user.js
6.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
require('dotenv').config()
const Router = require("@koa/router");
//const authCtrl = require("auth.ctrl");
const checkLoggedIn = require("../../src/lib/checkLoggedIn");
//var passport = require('passport');
const User = require("../models/user");
//var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
const auth = new Router();
const nodemailer = require('nodemailer');
const config = require('../lib/config');
const Joi = require('@hapi/joi');
/*
*/
// show
/*
auth.get('/:id', async (ctx) => {
try{
const user = await User.findOne({_id:ctx.params._id});
ctx.render('users/show', {user});
}catch(e){
ctx.throw(500, e);
console.log(e); }
});
*/
auth.get('/login', async (ctx) => {
await ctx.render('home/login')
});
auth.get('/new', async (ctx) => {
try{
await ctx.render('users/new');
}catch(e){
console.log(e);
}
});
// edit
auth.get('/:id/edit', async (ctx) => {
const user = await User.find({email:ctx.params.email}).exec();
ctx.render('users/edit', {user:user});
});
auth.post('/login',async(ctx) =>{
const { email, password } = ctx.request.body;
const errors ='';
//handle error
if (!email || !password) {
//Unauthorized
alert( '비밀번호, 이메일 중 하나가 틀렸습니다. ');
await ctx.redirect('/auth/login');
}
try {
//const user = User.findOne({ email: email });
const user = await User.findByEmail(email);
//계정없으면 에러처리
console.log(user);
if (!user) {
ctx.status = 401;
return;
}
const valid = await user.checkPassword(password);
if (!valid) {
ctx.status = 401;
return;
}
ctx.body = await user.serialize();
const token = user.generateToken();
ctx.cookies.set('access_token', token, {
maxAge: 1000 * 60 * 60 * 24 * 7, // 7일
httpOnly: false,
});
ctx.status = 200;
ctx.state.user = user;
ctx.redirect('/page');
console.log('토큰나옴, 로그인');
} catch (e) {
ctx.throw(500, e);
ctx.redirect('/')
}
});
auth.post('/signup',async(ctx)=>{const { email, password, address } = ctx.request.body;
console.log(ctx.request.body);
const schema = Joi.object().keys({
email: Joi.string().min(3).required(),
password: Joi.string().required(),
phone: Joi.string().allow(null, ''),
nickname:Joi.string().allow(null, '')
});
//검증 결과
try {
const value = await schema.validateAsync(ctx.request.body);
} catch (err) {
console.log(err);
ctx.status = 400;
return;
}
try {
// email 이미 존재하는지 확인
const exists = await User.findByEmail(email);
if (exists) {
ctx.status = 409; // Conflict
return;
}
let account = null;
try {
account = await User.localRegister(ctx.request.body);
} catch (e) {
ctx.throw(500, e);
}
let token = null;
try {
token = await account.generateToken();
console.log('token ok');
} catch (e) {
ctx.throw(500, e);
}
await ctx.cookies.set('access_token', token, { maxAge: 1000 * 60 * 60 * 24 * 7 ,httpOnly: true,});
console.log('set cookie ok');
// 응답할 데이터에서 hashedPassword 필드 제거
ctx.status = 200;
await ctx.render('users/show');
} catch (e) {
ctx.throw(500, e);
}});
// update // 2
auth.patch('/:id', async (ctx) => {
const schema = Joi.object().keys({
// password: Joi.string().min(6).max(20).required(),
username: Joi.string().allow(null, ''),
phone: Joi.string().allow(null, ''),
nickname: Joi.string().allow(null, ''),
fcmToken: Joi.string(),
// birth: Joi.date()
});
try {
const value = await schema.validateAsync(ctx.request.body);
} catch (err) {
console.log(err);
ctx.status = 400;
return;
}
ctx.request.body.email = ctx.state.user.email;
try {
await User.updateUser(ctx.request.body);
} catch (e) {
ctx.throw(500, e);
}
ctx.status = 200;
await ctx.redirect('/users/'+user.nickname);
});
// destroy
auth.get('/logout', async (ctx) => {
await ctx.cookies.set('access_token');
ctx.status = 204;
await ctx.redirect('/');
});
function getRandomInt(min, max) { //min ~ max 사이의 임의의 정수 반환
return Math.floor(Math.random() * (max - min)) + min;
}
auth.post('/findPassword', async (ctx) => {
var status = 400;
// 전송 옵션 설정
// trainsporter: is going to be an object that is able to send mail
let transporter = nodemailer.createTransport({
service: 'gmail',
host: 'smtp.gmail.com',
// port: 587,
port: 465,
secure: true,
auth: {
user: config.mailer.user, //gmail주소입력
pass: config.mailer.password, //gmail패스워드 입력
},
});
var numsend = getRandomInt(100000,999999);
var mailOptions = {
from: `"Like project"<${config.mailer.user}>`, //enter the send's name and email
to: ctx.request.body.email, // recipient's email
subject: 'Like password', // title of mail
html: `안녕하세요, 글을 나누는 즐거움 Like 입니다.
<br />
인증번호는 다음과 같습니다. (임시)
<br />
${numsend}`,
};
try {
await transporter.sendMail(mailOptions, async function (error, info) {
if (error) {
ctx.status = 401;
return;
} else {
console.log('Email sent: ' + info.response);
ctx.body = { success: true };
status = 200;
}
});
} catch (e) {
ctx.throw(500, e);
}
ctx.status = 200;
});
module.exports = auth;
function checkPermission(ctx, next){
User.findOne({username:ctx.params.username}, function(err, user){
if(err) return res.json(err);
if(user.id != req.user.id) return util.noPermission(ctx);
next();
});
}