const express = require('express'); const cors = require('cors'); const fetch = require('node-fetch'); const { v4: uuidv4 } = require('uuid'); const ovh = require('ovh'); const mailchimp = require('@mailchimp/mailchimp_transactional'); const Stripe = require('stripe'); require('dotenv').config(); // Initialisation de l'application Express const app = express(); const PORT = process.env.PORT || 8080; // Configuration CORS const corsOptions = { origin: ['http://local.lecoffreio.4nkweb:3000', 'http://localhost:3000', 'https://lecoffreio.4nkweb.com'], methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], allowedHeaders: ['Content-Type', 'Authorization'] }; app.use(cors(corsOptions)); app.use(express.json()); const authTokens = []; const ECivility = { MALE: 'MALE', FEMALE: 'FEMALE', OTHERS: 'OTHERS' }; const EOfficeStatus = { ACTIVATED: 'ACTIVATED', DESACTIVATED: 'DESACTIVATED' }; const EIdnotRole = { DIRECTEUR: "Directeur général du CSN", NOTAIRE_TITULAIRE: "Notaire titulaire", NOTAIRE_ASSOCIE: "Notaire associé", NOTAIRE_SALARIE: "Notaire salarié", COLLABORATEUR: "Collaborateur", SECRETAIRE_GENERAL: "Secrétaire général", SUPPLEANT: "Suppléant", ADMINISTRATEUR: "Administrateur", RESPONSABLE: "Responsable", CURATEUR: "Curateur", } function getOfficeStatus(statusName) { switch (statusName) { case "Pourvu": return EOfficeStatus.ACTIVATED; case "Pourvu mais décédé": return EOfficeStatus.ACTIVATED; case "Sans titulaire": return EOfficeStatus.ACTIVATED; case "Vacance": return EOfficeStatus.ACTIVATED; case "En activité": return EOfficeStatus.ACTIVATED; default: return EOfficeStatus.DESACTIVATED; } } function getOfficeRole(roleName) { switch (roleName) { case EIdnotRole.NOTAIRE_TITULAIRE: return { name: 'Notaire' }; case EIdnotRole.NOTAIRE_ASSOCIE: return { name: 'Notaire' }; case EIdnotRole.NOTAIRE_SALARIE: return { name: 'Notaire' }; case EIdnotRole.COLLABORATEUR: return { name: 'Collaborateur' }; case EIdnotRole.SUPPLEANT: return { name: 'Collaborateur' }; case EIdnotRole.ADMINISTRATEUR: return { name: 'Collaborateur' }; case EIdnotRole.CURATEUR: return { name: 'Collaborateur' }; default: return null; } } function getRole(roleName) { switch (roleName) { case EIdnotRole.NOTAIRE_TITULAIRE: return { name: 'admin' }; case EIdnotRole.NOTAIRE_ASSOCIE: return { name: 'admin' }; case EIdnotRole.NOTAIRE_SALARIE: return { name: 'notary' }; case EIdnotRole.COLLABORATEUR: return { name: 'notary' }; case EIdnotRole.SUPPLEANT: return { name: 'notary' }; case EIdnotRole.ADMINISTRATEUR: return { name: 'admin' }; case EIdnotRole.CURATEUR: return { name: 'notary' }; default: return { name: 'default' }; } } function getCivility(civility) { switch (civility) { case 'Monsieur': return ECivility.MALE; case 'Madame': return ECivility.FEMALE; default: return ECivility.OTHERS; } } app.get('/api/v1/health', (req, res) => { res.json({ message: 'OK' }); }); app.post('/api/v1/idnot/user/:code', async (req, res) => { const code = req.params.code; try { const params = { client_id: 'B3CE56353EDB15A9', client_secret: '3F733549E879878344B6C949B366BB5CDBB2DB5B7F7AB7EBBEBB0F0DD0776D1C', redirect_uri: 'http://local.lecoffreio.4nkweb:3000/authorized-client', grant_type: 'authorization_code', code: code }; const tokens = await ( await fetch('https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, body: new URLSearchParams(params).toString() }) ).json(); const jwt = tokens.id_token; if (!jwt) { console.error('jwt not defined'); return null; } const payload = JSON.parse(Buffer.from(jwt.split('.')[1], 'base64').toString('utf8')); const searchParams = new URLSearchParams({ key: 'ba557f84-0bf6-4dbf-844f-df2767555e3e' }); let userData; try { userData = await ( await fetch(`https://qual-api.notaires.fr/annuaire/api/pp/v2/rattachements/${payload.profile_idn}?` + searchParams, { method: 'GET' }) ).json(); } catch (error) { console.error('Error fetching ' + `https://qual-api.notaires.fr/annuaire/api/pp/v2/rattachements/${payload.profile_idn}`, error); return null; } if (!userData || !userData.statutDuRattachement || userData.entite.typeEntite.name !== 'office') { console.error('User not attached to an office (May be a partner)'); return null; } let officeLocationData; try { officeLocationData = (await ( await fetch(`https://qual-api.notaires.fr/annuaire${userData.entite.locationsUrl}?` + searchParams, { method: 'GET' }) ).json()); } catch (error) { console.error('Error fetching' + `https://qual-api.notaires.fr/annuaire${userData.entite.locationsUrl}`, error); return null; } if (!officeLocationData || !officeLocationData.result || officeLocationData.result.length === 0) { console.error('Office location data not found'); return null; } const idNotUser = { idNot: payload.sub, office: { idNot: payload.entity_idn, name: userData.entite.denominationSociale ?? userData.entite.codeCrpcen, crpcen: userData.entite.codeCrpcen, office_status: getOfficeStatus(userData.entite.statutEntite.name), address: { address: officeLocationData.result[0].adrGeo4, city: officeLocationData.result[0].adrGeoVille.split(' ')[0] ?? officeLocationData.result[0].adrGeoVille, zip_code: Number(officeLocationData.result[0].adrGeoCodePostal) }, status: 'ACTIVE' }, role: getRole(userData.typeLien.name), contact: { first_name: userData.personne.prenom, last_name: userData.personne.nomUsuel, email: userData.mailRattachement, phone_number: userData.numeroTelephone, cell_phone_number: userData.numeroMobile ?? userData.numeroTelephone, civility: getCivility(userData.personne.civilite) }, office_role: getOfficeRole(userData.typeLien.name) }; if (!idNotUser.contact.email) { console.error('User pro email empty'); return null; } const authToken = uuidv4(); authTokens.push({ idNot: idNotUser.idNot, authToken }); res.json({ idNotUser, authToken }); } catch (error) { res.status(500).json({ error: 'Internal Server Error', message: error.message }); } }); //------------------------------------ SMS Section ----------------------------------------- const configSms = { // OVH config OVH_APP_KEY: process.env.OVH_APP_KEY, OVH_APP_SECRET: process.env.OVH_APP_SECRET, OVH_CONSUMER_KEY: process.env.OVH_CONSUMER_KEY, OVH_SMS_SERVICE_NAME: process.env.OVH_SMS_SERVICE_NAME, // SMS Factor config SMS_FACTOR_TOKEN: process.env.SMS_FACTOR_TOKEN, PORT: process.env.PORT || 8080 }; // Codes storage const verificationCodes = new Map(); // Service SMS class SmsService { static generateCode() { return Math.floor(100000 + Math.random() * 900000); } // OVH Service static sendSmsWithOvh(phoneNumber, message) { return new Promise((resolve, reject) => { const ovhClient = ovh({ appKey: configSms.OVH_APP_KEY, appSecret: configSms.OVH_APP_SECRET, consumerKey: configSms.OVH_CONSUMER_KEY }); ovhClient.request('POST', `/sms/${configSms.OVH_SMS_SERVICE_NAME}/jobs`, { message: message, receivers: [phoneNumber], senderForResponse: false, sender: 'not.IT Fact', noStopClause: true }, (error, result) => { if (error) { console.error('Erreur OVH SMS:', error); resolve({ success: false, error: 'Échec de l\'envoi du SMS via OVH' }); } else { resolve({ success: true }); } }); }); } // SMS Factor Service static async sendSmsWithSmsFactor(phoneNumber, message) { try { const url = new URL('https://api.smsfactor.com/send/simulate'); url.searchParams.append('to', phoneNumber); url.searchParams.append('text', message); url.searchParams.append('sender', 'LeCoffre'); url.searchParams.append('token', configSms.SMS_FACTOR_TOKEN); const response = await fetch(url.toString()); if (!response.ok) { throw new Error(`HTTP error! status: ${response.status}`); } return { success: true }; } catch (error) { console.error('Erreur SMS Factor:', error); return { success: false, error: 'Échec de l\'envoi du SMS via SMS Factor' }; } } // Main method static async sendSms(phoneNumber, message) { // Try first with OVH const ovhResult = await this.sendSmsWithOvh(phoneNumber, message); if (ovhResult.success) { return ovhResult; } // If OVH fails, try with SMS Factor console.log('OVH SMS failed, trying SMS Factor...'); return await this.sendSmsWithSmsFactor(phoneNumber, message); } } // Phone number validation middleware const validatePhoneNumber = (req, res, next) => { const { phoneNumber } = req.body; if (!phoneNumber) { return res.status(400).json({ success: false, message: 'Le numéro de téléphone est requis' }); } // Validation basique du format const phoneRegex = /^\+?[1-9]\d{1,14}$/; if (!phoneRegex.test(phoneNumber)) { return res.status(400).json({ success: false, message: 'Format de numéro de téléphone invalide' }); } next(); }; // Routes app.post('/api/send-code', validatePhoneNumber, async (req, res) => { const { phoneNumber } = req.body; try { // Check if a code already exists and is not expired const existingVerification = verificationCodes.get(phoneNumber); if (existingVerification) { const timeSinceLastSend = Date.now() - existingVerification.timestamp; if (timeSinceLastSend < 30000) { // 30 secondes return res.status(429).json({ success: false, message: 'Veuillez attendre 30 secondes avant de demander un nouveau code' }); } } // Generate a new code const code = SmsService.generateCode(); // Store the code verificationCodes.set(phoneNumber, { code, timestamp: Date.now(), attempts: 0 }); // Send the SMS const message = `Votre code de vérification LeCoffre est : ${code}`; const result = await SmsService.sendSms(phoneNumber, message); if (result.success) { res.json({ success: true, message: 'Code envoyé avec succès', }); } else { res.status(500).json({ success: false, message: 'Échec de l\'envoi du SMS via les deux fournisseurs' }); } } catch (error) { console.error('Erreur:', error); res.status(500).json({ success: false, message: 'Erreur serveur lors de l\'envoi du code' }); } }); app.post('/api/verify-code', validatePhoneNumber, (req, res) => { const { phoneNumber, code } = req.body; if (!code) { return res.status(400).json({ success: false, message: 'Le code est requis' }); } const verification = verificationCodes.get(phoneNumber); if (!verification) { return res.status(400).json({ success: false, message: 'Aucun code n\'a été envoyé à ce numéro' }); } // Check if the code has not expired (5 minutes) if (Date.now() - verification.timestamp > 5 * 60 * 1000) { verificationCodes.delete(phoneNumber); return res.status(400).json({ success: false, message: 'Le code a expiré' }); } // Check if the code is correct if (verification.code.toString() === code.toString()) { verificationCodes.delete(phoneNumber); res.json({ success: true, message: 'Code vérifié avec succès' }); } else { verification.attempts += 1; if (verification.attempts >= 3) { verificationCodes.delete(phoneNumber); res.status(400).json({ success: false, message: 'Trop de tentatives. Veuillez demander un nouveau code' }); } else { res.status(400).json({ success: false, message: 'Code incorrect' }); } } }); //------------------------------------ End of SMS Section ------------------------------------ //------------------------------------ Email Section ----------------------------------------- const configEmail = { MAILCHIMP_API_KEY: process.env.MAILCHIMP_API_KEY, MAILCHIMP_KEY: process.env.MAILCHIMP_KEY, MAILCHIMP_LIST_ID: process.env.MAILCHIMP_LIST_ID, PORT: process.env.PORT || 8080, FROM_EMAIL: 'no-reply@lecoffre.io', FROM_NAME: 'LeCoffre.io' }; // Email storage const pendingEmails = new Map(); // Email service class EmailService { static async sendTransactionalEmail(to, templateName, subject, templateVariables) { try { const mailchimpClient = mailchimp(configEmail.MAILCHIMP_API_KEY); const message = { template_name: templateName, template_content: [], message: { global_merge_vars: this.buildVariables(templateVariables), from_email: configEmail.FROM_EMAIL, from_name: configEmail.FROM_NAME, subject: subject, to: [ { email: to, type: 'to' } ] } }; const result = await mailchimpClient.messages.sendTemplate(message); return { success: true, result }; } catch (error) { console.error('Erreur envoi email:', error); return { success: false, error: 'Échec de l\'envoi de l\'email' }; } } static buildVariables(templateVariables) { return Object.keys(templateVariables).map(key => ({ name: key, content: templateVariables[key] })); } // Add to Mailchimp diffusion list static async addToMailchimpList(email) { try { const url = `https://us17.api.mailchimp.com/3.0/lists/${configEmail.MAILCHIMP_LIST_ID}/members`; const response = await fetch(url, { method: 'POST', headers: { 'Authorization': `apikey ${configEmail.MAILCHIMP_KEY}`, 'Content-Type': 'application/json' }, body: JSON.stringify({ email_address: email, status: 'subscribed' }) }); if (!response.ok) { throw new Error(`HTTP error! status: ${response.status}`); } const data = await response.json(); return { success: true, data }; } catch (error) { console.error('Erreur ajout à la liste:', error); return { success: false, error: 'Échec de l\'ajout à la liste Mailchimp' }; } } static async retryFailedEmails() { for (const [emailId, emailData] of pendingEmails) { if (emailData.attempts >= 10) { pendingEmails.delete(emailId); continue; } const nextRetryDate = new Date(emailData.lastAttempt); nextRetryDate.setMinutes(nextRetryDate.getMinutes() + Math.pow(emailData.attempts, 2)); if (Date.now() >= nextRetryDate) { try { const result = await this.sendTransactionalEmail( emailData.to, emailData.templateName, emailData.subject, emailData.templateVariables ); if (result.success) { pendingEmails.delete(emailId); } else { emailData.attempts += 1; emailData.lastAttempt = Date.now(); } } catch (error) { emailData.attempts += 1; emailData.lastAttempt = Date.now(); } } } } } // Email validation middleware const validateEmail = (req, res, next) => { const { email } = req.body; if (!email) { return res.status(400).json({ success: false, message: 'L\'adresse email est requise' }); } const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/; if (!emailRegex.test(email)) { return res.status(400).json({ success: false, message: 'Format d\'email invalide' }); } next(); }; // Email templates const ETemplates = { DOCUMENT_ASKED: "DOCUMENT_ASKED", DOCUMENT_REFUSED: "DOCUMENT_REFUSED", DOCUMENT_RECAP: "DOCUMENT_RECAP", SUBSCRIPTION_INVITATION: "SUBSCRIPTION_INVITATION", DOCUMENT_REMINDER: "DOCUMENT_REMINDER", DOCUMENT_SEND: "DOCUMENT_SEND", }; // Routes app.post('/api/send-email', validateEmail, async (req, res) => { const { email, firstName, lastName, officeName, template } = req.body; try { const templateVariables = { first_name: firstName || '', last_name: lastName || '', office_name: officeName || '', link: `${process.env.APP_HOST}` }; const result = await EmailService.sendTransactionalEmail( email, ETemplates[template], 'Votre notaire vous envoie un message', templateVariables ); if (!result.success) { // Add to pending emails to retry later const emailId = `${email}-${Date.now()}`; pendingEmails.set(emailId, { to: email, templateName: ETemplates[template], subject: 'Votre notaire vous envoie un message', templateVariables, attempts: 1, lastAttempt: Date.now() }); } res.json({ success: true, message: 'Email envoyé avec succès' }); } catch (error) { console.error('Erreur:', error); res.status(500).json({ success: false, message: 'Erreur serveur lors de l\'envoi de l\'email' }); } }); app.post('/api/subscribe-to-list', validateEmail, async (req, res) => { const { email } = req.body; try { const result = await EmailService.addToMailchimpList(email); if (result.success) { res.json({ success: true, message: 'Inscription à la liste réussie' }); } else { res.status(500).json({ success: false, message: 'Échec de l\'inscription à la liste' }); } } catch (error) { console.error('Erreur:', error); res.status(500).json({ success: false, message: 'Erreur serveur lors de l\'inscription' }); } }); app.post('/api/:uid/send_reminder', validateEmail, async (req, res) => { const { email, documentsUid } = req.body; try { const uid = req.params["uid"]; if (!uid) { //this.httpBadRequest(response, "No uid provided"); return; } if (!documentsUid || !Array.isArray(documentsUid)) { //this.httpBadRequest(response, "Invalid or missing documents"); return; } /* const documentEntities: Documents[] = []; //For each document uid, use DocumentsService.getByUid to get the document entity and add it to the documents array for (const documentUid of documentsUid) { const documentEntity = await this.documentsService.getByUid(documentUid, { document_type: true, folder: true }); if (!documentEntity) { this.httpBadRequest(response, "Document not found"); return; } documentEntities.push(documentEntity); } const customerEntity = await this.customersService.getByUid(uid, { contact: true, office: true }); if (!customerEntity) { this.httpNotFoundRequest(response, "customer not found"); return; } //Hydrate ressource with prisma entity const customer = Customer.hydrate < Customer > (customerEntity, { strategy: "excludeAll" }); // Call service to send reminder with documents await this.customersService.sendDocumentsReminder(customer, documentEntities); */ const templateVariables = { first_name: 'firstName' || '', last_name: 'lastName' || '', office_name: 'officeName' || '', link: `${process.env.APP_HOST}` }; const result = await EmailService.sendTransactionalEmail( email, ETemplates.DOCUMENT_REMINDER, 'Votre notaire vous envoie un message', templateVariables ); console.log(result); res.json({ success: true, message: 'Email envoyé avec succès' }); } catch (error) { console.log(error); return; } }); // Automatic retry system setInterval(() => { EmailService.retryFailedEmails(); }, 60000); // Check every minute //------------------------------------ End of Email Section ------------------------------------ //------------------------------------ Stripe Section ------------------------------------------ const configStripe = { STRIPE_SECRET_KEY: process.env.STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET: process.env.STRIPE_WEBHOOK_SECRET, APP_HOST: process.env.APP_HOST || 'http://localhost:3000', }; // Stripe service class StripeService { constructor() { this.client = new Stripe(configStripe.STRIPE_SECRET_KEY); this.prices = { STANDARD: { monthly: process.env.STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID, yearly: process.env.STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID }, UNLIMITED: { monthly: process.env.STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID, yearly: process.env.STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID } }; } // Only for test async createTestSubscription() { try { const customer = await this.client.customers.create({ email: 'test@example.com', description: 'Client test', source: 'tok_visa' }); const priceId = this.prices.STANDARD.monthly; const price = await this.client.prices.retrieve(priceId); const subscription = await this.client.subscriptions.create({ customer: customer.id, items: [{ price: price.id }], payment_behavior: 'default_incomplete', expand: ['latest_invoice.payment_intent'] }); return { subscriptionId: subscription.id, customerId: customer.id, status: subscription.status, priceId: price.id }; } catch (error) { throw error; } } async createCheckoutSession(subscription, frequency) { const priceId = this.getPriceId(subscription.type, frequency); return await this.client.checkout.sessions.create({ mode: 'subscription', payment_method_types: ['card', 'sepa_debit'], billing_address_collection: 'auto', line_items: [{ price: priceId, quantity: subscription.type === 'STANDARD' ? subscription.seats : 1, }], success_url: `${configStripe.APP_HOST}/subscription/success`, // Success page (frontend) cancel_url: `${configStripe.APP_HOST}/subscription/error`, // Error page (frontend) metadata: { subscription: JSON.stringify(subscription), }, allow_promotion_codes: true, automatic_tax: { enabled: true } }); } getPriceId(type, frequency) { return this.prices[type][frequency]; } async getSubscription(subscriptionId) { return await this.client.subscriptions.retrieve(subscriptionId); } async createPortalSession(subscriptionId) { const subscription = await this.getSubscription(subscriptionId); return await this.client.billingPortal.sessions.create({ customer: subscription.customer, return_url: `${configStripe.APP_HOST}/subscription/manage` }); } } const stripeService = new StripeService(); // Validation middleware const validateSubscription = (req, res, next) => { const { type, seats, frequency } = req.body; if (!type || !['STANDARD', 'UNLIMITED'].includes(type)) { return res.status(400).json({ success: false, message: 'Type d\'abonnement invalide' }); } if (type === 'STANDARD' && (!seats || seats < 1)) { return res.status(400).json({ success: false, message: 'Nombre de sièges invalide' }); } if (!frequency || !['monthly', 'yearly'].includes(frequency)) { return res.status(400).json({ success: false, message: 'Fréquence invalide' }); } next(); }; // Routes // Only for test app.post('/api/test/create-subscription', async (req, res) => { try { const result = await stripeService.createTestSubscription(); res.json({ success: true, data: result }); } catch (error) { res.status(500).json({ success: false, message: 'Erreur lors de la création de l\'abonnement de test', error: { message: error.message, type: error.type, code: error.code } }); } }); app.post('/api/subscriptions/checkout', validateSubscription, async (req, res) => { try { const session = await stripeService.createCheckoutSession(req.body, req.body.frequency); res.json({ success: true, sessionId: session.id }); } catch (error) { console.error('Erreur création checkout:', error); res.status(500).json({ success: false, message: 'Erreur lors de la création de la session de paiement' }); } }); app.get('/api/subscriptions/:id', async (req, res) => { try { const subscription = await stripeService.getSubscription(req.params.id); res.json({ success: true, subscription }); } catch (error) { res.status(500).json({ success: false, message: 'Erreur lors de la récupération de l\'abonnement' }); } }); app.post('/api/subscriptions/:id/portal', async (req, res) => { try { const session = await stripeService.createPortalSession(req.params.id); res.json({ success: true, url: session.url }); } catch (error) { res.status(500).json({ success: false, message: 'Erreur lors de la création de la session du portail' }); } }); // Webhook Stripe app.post('/api/webhooks/stripe', express.raw({ type: 'application/json' }), async (req, res) => { const sig = req.headers['stripe-signature']; let event; try { event = Stripe.webhooks.constructEvent(req.body, sig, configStripe.STRIPE_WEBHOOK_SECRET); } catch (err) { return res.status(400).send(`Webhook Error: ${err.message}`); } try { switch (event.type) { case 'checkout.session.completed': const session = event.data.object; if (session.status === 'complete') { const subscription = JSON.parse(session.metadata.subscription); // Stock subscription (create process) console.log('Nouvel abonnement:', subscription); } break; case 'invoice.payment_succeeded': const invoice = event.data.object; if (['subscription_update', 'subscription_cycle'].includes(invoice.billing_reason)) { const subscription = await stripeService.getSubscription(invoice.subscription); // Update subscription (update process) console.log('Mise à jour abonnement:', subscription); } break; case 'customer.subscription.deleted': const deletedSubscription = event.data.object; // Delete subscription (update process to delete) console.log('Suppression abonnement:', deletedSubscription.id); break; } res.json({ received: true }); } catch (error) { console.error('Erreur webhook:', error); res.status(500).json({ success: false, message: 'Erreur lors du traitement du webhook' }); } }); //------------------------------------ End of Stripe Section ----------------------------------- app.listen(PORT, () => { console.log(`Server is running on port ${PORT}`); });