18 var _0x170b=['unshift','encryptString','join','promisify','sign','secret','options','randomBytes','toString','hex','floor','now','../../config/environment','../../config/license/hardware','../../config/license/util','lodash','jsonwebtoken','composable-middleware','basic-auth','bluebird','util','moment','secrets','session','role','name','internal','email','userpic','md5secret','voicePause','chatPause','openchannelPause','pauseType','showWebBar','lastLoginAt','lastPauseAt','allowmessenger','passwordResetAt','alias','phoneBarAutoAnswer','phoneBarAutoAnswerDelay','phoneBarDnd','phoneBarEnableRecording','phoneBarEnableSettings','phoneBarRemoteControl','phoneBarRemoteControlPort','hotdesk','interface','userProfileId','settingsEnabled','isChatInteractionAuthorized','isAuthenticated','user','ChatInteraction','findOne','closed','disposition','status','unmanaged','json','Unmanaged.','use','headers','startsWith','authorization','Basic','User','find','then','authenticate','pass','Wrong\x20credentials.','catch','Bearer','query','apikey','getUuid','sub','allowedLoginAttempts','isEqual','apiKeyNonce','nonce','API\x20access\x20key\x20is\x20not\x20valid\x20anymore','disabled','Invalid\x20API\x20access\x20key','blockedAt','add','User\x20not\x20found.','User\x20object\x20not\x20found.','canUpdate','update','Forbidden','isMiddleware','signToken','setTokenCookie','It\x20looks\x20like\x20you\x20aren\x27t\x20logged\x20in,\x20please\x20try\x20again.','cookie','motion.token','redirect','/dashboards/general','send','retrieveApiKey','isNil','apiKeyIat','generateApiKey','Please\x20use\x20the\x20previous\x20API\x20access\x20key\x20to\x20generate\x20a\x20new\x20one','validatePasswordPattern','Sequelize','ValidationError','The\x20password\x20must\x20be\x20at\x20least\x208\x20characters\x20long\x20and\x20have\x201\x20lowercase\x20character,\x201\x20uppercase\x20character,\x201\x20number\x20and\x201\x20special\x20character\x20~!@#$%^&-_=+[{]}.','validatePasswordHistory','decryptString','toLowerCase','format','The\x20password\x20must\x20be\x20different\x20from\x20the\x20previous\x20%d\x20passwords.\x20Please\x20choose\x20another\x20one.','The\x20password\x20must\x20be\x20different\x20from\x20the\x20last\x20one.\x20Please\x20choose\x20another\x20one.','updatePasswordsHistory','split','length'];(function(_0x3dd15e,_0x1f0015){var _0x231fd0=function(_0x4f680a){while(--_0x4f680a){_0x3dd15e['push'](_0x3dd15e['shift']());}};_0x231fd0(++_0x1f0015);}(_0x170b,0xfc));var _0xb170=function(_0x58284b,_0x4218d7){_0x58284b=_0x58284b-0x0;var _0x4f3f44=_0x170b[_0x58284b];return _0x4f3f44;};'use strict';var db=require('../../mysqldb')['db'];var config=require(_0xb170('0x0'));var hardwareConf=require(_0xb170('0x1'));var licenseUtil=require(_0xb170('0x2'));var encryptor=require('../encryptor');var _=require(_0xb170('0x3'));var jwt=require(_0xb170('0x4'));var expressJwt=require('express-jwt');var compose=require(_0xb170('0x5'));var basicAuth=require(_0xb170('0x6'));var crypto=require('crypto');var BPromise=require(_0xb170('0x7'));var util=require(_0xb170('0x8'));var moment=require(_0xb170('0x9'));var validateJwt=expressJwt({'secret':config[_0xb170('0xa')][_0xb170('0xb')]});var userAttributes=['id',_0xb170('0xc'),'fullname',_0xb170('0xd'),_0xb170('0xe'),_0xb170('0xf'),_0xb170('0x10'),'permissions',_0xb170('0x11'),_0xb170('0x12'),_0xb170('0x13'),'mailPause','faxPause','smsPause',_0xb170('0x14'),_0xb170('0x15'),_0xb170('0x16'),_0xb170('0x17'),_0xb170('0x18'),'crudPermissions',_0xb170('0x19'),_0xb170('0x1a'),_0xb170('0x1b'),_0xb170('0x1c'),_0xb170('0x1d'),_0xb170('0x1e'),_0xb170('0x1f'),'phoneBarEnableDtmfTone',_0xb170('0x20'),'phoneBarExpires','phoneBarPrefixRequired',_0xb170('0x21'),_0xb170('0x22'),_0xb170('0x23'),_0xb170('0x24'),_0xb170('0x25'),_0xb170('0x26')];exports[_0xb170('0x27')]=function(){return this[_0xb170('0x28')](!![])['use'](function(_0x1e5cb7,_0x133e12,_0x5ab823){if(_0x1e5cb7[_0xb170('0x29')]){_0x5ab823();}else{return db[_0xb170('0x2a')][_0xb170('0x2b')]({'where':{'id':_0x1e5cb7['params']['id']},'attributes':['id',_0xb170('0x2c'),_0xb170('0x2d')],'raw':!![]})['then'](function(_0x16b0f3){if(_0x16b0f3&&_0x16b0f3[_0xb170('0x2c')]){return _0x133e12[_0xb170('0x2e')](_0x16b0f3['disposition']===_0xb170('0x2f')?0x195:0x193)[_0xb170('0x30')]({'message':_0x16b0f3[_0xb170('0x2d')]==='unmanaged'?_0xb170('0x31'):'Forbidden.'});}else{_0x5ab823();}})['catch'](function(_0x2c8f12){_0x5ab823(_0x2c8f12);});}});};exports[_0xb170('0x28')]=function isAuthenticated(_0x24dbb0){return compose()[_0xb170('0x32')](function(_0x6ee7a5,_0x47bbd1,_0x25ebdf){var _0x1e673e;if(_0x6ee7a5[_0xb170('0x33')]['authorization']){if(_[_0xb170('0x34')](_0x6ee7a5[_0xb170('0x33')][_0xb170('0x35')],_0xb170('0x36'))){var _0x5d921d=basicAuth(_0x6ee7a5);db[_0xb170('0x37')][_0xb170('0x38')]({'where':{'name':_0x5d921d['name']}})[_0xb170('0x39')](function(_0x4a3060){if(!_0x4a3060||!_0x4a3060[_0xb170('0x3a')](_0x5d921d[_0xb170('0x3b')])){return _0x47bbd1['status'](0x191)[_0xb170('0x30')]({'message':_0xb170('0x3c')});}_0x6ee7a5['user']={'id':_0x4a3060['id']};_0x25ebdf();})[_0xb170('0x3d')](function(_0x3c7ca9){_0x25ebdf(_0x3c7ca9);});}else if(_['startsWith'](_0x6ee7a5['headers']['authorization'],_0xb170('0x3e'))){validateJwt(_0x6ee7a5,_0x47bbd1,_0x25ebdf);}else{if(_0x24dbb0){_0x25ebdf();}else{return _0x47bbd1['status'](0x193)[_0xb170('0x30')]({'message':'Unknown\x20authorization\x20format'});}}}else if(_0x6ee7a5[_0xb170('0x3f')][_0xb170('0x40')]){try{var _0x390cd1={'audience':hardwareConf[_0xb170('0x41')](),'issuer':hardwareConf[_0xb170('0x41')]()};verifyJwt(_0x6ee7a5[_0xb170('0x3f')][_0xb170('0x40')],_0x390cd1)[_0xb170('0x39')](function(_0x35197c){return db[_0xb170('0x37')]['find']({'where':{'id':_0x35197c[_0xb170('0x42')]}})[_0xb170('0x39')](function(_0x489888){_0x1e673e=_0x489888;return db['Setting']['findOne']({'where':{'id':0x1},'attributes':[_0xb170('0x43'),'blockDuration'],'raw':!![]});})[_0xb170('0x39')](function(_0x718eb){if(!_0x1e673e||!_[_0xb170('0x44')](_0x1e673e[_0xb170('0x45')],_0x35197c[_0xb170('0x46')])){return _0x47bbd1[_0xb170('0x2e')](0x191)[_0xb170('0x30')]({'message':_0xb170('0x47')});}if(_0x1e673e[_0xb170('0x48')]){return _0x47bbd1[_0xb170('0x2e')](0x191)['json']({'message':_0xb170('0x49')});}if(_0x1e673e['blocked']){if(_0x718eb['blockDuration']>0x0){if(moment(_0x1e673e[_0xb170('0x4a')])[_0xb170('0x4b')](_0x718eb['blockDuration'],'minutes')>moment()){return _0x47bbd1[_0xb170('0x2e')](0x191)[_0xb170('0x30')]({'message':'Invalid\x20API\x20access\x20key'});}}else{return _0x47bbd1[_0xb170('0x2e')](0x191)[_0xb170('0x30')]({'message':_0xb170('0x49')});}}_0x6ee7a5[_0xb170('0x29')]={'id':_0x1e673e['id']};_0x25ebdf();});})['catch'](function(){return _0x47bbd1[_0xb170('0x2e')](0x191)['json']({'message':'Invalid\x20API\x20access\x20key'});});}catch(_0x3ba753){_0x25ebdf(_0x3ba753);}}else if(_0x24dbb0){_0x25ebdf();}else{return _0x47bbd1[_0xb170('0x2e')](0x193)[_0xb170('0x30')]({'message':'Unknown\x20authorization\x20format'});}})[_0xb170('0x32')](function(_0x3a7e43,_0x6ae0d9,_0x1a4e48){if(_0x3a7e43['user']){db[_0xb170('0x37')][_0xb170('0x38')]({'where':{'id':_0x3a7e43[_0xb170('0x29')]['id']},'attributes':userAttributes})[_0xb170('0x39')](function(_0x3c6c09){if(!_0x3c6c09){return _0x6ae0d9[_0xb170('0x2e')](0x194)[_0xb170('0x30')]({'message':_0xb170('0x4c')});}_0x3a7e43[_0xb170('0x29')]=_0x3c6c09;_0x1a4e48();})[_0xb170('0x3d')](function(_0x4cdb56){_0x1a4e48(_0x4cdb56);});}else if(_0x24dbb0){_0x1a4e48();}else{return _0x6ae0d9[_0xb170('0x2e')](0x194)[_0xb170('0x30')]({'message':_0xb170('0x4d')});}});};exports[_0xb170('0x4e')]=function canUpdate(){return compose()[_0xb170('0x32')](function(_0x3e0362,_0x59a6e0,_0x1f057b){return licenseUtil['getLicense']()[_0xb170('0x39')](function(_0x2ee9d6){if(_0x2ee9d6[_0xb170('0x4f')]){_0x1f057b();}else{return _0x59a6e0[_0xb170('0x2e')](0x193)[_0xb170('0x30')]({'message':_0xb170('0x50')});}})[_0xb170('0x3d')](function(_0x3f0b08){_0x1f057b(_0x3f0b08);});});};exports[_0xb170('0x51')]=function(_0x2f5009,_0x3379d9,_0x40a8ce){_0x2f5009['isMiddleware']=!![];return _0x40a8ce();};exports[_0xb170('0x52')]=function signToken(_0x25a92c){return signJwt(_0x25a92c);};exports[_0xb170('0x53')]=function(_0x2accef,_0x3fbb07){if(!_0x2accef['user']){return _0x3fbb07['status'](0x194)[_0xb170('0x30')]({'message':_0xb170('0x54')});}var _0x10c0fe={'payload':{'id':_0x2accef['user']['id'],'role':_0x2accef[_0xb170('0x29')][_0xb170('0xc')]},'options':{'expiresIn':0x15180}};return signJwt(_0x10c0fe)[_0xb170('0x39')](function(_0x52d120){_0x3fbb07[_0xb170('0x55')](_0xb170('0x56'),_0x52d120);_0x3fbb07[_0xb170('0x57')](_0xb170('0x58'));})[_0xb170('0x3d')](function(_0x1e3d7d){return _0x3fbb07[_0xb170('0x2e')](0x1f4)[_0xb170('0x59')](_0x1e3d7d);});};exports[_0xb170('0x5a')]=function(_0xf0f716){if(_[_0xb170('0x5b')](_0xf0f716[_0xb170('0x45')])||_[_0xb170('0x5b')](_0xf0f716[_0xb170('0x5c')])){return null;}else{return createJwt(_0xf0f716);}};exports[_0xb170('0x5d')]=function(_0x1a3405){_0x1a3405[_0xb170('0x45')]=generateNonce();_0x1a3405['apiKeyIat']=generateIssuedAt();return createJwt(_0x1a3405);};exports['regenerateApiKey']=function(_0x5cd2b7,_0x602124){var _0xd54b99=_0x5cd2b7[_0xb170('0x3f')][_0xb170('0x40')];if(_0xd54b99){var _0x137730={'nonce':_0x602124['apiKeyNonce'],'iat':_0x602124[_0xb170('0x5c')],'audience':hardwareConf[_0xb170('0x41')](),'issuer':hardwareConf[_0xb170('0x41')]()};return verifyJwt(_0xd54b99,_0x137730)[_0xb170('0x39')](function(){return generateApiKey(_0x602124);});}else{throw{'message':_0xb170('0x5e')};}};exports[_0xb170('0x5f')]=function(_0x75ed39){var _0x461e70=new RegExp(/(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[?!@#\$%\^&\*~\-_=+[{\]\}])(?=.{8,})/);if(!_0x461e70['test'](_0x75ed39))throw new db[(_0xb170('0x60'))][(_0xb170('0x61'))](_0xb170('0x62'));return;};exports[_0xb170('0x63')]=function(_0x5ed290,_0x54e457,_0x4f5232){var _0x310c72=encryptor[_0xb170('0x64')](_0x54e457)['split'](',');for(var _0x2d1f8e=0x0;_0x2d1f8e<_0x4f5232;_0x2d1f8e++){if(!_0x310c72[_0x2d1f8e])break;if(_0x5ed290[_0xb170('0x65')]()===_0x310c72[_0x2d1f8e][_0xb170('0x65')]()){var _0x513e67=util[_0xb170('0x66')](_0xb170('0x67'),_0x4f5232);if(_0x4f5232===0x1){_0x513e67=_0xb170('0x68');}throw new db['Sequelize'][(_0xb170('0x61'))](_0x513e67);}}return;};exports[_0xb170('0x69')]=function(_0x3a43ee,_0x36fc49){var _0x6c9571=_0x36fc49?encryptor[_0xb170('0x64')](_0x36fc49)[_0xb170('0x6a')](','):[];if(_0x6c9571[_0xb170('0x6b')]===0x5){_0x6c9571['splice'](-0x1,0x1);}_0x6c9571[_0xb170('0x6c')](_0x3a43ee);return encryptor[_0xb170('0x6d')](_0x6c9571[_0xb170('0x6e')](','));};function signJwt(_0x481ea0){var _0x19e42d=BPromise[_0xb170('0x6f')](jwt[_0xb170('0x70')],{'context':jwt});var _0x42a93e=_0x481ea0[_0xb170('0x71')]||config[_0xb170('0xa')][_0xb170('0xb')];return new BPromise(function(_0x3829d9,_0x3ffb34){_0x19e42d(_0x481ea0['payload'],_0x42a93e,_0x481ea0[_0xb170('0x72')])[_0xb170('0x39')](function(_0xb4ea2e){_0x3829d9(_0xb4ea2e);})[_0xb170('0x3d')](function(_0x5993a2){_0x3ffb34(_0x5993a2);});});}function verifyJwt(_0x53f24d,_0x559fbe,_0x5b3227){var _0x20c92a=BPromise[_0xb170('0x6f')](jwt['verify'],{'context':jwt});var _0x515407=_0x5b3227||config[_0xb170('0xa')][_0xb170('0xb')];return new BPromise(function(_0x5c3d8c,_0x2afd55){_0x20c92a(_0x53f24d,_0x515407,_0x559fbe)[_0xb170('0x39')](function(_0x3920ba){_0x5c3d8c(_0x3920ba);})[_0xb170('0x3d')](function(_0x4a893b){_0x2afd55(_0x4a893b);});});}function generateNonce(){return crypto[_0xb170('0x73')](0x10)[_0xb170('0x74')](_0xb170('0x75'));}function generateIssuedAt(){return Math[_0xb170('0x76')](Date[_0xb170('0x77')]()/0x3e8)[_0xb170('0x74')]();}function createJwt(_0x5d888f){var _0x1bc785={'payload':{'iat':_0x5d888f[_0xb170('0x5c')],'nonce':_0x5d888f[_0xb170('0x45')]},'options':{'algorithm':'HS512','subject':_0x5d888f['id']['toString'](),'issuer':hardwareConf[_0xb170('0x41')](),'audience':hardwareConf['getUuid']()}};return signJwt(_0x1bc785)[_0xb170('0x39')](function(_0x3c5007){return{'iat':_0x5d888f['apiKeyIat'],'nonce':_0x5d888f[_0xb170('0x45')],'token':_0x3c5007};});}
git://repos.xcallymotion.com / motion2.git / blob