225 lines
7.1 KiB
JavaScript
225 lines
7.1 KiB
JavaScript
require('dotenv').config();
|
|
const express = require('express');
|
|
const path = require('path');
|
|
const app = express();
|
|
const port = process.env.PORT || 3000;
|
|
const bodyParser = require('body-parser');
|
|
const cookieParser = require('cookie-parser');
|
|
const cors = require('cors');
|
|
|
|
var corsOptions = {
|
|
origin: 'http://localhost:8080',
|
|
credentials: true };
|
|
app.use(cors(corsOptions));
|
|
app.use(bodyParser.json());
|
|
app.use(bodyParser.urlencoded({ extended: true }));
|
|
app.use(cookieParser());
|
|
|
|
const bcrypt = require('bcrypt');
|
|
const crypto = require('crypto');
|
|
const DB = require("./mongoDB.js");
|
|
|
|
// Utilities
|
|
const getSessionId = function(req){
|
|
const session_id = req.cookies.session_id || req.query.session_id || req.body.session_id;
|
|
return session_id
|
|
}
|
|
const getUserId = function(req){
|
|
const user_sid = req.cookies.user_sid || req.query.user_sid || req.body.user_sid;
|
|
return user_sid
|
|
}
|
|
|
|
// Definitions
|
|
const Post = require("./def/post.js")
|
|
|
|
DB.getDB.then((DB)=>{
|
|
|
|
// middleware function to check for logged-in users
|
|
const sessionChecker = async (req, res, next) => {
|
|
const session_id = getSessionId(req);
|
|
const user_sid = getUserId(req);
|
|
if (session_id && user_sid) {
|
|
const userInfo = await DB.checkSessionOnDB(session_id, user_sid);
|
|
req.userInfo = userInfo;
|
|
if(!userInfo) return res.redirect('/login');
|
|
next();
|
|
} else {
|
|
return res.redirect('/login');
|
|
}
|
|
};
|
|
|
|
// route for Home-Page
|
|
app.get('/', sessionChecker, async (req, res) => {
|
|
if(req.userInfo) return res.json({status: "ok", userInfo: req.userInfo});
|
|
res.json({status: "ok"});
|
|
});
|
|
|
|
// route for user signup
|
|
const signup = async function(req, res){
|
|
const username = req.query.username || req.body.username;
|
|
const password = req.query.password || req.body.password;
|
|
const email = req.query.email || req.body.email;
|
|
if(!username || !password || !email) return res.json({status: "fail"})
|
|
const hashedPassword = await bcrypt.hash(password, 10);
|
|
const success = await DB.newUser({
|
|
username: username,
|
|
email: email,
|
|
password: hashedPassword
|
|
});
|
|
if(success){
|
|
return login(req, res);
|
|
}
|
|
res.redirect('/signup');
|
|
}
|
|
app.route('/signup').get(async (req, res) => {
|
|
return await signup(req, res);
|
|
}).post(async (req, res) => {
|
|
return await signup(req, res);
|
|
});
|
|
|
|
const cookiesOptions = {
|
|
maxAge: 1000 * 60 * 60 * 24 * 30, // would expire after 30 days
|
|
httpOnly: true, // The cookie only accessible by the web server
|
|
//signed: true // Indicates if the cookie should be signed
|
|
sameSite: 'none', // This and secure are required for properly
|
|
secure: true, // manage cockies in cros-domain
|
|
};
|
|
|
|
// route for user Login
|
|
const login = async function(req, res){
|
|
const session_id = getSessionId(req);
|
|
const user_sid = getUserId(req);
|
|
if (session_id && user_sid) {
|
|
const userInfo = await DB.checkSessionOnDB(session_id, user_sid);
|
|
if(userInfo) return res.redirect('/');
|
|
}
|
|
const username = req.body.username || req.query.username;
|
|
const password = req.body.password || req.query.password || "";
|
|
const user = await DB.getUser(username);
|
|
if (!user) return res.json({status: "user not founded"});
|
|
const samePass = await bcrypt.compare(password, user.password);
|
|
if(!samePass) return res.json({status: "incorrect password"});
|
|
const doc = await DB.newSession(user._id);
|
|
res.cookie('user_sid', user._id, cookiesOptions);
|
|
res.cookie('session_id', doc.insertedId, cookiesOptions);
|
|
return res.json({
|
|
status: "ok",
|
|
user_sid: user._id,
|
|
session_id: doc.insertedId
|
|
});
|
|
}
|
|
app.route('/login').get(async (req, res) => {
|
|
return await login(req, res);
|
|
}).post(async (req, res) => {
|
|
return await login(req, res);
|
|
});
|
|
|
|
// route for user logout
|
|
const logout = function(req, res){
|
|
const session_id = getSessionId(req);
|
|
const user_sid = getUserId(req);
|
|
if (session_id && user_sid) {
|
|
res.clearCookie('session_id');
|
|
res.clearCookie('user_sid');
|
|
//remove from DB
|
|
DB.removeSession(session_id);
|
|
res.redirect('/');
|
|
} else {
|
|
res.redirect('/login');
|
|
}
|
|
}
|
|
app.get('/logout', (req, res) => {
|
|
return logout(req, res);
|
|
});
|
|
|
|
app.get("/post/", sessionChecker, async (req, res) => {
|
|
let posts = await DB.getPosts();
|
|
return res.json(posts)
|
|
});
|
|
|
|
app.get("/post/new", sessionChecker, async (req, res) => {
|
|
let post = {
|
|
userid: getUserId(req),
|
|
content: req.query.content
|
|
}
|
|
let postObj = new Post(post);
|
|
DB.newPost(postObj)
|
|
return res.json({
|
|
status: "ok"
|
|
})
|
|
});
|
|
|
|
app.get("/post/newComment", sessionChecker, async (req, res) => {
|
|
let userid = getUserId(req);
|
|
let postid = req.query.postid;
|
|
let content = req.query.content;
|
|
let comment = {
|
|
userid: userid,
|
|
content: content,
|
|
createdAt: new Date(),
|
|
lastUpdated: new Date(),
|
|
reactions: {}
|
|
}
|
|
console.log("comment", postid, comment);
|
|
r = await DB.newComment(postid, comment);
|
|
console.log(r)
|
|
return res.json({
|
|
status: "ok"
|
|
})
|
|
});
|
|
|
|
app.get("/post/react", sessionChecker, async (req, res) => {
|
|
let userid = getUserId(req);
|
|
let postid = req.query.postid;
|
|
let reaction = {
|
|
type: "like",
|
|
createdAt: new Date()
|
|
};
|
|
console.log("reaction". postid, reaction);
|
|
r = await DB.newReaction(postid, userid, reaction);
|
|
console.log(r);
|
|
return res.json({
|
|
status: "ok"
|
|
});
|
|
})
|
|
|
|
app.get("/post/unreact", sessionChecker, async (req, res) => {
|
|
let userid = getUserId(req);
|
|
let postid = req.query.postid;
|
|
r = await DB.removeReaction(postid, userid);
|
|
console.log(r)
|
|
return res.json({
|
|
status: "ok"
|
|
})
|
|
});
|
|
|
|
app.get("/post/comment/react", sessionChecker, async (req, res) => {
|
|
let userid = getUserId(req);
|
|
let postid = req.query.postid;
|
|
let commentDate = new Date(req.query.commentDate);
|
|
let reaction = {
|
|
type: "like",
|
|
createdAt: new Date()
|
|
};
|
|
console.log(req.query)
|
|
console.log("comment reaction", postid, commentDate, reaction);
|
|
r = await DB.newCommentReaction(postid, commentDate, userid, reaction);
|
|
console.log(r)
|
|
return res.json({
|
|
status: "ok"
|
|
})
|
|
});
|
|
|
|
// route for handling 404 requests(unavailable routes)
|
|
app.use(function (req, res, next) {
|
|
res.status(404).send("Sorry can't find that!")
|
|
});
|
|
|
|
app.listen(port, () => {
|
|
console.log(`Example app listening at http://localhost:${port}`);
|
|
});
|
|
}).catch((err)=>{
|
|
throw err;
|
|
});
|
|
|