adolforeyna/EMI-Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding webpush'

Browse Source
This commit is contained in:
aeroreyna
2022-04-23 22:52:46 -07:00
parent 70fffbf55d
commit f7c016264b
5 changed files with 256 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
index.js
View File

@@ -7,10 +7,17 @@ const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const cors = require('cors');
const Notifications = require("./notifications");
const webPush = require('web-push');
const publicVapidKey = process.env.PUBLIC_VAPID_KEY;
const privateVapidKey = process.env.PRIVATE_VAPID_KEY;
const webPushEmail = process.env.WEB_PUSH_EMAIL;
webPush.setVapidDetails('mailto:' + webPushEmail, publicVapidKey, privateVapidKey);
var corsOptions = {
origin: ['http://localhost:8080', "https://social.emmint.com"],
credentials: true };
credentials: true
};
app.use(cors(corsOptions));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
@@ -21,15 +28,15 @@ const crypto = require('crypto');
const DB = require("./mongoDB.js");
// Utilities
const getSessionId = function(req){
const getSessionId = function (req) {
const session_id = req.cookies.session_id || req.query.session_id || req.body.session_id;
return session_id;
}
const getUserId = function(req){
const getUserId = function (req) {
const user_sid = req.cookies.user_sid || req.query.user_sid || req.body.user_sid;
return user_sid;
}
const getProfileId = function(req){
const getProfileId = function (req) {
const profile_id = req.cookies.profile_id || req.query.profile_id || req.body.profile_id;
return profile_id;
}
@@ -42,7 +49,7 @@ const postRoute = require('./routes/post.js');
const paymentsRoute = require('./routes/payments.js');
DB.getDB.then((DB)=>{
DB.getDB.then((DB) => {
// middleware function to check for logged-in users
const sessionChecker = async (req, res, next) => {
@@ -52,14 +59,14 @@ DB.getDB.then((DB)=>{
if (session_id && user_sid) {
const userInfo = await DB.checkSessionOnDB(session_id, user_sid);
req.userInfo = userInfo;
if(!await DB.getProfileCache(profile_id)){
if (!await DB.getProfileCache(profile_id)) {
const latestProfile = await DB.latestProfile(user_sid);
res.cookie('profile_id', latestProfile._id, cookiesOptions);
profile_id = latestProfile._id;
}
req.profileInfo = {_id: profile_id}
if(!userInfo) return res.redirect('/login');
next();
req.profileInfo = { _id: profile_id }
if (!userInfo) return res.redirect('/login');
next();
} else {
return res.redirect('/login');
}
@@ -67,23 +74,30 @@ DB.getDB.then((DB)=>{
// route for Home-Page
app.get('/', sessionChecker, async (req, res) => {
if(req.userInfo) return res.json({
status: "ok",
userInfo: req.userInfo,
profileInfo:req.profileInfo
if (req.userInfo) return res.json({
status: "ok",
userInfo: req.userInfo,
profileInfo: req.profileInfo
});
res.json({status: "ok"});
res.json({ status: "ok" });
});
app.post('/subscribe', (req, res) => {
const subscription = req.body;
res.status(201).json({});
const profileid = getProfileId(req);
DB.setWebSubscription(profileid, subscription);
});
// route for user signup
const signup = async function(req, res){
const signup = async function (req, res) {
const username = req.query.username || req.body.username;
const password = req.query.password || req.body.password;
const email = req.query.email || req.body.email;
const profile = req.query.profile || req.body.profile;
if(!username || !password || !email) return res.json({status: "fail"});
if (!username || !password || !email) return res.json({ status: "fail" });
//Check if the new user has an invitation
if(!await DB.getInvitation(email)) return res.json({status: "Not invitation found!"});
if (!await DB.getInvitation(email)) return res.json({ status: "Not invitation found!" });
//const hashedPassword = await bcrypt.hash(password, 10);
const hashedPassword = await bcrypt.hash(password, 10);
const response = await DB.newUser({
@@ -91,7 +105,7 @@ DB.getDB.then((DB)=>{
email: email.toLowerCase(),
password: hashedPassword
});
if(!response.toLowerCase){
if (!response.toLowerCase) {
let user = {
userid: response.insertedId,
profile: profile,
@@ -100,7 +114,7 @@ DB.getDB.then((DB)=>{
await DB.newProfile(userObj);
return await login(req, res);
}
return res.json({status: response})
return res.json({ status: response })
}
app.route('/signup').get(async (req, res) => {
return await signup(req, res);
@@ -117,19 +131,19 @@ DB.getDB.then((DB)=>{
};
// route for user Login
const login = async function(req, res){
const login = async function (req, res) {
const session_id = getSessionId(req);
const user_sid = getUserId(req);
if (session_id && user_sid) {
const userInfo = await DB.checkSessionOnDB(session_id, user_sid);
if(userInfo) return res.redirect('/');
if (userInfo) return res.redirect('/');
}
const username = req.body.username || req.query.username;
const password = req.body.password || req.query.password || "";
const user = await DB.getUser(username);
if (!user) return res.json({status: "user not founded"});
if (!user) return res.json({ status: "user not founded" });
const samePass = await bcrypt.compare(password, user.password);
if(!samePass) return res.json({status: "incorrect password"});
if (!samePass) return res.json({ status: "incorrect password" });
const doc = await DB.newSession(user._id);
res.cookie('user_sid', user._id, cookiesOptions);
res.cookie('session_id', doc.insertedId, cookiesOptions);
@@ -146,7 +160,7 @@ DB.getDB.then((DB)=>{
app.route('/login').get(async (req, res) => {
return await login(req, res);
}).post(async (req, res) => {
return await login(req, res);
return await login(req, res);
});
function generatePassword() {
@@ -164,17 +178,17 @@ DB.getDB.then((DB)=>{
const user_sid = getUserId(req);
if (session_id && user_sid) {
const userInfo = await DB.checkSessionOnDB(session_id, user_sid);
if(userInfo) return res.redirect('/');
if (userInfo) return res.redirect('/');
}
const username = req.body.username;
const user = await DB.getUser(username);
if (!user) return res.json({status: "user not founded"});
if (!user) return res.json({ status: "user not founded" });
const password = generatePassword();
const hashedPassword = await bcrypt.hash(password, 10);
DB.resetUserPassword(username, hashedPassword);
//We need to limit this to every 2 hours or something like this.
Notifications.sendEmail(username, "Your new credentials",
`
Notifications.sendEmail(username, "Your new credentials",
`
<p> Hello,</p>
<p> This is your new password: ${password}</p>
<p><a href="https://social.emmint.com/">Log in</a></p>
@@ -184,20 +198,20 @@ DB.getDB.then((DB)=>{
return res.json({
status: "ok",
details: 'Check your email for new password'
});
});
});
app.post('/changeProfile', sessionChecker, async (req, res) => {
const user_sid = getUserId(req);
let profile = await DB.getProfile(req.body.profileid);
if(!profile || profile.userid != user_sid) return res.json({
status: "profile does not belong to the logged user",
});
if (!profile || profile.userid != user_sid) return res.json({
status: "profile does not belong to the logged user",
});
res.cookie('profile_id', profile._id, cookiesOptions);
return res.json({
status: "ok",
...profile
});
});
});
app.post('/token/', sessionChecker, async (req, res) => {
@@ -206,11 +220,11 @@ DB.getDB.then((DB)=>{
DB.setProfileToken(profileid, token);
return res.json({
status: "ok"
});
});
});
// route for user logout
const logout = function(req, res){
const logout = function (req, res) {
const session_id = getSessionId(req);
const user_sid = getUserId(req);
if (session_id && user_sid) {
@@ -226,7 +240,7 @@ DB.getDB.then((DB)=>{
app.get('/logout', (req, res) => {
return logout(req, res);
});
app.use('/user', sessionChecker, profileRoute);
app.use('/post', sessionChecker, postRoute);
app.use('/payments', sessionChecker, paymentsRoute);
@@ -239,7 +253,7 @@ DB.getDB.then((DB)=>{
app.listen(port, () => {
console.log(`Example app listening at http://localhost:${port}`);
});
}).catch((err)=>{
}).catch((err) => {
throw err;
});