.post('/auth/register', function *(next) { const user = this.request.body const rule = { email: 'email', password: { type: 'password', compare: 'passwordCheck', min: 6 }, tos: 'string' } const errors = validate(rule, user) if (errors) { this.redirect('/signup') } else { try { const profile = yield User.create(user) if (!profile) { throw new Error('no user') } // response JSON web token const token = jwtHelper(profile) // set session token const sess = this.session sess.token = token this.redirect('/sync/token?token=' + token) } catch (err) { this.redirect('/signup') } } })
.post('/auth/login', function *(next) { const user = this.request.body const rule = { password: '******', email: 'email' } const errors = validate(rule, user) if (errors) { this.redirect('/login') } try { const profile = yield User.auth(user.email, user.password) if (!profile) { throw new Error('no user') } // response JSON web token const token = jwtHelper(profile) // set session token const sess = this.session sess.token = token this.redirect('/sync/token') } catch (err) { this.redirect('/login') } })
.post('/auth/token/verify', function *(next) { const body = this.request.body const rule = { token: 'string' } const errors = validate(rule, body) if (errors) { this.status = 400 this.set('WWW-Authenticate', 'JWT realm="users", error="invalid_token", error_description="' + JSON.stringify(errors) + '"') this.body = errors } try { const verified = yield verifyJwt(body.token) if (verified) { this.body = { response: true } } else { this.body = { response: false } } } catch (err) { this.status = 401 this.set('WWW-Authenticate', 'JWT realm="users",error="invalid_token",error_description="' + JSON.stringify(err) + '"') this.body = err } })
update: [ RestAuth, function *(next) { const body = yield parse(this) const rule = { name: { type: 'string', required: false, allowEmpty: true }, password: { type: 'password', compare: 'passwordCheck' }, passwordCheck: 'password' } const errors = validate(rule, body) if (errors) { this.type = 'json' this.status = 200 this.body = errors return } try { if (hashids.decode(this.params.user) !== +this.user.id) { throw new Error('user check failed') } const user = yield User.update(this.params.user, body) this.type = 'json' this.status = 201 this.body = hashids.encodeJson(user) } catch (err) { this.type = 'json' this.status = 404 this.body = err } }],
index: [ RestAuth, function *(next) { const body = queryType.parseObject(this.request.query) const rule = { offset: { type: 'number', required: false }, limit: { type: 'number', required: false }, start: { type: 'number', required: false }, end: { type: 'number', required: false }, status: { type: 'number', required: false } } const errors = validate(rule, body) if (errors) { this.type = 'json' this.status = 200 this.body = { errors: errors } return } const { offset, limit, start, end, keyword, status } = body let data if (!!keyword) { data = yield Post.searchWithCount(keyword, status, offset, limit) } else { data = !start ? yield Post.listAllWithCount(offset, limit, status) : yield Post.fetchWithCount(offset, limit, start, end, status) } this.body = hashids.encodeJson(data) }],
show: function *(next) { const cid = this.params.og const body = queryType.parseObject(this.request.query) const rule = { offset: { type: 'number', required: false }, limit: { type: 'number', required: false }, type: { type: 'enum', required: false, values: ['list', 'nearby'] } } const errors = validate(rule, body) if (errors) { this.type = 'json' this.status = 200 this.body = { errors: errors } return } const { type } = body let data = [] if (!type || type === 'list') { const { offset, limit } = body data = yield Post.listWithOg(offset, limit, cid) if (data.length > 0) { const oginfo = { cid: cid, ocname: data[0].ocname } this.body = { oginfo: oginfo, data: hashids.encodeJson(data) } } else { const oginfo = { cid: cid } this.body = { oginfo: oginfo, data: [] } } } else if (type === 'nearby') { const { limit, dist } = body try { const oginfo = yield fetchOrgDataByCid(cid) oginfo.lat = parseFloat(oginfo.lat) oginfo.lng = parseFloat(oginfo.lng) const pattern = { lat: oginfo.lat, lng: oginfo.lng, dist: dist, cid: cid } data = yield Location.nearBy(limit, pattern) if (isEmpty(data)) { this.body = { oginfo: oginfo, data: [] } } else { this.body = { oginfo: oginfo, data: hashids.encodeJson(data) } } } catch (err) { this.type = 'json' this.status = 404 this.body = err } } }
create: function *(next) { const body = yield parse(this) const rule = { name: { type: 'string', required: false, allowEmpty: true }, password: { type: 'password', compare: 'passwordCheck' }, passwordCheck: 'password', email: 'email', recaptcha: { type: 'string', required: true, allowEmpty: false } } const errors = validate(rule, body) if (errors) { this.type = 'json' this.status = 200 this.body = errors return } if (process.env.NODE_ENV !== 'test') { const checkReCAPTCHA = yield verify({ secret: require('config').ReCAPTCHA.SECRET, response: body.recaptcha }) if (!checkReCAPTCHA.success) { this.type = 'json' this.status = 200 this.body = checkReCAPTCHA return } } try { const user = yield User.create(body) this.type = 'json' this.status = 201 this.body = hashids.encodeJson(user) } catch (err) { this.type = 'json' this.status = 200 this.body = err } },
.post('/api/v1/twblogin', function *(next) { const body = this.request.body const rule = { password: '******', email: 'email' } const errors = validate(rule, body) if (errors) { this.status = 200 this.body = errors } else { let profile let err try { const res = yield twbAuth(body) if (res.email) { profile = yield twbBindUser(res) } } catch (error) { err = error } if (!err && profile.email) { // response JSON web token const token = jwtHelper(profile) // set session token const sess = this.session sess.token = token this.body = { token: token } } else { this.status = 200 this.body = { errors: err } } } })
create: [ RestAuth, function *(next) { const body = this.request.body const rule = { spam: { type: 'array', itemType: 'string', rule: { type: 'string', allowEmpty: false } }, type: { type: 'string' } } const errors = validate(rule, body) if (errors) { this.type = 'json' this.status = 200 this.body = { errors: errors } return } // updateAll try { each(body.spam, function (hid) { co(function* () { const id = hashids.decode(hid) const _body = { status: (body.type === 'spam') ? 1 : 0 } yield Post.update(id, _body) }) }) this.type = 'json' this.status = 201 this.body = { done: true } } catch (err) { this.type = 'json' this.status = 403 this.body = err } }],
update: [ RestAuth, function *(next) { const body = this.request.body const rule = { uid: { type: 'string' }, type: { type: 'string' }, prop: { type: 'string' }, startDate: { type: 'int' }, endDate: { type: 'int' }, openDate: { type: 'int', required: false }, closeDate: { type: 'int', required: false }, dateType: { type: 'int', required: false }, title: { type: 'string' }, content: { type: 'string' }, lat: { type: 'number', required: false }, lng: { type: 'number', required: false }, place: { type: 'string', required: false }, file: { required: false, type: 'array', itemType: 'string', rule: { type: 'string', allowEmpty: true } }, url: { required: false, type: 'url' } } const errors = validate(rule, body) if (errors) { this.type = 'json' this.status = 200 this.body = errors return } try { body.uid = hashids.decode(body.uid) if (body.uid !== +this.user.id) { throw new Error('user check failed') } body.startDate = moment(body.startDate).format('YYYY-MM-DD HH:mm:ss') body.endDate = moment(body.endDate).format('YYYY-MM-DD HH:mm:ss') if (typeof body.openDate === 'undefined') { body.openDate = body.startDate } else { body.openDate = moment(body.openDate).format('YYYY-MM-DD HH:mm:ss') } if (typeof body.closeDate === 'undefined') { body.closeDate = body.endDate } else { body.closeDate = moment(body.closeDate) .endOf('day').format('YYYY-MM-DD HH:mm:ss') } body.file = JSON.stringify(body.file) try { const userinfo = yield UsersInfo.load(+this.user.id) body.ocname = userinfo.ocname body.zipcode = userinfo.zipcode body.contact = userinfo.contact body.country = userinfo.country body.city = userinfo.city body.address = userinfo.address } catch (err) {/* no userinfo */} const post = yield Post.update(this.params.post, body) this.type = 'json' this.status = 201 this.body = hashids.encodeJson(post) } catch (err) { this.type = 'json' this.status = 403 this.body = err } }]