
272 }));
273
274 function status() {
275 return _status.apply(this, arguments);
276 }
277
278 return status;
279 }()
280 }, {
281 key: "session",
282 value: function () {
283 var _session = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee4(req) {
284 var authModule;
285 return _regenerator["default"].wrap(function _callee4$(_context4) {
286 while (1) {
287 switch (_context4.prev = _context4.next) {
288 case 0:
289 _context4.next = 2;
290 return this.app.module('auth');
291
292 case 2:
293 authModule = _context4.sent;
294 return _context4.abrupt("return", authModule.getAuthSession(req));
295
296 case 4:
297 case "end":
298 return _context4.stop();
299 }
300 }
301 }, _callee4, this);
302 }));
303
304 function session(_x2) {
305 return _session.apply(this, arguments);
306 }
307
308 return session;
309 }()
310 }, {
311 key: "check",
312 value: function () {
313 var _check = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee5(req) {
314 var criteria, UserModel, user;
315 return _regenerator["default"].wrap(function _callee5$(_context5) {
316 while (1) {
317 switch (_context5.prev = _context5.next) {
318 case 0:
319 criteria = (0, _canonizeParams["default"])(req.data);
320
321 if (Object.keys(criteria)) {
322 _context5.next = 3;
323 break;
324 }
325
326 throw new _err["default"]('auth.loginRequired', {
327 status: 400
328 });
329
330 case 3:
331 _context5.next = 5;
332 return this.app.module('models.UserModel');
333
334 case 5:
335 UserModel = _context5.sent;
336 _context5.next = 8;
337 return UserModel.findOne(criteria).select('_id');
338
339 case 8:
340 user = _context5.sent;
341 return _context5.abrupt("return", {
342 exists: !!user
343 });
344
345 case 10:
346 case "end":
347 return _context5.stop();
348 }
349 }
350 }, _callee5, this);
351 }));
352
353 function check(_x3) {
354 return _check.apply(this, arguments);
355 }
356
357 return check;
358 }() //
359
360 }, {
361 key: "getUserCriteria",
362 value: function getUserCriteria(rawParams) {
363 var _this$loginCreds = this.loginCreds,
364 loginCreds = _this$loginCreds === void 0 ? [] : _this$loginCreds;
365 var params = (0, _canonizeParams["default"])(rawParams); // eslint-disable-next-line no-restricted-syntax
366
367 var _iterator = _createForOfIteratorHelper(loginCreds),
368 _step;
369
370 try {
371 for (_iterator.s(); !(_step = _iterator.n()).done;) {
372 var cred = _step.value;
373
374 if (loginCreds.includes(cred) && params[cred]) {
375 return (0, _defineProperty2["default"])({}, cred, params[cred]);
376 }
377 }
378 } catch (err) {
379 _iterator.e(err);
380 } finally {
381 _iterator.f();
382 }
383
384 throw new _err["default"]('auth.loginEmpty', {
385 status: 400
386 });
387 }
388 }, {
389 key: "login",
390 value: function () {
391 var _login = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee6(req) {
392 var UserModel, password, user, token;
393 return _regenerator["default"].wrap(function _callee6$(_context6) {
394 while (1) {
395 switch (_context6.prev = _context6.next) {
396 case 0:
397 _context6.next = 2;
398 return this.app.module('models.UserModel');
399
400 case 2:
401 UserModel = _context6.sent;
402 password = req.data.password;
403
404 if (password) {
405 _context6.next = 6;
406 break;
407 }
408
409 throw new _err["default"]('auth.passwordEmpty', {
410 status: 400
411 });
412
413 case 6:
414 _context6.next = 8;
415 return UserModel.findOne(this.getUserCriteria(req.data));
416
417 case 8:
418 user = _context6.sent;
419
420 if (user) {
421 _context6.next = 11;
422 break;
423 }
424
425 throw new _err["default"]('auth.loginIncorrect', {
426 status: 400
427 });
428
429 case 11:
430 if (!(0, _get3["default"])(user, 'statuses.blockedAt')) {
431 _context6.next = 13;
432 break;
433 }
434
435 throw new _err["default"]('auth.blocked', {
436 status: 403
437 });
438
439 case 13:
440 _context6.next = 15;
441 return this.helpers.verifyPassword(password, user.password);
442
443 case 15:
444 if (_context6.sent) {
445 _context6.next = 17;
446 break;
447 }
448
449 throw new _err["default"]('auth.passwordIncorrect', {
450 status: 400
451 });
452
453 case 17:
454 req.user = user;
455 token = this.helpers.generateAuthToken(user); // await this.helpers.updateLoginAt(user);
456
457 _context6.t0 = user._id;
458 _context6.next = 22;
459 return UserModel.prepare(user, {
460 req: req,
461 withAppState: true
462 });
463
464 case 22:
465 _context6.t1 = _context6.sent;
466 _context6.t2 = token;
467 return _context6.abrupt("return", {
468 _id: _context6.t0,
469 user: _context6.t1,
470 token: _context6.t2
471 });
472
473 case 25:
474 case "end":
475 return _context6.stop();
476 }
477 }
478 }, _callee6, this);
479 }));
480
481 function login(_x4) {
482 return _login.apply(this, arguments);
483 }
484
485 return login;
486 }()
487 }, {
488 key: "signup",
489 value: function () {
490 var _signup = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee7(req) {
491 var permitModule, UserModel, PermitModel, _req$data, password, userFields, loginParams, criteria, existUser, loginField, user, email, code, permit, token;
492
493 return _regenerator["default"].wrap(function _callee7$(_context7) {
494 while (1) {
495 switch (_context7.prev = _context7.next) {
496 case 0:
497 _context7.next = 2;
498 return this.app.module('permit');
499
500 case 2:
501 permitModule = _context7.sent;
502 _context7.next = 5;
503 return this.app.module('models.UserModel');
504
505 case 5:
506 UserModel = _context7.sent;
507 _context7.next = 8;
508 return this.app.module('models.PermitModel');
509
510 case 8:
511 PermitModel = _context7.sent;
512 _req$data = req.data, password = _req$data.password, userFields = (0, _objectWithoutProperties2["default"])(_req$data, _excluded);
513 loginParams = (0, _canonizeParams["default"])(req.data);
514 criteria = this.getUserCriteria(loginParams);
515 _context7.next = 14;
516 return UserModel.findOne(criteria).select('_id');
517
518 case 14:
519 existUser = _context7.sent;
520 loginField = Object.keys(criteria)[0];
521
522 if (!existUser) {
523 _context7.next = 18;
524 break;
525 }
526
527 throw new _err["default"]("auth.".concat(loginField, "Exists"), {
528 status: 400
529 });
530
531 case 18:
532 user = new UserModel(_objectSpread(_objectSpread({}, userFields), loginParams));
533
534 if (!password) {
535 _context7.next = 22;
536 break;
537 }
538
539 _context7.next = 22;
540 return this.helpers.setPassword(user, password);
541
542 case 22:
543 _context7.next = 24;
544 return user.save();
545
546 case 24:
547 req.user = user;
548
549 if (!(loginField === 'email')) {
550 _context7.next = 34;
551 break;
552 }
553
554 email = loginParams.email;
555 _context7.next = 29;
556 return permitModule.genCode('emailVerify');
557
558 case 29:
559 code = _context7.sent;
560 _context7.next = 32;
561 return PermitModel.createPermit({
562 expiredAt: permitModule.createExpiredAt('emailVerify'),
563 type: 'auth.confirmEmail',
564 userId: user._id,
565 info: {
566 provider: 'email',
567 email: email,
568 userId: user._id
569 },
570 code: code
571 });
572
573 case 32:
574 permit = _context7.sent;
575 this.app.emit('events.auth.signup', {
576 type: 'events.auth.signup',
577 userId: user._id,
578 user: user,
579 permit: permit,
580 email: permit.info.email,
581 link: this.app.url("/auth/permit?permitId=".concat(permit._id, "&code=").concat(permit.code))
582 });
583
584 case 34:
585 // const link = (await this.helpers.genereateEmailApprovedLink) ? this.helpers.genereateEmailApprovedLink(user) : null;
586 // this.app.emit('events.auth.signup', { user, link });
587 token = this.helpers.generateAuthToken(user);
588 _context7.t0 = user._id;
589 _context7.next = 38;
590 return UserModel.prepare(user, {
591 req: req,
592 withAppState: true
593 });
594
595 case 38:
596 _context7.t1 = _context7.sent;
597 _context7.t2 = token;
598 return _context7.abrupt("return", {
599 signup: true,
600 _id: _context7.t0,
601 user: _context7.t1,
602 token: _context7.t2
603 });
604
605 case 41:
606 case "end":
607 return _context7.stop();
608 }
609 }
610 }, _callee7, this);
611 }));
612
613 function signup(_x5) {
614 return _signup.apply(this, arguments);
615 }
616
617 return signup;
618 }()
619 }, {
620 key: "permitAction",
621 value: function () {
622 var _permitAction = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee8(_ref2) {
623 var req, permit, UserModel, PermitModel, user, token, password, _user, _token;
624
625 return _regenerator["default"].wrap(function _callee8$(_context8) {
626 while (1) {
627 switch (_context8.prev = _context8.next) {
628 case 0:
629 req = _ref2.req, permit = _ref2.permit;
630 _context8.next = 3;
631 return this.app.module('models.UserModel');
632
633 case 3:
634 UserModel = _context8.sent;
635 _context8.next = 6;
636 return this.app.module('models.PermitModel');
637
638 case 6:
639 PermitModel = _context8.sent;
640
641 if (!(permit.type === 'auth.confirmEmail')) {
642 _context8.next = 20;
643 break;
644 }
645
646 _context8.next = 10;
647 return UserModel.findById(permit.userId).sort({
648 createdAt: 1
649 });
650
651 case 10:
652 user = _context8.sent;
653
654 if (user) {
655 _context8.next = 13;
656 break;
657 }
658
659 throw new _err["default"]('!user');
660
661 case 13:
662 _context8.next = 15;
663 return permit.activate();
664
665 case 15:
666 user.setStatus('confirmEmailAt', new Date());
667 _context8.next = 18;
668 return user.save();
669
670 case 18:
671 token = this.helpers.generateAuthToken(user);
672 return _context8.abrupt("return", _bluebird["default"].props({
673 __pack: true,
674 user: UserModel.prepare(user, {
675 req: req
676 }),
677 token: token,
678 data: {
679 permit: PermitModel.prepare(permit, {
680 req: req
681 })
682 }
683 }));
684
685 case 20:
686 if (!(permit.type === 'auth.restorePassword')) {
687 _context8.next = 36;
688 break;
689 }
690
691 password = req.data.password;
692 _context8.next = 24;
693 return UserModel.findById(permit.userId);
694
695 case 24:
696 _user = _context8.sent;
697
698 if (_user) {
699 _context8.next = 27;
700 break;
701 }
702
703 throw new _err["default"]('!user');
704
705 case 27:
706 _context8.next = 29;
707 return permit.activate();
708
709 case 29:
710 _context8.next = 31;
711 return this.helpers.setPassword(_user, password);
712
713 case 31:
714 _user.setStatus('passwordAt', new Date());
715
716 _context8.next = 34;
717 return _user.save();
718
719 case 34:
720 _token = this.helpers.generateAuthToken(_user);
721 return _context8.abrupt("return", _bluebird["default"].props({
722 __pack: true,
723 user: UserModel.prepare(_user, {
724 req: req
725 }),
726 token: _token,
727 data: {
728 permit: PermitModel.prepare(permit, {
729 req: req
730 })
731 }
732 }));
733
734 case 36:
735 throw new _err["default"]('permit.incorrectType');
736
737 case 37:
738 case "end":
739 return _context8.stop();
740 }
741 }
742 }, _callee8, this);
743 }));
744
745 function permitAction(_x6) {
746 return _permitAction.apply(this, arguments);
747 }
748
749 return permitAction;
750 }()
751 }, {
752 key: "confirmPermit",
753 value: function () {
754 var _confirmPermit = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee9(req) {
755 var _req$data2, code, permitId, PermitModel, permit, status;
756
757 return _regenerator["default"].wrap(function _callee9$(_context9) {
758 while (1) {
759 switch (_context9.prev = _context9.next) {
760 case 0:
761 _req$data2 = req.data, code = _req$data2.code, permitId = _req$data2.permitId;
762 _context9.next = 3;
763 return this.app.module('models.PermitModel');
764
765 case 3:
766 PermitModel = _context9.sent;
767
768 if (code) {
769 _context9.next = 6;
770 break;
771 }
772
773 throw new _err["default"]('!code');
774
775 case 6:
776 if (permitId) {
777 _context9.next = 8;
778 break;
779 }
780
781 throw new _err["default"]('permit.permitIdEmpty', {
782 status: 400
783 });
784
785 case 8:
786 _context9.next = 10;
787 return PermitModel.findById(permitId);
788
789 case 10:
790 permit = _context9.sent;
791
792 if (permit) {
793 _context9.next = 13;
794 break;
795 }
796
797 throw new _err["default"]('permit.permitNotFound', {
798 status: 404
799 });
800
801 case 13:
802 status = permit.getStatus();
803
804 if (!(status !== 'valid')) {
805 _context9.next = 16;
806 break;
807 }
808
809 throw new _err["default"]('permit.statusInvalid', {
810 status: 400,
811 data: {
812 status: status
813 }
814 });
815
816 case 16:
817 if (!(String(code) !== String(permit.code))) {
818 _context9.next = 18;
819 break;
820 }
821
822 throw new _err["default"]('permit.codeInvalid', {
823 status: 400
824 });
825
826 case 18:
827 return _context9.abrupt("return", this.permitAction({
828 req: req,
829 permit: permit
830 }));
831
832 case 19:
833 case "end":
834 return _context9.stop();
835 }
836 }
837 }, _callee9, this);
838 }));
839
840 function confirmPermit(_x7) {
841 return _confirmPermit.apply(this, arguments);
842 }
843
844 return confirmPermit;
845 }()
846 }, {
847 key: "restorePassword",
848 value: function () {
849 var _restorePassword = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee10(req) {
850 var permitModule, UserModel, PermitModel, email, user, code, permit;
851 return _regenerator["default"].wrap(function _callee10$(_context10) {
852 while (1) {
853 switch (_context10.prev = _context10.next) {
854 case 0:
855 _context10.next = 2;
856 return this.app.module('permit');
857
858 case 2:
859 permitModule = _context10.sent;
860 _context10.next = 5;
861 return this.app.module('models.UserModel');
862
863 case 5:
864 UserModel = _context10.sent;
865 _context10.next = 8;
866 return this.app.module('models.PermitModel');
867
868 case 8:
869 PermitModel = _context10.sent;
870 email = req.data.email;
871
872 if (!(!email || !(0, _validateEmail["default"])(email))) {
873 _context10.next = 12;
874 break;
875 }
876
877 throw new _err["default"]('auth.emailInvalid');
878
879 case 12:
880 _context10.next = 14;
881 return UserModel.findOne({
882 email: email
883 }).select(['email']);
884
885 case 14:
886 user = _context10.sent;
887
888 if (user) {
889 _context10.next = 17;
890 break;
891 }
892
893 throw new _err["default"]('auth.userNotFound', {
894 status: 404
895 });
896
897 case 17:
898 _context10.next = 19;
899 return permitModule.genCode('emailVerifyStrong');
900
901 case 19:
902 code = _context10.sent;
903 _context10.next = 22;
904 return PermitModel.createPermit({
905 expiredAt: permitModule.createExpiredAt('emailVerifyStrong'),
906 type: 'auth.restorePassword',
907 userId: user._id,
908 info: {
909 userId: user._id,
910 email: email
911 },
912 code: code
913 });
914
915 case 22:
916 permit = _context10.sent;
917 this.app.emit('events.auth.restorePassword', {
918 type: 'events.auth.restorePassword',
919 userId: user._id,
920 user: user,
921 permit: permit,
922 email: email,
923 link: this.app.url("/auth/permit?permitId=".concat(permit._id, "&code=").concat(permit.code))
924 });
925 return _context10.abrupt("return", PermitModel.prepare(permit, {
926 req: req
927 }));
928
929 case 25:
930 case "end":
931 return _context10.stop();
932 }
933 }
934 }, _callee10, this);
935 }));
936
937 function restorePassword(_x8) {
938 return _restorePassword.apply(this, arguments);
939 }
940
941 return restorePassword;
942 }() // async setPassword(req) {
943 // const UserModel = await this.app.module('models.UserModel');
944 // cPermit UserModel = await this.app.module('models.PermitModel');
945 // const { code, password } = req.data;
946 // if (!code) throw new Err('!code');
947 // const permit = await PermitModel.findOne({
948 // type: 'user.restorePassword',
949 // code,
950 // });
951 // if (!permit) throw { code: 'invalidCode' };
952 // if (permit.activatedAt) throw { code: 'activated' };
953 // const date = new Date();
954 // if (date > permit.expiredAt) throw { code: 'expired' };
955 // const user = await UserModel.findById(permit.userId);
956 // if (!user) throw new Err('!user');
957 // await permit.activate();
958 // await this.helpers.setPassword(user, password);
959 // set(user, 'private.lastUpdates.password', date);
960 // user.markModified('private.lastUpdates.password');
961 // await user.save();
962 // const token = this.helpers.generateAuthToken(user);
963 // return Bluebird.props({
964 // __pack: true,
965 // user: UserModel.prepare(user, { req }),
966 // token,
967 // data: {
968 // permit: PermitModel.prepare(permit, { req }),
969 // },
970 // });
971 // }
972 // async silent(req) {
973 // const UserModel = this.app.models.UserModel || this.app.models.User;
974 // const { login, params } = canonizeParams(req.data);
975 // const username = `__s${Date.now()}__`;
976 // const user = new UserModel({
977 // username,
978 // type: 'silent',
979 // ...params,
980 // });
981 // await user.save();
982 // req.user = user;
983 // return {
984 // signup: true,
985 // user: await UserModel.prepare(user, { req, withAppState: true }),
986 // token: user.generateAuthToken(),
987 // };
988 // }
989 // async recovery(req) {
990 // const UserModel = this.app.models.UserModel || this.app.models.User;
991 // const { mailer } = this.app.modules;
992 // if (!mailer) throw new Err('Система не может отправить email');
993 // // const params = req.data;
994 // const criteria = this.getUserCriteria(req);
995 // const user = await UserModel.findOne(criteria);
996 // if (!user) throw new Err('Неверный логин', { status: 404 });
997 // const email = user.getEmail();
998 // if (!email) throw new Err('У этого пользователя не был указан емейл для восстановления', { status: 400 });
999 // const password = UserModel.generatePassword();
1000 // await mailer.send({
1001 // ...user.getMailerParams('primary'),
1002 // template: 'recovery',
1003 // // locale: user.locale || req.locale,
1004 // // to: user.getEmail(),
1005 // params: {
1006 // user: user.toJSON(),
1007 // password,
1008 // },
1009 // });
1010 // await user.setPassword(password);
1011 // await user.save();
1012 // return {
1013 // emailSended: true,
1014 // };
1015 // }
1016
1017 }, {
1018 key: "info",
1019 value: function () {
1020 var _info = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee11() {
1021 var authModule;
1022 return _regenerator["default"].wrap(function _callee11$(_context11) {
1023 while (1) {
1024 switch (_context11.prev = _context11.next) {
1025 case 0:
1026 _context11.next = 2;
1027 return this.app.module('auth');
1028
1029 case 2:
1030 authModule = _context11.sent;
1031
1032 if (authModule) {
1033 _context11.next = 5;
1034 break;
1035 }
1036
1037 return _context11.abrupt("return", []);
1038
1039 case 5:
1040 return _context11.abrupt("return", {
1041 providers: (0, _map["default"])(authModule.strategies, function (strategy, provider) {
1042 return _objectSpread({
1043 provider: provider
1044 }, (0, _omit["default"])(strategy.getInfo(), _env.isDev ? [] : ['settings', 'clientId']));
1045 })
1046 });
1047
1048 case 6:
1049 case "end":
1050 return _context11.stop();
1051 }
1052 }
1053 }, _callee11, this);
1054 }));
1055
1056 function info() {
1057 return _info.apply(this, arguments);
1058 }
1059
1060 return info;
1061 }()
1062 }, {
1063 key: "socialAuth",
1064 value: function () {
1065 var _socialAuth = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee12(req, res, next) {
1066 var authModule, provider, origin, strategy;
1067 return _regenerator["default"].wrap(function _callee12$(_context12) {
1068 while (1) {
1069 switch (_context12.prev = _context12.next) {
1070 case 0:
1071 _context12.next = 2;
1072 return this.app.module('auth');
1073
1074 case 2:
1075 authModule = _context12.sent;
1076
1077 if (authModule) {
1078 _context12.next = 5;
1079 break;
1080 }
1081
1082 throw new _err["default"]('!authModule');
1083
1084 case 5:
1085 provider = req.params.provider;
1086 origin = (0, _getReqOrigin["default"])(req);
1087 strategy = authModule.strategies[provider];
1088 if (!strategy) next(new _err["default"]('auth.providerInvalid'), {
1089 status: 404,
1090 provider: provider
1091 });
1092 authModule.passportService.authenticate(provider, strategy.getPassportAuthenticateParams({
1093 method: 'auth',
1094 origin: origin
1095 }))(req, res, next);
1096
1097 case 10:
1098 case "end":
1099 return _context12.stop();
1100 }
1101 }
1102 }, _callee12, this);
1103 }));
1104
1105 function socialAuth(_x9, _x10, _x11) {
1106 return _socialAuth.apply(this, arguments);
1107 }
1108
1109 return socialAuth;
1110 }()
1111 }, {
1112 key: "socialCallback",
1113 value: function () {
1114 var _socialCallback = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee14(req, res) {
1115 var authModule, provider;
1116 return _regenerator["default"].wrap(function _callee14$(_context14) {
1117 while (1) {
1118 switch (_context14.prev = _context14.next) {
1119 case 0:
1120 _context14.next = 2;
1121 return this.app.module('auth');
1122
1123 case 2:
1124 authModule = _context14.sent;
1125
1126 if (authModule) {
1127 _context14.next = 5;
1128 break;
1129 }
1130
1131 throw new _err["default"]('!authModule');
1132
1133 case 5:
1134 provider = req.params.provider;
1135 return _context14.abrupt("return", new _bluebird["default"](function (resolve, reject) {
1136 authModule.passportService.authenticate(provider, authModule.strategies[provider].getPassportAuthenticateParams({
1137 method: 'callback'
1138 }), /*#__PURE__*/function () {
1139 var _ref3 = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee13(err, data) {
1140 return _regenerator["default"].wrap(function _callee13$(_context13) {
1141 while (1) {
1142 switch (_context13.prev = _context13.next) {
1143 case 0:
1144 if (!err) {
1145 _context13.next = 2;
1146 break;
1147 }
1148
1149 return _context13.abrupt("return", reject(err));
1150
1151 case 2:
1152 return _context13.abrupt("return", resolve(res.redirect(data.redirect || '/')));
1153
1154 case 3:
1155 case "end":
1156 return _context13.stop();
1157 }
1158 }
1159 }, _callee13);
1160 }));
1161
1162 return function (_x14, _x15) {
1163 return _ref3.apply(this, arguments);
1164 };
1165 }())(req);
1166 }));
1167
1168 case 7:
1169 case "end":
1170 return _context14.stop();
1171 }
1172 }
1173 }, _callee14, this);
1174 }));
1175
1176 function socialCallback(_x12, _x13) {
1177 return _socialCallback.apply(this, arguments);
1178 }
1179
1180 return socialCallback;
1181 }() // ////////////////////////
1182
1183 }, {
1184 key: "socialLogin",
1185 value: function () {
1186 var _socialLogin = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee15(req) {
1187 var UserModel, PassportModel, passport, user, params;
1188 return _regenerator["default"].wrap(function _callee15$(_context15) {
1189 while (1) {
1190 switch (_context15.prev = _context15.next) {
1191 case 0:
1192 UserModel = this.app.models.UserModel || this.app.models.User;
1193 PassportModel = this.app.models.PassportModel || this.app.models.Passport;
1194 _context15.next = 4;
1195 return PassportModel.getByToken(req.data.p);
1196
1197 case 4:
1198 passport = _context15.sent;
1199 _context15.next = 7;
1200 return passport.getUser();
1201
1202 case 7:
1203 user = _context15.sent;
1204
1205 if (user) {
1206 _context15.next = 23;
1207 break;
1208 }
1209
1210 _context15.t0 = _merge["default"];
1211 _context15.t1 = {
1212 profile: passport.profile
1213 };
1214 _context15.next = 13;
1215 return passport.generateUsername(UserModel);
1216
1217 case 13:
1218 _context15.t2 = _context15.sent;
1219 _context15.t3 = {
1220 username: _context15.t2
1221 };
1222 params = (0, _context15.t0)(_context15.t1, _context15.t3);
1223 // console.log({ params });
1224 user = new UserModel(params); // await user.save();
1225
1226 user.updateFromPassport(passport, {
1227 req: req
1228 });
1229 _context15.next = 20;
1230 return user.save();
1231
1232 case 20:
1233 passport.userId = user._id; // console.log('passport.save before', passport);
1234
1235 _context15.next = 23;
1236 return passport.save();
1237
1238 case 23:
1239 req.user = user;
1240 _context15.next = 26;
1241 return UserModel.prepare(user, {
1242 req: req,
1243 withAppState: true
1244 });
1245
1246 case 26:
1247 _context15.t4 = _context15.sent;
1248 _context15.t5 = user.generateAuthToken();
1249 return _context15.abrupt("return", {
1250 user: _context15.t4,
1251 token: _context15.t5
1252 });
1253
1254 case 29:
1255 case "end":
1256 return _context15.stop();
1257 }
1258 }
1259 }, _callee15, this);
1260 }));
1261
1262 function socialLogin(_x16) {
1263 return _socialLogin.apply(this, arguments);
1264 }
1265
1266 return socialLogin;
1267 }()
1268 }, {
1269 key: "socialBind",
1270 value: function () {
1271 var _socialBind = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee16(req) {
1272 var checkNotFound, UserModel, PassportModel, userId, passport, user;
1273 return _regenerator["default"].wrap(function _callee16$(_context16) {
1274 while (1) {
1275 switch (_context16.prev = _context16.next) {
1276 case 0:
1277 checkNotFound = this.app.helpers.checkNotFound;
1278 UserModel = this.app.models.UserModel || this.app.models.User;
1279 PassportModel = this.app.models.PassportModel || this.app.models.Passport;
1280 userId = req.user._id;
1281 _context16.next = 6;
1282 return PassportModel.getByToken(req.data.p).then(checkNotFound);
1283
1284 case 6:
1285 passport = _context16.sent;
1286 _context16.next = 9;
1287 return UserModel.findById(req.user._id).then(checkNotFound);
1288
1289 case 9:
1290 user = _context16.sent;
1291
1292 if (!passport.userId) {
1293 _context16.next = 12;
1294 break;
1295 }
1296
1297 throw new _err["default"]('passport.userId already exist', {
1298 status: 400
1299 });
1300
1301 case 12:
1302 passport.userId = userId; // user.passports.push(passport._id);
1303
1304 _context16.next = 15;
1305 return passport.save();
1306
1307 case 15:
1308 _context16.next = 17;
1309 return user.updateFromPassport(passport);
1310
1311 case 17:
1312 _context16.next = 19;
1313 return user.save();
1314
1315 case 19:
1316 return _context16.abrupt("return", PassportModel.find({
1317 userId: userId
1318 }));
1319
1320 case 20:
1321 case "end":
1322 return _context16.stop();
1323 }
1324 }
1325 }, _callee16, this);
1326 }));
1327
1328 function socialBind(_x17) {
1329 return _socialBind.apply(this, arguments);
1330 }
1331
1332 return socialBind;
1333 }()
1334 }, {
1335 key: "getSocials",
1336 value: function () {
1337 var _getSocials = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee17(req) {
1338 var PassportModel, userId;
1339 return _regenerator["default"].wrap(function _callee17$(_context17) {
1340 while (1) {
1341 switch (_context17.prev = _context17.next) {
1342 case 0:
1343 PassportModel = this.app.models.PassportModel || this.app.models.Passport;
1344 userId = req.user._id;
1345 return _context17.abrupt("return", PassportModel.find({
1346 userId: userId
1347 }));
1348
1349 case 3:
1350 case "end":
1351 return _context17.stop();
1352 }
1353 }
1354 }, _callee17, this);
1355 }));
1356
1357 function getSocials(_x18) {
1358 return _getSocials.apply(this, arguments);
1359 }
1360
1361 return getSocials;
1362 }()
1363 }, {
1364 key: "passportsDetach",
1365 value: function () {
1366 var _passportsDetach = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee18(req) {
1367 var PassportModel, _id, passport;
1368
1369 return _regenerator["default"].wrap(function _callee18$(_context18) {
1370 while (1) {
1371 switch (_context18.prev = _context18.next) {
1372 case 0:
1373 _context18.next = 2;
1374 return this.isAuth(req);
1375
1376 case 2:
1377 PassportModel = this.app.models.PassportModel;
1378 _id = req.data._id;
1379 _context18.next = 6;
1380 return PassportModel.findById(_id);
1381
1382 case 6:
1383 passport = _context18.sent;
1384
1385 if (!(String(passport.userId) !== String(req.user._id))) {
1386 _context18.next = 9;
1387 break;
1388 }
1389
1390 throw new _err["default"]('!acl');
1391
1392 case 9:
1393 _context18.next = 11;
1394 return PassportModel.deleteOne({
1395 _id: passport._id
1396 });
1397
1398 case 11:
1399 return _context18.abrupt("return", {
1400 ok: 1
1401 });
1402
1403 case 12:
1404 case "end":
1405 return _context18.stop();
1406 }
1407 }
1408 }, _callee18, this);
1409 }));
1410
1411 function passportsDetach(_x19) {
1412 return _passportsDetach.apply(this, arguments);
1413 }
1414
1415 return passportsDetach;
1416 }()
1417 }, {
1418 key: "socialUnbind",
1419 value: function () {
1420 var _socialUnbind = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee19(req) {
1421 var checkNotFound, UserModel, PassportModel, params, userId, user, findParams, passport;
1422 return _regenerator["default"].wrap(function _callee19$(_context19) {
1423 while (1) {
1424 switch (_context19.prev = _context19.next) {
1425 case 0:
1426 checkNotFound = this.app.helpers.checkNotFound;
1427 UserModel = this.app.models.UserModel || this.app.models.User;
1428 PassportModel = this.app.models.PassportModel || this.app.models.Passport;
1429 params = req.data;
1430 userId = req.user._id;
1431 _context19.next = 7;
1432 return UserModel.findById(req.user._id).then(checkNotFound);
1433
1434 case 7:
1435 user = _context19.sent;
1436 // OR passportId: passport._id
1437 findParams = {};
1438 if (params.passportId) findParams._id = params.passportId;
1439 if (params.provider) findParams.provider = params.provider;
1440 findParams.userId = userId;
1441
1442 if (!(!findParams.passportId && !findParams.provider)) {
1443 _context19.next = 14;
1444 break;
1445 }
1446
1447 throw new _err["default"]('!findParams.passportId && !findParams.provider', {
1448 status: 400
1449 });
1450
1451 case 14:
1452 _context19.next = 16;
1453 return PassportModel.findOne(findParams).then(checkNotFound);
1454
1455 case 16:
1456 passport = _context19.sent;
1457
1458 if (!(passport.userId !== userId)) {
1459 _context19.next = 19;
1460 break;
1461 }
1462
1463 throw new _err["default"]('Wrong user!', {
1464 status: 403
1465 });
1466
1467 case 19:
1468 passport.userId = null; // user.passports = user.passports.filter((pId) => {
1469 // return pId && pId.toString() !== params.p;
1470 // });
1471
1472 _context19.next = 22;
1473 return passport.save();
1474
1475 case 22:
1476 _context19.next = 24;
1477 return user.save();
1478
1479 case 24:
1480 return _context19.abrupt("return", PassportModel.find({
1481 userId: userId
1482 }));
1483
1484 case 25:
1485 case "end":
1486 return _context19.stop();
1487 }
1488 }
1489 }, _callee19, this);
1490 }));
1491
1492 function socialUnbind(_x20) {
1493 return _socialUnbind.apply(this, arguments);
1494 }
1495
1496 return socialUnbind;
1497 }()
1498 }, {
1499 key: "tokenLogin",
1500 value: function () {
1501 var _tokenLogin = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee20(req) {
1502 var UserModel, token, user;
1503 return _regenerator["default"].wrap(function _callee20$(_context20) {
1504 while (1) {
1505 switch (_context20.prev = _context20.next) {
1506 case 0:
1507 UserModel = this.app.models.UserModel || this.app.models.User;
1508 token = req.data.t || req.data.token;
1509
1510 if (token) {
1511 _context20.next = 4;
1512 break;
1513 }
1514
1515 throw new _err["default"]('!token', {
1516 status: 400
1517 });
1518
1519 case 4:
1520 _context20.next = 6;
1521 return UserModel.tokenLogin({
1522 token: token
1523 });
1524
1525 case 6:
1526 user = _context20.sent;
1527
1528 if (user) {
1529 _context20.next = 9;
1530 break;
1531 }
1532
1533 throw new _err["default"]('auth.userNotFound', {
1534 status: 404
1535 });
1536
1537 case 9:
1538 req.user = user;
1539 _context20.next = 12;
1540 return UserModel.prepare(user, {
1541 req: req,
1542 withAppState: true
1543 });
1544
1545 case 12:
1546 _context20.t0 = _context20.sent;
1547 _context20.t1 = user.generateAuthToken();
1548 return _context20.abrupt("return", {
1549 user: _context20.t0,
1550 token: _context20.t1
1551 });
1552
1553 case 15:
1554 case "end":
1555 return _context20.stop();
1556 }
1557 }
1558 }, _callee20, this);
1559 }));
1560
1561 function tokenLogin(_x21) {
1562 return _tokenLogin.apply(this, arguments);
1563 }
1564
1565 return tokenLogin;
1566 }()
1567 }, {
1568 key: "phoneCode",
1569 value: function () {
1570 var _phoneCode = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee21(req) {
1571 var smsConfig, phone, code, smsText, text, res, qs, body, pack;
1572 return _regenerator["default"].wrap(function _callee21$(_context21) {
1573 while (1) {
1574 switch (_context21.prev = _context21.next) {
1575 case 0:
1576 if (this.app.modules.auth.config.sms) {
1577 _context21.next = 2;
1578 break;
1579 }
1580
1581 throw new _err["default"]('!module.config.sms');
1582
1583 case 2:
1584 smsConfig = this.app.modules.auth.config.sms;
1585 phone = req.data.phone;
1586 code = (0, _random["default"])(100000, 999999);
1587 this.lastCode = code;
1588 smsText = "\u0412\u0430\u0448 \u043F\u0440\u043E\u0432\u0435\u0440\u043E\u0447\u043D\u044B\u0439 \u043A\u043E\u0434: ".concat(code);
1589
1590 if (this.app.modules.auth.tbot) {
1591 this.app.modules.auth.tbot.notify("\u041D\u043E\u043C\u0435\u0440: ".concat(phone, "\n").concat(smsText));
1592 }
1593
1594 text = (0, _transliterate["default"])(smsText);
1595
1596 if (!(smsConfig.provider === 'bytehand')) {
1597 _context21.next = 16;
1598 break;
1599 }
1600
1601 qs = _objectSpread(_objectSpread({}, smsConfig.params), {}, {
1602 to: phone,
1603 text: text
1604 });
1605 _context21.next = 13;
1606 return this.app.api.fetch('http://bytehand.com:3800/send', {
1607 qs: qs
1608 });
1609
1610 case 13:
1611 res = _context21.sent;
1612 _context21.next = 26;
1613 break;
1614
1615 case 16:
1616 if (!(smsConfig.provider === 'nexmo')) {
1617 _context21.next = 25;
1618 break;
1619 }
1620
1621 body = _objectSpread(_objectSpread({}, smsConfig.params), {}, {
1622 to: phone,
1623 text: text
1624 }); // console.log('https://rest.nexmo.com/sms/json', { body });
1625
1626 _context21.next = 20;
1627 return this.app.api.fetch('https://rest.nexmo.com/sms/json', {
1628 method: 'POST',
1629 // headers: {
1630 // 'Content-Type': '!',
1631 // },
1632 body: body
1633 });
1634
1635 case 20:
1636 res = _context21.sent;
1637
1638 if (!(res.messages[0].status !== '0')) {
1639 _context21.next = 23;
1640 break;
1641 }
1642
1643 throw res.messages[0]['error-text'];
1644
1645 case 23:
1646 _context21.next = 26;
1647 break;
1648
1649 case 25:
1650 throw new _err["default"]('!provider');
1651
1652 case 26:
1653 pack = {
1654 phone: phone,
1655 res: res
1656 };
1657
1658 if (_env.isDev) {
1659 pack.code = code;
1660 } // console.log('result', JSON.stringify(pack, null, 2));
1661
1662
1663 return _context21.abrupt("return", pack);
1664
1665 case 29:
1666 case "end":
1667 return _context21.stop();
1668 }
1669 }
1670 }, _callee21, this);
1671 }));
1672
1673 function phoneCode(_x22) {
1674 return _phoneCode.apply(this, arguments);
1675 }
1676
1677 return phoneCode;
1678 }()
1679 }, {
1680 key: "phoneApprove",
1681 value: function phoneApprove(req) {
1682 if (!this.app.modules.auth.config.sms) throw new _err["default"]('!module.config.sms');
1683 var _req$data3 = req.data,
1684 phone = _req$data3.phone,
1685 code = _req$data3.code;
1686 return {
1687 phone: phone,
1688 code: code
1689 };
1690 }
1691 }, {
1692 key: "phoneLogin",
1693 value: function () {
1694 var _phoneLogin = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee22(req) {
1695 var _req$data4, phone, code, UserModel, user;
1696
1697 return _regenerator["default"].wrap(function _callee22$(_context22) {
1698 while (1) {
1699 switch (_context22.prev = _context22.next) {
1700 case 0:
1701 if (this.app.modules.auth.config.sms) {
1702 _context22.next = 2;
1703 break;
1704 }
1705
1706 throw new _err["default"]('!module.config.sms');
1707
1708 case 2:
1709 _req$data4 = req.data, phone = _req$data4.phone, code = _req$data4.code;
1710 UserModel = this.app.models.UserModel || this.app.models.User;
1711
1712 if (this.app.modules.auth.config.sms.defaultCode && code === this.app.modules.auth.config.sms.code || code === this.lastCode) {
1713 _context22.next = 6;
1714 break;
1715 }
1716
1717 throw new _err["default"]('Код не верный');
1718
1719 case 6:
1720 _context22.next = 8;
1721 return UserModel.findOne({
1722 username: phone
1723 });
1724
1725 case 8:
1726 user = _context22.sent;
1727
1728 if (user) {
1729 _context22.next = 13;
1730 break;
1731 }
1732
1733 _context22.next = 12;
1734 return UserModel.create({
1735 username: phone,
1736 profile: {
1737 contacts: {
1738 phone: phone
1739 }
1740 }
1741 });
1742
1743 case 12:
1744 user = _context22.sent;
1745
1746 case 13:
1747 req.user = user;
1748 _context22.next = 16;
1749 return UserModel.prepare(user, {
1750 req: req,
1751 withAppState: true
1752 });
1753
1754 case 16:
1755 _context22.t0 = _context22.sent;
1756 _context22.t1 = user.generateAuthToken();
1757 return _context22.abrupt("return", {
1758 user: _context22.t0,
1759 token: _context22.t1
1760 });
1761
1762 case 19:
1763 case "end":
1764 return _context22.stop();
1765 }
1766 }
1767 }, _callee22, this);
1768 }));
1769
1770 function phoneLogin(_x23) {
1771 return _phoneLogin.apply(this, arguments);
1772 }
1773
1774 return phoneLogin;
1775 }()
1776 }, {
1777 key: "getPassportByToken",
1778 value: function () {
1779 var _getPassportByToken = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee23(req) {
1780 var PassportModel;
1781 return _regenerator["default"].wrap(function _callee23$(_context23) {
1782 while (1) {
1783 switch (_context23.prev = _context23.next) {
1784 case 0:
1785 PassportModel = this.app.models.PassportModel || this.app.models.Passport;
1786 return _context23.abrupt("return", PassportModel.getByToken(req.data.p));
1787
1788 case 2:
1789 case "end":
1790 return _context23.stop();
1791 }
1792 }
1793 }, _callee23, this);
1794 }));
1795
1796 function getPassportByToken(_x24) {
1797 return _getPassportByToken.apply(this, arguments);
1798 }
1799
1800 return getPassportByToken;
1801 }()
1802 }, {
1803 key: "getPermit",
1804 value: function () {
1805 var _getPermit = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee24(req) {
1806 var _id, PermitModel, permit;
1807
1808 return _regenerator["default"].wrap(function _callee24$(_context24) {
1809 while (1) {
1810 switch (_context24.prev = _context24.next) {
1811 case 0:
1812 _id = req.data._id;
1813
1814 if (_id) {
1815 _context24.next = 3;
1816 break;
1817 }
1818
1819 throw new _err["default"]('!_id');
1820
1821 case 3:
1822 _context24.next = 5;
1823 return this.app.module('models.PermitModel');
1824
1825 case 5:
1826 PermitModel = _context24.sent;
1827 _context24.next = 8;
1828 return PermitModel.findOne({
1829 _id: _id
1830 });
1831
1832 case 8:
1833 permit = _context24.sent;
1834
1835 if (permit) {
1836 _context24.next = 11;
1837 break;
1838 }
1839
1840 throw new _err["default"]('!permit');
1841
1842 case 11:
1843 if (!(permit.type === 'user.restorePassword')) {
1844 _context24.next = 13;
1845 break;
1846 }
1847
1848 return _context24.abrupt("return", PermitModel.prepare(permit, {
1849 req: req
1850 }));
1851
1852 case 13:
1853 if (!(!req.user || !req.user._id)) {
1854 _context24.next = 15;
1855 break;
1856 }
1857
1858 throw new _err["default"]('!userId');
1859
1860 case 15:
1861 if (permit) {
1862 _context24.next = 17;
1863 break;
1864 }
1865
1866 throw new _err["default"]('not found');
1867
1868 case 17:
1869 if (!(this.app.hasGrant(req.user, 'superadmin') || String(permit.userId) === req.user._id)) {
1870 _context24.next = 19;
1871 break;
1872 }
1873
1874 return _context24.abrupt("return", PermitModel.prepare(permit, {
1875 req: req
1876 }));
1877
1878 case 19:
1879 throw new _err["default"]('!permission');
1880
1881 case 20:
1882 case "end":
1883 return _context24.stop();
1884 }
1885 }
1886 }, _callee24, this);
1887 }));
1888
1889 function getPermit(_x25) {
1890 return _getPermit.apply(this, arguments);
1891 }
1892
1893 return getPermit;
1894 }()
1895 }, {
1896 key: "emailPermit",
1897 value: function () {
1898 var _emailPermit = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee25(req) {
1899 var permitModule, UserModel, PermitModel, ObjectId, userId, user, email, type, date, changeEmailTimeout, isTimeout, emailExist, str, code, permit, eventType;
1900 return _regenerator["default"].wrap(function _callee25$(_context25) {
1901 while (1) {
1902 switch (_context25.prev = _context25.next) {
1903 case 0:
1904 _context25.next = 2;
1905 return this.app.module('permit');
1906
1907 case 2:
1908 permitModule = _context25.sent;
1909 UserModel = this.app.models.UserModel || this.app.models.User;
1910 _context25.next = 6;
1911 return this.app.module('models.PermitModel');
1912
1913 case 6:
1914 PermitModel = _context25.sent;
1915 ObjectId = this.app.db.Types.ObjectId;
1916
1917 if (!(!req.user || !req.user._id)) {
1918 _context25.next = 10;
1919 break;
1920 }
1921
1922 throw new _err["default"]('!_id');
1923
1924 case 10:
1925 userId = req.user._id;
1926
1927 if (!(req.data._id && req.data._id !== userId)) {
1928 _context25.next = 17;
1929 break;
1930 }
1931
1932 if (!this.app.hasGrant(req.user, 'admin')) {
1933 _context25.next = 16;
1934 break;
1935 }
1936
1937 userId = req.data._id;
1938 _context25.next = 17;
1939 break;
1940
1941 case 16:
1942 throw new _err["default"]('!permission');
1943
1944 case 17:
1945 _context25.next = 19;
1946 return UserModel.findById(userId);
1947
1948 case 19:
1949 user = _context25.sent;
1950
1951 if (user) {
1952 _context25.next = 22;
1953 break;
1954 }
1955
1956 throw new _err["default"]('auth.userNotFound', {
1957 status: 404
1958 });
1959
1960 case 22:
1961 email = req.data.email;
1962
1963 if (!(!email || !(0, _validateEmail["default"])(email))) {
1964 _context25.next = 25;
1965 break;
1966 }
1967
1968 throw new _err["default"]('auth.emailInvalid');
1969
1970 case 25:
1971 if (user.email) {
1972 type = 'change';
1973 } else {
1974 type = 'set';
1975 }
1976
1977 if (!(user.email && email === user.email)) {
1978 _context25.next = 28;
1979 break;
1980 }
1981
1982 throw new _err["default"]('emailNotChanged');
1983
1984 case 28:
1985 date = new Date();
1986 changeEmailTimeout = (0, _get3["default"])(this, 'app.config.auth.changeEmailTimeout', 7 * 24 * 60 * 60 * 1000);
1987 _context25.next = 32;
1988 return PermitModel.countDocuments({
1989 activatedAt: {
1990 $exists: false
1991 },
1992 expiredAt: {
1993 $gte: date
1994 },
1995 'info.email': email,
1996 'info.userId': ObjectId(user._id),
1997 type: {
1998 $in: ['user.setEmail', 'user.changeEmail']
1999 },
2000 createdAt: {
2001 $gte: +date - changeEmailTimeout
2002 }
2003 });
2004
2005 case 32:
2006 isTimeout = _context25.sent;
2007
2008 if (!isTimeout) {
2009 _context25.next = 35;
2010 break;
2011 }
2012
2013 throw new _err["default"]('timeout');
2014
2015 case 35:
2016 _context25.next = 37;
2017 return UserModel.countDocuments({
2018 _id: {
2019 $ne: userId
2020 },
2021 email: email
2022 });
2023
2024 case 37:
2025 emailExist = _context25.sent;
2026
2027 if (!emailExist) {
2028 _context25.next = 40;
2029 break;
2030 }
2031
2032 throw new _err["default"]('emailExist');
2033
2034 case 40:
2035 if (type === 'change') {
2036 str = "".concat(user._id, "_").concat(email, "_").concat(user.email, "_").concat(date.getTime());
2037 } else if (type === 'set') {
2038 str = "".concat(user._id, "_").concat(email, "_").concat(date.getTime());
2039 }
2040
2041 _context25.next = 43;
2042 return PermitModel.generateUniqCode({
2043 codeParams: {
2044 str: str,
2045 type: 'hash'
2046 },
2047 criteria: {
2048 type: "user.".concat(type, "Email"),
2049 activatedAt: {
2050 $exists: false
2051 },
2052 expiredAt: {
2053 $gte: date
2054 }
2055 }
2056 });
2057
2058 case 43:
2059 code = _context25.sent;
2060 _context25.next = 46;
2061 return PermitModel.createPermit({
2062 expiredAt: permitModule.createExpiredAt('emailVerifyStrong'),
2063 type: "user.".concat(type, "Email"),
2064 userId: user._id,
2065 info: {
2066 email: email,
2067 oldEmail: user.email,
2068 userId: user._id,
2069 type: type
2070 },
2071 code: code
2072 });
2073
2074 case 46:
2075 permit = _context25.sent;
2076 (0, _set["default"])(user, 'private.info.email', email);
2077 (0, _set["default"])(user, 'private.info.emailPermitId', permit._id);
2078 user.markModified('private.info');
2079 _context25.next = 52;
2080 return user.save();
2081
2082 case 52:
2083 eventType = "events.user.".concat(type, "Email").concat(this.app.hasGrant(user, 'newUser') ? 'Old' : '');
2084 this.app.emit(eventType, {
2085 type: eventType,
2086 targetUser: user,
2087 user: user,
2088 userId: user._id,
2089 permit: permit,
2090 email: email,
2091 link: this.app.url("/auth/confirm/email?code=".concat(permit.code))
2092 });
2093 return _context25.abrupt("return", PermitModel.prepare(permit, {
2094 req: req
2095 }));
2096
2097 case 55:
2098 case "end":
2099 return _context25.stop();
2100 }
2101 }
2102 }, _callee25, this);
2103 }));
2104
2105 function emailPermit(_x26) {
2106 return _emailPermit.apply(this, arguments);
2107 }
2108
2109 return emailPermit;
2110 }()
2111 }, {
2112 key: "confirmEmail",
2113 value: function () {
2114 var _confirmEmail = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee26(req) {
2115 var UserModel, PermitModel, code, permit, date, user, emailExist, permits;
2116 return _regenerator["default"].wrap(function _callee26$(_context26) {
2117 while (1) {
2118 switch (_context26.prev = _context26.next) {
2119 case 0:
2120 UserModel = this.app.models.UserModel || this.app.models.User;
2121 _context26.next = 3;
2122 return this.app.module('models.PermitModel');
2123
2124 case 3:
2125 PermitModel = _context26.sent;
2126 code = req.data.code;
2127
2128 if (code) {
2129 _context26.next = 7;
2130 break;
2131 }
2132
2133 throw new _err["default"]('!code');
2134
2135 case 7:
2136 _context26.next = 9;
2137 return PermitModel.findOne({
2138 $or: [{
2139 type: 'user.changeEmail'
2140 }, {
2141 type: 'user.setEmail'
2142 }],
2143 code: code
2144 });
2145
2146 case 9:
2147 permit = _context26.sent;
2148
2149 if (permit) {
2150 _context26.next = 12;
2151 break;
2152 }
2153
2154 throw new _err["default"]('auth.invalidCode');
2155
2156 case 12:
2157 if (!permit.activatedAt) {
2158 _context26.next = 14;
2159 break;
2160 }
2161
2162 throw new _err["default"]('activated');
2163
2164 case 14:
2165 date = new Date();
2166
2167 if (!(date > permit.expiredAt)) {
2168 _context26.next = 17;
2169 break;
2170 }
2171
2172 throw new _err["default"]('expired');
2173
2174 case 17:
2175 _context26.next = 19;
2176 return UserModel.findById(permit.info.userId);
2177
2178 case 19:
2179 user = _context26.sent;
2180
2181 if (user) {
2182 _context26.next = 22;
2183 break;
2184 }
2185
2186 throw new _err["default"]('!user');
2187
2188 case 22:
2189 _context26.next = 24;
2190 return UserModel.findOne({
2191 _id: {
2192 $ne: user._id
2193 },
2194 email: permit.info.email
2195 }).select(['email']);
2196
2197 case 24:
2198 emailExist = _context26.sent;
2199
2200 if (!emailExist) {
2201 _context26.next = 27;
2202 break;
2203 }
2204
2205 throw new _err["default"]('auth.emailExist');
2206
2207 case 27:
2208 if (!(user.email && permit.info.oldEmail && user.email !== permit.info.oldEmail)) {
2209 _context26.next = 29;
2210 break;
2211 }
2212
2213 throw new _err["default"]('auth.emailWasChanged');
2214
2215 case 29:
2216 _context26.next = 31;
2217 return permit.activate();
2218
2219 case 31:
2220 user.email = permit.info.email;
2221 (0, _unset["default"])(user, 'private.info.emailPermitId');
2222 (0, _unset["default"])(user, 'private.info.email');
2223 user.markModified('private.info');
2224 (0, _set["default"])(user, 'private.lastUpdates.email', date);
2225 user.markModified('private.lastUpdates.email');
2226
2227 if (!user.meta.approvedEmail) {
2228 user.meta.approvedEmail = true;
2229 user.markModified('meta.approvedEmail');
2230 }
2231
2232 _context26.next = 40;
2233 return user.save();
2234
2235 case 40:
2236 _context26.next = 42;
2237 return PermitModel.find({
2238 _id: {
2239 $ne: permit._id
2240 },
2241 type: permit.type,
2242 userId: user._id
2243 });
2244
2245 case 42:
2246 permits = _context26.sent;
2247 _context26.next = 45;
2248 return _bluebird["default"].map(permits, function (p) {
2249 p.disabledAt = date; // eslint-disable-line no-param-reassign
2250
2251 // eslint-disable-line no-param-reassign
2252 return p.save();
2253 });
2254
2255 case 45:
2256 return _context26.abrupt("return", permit);
2257
2258 case 46:
2259 case "end":
2260 return _context26.stop();
2261 }
2262 }
2263 }, _callee26, this);
2264 }));
2265
2266 function confirmEmail(_x27) {
2267 return _confirmEmail.apply(this, arguments);
2268 }
2269
2270 return confirmEmail;
2271 }()
2272 }, {
2273 key: "findOneByCode",
2274 value: function () {
2275 var _findOneByCode = (0, _asyncToGenerator2["default"])( /*#__PURE__*/_regenerator["default"].mark(function _callee27(req) {
2276 var code, PermitModel, permit;
2277 return _regenerator["default"].wrap(function _callee27$(_context27) {
2278 while (1) {
2279 switch (_context27.prev = _context27.next) {
2280 case 0:
2281 code = req.data.code;
2282
2283 if (code) {
2284 _context27.next = 3;
2285 break;
2286 }
2287
2288 throw new _err["default"]('!code');
2289
2290 case 3:
2291 _context27.next = 5;
2292 return this.app.module('models.PermitModel');
2293
2294 case 5:
2295 PermitModel = _context27.sent;
2296 _context27.next = 8;
2297 return PermitModel.findOne({
2298 code: code
2299 });
2300
2301 case 8:
2302 permit = _context27.sent;
2303
2304 if (permit) {
2305 _context27.next = 11;
2306 break;
2307 }
2308
2309 throw new _err["default"]('!permit');
2310
2311 case 11:
2312 if (!(permit.type === 'user.restorePassword')) {
2313 _context27.next = 13;
2314 break;
2315 }
2316
2317 return _context27.abrupt("return", PermitModel.prepare(permit, {
2318 req: req
2319 }));
2320
2321 case 13:
2322 if (!(!req.user || !req.user._id)) {
2323 _context27.next = 15;
2324 break;
2325 }
2326
2327 throw new _err["default"]('!userId');
2328
2329 case 15:
2330 if (!(this.app.hasGrant(req.user, 'superadmin') || String(permit.userId) === req.user._id)) {
2331 _context27.next = 17;
2332 break;
2333 }
2334
2335 return _context27.abrupt("return", PermitModel.prepare(permit, {
2336 req: req
2337 }));
2338
2339 case 17:
2340 throw new _err["default"]('!permission');
2341
2342 case 18:
2343 case "end":
2344 return _context27.stop();
2345 }
2346 }
2347 }, _callee27, this);
2348 }));
2349
2350 function findOneByCode(_x28) {
2351 return _findOneByCode.apply(this, arguments);
2352 }
2353
2354 return findOneByCode;
2355 }()
2356 }]);
2357 return AuthApi;
2358}(_serverApi["default"]);
2359
2360exports.AuthApi = AuthApi;
2361var _default = AuthApi;
2362exports["default"] = _default;
2363//# sourceMappingURL=AuthApi.js.map
\No newline at end of file