const Boom = require('boom');const BaseController = require('../../core/abstrac

1. const Boom = require('boom');
2. const BaseController = require('../../core/abstract/BaseApiController');
3.  
4. class UsersController extends BaseController {
5.  
6. constructor(...args) {
7. super(...args);
8. this.User = this.server.plugins.users.User;
9. this.UserService = this.server.plugins.users.UserService;
10. }
11.  
12. findById(req, reply) {
13. return Promise.resolve()
14. .then(() => {
15. return this.User.findOne({
16. where: { id: req.params.id },
17. include: ['Shops']
18. });
19. })
20. .then(reply);
21.  
22. }
23.  
24. findAll(req, reply) {
25. return Promise.resolve()
26. .then(() => {
27. const q = req.query;
28.  
29. const options = {
30. limit: q.limit || 100,
31. offset: q.offset || 0,
32. order: this.UtilityService.getOrderClause(q.sort),
33. where: this.UtilityService.getSearchClause(q.search, {Model: this.User}),
34. };
35.  
36. return this.User.scope('role:user').findAndCountAll(options);
37. })
38. .then(reply);
39.  
40. }
41.  
42. create(req, reply) {
43. return Promise.resolve()
44. .then(() => {
45. return this.UserService.create(req.payload);
46. })
47. .then(reply);
48.  
49. }
50.  
51. update(req, reply) {
52. return Promise.resolve()
53. .then(() => {
54. const where = {
55. id: req.auth.credentials.id,
56. };
57.  
58. if (req.auth.credentials.isAdmin) {
59. where.id = req.params.id;
60. }
61.  
62. let emailChanged;
63. let phoneChanged;
64.  
65. return this.User.findOne({ where })
66. .then((user) => {
67. if (!user) throw Boom.notFound('Record not found');
68.  
69. user.set(req.payload);
70.  
71. emailChanged = user.changed('email');
72. phoneChanged = user.changed('phone');
73.  
74. return user.save();
75. })
76. .tap((user) => {
77. if (!emailChanged) return;
78.  
79. this.EmailVerificationService.sendVerificationEmail(user.email)
80. .catch((err) => {
81. this.logger.error(err);
82. });
83. })
84. // .tap((user) => {
85. // if (!phoneChanged) return;
86. //
87. // this.PhoneVerificationService.sendVerificationMessage(user)
88. // .catch((err) => {
89. // this.logger.error(err);
90. // });
91. // })
92. .then((user) => {
93. return this.User.scope('public').findById(user.id);
94. });
95.  
96. })
97. .then(reply);
98.  
99. }
100.  
101. register(req, reply) {
102.  
103. return Promise.resolve()
104. .then(() => {
105. return this.RecaptchaService.validate(req.payload.recaptcha, req.info.remoteAddress);
106. })
107. .then(() => this.User.findOne({where: {email: req.payload.user.email}}))
108. .then((existingUser) => {
109. if(existingUser) {
110. throw Boom.badData('This email is already registered.');
111. }
112. })
113. .then(() => this.UserService.create(req.payload.user))
114. .then(() => {
115.  
116. // We're capturing errors on this because this is not critical
117. return this.EmailVerificationService.getVerificationLink(req.payload.user.email)
118. .then((emailVerificationLink) => {
119. const tplParams = { emailVerificationLink };
120.  
121. const html = this.MailTemplateService.getCompiledTemplate('welcomeAndVerifyEmail', tplParams);
122.  
123. return this.MailService.send({
124. to: req.payload.user.email,
125. subject: 'Verify account email',
126. html
127. });
128. })
129. .catch((err) => {
130. this.logger.error(err);
131. });
132.  
133. })
134. .then(() => reply.ok());
135.  
136. }
137.  
138. login(req, reply) {
139. return this.UserService.login(req.payload)
140. .then(reply);
141.  
142. }
143.  
144. getCurrentUser(req, reply) {
145. return this.User.scope('public').findOne({
146. where: { id: req.auth.credentials.id },
147. include: [{
148. model: this.server.plugins.shops.Shop.scope(['active']),
149. required: false,
150. }],
151. })
152. .then(reply);
153.  
154. }
155.  
156. verifyEmail(req, reply) {
157. return Promise.resolve()
158. .then(() => {
159. const hash = req.query.h;
160. return this.EmailVerificationService.verify(hash);
161. })
162. .then((user) => {
163. user.emailVerified = true;
164. return user.save();
165. })
166. .then(() => reply.ok());
167. }
168.  
169. resendVerification(req, reply) {
170.  
171. const type = req.params.type;
172.  
173. return Promise.resolve()
174. .then(() => {
175.  
176. const where = {
177. id: req.auth.credentials.id,
178. };
179.  
180. if (req.auth.credentials.isAdmin) {
181. delete where.id;
182. where.id = req.params.id;
183. }
184.  
185. return this.User.findOne({ where });
186.  
187. })
188. .then((user) => {
189. if (!user) throw Boom.notFound('Record not found');
190.  
191. if (type === 'email') {
192. if (user.emailVerified) throw Boom.conflict('Email already verified');
193. return this.EmailVerificationService.sendVerificationEmail(user.email);
194. }
195.  
196. if (type === 'phone') {
197. // TODO: Implement resend verification for phone numbers
198. throw new Error('Not implemented');
199. }
200.  
201. })
202. .then(reply);
203.  
204. }
205.  
206. loginAs(req, reply) {
207. return Promise.resolve()
208. .then(() => {
209.  
210. return this.User.findOne({
211. where: { id: req.params.id },
212. include: [{
213. model: this.server.plugins.shops.Shop.scope(['active']),
214. required: false
215. }],
216. })
217. .then((user) => {
218. if (!user) throw Boom.notFound('User not found');
219.  
220. return this.UserService.generateJWTToken(user)
221. .then((token) => {
222. return { token, user };
223. });
224.  
225. });
226.  
227. })
228. .then(reply);
229.  
230. }
231.  
232. resetPasswordRequest(req, reply) {
233. return Promise.resolve()
234. .then(() => {
235. return this.RecaptchaService.validate(req.payload.recaptcha, req.info.remoteAddress);
236. })
237. .then(() => this.User.findOne({ where: { email: req.payload.email } }))
238. .then((user) => {
239. if (!user) {
240. throw Boom.badRequest('Unknown email.');
241. }
242.  
243. user.setResetPasswordToken();
244. return user.save();
245. })
246. .then((user) => {
247. const tplParams = {
248. resetPasswordLink: this.UtilityService.getResetPasswordLink(user),
249. user
250. };
251.  
252. const html = this.MailTemplateService.getCompiledTemplate('resetPassword', tplParams);
253.  
254. return this.MailService.send({
255. to: user.email,
256. subject: 'Reset account password',
257. html
258. });
259.  
260. })
261. .then(() => reply.ok());
262.  
263. }
264.  
265. resetPasswordSubmit(req, reply) {
266. return Promise.resolve()
267. .then(() => {
268. return this.RecaptchaService.validate(req.payload.recaptcha, req.info.remoteAddress);
269. })
270. .then(() => this.User.findOne({ where: { resetPasswordToken: req.payload.token } }))
271. .then((user) => {
272.  
273. if (!user) {
274. throw Boom.badRequest('Invalid token');
275. }
276.  
277. user.validateResetToken(req.payload.token);
278.  
279. user.password = req.payload.password;
280. return user.save();
281. })
282. .catch((err) => {
283. throw err.isBoom ? err : Boom.badRequest(err);
284. })
285. .then(() => reply.ok());
286.  
287. }
288.  
289. destroy(req, reply) {
290.  
291. return Promise.resolve()
292. .then(() => {
293.  
294. return this.User.findById(req.params.id)
295. .then((user) => {
296. if (!user) {
297. throw Boom.notFound('Record not found');
298. }
299.  
300. return user.destroy();
301. });
302.  
303. })
304. .then(reply);
305.  
306. }
307.  
308. }
309.  
310. module.exports = (server) => new UsersController(server);