2023-12-07 12:04:19 +01:00
const express = require ( "express" ) ;
const fs = require ( "fs-extra" ) ;
2023-12-29 13:38:47 +01:00
const dayjs = require ( 'dayjs' ) ;
2023-12-07 12:04:19 +01:00
const path = require ( "path" ) ;
// Classes
const Pagans = require ( "../models/Pagans.js" ) ;
const Odmdb = require ( "../models/Odmdb.js" ) ;
// Middlewares
const checkHeaders = require ( "../middlewares/checkHeaders.js" ) ;
const isAuthenticated = require ( "../middlewares/isAuthenticated.js" ) ;
2024-03-15 08:49:23 +01:00
const conf = require ( ` ../../../../conf/townconf.json ` ) ;
2024-02-19 17:55:06 +01:00
const currentmod = "pagans" ;
const log = conf . api . activelog . includes ( currentmod ) ;
2023-12-07 12:04:19 +01:00
const router = express . Router ( ) ;
/ * *
* / a p i / m o d e l s / P a g a n s . j s
*
* Managed :
/ * *
* Alias exist then return public key or not
2024-03-15 08:49:23 +01:00
* @ api { get } adminapi / pagans / alias / : alias - alias Get
2023-12-07 12:04:19 +01:00
* @ apiName isalias
* @ apiGroup Pagans
* @ apiDescription If alias exist return its publickey
*
* @ param { string } alias
*
* @ apiError { json } aliasdoesnotexist
* @ apiErrorExample { json }
* HTTP / 1.1 404 Not Found
{ "status" : 404 , "ref" : "pagans" , "msg" : "aliasdoesnotexist" , "data" : { alias } }
*
* @ apiSuccess { object } indexfile content
* @ apiSuccessExample { json } Success - Response :
* HTTP / 1.1 200 OK
* { "status" : 200 , ref : "pagans" , "msg" : "aliasexist" , "data" : { alias , publicKey } }
* *
* * /
router . get ( "/alias/:alias" , ( req , res ) => {
const getalias = Pagans . getalias ( req . params . alias ) ;
res . status ( getalias . status ) . send ( getalias ) ;
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { get } adminapi / pagans / logout - pagan Logout
2023-12-07 12:04:19 +01:00
* @ apiName Removetoken
* @ apiGroup Pagans
2023-12-29 13:38:47 +01:00
* @ apiDescription Remove server ' s token only the owner of the token ( no one else can delete a token )
2023-12-07 12:04:19 +01:00
*
* @ apiSuccess { object } indexfile content
* @ apiSuccessExample { json } Success - Response :
* HTTP / 1.1 200 OK
* { status : 200 , ref : "Pagans" , msg : "logout"
*
* /
router . get ( "/logout" , checkHeaders , isAuthenticated , ( req , res ) => {
2024-02-19 17:55:06 +01:00
if ( log ) console . log ( currentmod , "Logout:" , req . session . header ) ;
2023-12-07 12:04:19 +01:00
const logout = Pagans . logout (
req . session . header . xalias ,
req . session . header . xtribe ,
req . session . header . xdays ,
req . session . header . xhash
) ;
res . status ( logout . status ) . json ( logout ) ;
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { get } adminapi / pagans / isauth - pagan isAuthenticated ?
2023-12-07 12:04:19 +01:00
* @ apiName isAuth
* @ apiGroup Pagans
* @ apiDescription Check if pagan ' s token is still valid
*
* @ apiError ( 400 ) missingheaders
* @ apiError ( 400 ) xaliasdoesnotexist
* @ apiError ( 400 ) signaturefailled
* @ apiError ( 401 ) aliasanonymous
* @ apiError ( 404 ) tribedoesnotexist
*
* @ apiSuccess ( 200 ) valid
* { object } data contains indexfile requested
*
* /
router . get ( "/isauth" , checkHeaders , isAuthenticated , ( req , res ) => {
res . status ( 200 ) . send ( {
status : 200 ,
ref : "headers" ,
msg : "authenticated" ,
data : {
xalias : req . session . header . xalias ,
xprofils : req . session . header . xprofils ,
} ,
} ) ;
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { post } adminapi / pagans - pagan Post
2023-12-07 12:04:19 +01:00
* @ apiName addpagan
* @ apiGroup Pagans
* @ apiDescription
* Create a pagan account from alias , publickey , if trusted recovery =>
2023-12-29 13:38:47 +01:00
* If trustedtribe is true then create a person in xtribe / person / xalias . json with profil . auth = { email , privatekey , passphrase } .
*
2023-12-07 12:04:19 +01:00
* Middleware isAuthenticated check that :
* - xhash is well signed from private key linked to the publickey of alias
* - check that alias does not already exist ( if yes then verifiedsigne would be false )
* Need to wait next block chain to be sure that alias is register in the blokchain
* @ apiBody { string } alias available ( that does not already exist check get / api / alias / : alias that must return 404 ) .
* @ apiBody { string } publickey
* @ apiBody { string } [ email ] if specified then an email is sent to it with public and privatekey
* @ apiBody { string } [ privatekey ]
* @ apiBody { string } [ passphrase ] if not specidied => passphrase = ""
2023-12-29 13:38:47 +01:00
* @ apiBody { string } [ trustedtribe ] the tribename if not specified then the process will only create a pagan identity , else an item person is create for trustedtribe ( that must exist with profil 'person' ) . To create a person with an existing pagan identity use put / api / person / : alias after authenticated you ( headers ) . In case a person is created then we use all valid other apiBody respecting the persons schema ( see put persons )
2024-02-20 14:52:07 +01:00
* @ apiBody { object } schema : pagans < a href = '/nationchains/schema/pagans.json' target = '_blank' > / n a t i o n c h a i n s / s c h e m a / p a g a n s . j s o n < / a >
2023-12-07 12:04:19 +01:00
*
* @ apiError { json } objectNotfound the file does not exist
* @ apiErrorExample { json }
* HTTP / 1.1 404 Not Found
{ "status" : 404 , "ref" : "Odmdb" , "msg" : "pathnamedoesnotexist" , "data" : { indexpath } }
*
* @ apiSuccess { object } indexfile content
* @ apiSuccessExample { json } Success - Response :
* HTTP / 1.1 200 OK
* { "status" : 200 , "ref" : "Odmdb" , "msg" : "indexexist" , "data" : { indexname , content : { index file } }
*
* /
router . post ( "/" , checkHeaders , isAuthenticated , async ( req , res ) => {
2024-02-19 17:55:06 +01:00
if ( log ) console . log ( currentmod , "post with" , req . body ) ;
2023-12-07 12:04:19 +01:00
const role = {
xalias : req . session . header . xalias ,
xprofils : req . session . header . xprofils ,
} ;
const emailregex =
/^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/ ;
if ( ! ( req . body . trustedtribe && req . body . email && emailregex . test ( req . body . email ) ) ) {
res . status ( 400 ) . json ( { status : 400 , ref : "Pagans" , msg : "emailerr" , data : { email : req . body . email } } )
return
}
const objpagan = { alias : req . body . alias , publickey : req . body . publickey } ;
2024-03-15 08:49:23 +01:00
const newpagan = Odmdb . cud ( ` ../../objects/pagans ` , "C" , objpagan , role ) ;
2023-12-07 12:04:19 +01:00
const createprocess = { status : 200 , ref : "Pagans" , msg : "successfulcreate" , data : { alias : req . body . alias } } ;
if ( newpagan . status == 200 ) {
if ( req . body . email ) {
const emailsent = await Pagans . sendmailkey ( {
alias : req . body . alias ,
privatekey : req . body . privatekey ,
tribe : req . session . header . xtribe ,
passprhase : req . body . passphrase ,
publickey : req . body . publickey ,
email : req . body . email ,
lg : req . session . header . xlang
}
) ;
createprocess . data . emailsent = ( emailsent . status == 200 ) ;
createprocess . data . email = req . body . email
createprocess . data . tribe = req . session . header . xtribe ;
if ( emailsent . status != 200 ) {
2024-02-19 17:55:06 +01:00
console . log ( "pagans err to send email emailsent: " , emailsent )
2023-12-07 12:04:19 +01:00
createprocess . data . emailerror = emailsent . data . err ;
}
}
if ( req . body . trustedtribe ) {
const persondata = {
alias : req . body . alias ,
owner : req . body . alias ,
profils : [ "pagans" , "persons" ] ,
recoveryauth : {
email : req . body . email ,
privatekey : req . body . privatekey ,
publickey : req . body . publickey ,
passphrase : req . body . passphrase ,
} ,
} ;
2024-03-15 08:49:23 +01:00
const personup = Odmdb . cud ( ` ../../ ${ req . body . trustedtribe } /objects/persons ` , "C" , persondata , { xprofils : [ "pagan" ] , xalias : req . body . alias } ) ;
2024-02-19 17:55:06 +01:00
if ( log ) console . log ( currentmod , 'person create' , personup )
2023-12-07 12:04:19 +01:00
if ( personup . status == 200 ) {
createprocess . data . createperson = true ;
} else {
createprocess . data . createperson = false ;
createprocess . data . errorperson = true ;
createprocess . data . errpersonup = personup . data ;
2024-02-19 17:55:06 +01:00
if ( log ) console . log ( currentmod , "Warning pagan created but person not created and no recovery registration" , personup ) ;
2023-12-07 12:04:19 +01:00
}
res . status ( createprocess . status ) . json ( createprocess ) ;
} else {
res . status ( newpagan . status ) . json ( newpagan ) ;
}
} else {
//error to create pagan certaily already exist
res . status ( newpagan . status ) . json ( newpagan ) ;
}
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { delete } adminapi / pagans / alias / : alias - pagan Delete
2023-12-07 12:04:19 +01:00
* @ apiName deletepagan
* @ apiGroup Pagans
* @ apiDescription
2023-12-29 13:38:47 +01:00
* Delete an alias and his publickey , this mean that publickey disapear as well as alias . We set dt _delete
2023-12-07 12:04:19 +01:00
* * /
router . delete ( "/alias/:alias" , checkHeaders , isAuthenticated , ( req , res ) => {
2024-03-15 08:49:23 +01:00
const personpath = ` ../objects/pagans ` ;
2023-12-29 13:38:47 +01:00
const role = {
xalias : req . session . header . xalias ,
xprofils : req . session . header . xprofils ,
} ;
req . session . header . role
const delperson = Odmdb . cud ( personpath , "U" , { alias : req . params . alias , dt _delete : dayjs ( ) . toISOString ( ) } , role , true ) ;
2024-02-20 07:27:45 +01:00
if ( log ) console . log ( currentmod , ` DELETE person ${ personpath } / ${ req . params . alias } .json ` ) ;
if ( log ) console . log ( delperson )
2023-12-29 13:38:47 +01:00
res . status ( delperson . status ) . json ( delperson ) ;
2024-03-15 08:49:23 +01:00
if ( log ) console . log ( ` DELETE pagans adminapi/objects/pagans/ ${ req . params . alias } .json ` ) ;
2023-12-29 13:38:47 +01:00
const result = Pagans . delete ( req . params . alias , req . session . header ) ;
2023-12-07 12:04:19 +01:00
res . status ( result . status ) . send ( result ) ;
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { delete } adminapi / pagans / person / : tribe / : alias - person Delete
2023-12-07 12:04:19 +01:00
* @ apiName deleteperson
* @ apiGroup Pagans
* @ apiDescription
* Unsubscribe a person to a tribe => remove a person item and all data link to this alias
2023-12-29 13:38:47 +01:00
* @ apiHeader { array } xprofils list of profil of authenticated user
* @ apiHeader { string } xalias current user
* @ apiParam { string } tribe where person alias exist
* @ apiParam { string } alias to delete as person
2023-12-07 12:04:19 +01:00
* * /
2023-12-29 13:38:47 +01:00
router . delete ( "/person/:tribe/:alias" , checkHeaders , isAuthenticated , ( req , res ) => {
2024-03-15 08:49:23 +01:00
const personpath = ` ../../ ${ req . params . tribe } /objects/persons ` ;
2023-12-07 12:04:19 +01:00
const role = {
xalias : req . session . header . xalias ,
xprofils : req . session . header . xprofils ,
} ;
req . session . header . role
const delperson = Odmdb . cud ( personpath , "D" , { alias : req . params . alias } , role , true ) ;
2024-02-20 07:27:45 +01:00
if ( log ) console . log ( currentmod , ` DELETE person ${ personpath } / ${ req . params . alias } .json ` ) ;
if ( log ) console . log ( currentmod , "delete person " , delperson )
2023-12-07 12:04:19 +01:00
res . status ( delperson . status ) . json ( delperson ) ;
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { get } adminapi / pagans / person / : alias - person Get
2023-12-07 12:04:19 +01:00
* @ apiName getpersondata
* @ apiDescription Get person information from his alias for a xtribe ( data and profils per apps )
* @ apiGroup Pagans
*
* @ apiParam { string } alias
*
* @ apiSuccess ( 200 ) personExist
* @ apiSuccessExample { json }
* { status : 200 , ref : "pagans" , msg : "personexist" , data : { person } }
*
* @ apiError ( 404 ) Notfound
* @ apiErrorExample { json }
* { status : 404 , ref : "pagans" , msg : "persondoesnotexist" , data : { person } }
*
* @ todo check accessright for req . session . header . xalias to see if jhe can get person data
* if req . param . alias == req . session . header . xalias => Owner
* else need accessright to on person set at R
* * /
router . get ( "/person/:alias" , checkHeaders , isAuthenticated , ( req , res ) => {
2024-03-15 08:49:23 +01:00
console . log ( path . resolve ( ` ../../ ${ req . session . header . xtribe } /objects/persons ` ) )
const getperson = Odmdb . r ( ` ../../ ${ req . session . header . xtribe } /objects/persons ` , req . params . alias , { xprofils : req . session . header . xprofils , xalias : req . session . header . xalias } )
2023-12-07 12:04:19 +01:00
res . status ( getperson . status ) . send ( getperson ) ;
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { put } adminapi / pagans / person / : tribe - person Put
2023-12-07 12:04:19 +01:00
* @ apiName updateperson
* @ apiGroup Pagans
2023-12-29 13:38:47 +01:00
* @ apiDescription add or update a person = alias in tribe . xalias authenticated ( in header ) must have a profil with accessright into schema person to create a person .
* @ apiHeader { string } xhash authenthicate hash with current user keys
* @ apiHeader { string } xalias current user
* @ apiHeader { string } xprofils profil list
* @ apiParam { object } schema : persons < a href = 'https://smatchit.io/smatchit/schema/persons.json' target = '_blank' > https : //dnstribe/tribe/schema/persons.json</a>
2023-12-07 12:04:19 +01:00
*
* /
2023-12-29 13:38:47 +01:00
router . put ( "/person/:tribe" , checkHeaders , isAuthenticated , ( req , res ) => {
2023-12-07 12:04:19 +01:00
//console.log(req.body);
2024-03-15 08:49:23 +01:00
const pathobj = ` ../../ ${ req . params . tribe } /objects/persons ` ;
2023-12-07 12:04:19 +01:00
const action = ( fs . existsSync ( ` ${ pathobj } /itm/ ${ req . body . alias } .json ` ) ) ? "U" : "C" ;
//set req.body to be in line with schema
if ( ! req . body . profils ) {
req . body . profils = [ "anonymous" , "pagans" , "persons" ]
}
const personup = Odmdb . cud ( pathobj , action , req . body , { xprofils : req . session . header . xprofils , xalias : req . session . header . xalias } ) ;
2024-02-20 07:27:45 +01:00
if ( log ) console . log ( currentmod , ' personupdate or create:' , personup )
2023-12-07 12:04:19 +01:00
res . status ( personup . status ) . json ( personup ) ;
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { get } adminapi / pagans / keyrecovery / : tribe / : email - recovery keys by email
2023-12-07 12:04:19 +01:00
* @ apiName recoveryKey
* @ apiGroup Pagans
* @ apiDescription Send mails with all registers identities ( one per alias where recoveryauth . email is register )
*
2023-12-10 08:33:09 +01:00
* @ apiSuccess { object } send recovery email
2023-12-07 12:04:19 +01:00
* @ apiSuccessExample { json } Success - Response :
* HTTP / 1.1 200 OK
* { "status" : 200 , "ref" : "Pagans" , "msg" : "recoveryemailsent" , "data" : { email , tribe , nbalias : 'number of alias with this email' , nbqent : 'number of eamil sent must = nbalias' } }
*
* @ apiError ( 404 ) { string } emailnotfound email does not exist for this tribe
* @ apiErrorExample { json }
* { status : 404 , ref : "pagans" , msg : "emailnotfound" , data : { tribe , email } }
*
* /
router . get ( "/keyrecovery/:tribe/:email" , checkHeaders , ( req , res ) => {
2024-03-15 08:49:23 +01:00
const idxreco = ` ../../ ${ req . params . tribe } /objects/persons/idx/emailrecovery_alias.json ` ;
2023-12-07 12:04:19 +01:00
if ( fs . existsSync ( idxreco ) ) {
const emailreco = fs . readJSONSync ( idxreco ) ;
if ( emailreco [ req . params . email ] ) {
let sentemails = 0 ;
emailreco [ req . params . email ] . forEach ( alias => {
const ret = Pagans . sendmailkey ( { alias : alias , tribe : req . params . tribe , lg : req . session . header . xlang } )
sentemails = ( ret . status == 200 ) ? sentemails + 1 : sentemails ;
} )
return { status : 200 , ref : "Pagans" , msg : "recoveryemailsent" , data : { email : req . params . email , tribe : req . params . tribe , nbalias : emailreco [ req . params . email ] . length , nbsent : sentemails } }
} else {
return { status : 404 , ref : "Pagans" , msg : "emailnotfound" , data : { tribe : req . params . tribe , email : req . params . email } }
}
} else {
return { status : 404 , ref : "Pagans" , msg : "emailnotfound" , data : { tribe : req . params . tribe , email : req . params . email } }
}
} ) ;
/ * *
2024-03-15 08:49:23 +01:00
* @ api { get } adminapi / pagans / keyrecovery / : tribe / : alias - recovery keys by alias
2023-12-07 12:04:19 +01:00
* @ apiName recoveryKey
* @ apiGroup Pagans
* @ apiDescription Send to email recovery if exist key files
*
2023-12-10 08:33:09 +01:00
* @ apiSuccess { object } send recovery mail for alias
2023-12-07 12:04:19 +01:00
* @ apiSuccessExample { json } Success - Response :
* HTTP / 1.1 200 OK
* { "status" : 200 , "ref" : "Pagans" , "msg" : "recoveryemailsent" , "data" : { email , tribe , nbalias : 1 , nbqent : 1 or 0 } }
*
* @ apiError ( 404 ) { string } emailnotfound email does not exist for this tribe
* @ apiErrorExample { json }
* { status : 404 , ref : "pagans" , msg : "emailnotfound" , data : { tribe , email } }
*
* /
router . get ( "/keyrecovery/:tribe/:alias" , checkHeaders , ( req , res ) => {
// a tester et revoir
const ret = Pagans . sendmailkey ( { alias : req . params . alias , tribe : req . params . tribe , lg : req . session . header . xlang } )
if ( ret . status == 200 ) {
return { status : 200 , ref : "Pagans" , msg : "recoveryemailsent" , data : { email : "" , tribe : req . params . tribe , nbalias : 1 , nbsent : 1 } }
} else {
return { status : 404 , ref : "Pagans" , msg : "emailnotfound" , data : { tribe : req . params . tribe , email : req . params . email } }
}
} ) ;
module . exports = router ;