mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-18 15:17:25 +01:00
28f2e9c356
* Fixed more tests * Added tags into user service * Added api-v3 auth urls * v3: fix package.json * v3: fix package.json * Fixed auth tests. Updated Authctrl response * v3: remove newrelic config file in favour of env variables * v3: upgrade some deps * switch from Q to Bluebird * v3 fix tests with deferred * Removed extra consoles.log. Changed data.data to res.data * v3 fix tests and use coroutines instead of regenerator * v3: fix tests * v3: do not await a non promise * v3: q -> bluebird * Changed id param for registration response * Updated party query and create * Ensured login callback happens after user sync * Add challenges to groups. Fixed isMemberOfGuild check * Updated party and group tests * Fixed cron test * return user.id and send analytics event before changing page * fix trailing spaces * disable redirects * Api v3 party tavern fixes (#7191) * Added check if user is in party before query * Cached party query. Prevented party request when user is not in party. Updated Party create with no invites * Update tavern ctrl to use new promise * v3: misc fixes * Api v3 task fixes (#7193) * Update task view to use _id * Added try catch to user service ops calls * v3 client: saving after syncing is complete * Fixed test broken by part sync change (#7195) * v3: fix todo scoring and try to fix production testing problem * revert changes to mongoose config * mongoose: increase keepAlive * test mongoose fix * fix: Only apply captureStackTrace if it exists on the error object * v3: fix reminders with no startDate * mongoose: use options * chore(): rename website/src -> website/server and website/public -> website/client (#7199) * v3 fix GET /groups: return an error only if an invalid type is supplied not when there are 0 results (#7203) * [API v3] Fix calls to user.ops and deleting tags (#7204) * v3: fixes calls to user.ops from views and deleting tags * v3: fix tests that use user._statsComputed * Api v3 fixes continued (#7205) * Added timzeone offset back * Added APIToken back to settings page * Fixed fetch recent messages for party * Fixed returning group description * Fixed check if user is member of challenge * Fixed party members appearing in header * Updated get myGroups param to include public groups. Fixed isMemberOf group * Fixed hourglass purchase * Fixed challenge addding tasks on first creating * Updated tests to accomidate new changes * fix: Correct checklist on client Closes #7207 * fix: Pin eslint to 2.9 * minor improvements to cron code for clarity; fix inaccurate comments; add TODOs for rest-in-inn actions * fix: Add missing type param to equip call closes #7212 * rename and reword pubChalsMinPrize to reflect that it's only for Tavern challenges * allows players to send gems to each other; other minor related changes - fixes https://github.com/HabitRPG/habitrpg/issues/7227 * fix tests for /members/transfer-gems * fix: Set gems sent notification as translatable string * chore: Remove unusued variable * fix: Remove requirement on message paramter in transfer-gems * add a missing variable declaration * chore: clarify comments on cron code * fix: Correct client request from habitrpg -> tavern * update apidoc URL in package.json Closes #7222 * Fixed start party by invites * Updated spell casting to v3 * Fixed adding and removing tags on tasks * Fixed page reload on settings change * Fixed battle monsters with friends button * Loaded completed todos when done is clicked * chore: Reinstate floating version number for eslint babel-eslint regression fixed * Fixed reload tests * change "an user" to "a user" in comments and text (no code changes) (#7257) * fix: Alert user that drops were recieved * remove userServices.js from karma.conf - it's been moved to website/client/js/services * feat: Create debug update user route * fix: Correct set cron debug function * feat: Add make admin button to debug menu * lint: Add missing semicolons in test * fix: Temporarilly comment out udpate user debug route * v3: fix _tmp for crit and streakBonus * v3: execute all actions when leaving a solo party * v3 client: fix group not found when leaving party * v3 migration: fix challenge prize * v3 cron: only save modified tasks * v3: add CHALLENGE_TASK_NOT_FOUND to valid broken reasons * v3: fix tasks chart * v3 client: fix ability to leave challenge * v3 client: fix filtering by tag and correctly show tag tooltip * v3 common: fix tags tests * v3 client: support unlinking not found challenges tasks * v3: disable Bluebird warning for missing return, fixes #7269 * feat: Separate out update-user into set-cron and make-admin debug routes * chore: Disable make admin debug route for v3 prod testing * v3: misc fixes * v3: misc fixes * v3: fix adding multiple tasks * Fixed join/leave button updates * Queried only user groups to be available when creating challenges * Fixed bulk add tasks to challenge * Synced challenge tasks after leave and join. * Fixed default selected group * Fixed challenge member info. Fixed challenge winner selection * Fixed deleting challenge tasks * Fixed particiapting filter * v3 client: fix casting spells * v3: do not log sensitive data * v3: always save user when casting spell * v3: always save user when casting spell * v3: more fixes for spells * fix typos and missing information in apidocs - fixes https://github.com/HabitRPG/habitrpg/issues/7277 (#7282) * v3: add TODO for client side spells * feat: Add modify inventory debug menu * Fixed viewing user progress on challenge * Updated tests * fix: Fix quest progress button * fix incorrect Armoire test; remove unneeded param details from apidocs; disambiguate health potion * v3: fix stealth casting * v3: fix tasks saving and selection for rebirth reroll and reset (server-only) * v3: fix auto allocation * v3 client: misc fixes * rename buyPotion and buy-potion to buyHealthPotion and buy-health-potion; fix apidoc param error * Added delete for saved challenge task * Fixed member modal on front page * adjust text in apidocs for errors / clarity / consistency / standard terminology (no code changes) (#7298) * fix bug in Rebirth test, add new tests, adjust apidocs (#7293) * Updated task model to allow setting streak (#7306) * fix: Correct missing * in apidoc comments * Api v3 challenge fixes (#7287) * Fixed join/leave button updates * Queried only user groups to be available when creating challenges * Fixed bulk add tasks to challenge * Synced challenge tasks after leave and join. * Fixed default selected group * Fixed challenge member info. Fixed challenge winner selection * Fixed deleting challenge tasks * Fixed particiapting filter * Fixed viewing user progress on challenge * Updated tests * Added delete for saved challenge task * v3: fix sorting * [API v3] add CRON_SAFE_MODE (#7286) * add CRON_SAFE_MODE to example config file, fix some bugs, add an unrelated low-priority TODO * create CRON_SAFE_MODE to disable parts of cron for use after extended outage - fixes https://github.com/HabitRPG/habitrpg/issues/7161 * fix a bug with CRON_SAFE_MODE, remove duplicated code, remove completed TODO comment * fix check for CRON_SAFE_MODE * v3 client: fix typo * adjust debug menu Modify Inventory: hungrier pets, fewer Special items, "Hide" buttons * completed To-Dos: return the 30 most recent instead of 30 oldest (#7318) * v3 migration: fix createdAt date * adjust locales text, key names, and files for Rebirth, Reset, and Fortify / ReRoll for consistency with existing strings (#7321) * v3: fix unlinking multiple tasks * v3 fix releasing pets * v3: fix authenticating with apiUrl * v3: fix typo * v3 fix client tests for unlinking * v3 client: do not show start quest button when quest is active * v3 client: fix ability to send cards * v3 client: fix misc challenge issues * v3: fix notifications * v3 client: more user friendly errors * v3 client: only load completed todos once * v3 client: fix tests * v3: move TAVERN_ID to common code * fix: Provide default type and text for new task creation in score route * fix: Provide default history [] for habit in score route * fix: Add _legacyId prop to tasks to support non-uuid identifiers * chore: Change v3 migration to use _legacyId instead of legacyId * fix: check for _legacyId in tasks if id does not exist * refactor: Extract out finding task by id or _legacyId into a function * Api v3 party quest fixes (#7341) * Fix display of add challenge message when group challenges are empty * Fixed forced quest start to update quest without reload * Fixed needing to reload when accepting party invite * Fix group leave and join reload * Fixed leave current party and join another * Updated party tests * v3 client: remove console.log statement * v3: misc fixes * v3 client: fix predicatbale random * v3: info about API v3 * v3: update footer with links to developer resources * v3: support party invitation from email * v3 client: fix chat flagging * fix: Correct get tasks route to properly get todos (#7349) * move locales strings from api-v3.json to other locales files (#7347) * move locales strings from api-v3.json: authentication strings -> front.json * move locales strings from api-v3.json: authentication strings -> tasks.json * move locales strings from api-v3.json: authentication strings -> groups.json * move locales strings from api-v3.json: authentication strings -> challenge.json * move locales strings from api-v3.json: authentication strings -> groups.json (again) * move locales strings from api-v3.json: authentication strings -> quests.json * move locales strings from api-v3.json: authentication strings -> subscriber.json * move locales strings from api-v3.json: authentication strings -> spells.json * move locales strings from api-v3.json: authentication strings -> character.json * move locales strings from api-v3.json: authentication strings -> groups.json (PMs) * move locales strings from api-v3.json: authentication strings -> npc.json * move locales strings from api-v3.json: authentication strings -> pets.json * move locales strings from api-v3.json: authentication strings -> miscellaneous * move locales strings from api-v3.json: authentication strings -> contrib.json and settings.json * move locales strings from api-v3.json: delete unused string (invalidTasksOwner), delete api-v3.json, whitespace cleanup * v3 client: fix sticky header * v3: remove unused code * v3 client: correctly redirect after inviting * Removed v2 calls from views (#7351) * v3: fix tests for challenge export * v3: fallbackto authWithHeaders if wuthWithSession or authWithUrl fails * Added force cache update when fetching new messages (#7360) * v3: fetch whole user when booting from group tto avoid issues with pre save hook expecting all data * v3: misc fixes for payments * v3: limit fields of challenge tasks that can be updated * fix(tests): never connect to NODE_DB_URI for tests * Added new route for setting last cron and updated front end * v3: fix iap url * v3: fix build and ios IAP * Changed route to user set custom day start * v3: iap accessible under /api/v3, fixes to spells and groups invitations * v3: correctly use v3 routes in client * remove XP, GP when unticking a Daily with a completed checklist - fixes https://github.com/HabitRPG/habitrpg/issues/7246 * use natural language for error message about skills on challenge tasks (#7336), fix other gramatical error * Updated ui when user rejects a guild invite (#7368) * feat: complete custom day start route Closes #7363 * fix: Correct spelling of healAll skill fix: Correct sprite name of healAll skill * fix: Change all instances of spookDust -> spookySparkles * add dateCreated to all tasks; add empty challenge object to tasks that don't have one (#7386) * add plumilla to artists for Tangle Tree in Bailey message * Fixed quest drop modal (#7377) * Fixed quest drop modal * Fixed broken party test * [API v3] Maintenance Mode (#7367) * WIP(maintenance): maintenance * WIP(maintenance): working locale features * fix(maintenance): don't translate info page target * WIP(maintenance): start adding info page * fix(maintenance): linting * feat: Add container to maintenance info page * fix(maintenance): add config.json edits Also DRY variables for main vs info pages * fix(maintenance): linting * refactor(maintenance): further slim down variables * refactor: Remove unnecessary variables * fix: Correct string interpolation in maintenace view * feat: Dynamically add time to maintenance pages * maintenance mode: do not connect to mongodb * fix(maintenance): clean up timezones etc. * fix(maintenance): remove unneeded sprite * Tavern party challenges invites fix (#7394) * Added challenges and invitations to party * Loaded tavern challenges * Updated group and quest services tests * v3: implement automatic syncing if user is not up to date * Removed unnecessary fields when updating groups and challenges (#7395) * v3: do not saved populated user * v3: correctly return user subset * Chained party promises together (#7396) * v3: $w -> splitWhitespace * use bluebird * use babel polyfill * migration: fix items * update links for v3 * Updated shortname validation to support multiple browsers * Docs changes (#7401) * chore: Clarify transfer-gems documentation * chore: Clarify api status route documentation * chore: Mark webhooks as BETA * Added tags update route. Added sort to user service (#7381) * Added tags update route. Added sort to user service * Change update tasks route to reorder tasks * Fixed linting issue * Changed params for reorder tags route * Fixed not found tag and added test * Added password confirmation when deleteing account (#7402) * fix production logging * feat(commit): push * empty commit * feat(maintenance): post-downtime news & awards (#7406) * fix exporting avatar * second attempt at fixing exporting avatar * fix production logging * s3: convert moment to date instance * fix avatar sharing and caching (30 minutes) * fix: Correct missing parameter Closes #7433 * fix: Validate challenge shortname on server * adjust text strings - fixes https://github.com/HabitRPG/habitrpg/issues/5631 and also Short Name -> Tag Name
205 lines
6.6 KiB
JavaScript
205 lines
6.6 KiB
JavaScript
var nodemailer = require('nodemailer');
|
|
var nconf = require('nconf');
|
|
var crypto = require('crypto');
|
|
var path = require("path");
|
|
var request = require('request');
|
|
|
|
const IS_PROD = nconf.get('IS_PROD');
|
|
const BASE_URL = nconf.get('BASE_URL');
|
|
|
|
module.exports.sendEmail = function(mailData) {
|
|
var smtpTransport = nodemailer.createTransport({
|
|
service: nconf.get('SMTP_SERVICE'),
|
|
auth: {
|
|
user: nconf.get('SMTP_USER'),
|
|
pass: nconf.get('SMTP_PASS')
|
|
}
|
|
});
|
|
|
|
smtpTransport.sendMail(mailData, function(error, response){
|
|
var logging = require('./api-v2/logging');
|
|
if(error) logging.error(error);
|
|
else logging.info("Message sent: " + response.message);
|
|
smtpTransport.close(); // shut down the connection pool, no more messages
|
|
});
|
|
}
|
|
|
|
function getUserInfo(user, fields) {
|
|
var info = {};
|
|
|
|
if(fields.indexOf('name') != -1){
|
|
if(user.auth.local){
|
|
info.name = user.profile.name || user.auth.local.username;
|
|
}else if(user.auth.facebook){
|
|
info.name = user.profile.name || user.auth.facebook.displayName || user.auth.facebook.username;
|
|
}
|
|
}
|
|
|
|
if(fields.indexOf('email') != -1){
|
|
if(user.auth.local && user.auth.local.email){
|
|
info.email = user.auth.local.email;
|
|
}else if(user.auth.facebook && user.auth.facebook.emails && user.auth.facebook.emails[0] && user.auth.facebook.emails[0].value){
|
|
info.email = user.auth.facebook.emails[0].value;
|
|
}
|
|
}
|
|
|
|
if(fields.indexOf('_id') != -1){
|
|
info._id = user._id;
|
|
}
|
|
|
|
if(fields.indexOf('canSend') != -1){
|
|
info.canSend = user.preferences.emailNotifications.unsubscribeFromAll !== true;
|
|
}
|
|
|
|
return info;
|
|
}
|
|
|
|
module.exports.getUserInfo = getUserInfo;
|
|
|
|
module.exports.txnEmail = function(mailingInfoArray, emailType, variables, personalVariables){
|
|
var mailingInfoArray = Array.isArray(mailingInfoArray) ? mailingInfoArray : [mailingInfoArray];
|
|
|
|
var variables = [
|
|
{name: 'BASE_URL', content: BASE_URL}
|
|
].concat(variables || []);
|
|
|
|
// It's important to pass at least a user with its `preferences` as we need to check if he unsubscribed
|
|
mailingInfoArray = mailingInfoArray.map(function(mailingInfo){
|
|
return mailingInfo._id ? getUserInfo(mailingInfo, ['_id', 'email', 'name', 'canSend']) : mailingInfo;
|
|
}).filter(function(mailingInfo){
|
|
// Always send reset-password emails
|
|
// Don't check canSend for non registered users as already checked before
|
|
return (mailingInfo.email && ((!mailingInfo._id || mailingInfo.canSend) || emailType === 'reset-password'));
|
|
});
|
|
|
|
// Personal variables are personal to each email recipient, if they are missing
|
|
// we manually create a structure for them with RECIPIENT_NAME and RECIPIENT_UNSUB_URL
|
|
// otherwise we just add RECIPIENT_NAME and RECIPIENT_UNSUB_URL to the existing personal variables
|
|
if(!personalVariables || personalVariables.length === 0){
|
|
personalVariables = mailingInfoArray.map(function(mailingInfo){
|
|
return {
|
|
rcpt: mailingInfo.email,
|
|
vars: [
|
|
{
|
|
name: 'RECIPIENT_NAME',
|
|
content: mailingInfo.name
|
|
},
|
|
{
|
|
name: 'RECIPIENT_UNSUB_URL',
|
|
content: '/unsubscribe?code=' + module.exports.encrypt(JSON.stringify({
|
|
_id: mailingInfo._id,
|
|
email: mailingInfo.email
|
|
}))
|
|
}
|
|
]
|
|
}
|
|
});
|
|
}else{
|
|
var temporaryPersonalVariables = {};
|
|
|
|
mailingInfoArray.forEach(function(mailingInfo){
|
|
temporaryPersonalVariables[mailingInfo.email] = {
|
|
name: mailingInfo.name,
|
|
_id: mailingInfo._id
|
|
}
|
|
});
|
|
|
|
personalVariables.forEach(function(singlePersonalVariables){
|
|
singlePersonalVariables.vars.push(
|
|
{
|
|
name: 'RECIPIENT_NAME',
|
|
content: temporaryPersonalVariables[singlePersonalVariables.rcpt].name
|
|
},
|
|
{
|
|
name: 'RECIPIENT_UNSUB_URL',
|
|
content: '/unsubscribe?code=' + module.exports.encrypt(JSON.stringify({
|
|
_id: temporaryPersonalVariables[singlePersonalVariables.rcpt]._id,
|
|
email: singlePersonalVariables.rcpt
|
|
}))
|
|
}
|
|
)
|
|
});
|
|
}
|
|
|
|
if(IS_PROD && mailingInfoArray.length > 0){
|
|
request({
|
|
url: nconf.get('EMAIL_SERVER:url') + '/job',
|
|
method: 'POST',
|
|
auth: {
|
|
user: nconf.get('EMAIL_SERVER:authUser'),
|
|
pass: nconf.get('EMAIL_SERVER:authPassword')
|
|
},
|
|
json: {
|
|
type: 'email',
|
|
data: {
|
|
emailType: emailType,
|
|
to: mailingInfoArray,
|
|
variables: variables,
|
|
personalVariables: personalVariables
|
|
},
|
|
options: {
|
|
priority: 'high',
|
|
attempts: 5,
|
|
backoff: {delay: 10*60*1000, type: 'fixed'}
|
|
}
|
|
}
|
|
});
|
|
}
|
|
}
|
|
|
|
// Encryption using http://dailyjs.com/2010/12/06/node-tutorial-5/
|
|
// Note: would use [password-hash](https://github.com/davidwood/node-password-hash), but we need to run
|
|
// model.query().equals(), so it's a PITA to work in their verify() function
|
|
|
|
module.exports.encryptPassword = function(password, salt) {
|
|
return crypto.createHmac('sha1', salt).update(password).digest('hex');
|
|
}
|
|
|
|
module.exports.makeSalt = function() {
|
|
var len = 10;
|
|
return crypto.randomBytes(Math.ceil(len / 2)).toString('hex').substring(0, len);
|
|
}
|
|
|
|
// Prepare to export analytics object
|
|
// Export emoty methods until the right ones are ready
|
|
module.exports.analytics = { track: function() { }, trackPurchase: function() { } };
|
|
|
|
/**
|
|
* Load nconf and define default configuration values if config.json or ENV vars are not found
|
|
*/
|
|
module.exports.setupConfig = function(){
|
|
if (nconf.get('IS_DEV'))
|
|
Error.stackTraceLimit = Infinity;
|
|
if (IS_PROD && nconf.get('NEW_RELIC_ENABLED') === 'true')
|
|
require('newrelic');
|
|
|
|
var analytics = IS_PROD && require('./api-v2/analytics');
|
|
var analyticsTokens = {
|
|
amplitudeToken: nconf.get('AMPLITUDE_KEY'),
|
|
googleAnalytics: nconf.get('GA_ID')
|
|
}
|
|
|
|
if(analytics){
|
|
analytics = analytics(analyticsTokens);
|
|
// Use the right analytics methods, don't substitute the entire object
|
|
// or all the require() across the code will keep the empty methods
|
|
module.exports.analytics.track = analytics.track;
|
|
module.exports.analytics.trackPurchase = analytics.trackPurchase;
|
|
}
|
|
};
|
|
|
|
var algorithm = 'aes-256-ctr';
|
|
module.exports.encrypt = function(text){
|
|
var cipher = crypto.createCipher(algorithm,nconf.get('SESSION_SECRET'))
|
|
var crypted = cipher.update(text,'utf8','hex')
|
|
crypted += cipher.final('hex');
|
|
return crypted;
|
|
}
|
|
|
|
module.exports.decrypt = function(text){
|
|
var decipher = crypto.createDecipher(algorithm,nconf.get('SESSION_SECRET'))
|
|
var dec = decipher.update(text,'hex','utf8')
|
|
dec += decipher.final('utf8');
|
|
return dec;
|
|
}
|