Merge pull request #21 from ThePiratePhone/add-suport-for-sms

## Pull Request Overview

This PR adds support for sending and managing SMS messages within the admin area.
- Introduces a singleton `Sms` class for gateway integration, token management, and sending messages.
- Extends utility functions for phone normalization and validation.
- Adds three new endpoints (`smsStatus`, `sendSms`, `setPhone`), updates routes, tests, model, and docs.

### Reviewed Changes

Copilot reviewed 20 out of 22 changed files in this pull request and generated 6 comments.

<details>
<summary>Show a summary per file</summary>

| File                               | Description                                           |
|------------------------------------|-------------------------------------------------------|
| tools/utils.ts                     | Updated phone validation logic                        |
| tools/sms.ts                       | New `Sms` class handling SMS gateway interactions     |
| router/admin/area/smsStatus.ts     | Implement `/admin/area/smsStatus` endpoint            |
| router/admin/area/sendSms.ts       | Implement `/admin/area/sendSms` endpoint              |
| router/admin/area/setPhone.ts      | Implement `/admin/area/setPhone` endpoint             |
| routes.ts                          | Registered new SMS-related routes                     |
| Models/Area.ts                     | Added `adminPhone` field to `Area` schema             |
| README.md                          | Added versioning section                              |
</details>

<details>
<summary>Comments suppressed due to low confidence (1)</summary>

**tools/sms.ts:10**
* The property name 'gatway' appears to be a typo. Rename it to 'gateway' for clarity and consistency.
```
	gatway: string;
```
</details>

Author: UnelDev

Models/Area.ts

@@ -6,11 +6,6 @@ const AreaModel = new mongoose.Schema({
 		required: true,
 		index: true
 	},
-	password: {
-		type: String,
-		required: true,
-		index: true
-	},
 	campaignList: {
 		type: Array<typeof mongoose.Schema.ObjectId>,
 		ref: 'Campaign',
@@ -23,6 +18,12 @@ const AreaModel = new mongoose.Schema({
 	createdAt: {
 		type: Date,
 		default: Date.now()
+	},
+	adminPhone: {
+		type: Array<[string, string | undefined]>, // [phone, name?]
+		required: true,
+		index: false,
+		default: []
 	}
 });
 

README.md

@@ -39,3 +39,10 @@ or
 ```bash
 npm run test file
 ```
+
+## versioning
+major.minor.patch
+
+- **major**: add or remove a model object for the database
+- **minor**: modification on a model, requires a database upgrade
+- **patch**: no modification on the database

package-lock.json

@@ -33,6 +33,7 @@
 		"@types/cors": "^2.8.17",
 		"@types/express": "^5.0.0",
 		"@types/jest": "^29.5.14",
+		"@types/node-fetch": "^2.6.12",
 		"@types/supertest": "^6.0.2",
 		"jest": "^29.7.0"
 	},
@@ -46,6 +47,7 @@
 		"js-sha512": "^0.9.0",
 		"mongodb": "^6.13.1",
 		"mongoose": "^8.10.2",
+		"node-fetch": "^2.7.0",
 		"supertest": "^7.0.0",
 		"ts-jest": "^29.2.6",
 		"ts-node": "^10.9.2"

package.json

@@ -32,7 +32,7 @@ export default async function ChangeName(req: Request<any>, res: Response<any>)
 			res,
 			[
 				['adminCode', 'string'],
-				['area', 'string'],
+				['area', 'ObjectId'],
 				['newName', 'string'],
 				['allreadyHaseded', 'boolean', true]
 			],

router/admin/.DS_Store

@@ -0,0 +1,77 @@
+import { Request, Response } from 'express';
+
+import { Area } from '../../../Models/Area';
+import { log } from '../../../tools/log';
+import sms from '../../../tools/sms';
+import { checkParameters, clearPhone, hashPasword, phoneNumberCheck } from '../../../tools/utils';
+
+export default async function sendSms(req: Request<any>, res: Response<any>) {
+	const ip =
+		(Array.isArray(req.headers['x-forwarded-for'])
+			? req.headers['x-forwarded-for'][0]
+			: req.headers['x-forwarded-for']?.split(',')?.[0] ?? req.ip) ?? 'no IP';
+	if (
+		!checkParameters(
+			req.body,
+			res,
+			[
+				['adminCode', 'string'],
+				['area', 'ObjectId'],
+				['allreadyHaseded', 'boolean', true],
+				['message', 'string']
+			],
+			__filename
+		)
+	)
+		return;
+
+	if (req.body.phone && (!Array.isArray(req.body.phone) || req.body.phone.length === 0)) {
+		res.status(400).send({ message: 'Invalid phone, phone must be a array<[phone, name]>', OK: false });
+		log(`[!${req.body.area}, ${ip}] Invalid phone`, 'WARNING', __filename);
+		return;
+	}
+
+	let errored = false;
+	req.body.phone.forEach((phone: [string, string | undefined]) => {
+		if ((!errored && typeof phone[0] !== 'string') || !phoneNumberCheck(clearPhone(phone[0]))) {
+			errored = true;
+			res.status(400).send({ message: 'Invalid phone number', OK: false });
+			log(`[!${req.body.area}, ${ip}] Invalid phone number: ${phone[0]}`, 'WARNING', __filename);
+			return;
+		}
+	});
+	if (errored) {
+		return;
+	}
+
+	//pass phone to [name, phone]
+	req.body.phone = req.body.phone.map((phone: string | [string, string | undefined]) => {
+		if (Array.isArray(phone) && phone.length === 2) {
+			return [phone[1], clearPhone(phone[0])];
+		}
+	});
+
+	const password = hashPasword(req.body.adminCode, req.body.allreadyHaseded, res);
+	const area = await Area.findOne({ _id: { $eq: req.body.area }, adminPassword: { $eq: password } }, ['adminPhone']);
+	if (!area) {
+		res.status(404).send({ message: 'no area found, or bad password', OK: false });
+		log(`[!${req.body.area}, ${ip}] no area found, or bad password`, 'WARNING', __filename);
+		return;
+	}
+
+	if (sms.enabled) {
+		sms.sendSms(req.body.phone, req.body.message)
+			.then(() => {
+				res.status(200).send({ OK: true, message: 'SMS sent successfully' });
+				log(`[${req.body.area}, ${ip}] SMS sent to ${req.body.phone}`, 'INFO', __filename);
+			})
+			.catch(err => {
+				res.status(500).send({ OK: false, message: `Failed to send SMS: ${err.message}` });
+				log(`[${req.body.area}, ${ip}] Failed to send SMS: ${err.message}`, 'ERROR', __filename);
+			});
+	} else {
+		res.status(503).send({ OK: false, message: 'SMS service is not enabled' });
+		log(`[${req.body.area}, ${ip}] SMS service is not enabled`, 'WARNING', __filename);
+		return;
+	}
+}

router/admin/area/changeName.ts

@@ -0,0 +1,65 @@
+import { Request, Response } from 'express';
+
+import { Area } from '../../../Models/Area';
+import { log } from '../../../tools/log';
+import { checkParameters, clearPhone, hashPasword, phoneNumberCheck } from '../../../tools/utils';
+
+export default async function setPhone(req: Request<any>, res: Response<any>) {
+	const ip =
+		(Array.isArray(req.headers['x-forwarded-for'])
+			? req.headers['x-forwarded-for'][0]
+			: req.headers['x-forwarded-for']?.split(',')?.[0] ?? req.ip) ?? 'no IP';
+	if (
+		!checkParameters(
+			req.body,
+			res,
+			[
+				['adminCode', 'string'],
+				['area', 'ObjectId'],
+				['allreadyHaseded', 'boolean', true]
+			],
+			__filename
+		)
+	)
+		return;
+
+	if (req.body.phone && (!Array.isArray(req.body.phone) || req.body.phone.length === 0)) {
+		res.status(400).send({ message: 'Invalid phone, phone must be a array<[phone, name]>', OK: false });
+		log(`[!${req.body.area}, ${ip}] Invalid phone`, 'WARNING', __filename);
+		return;
+	}
+
+	const errored = req.body.phone.some((phoneCombo: [string, string]) => {
+		const [phone, name] = [clearPhone(phoneCombo[0]), phoneCombo[1].trim()];
+		if (typeof phone !== 'string' || !phoneNumberCheck(phone) || typeof name != 'string') {
+			res.status(400).send({ message: 'Invalid phone number', OK: false });
+			log(`[!${req.body.area}, ${ip}] Invalid phone number: ${phone}`, 'WARNING', __filename);
+			return true;
+		}
+		return false;
+	});
+
+	if (errored) {
+		return;
+	}
+
+	req.body.phone = req.body.phone.map((phoneCombo: [string, string]) => [
+		clearPhone(phoneCombo[0]),
+		phoneCombo[1].trim()
+	]);
+
+	const password = hashPasword(req.body.adminCode, req.body.allreadyHaseded, res);
+	const area = await Area.updateOne(
+		{ _id: { $eq: req.body.area }, adminPassword: { $eq: password } },
+		{ adminPhone: req.body.phone },
+		['adminPhone']
+	);
+	if (area.matchedCount === 0) {
+		res.status(404).send({ message: 'no area found, or bad password', OK: false });
+		log(`[!${req.body.area}, ${ip}] no area found, or bad password`, 'WARNING', __filename);
+		return;
+	}
+
+	res.status(200).send({ OK: true, message: 'admin phone number updated' });
+	log(`[${req.body.area}, ${ip}] admin phone number updated`, 'INFO', __filename);
+}