server and webapp working

2026-02-07 03:26:40 +01:00 · 2017-10-18 21:57:44 +02:00
parent e3ad14cf5c
commit 6f77a9a5f0
23 changed files with 1535 additions and 0 deletions
--- a/server/.gitignore
+++ b/server/.gitignore
@@ -0,0 +1,41 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (http://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules
+jspm_packages
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
--- a/server/config.js
+++ b/server/config.js
@@ -0,0 +1,8 @@
+module.exports = {
+    /*'secret': process.env.SECRET,// production version
+    'database': process.env.MONGO_DSN,*/
+    'secret': 'secretfortoken',// local version
+    'database': 'mongodb://localhost/meanseed',
+    "port" : process.env.PORT || 3000,
+    "pageSize": 20
+};
--- a/server/controllers/userController.js
+++ b/server/controllers/userController.js
@@ -0,0 +1,237 @@
+//File: controllers/userController.js
+var mongoose = require('mongoose');
+var userModel = mongoose.model('userModel');
+
+var config = require('../config');
+var pageSize = config.pageSize;
+
+/* */
+var jwt = require('jsonwebtoken'); // used to create, sign, and verify tokens
+var express = require("express");
+var app = express();
+var config = require('../config'); // get our config file
+app.set('superSecret', config.secret); // secret variable
+
+var crypto = require('crypto');
+/* */
+
+var request = require('request');
+
+function getRand(min, max) {
+    min = Math.ceil(min);
+    max = Math.floor(max);
+    return Math.floor(Math.random() * (max - min + 1)) + min; //The maximum is inclusive and the minimum is inclusive
+}
+
+function getAvatar(n) {
+    switch (n) {
+        case 1:
+            avatar = "img/avatars/racoon.png";
+            break;
+        case 2:
+            avatar = "img/avatars/duck.png";
+            break;
+        case 3:
+            avatar = "img/avatars/clown-fish.png";
+            break;
+        case 4:
+            avatar = "img/avatars/tiger.png";
+            break;
+        case 5:
+            avatar = "img/avatars/sloth.png";
+            break;
+        case 6:
+            avatar = "img/avatars/penguin.png";
+            break;
+        case 7:
+            avatar = "img/avatars/owl.png";
+            break;
+        case 8:
+            avatar = "img/avatars/chameleon.png";
+            break;
+        case 9:
+            avatar = "img/avatars/siberian-husky.png";
+            break;
+        case 10:
+            avatar = "img/avatars/toucan.png";
+            break;
+        default:
+            avatar = "img/avatars/racoon.png";
+    }
+    return avatar;
+}
+
+//POST - Insert a new User in the DB
+exports.signup = function(req, res) {
+    //get random avatar
+    var r = getRand(1, 10);
+    randAvatar = getAvatar(r);
+
+
+    var user = new userModel({
+        username: req.body.username,
+        password: crypto.createHash('sha256').update(req.body.password).digest('base64'),
+        description: req.body.description,
+        avatar: randAvatar,
+        email: req.body.email,
+        phone: req.body.phone
+    });
+    if (user.username == undefined) {
+        return res.status(500).jsonp("empty inputs");
+    } else if (user.password == undefined) {
+        return res.status(500).jsonp("empty inputs");
+    } else if (user.email == undefined) {
+        return res.status(500).jsonp("empty inputs");
+    }
+
+    user.save(function(err, user) {
+        if (err) return res.send(500, err.message);
+
+        exports.login(req, res);
+    });
+};
+
+
+//POST - auth user
+exports.login = function(req, res) {
+    // find the user
+    userModel.findOne({
+            username: req.body.username
+        })
+        .select('+password')
+        .exec(function(err, user) {
+
+            if (err) throw err;
+
+            if (!user) {
+                res.json({
+                    success: false,
+                    message: 'Authentication failed. User not found.'
+                });
+            } else if (user) {
+
+                req.body.password = crypto.createHash('sha256').update(req.body.password).digest('base64');
+
+                // check if password matches
+                if (user.password != req.body.password) {
+                    res.json({
+                        success: false,
+                        message: 'Authentication failed. Wrong password.'
+                    });
+                } else {
+
+                    // if user is found and password is right
+                    // create a token
+                    var token = jwt.sign({
+                        foo: 'bar'
+                    }, app.get('superSecret'), {
+                        //expiresInMinutes: 1440 // expires in 24 hours
+                        //expiresIn: '60m'
+                    });
+                    user.token = token;
+                    user.save(function(err, user) {
+                        if (err) return res.send(500, err.message);
+                        //res.status(200).jsonp(travel);
+                        console.log(user);
+                        // return the information including token as JSON
+                        user.password = "";
+                        res.json({
+                            success: true,
+                            message: 'Enjoy your token!',
+                            token: token,
+                            user: user
+                        });
+                    });
+
+                }
+
+            }
+
+        });
+};
+
+//GET - Return all Users in the DB
+exports.getAllUsers = function(req, res) {
+    userModel.find()
+        .limit(pageSize)
+        .skip(pageSize * Number(req.query.page))
+        .exec(function(err, users) {
+            if (err) return res.send(500, err.message);
+            res.status(200).jsonp(users);
+        });
+};
+
+exports.getUserById = function(req, res) {
+    userModel.findOne({
+            _id: req.params.userid
+        })
+        .lean()
+        .populate('validatedBy', 'username')
+        .populate('travels', 'title from to date type')
+        .exec(function(err, user) {
+            if (err) return res.send(500, err.message);
+            if (!user) {
+                res.json({
+                    success: false,
+                    message: 'User not found.'
+                });
+            } else if (user) {
+                res.status(200).jsonp(user);
+            }
+        });
+};
+exports.getUserByToken = function(req, res) {
+    userModel.findOne({
+            'token': req.headers['x-access-token']
+        })
+        .lean()
+        .populate('travels', 'title from to date')
+        .exec(function(err, user) {
+            if (err) return res.send(500, err.message);
+            if (!user) {
+                res.json({
+                    success: false,
+                    message: 'User not found.'
+                });
+            } else if (user) {
+
+                res.status(200).jsonp(user);
+            }
+        });
+};
+
+
+function getRandomInt(min, max) {
+    min = Math.ceil(min);
+    max = Math.floor(max);
+    return Math.floor(Math.random() * (max - min)) + min; //The maximum is exclusive and the minimum is inclusive
+}
+
+
+function updateUserWithNewImages(req, res, imgUrl) {
+    //adding random number to the url, to force ionic reload the image
+    req.body.avatar = imgUrl + "?" + getRandomInt(1, 9999);
+    userModel.update({
+            'token': req.headers['x-access-token']
+        }, req.body,
+        function(err) {
+            if (err) return console.log(err);
+            exports.getUserByToken(req, res);
+        });
+}
+exports.updateUser = function(req, res) {
+    updateUserWithNewImages(req, res, req.body.avatar);
+};
+
+//DELETE - Delete a user with specified ID
+exports.deleteUser = function(req, res) {
+    userModel.findOne({
+            'token': req.headers['x-access-token']
+        })
+        .exec(function(err, user) {
+            user.remove(function(err) {
+                if (err) return res.send(500, err.message);
+                res.status(200).jsonp("deleted");
+            })
+        });
+};
--- a/server/models/userModel.js
+++ b/server/models/userModel.js
@@ -0,0 +1,18 @@
+var mongoose = require('mongoose'),
+    Schema   = mongoose.Schema;
+
+var mongooseUniqueValidator = require('mongoose-unique-validator');
+
+
+var userSchema = new Schema({
+    username: { type: String, required: true, unique: true },
+    password: { type: String, required: true, select: false },
+    token: { type: String, select: false },
+    description:   { type: String, default: "Hello world" },
+    avatar:   { type: String, default: "img/avatars/racoon.png" },
+    email:   { type: String, required: true, select: false },
+    phone: { type: String }
+})
+
+userSchema.plugin(mongooseUniqueValidator);
+module.exports = mongoose.model('userModel', userSchema);
--- a/server/package.json
+++ b/server/package.json
@@ -0,0 +1,27 @@
+{
+  "name": "MEANseed",
+  "version": "0.0.1",
+  "description": "MEANseed",
+  "repository": "https://github.com/arnaucode/MEANseed",
+  "contributors": [
+    {
+      "name": "Arnau",
+      "web": "arnaucode.com"
+    }
+  ],
+  "main": "server.js",
+  "scripts": {
+    "prestart": "npm install",
+    "start": "node server.js"
+  },
+  "dependencies": {
+    "body-parser": "latest",
+    "express": "^4.7.1",
+    "jsonwebtoken": "latest",
+    "method-override": "^2.1.2",
+    "mongoose": "latest",
+    "mongoose-unique-validator": "^1.0.2",
+    "morgan": "latest",
+    "request": "^2.81.0"
+  }
+}
--- a/server/server.js
+++ b/server/server.js
@@ -0,0 +1,110 @@
+var express = require("express"),
+    app = express(),
+    bodyParser = require("body-parser"),
+    methodOverride = require("method-override"),
+    mongoose = require('mongoose');
+
+
+var morgan = require('morgan');
+var jwt = require('jsonwebtoken'); // used to create, sign, and verify tokens
+var config = require('./config'); // get our config file
+
+mongoose.Promise = global.Promise;
+// Connection to DB
+mongoose.connect(config.database, function(err, res) {
+    if (err) throw err;
+    console.log('Connected to Database');
+});
+app.set('superSecret', config.secret); // secret variable
+
+// Middlewares
+/*app.use(bodyParser.urlencoded({
+    extended: false
+}));
+app.use(bodyParser.json());*/
+
+app.use(bodyParser.json({limit: '50mb'}));
+app.use(bodyParser.urlencoded({limit: '50mb', extended: true}));
+app.use(methodOverride());
+
+// use morgan to log requests to the console
+app.use(morgan('dev'));
+
+// Import Models and controllers
+var userMdl = require('./models/userModel')(app, mongoose);
+var userCtrl = require('./controllers/userController');
+
+app.use(express.static(__dirname + '/../webapp'));
+
+
+//CORS
+app.use(function(req, res, next) {
+    res.header("Access-Control-Allow-Origin", "*");
+    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
+    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Access-Token");
+    next();
+});
+
+// API routes ------------------------------------------------------
+var apiRoutes = express.Router();
+
+apiRoutes.route('/login')
+    .post(userCtrl.login);
+apiRoutes.route('/signup')
+    .post(userCtrl.signup);
+apiRoutes.route('/users')
+    .get(userCtrl.getAllUsers);
+apiRoutes.route('/users/id/:userid')
+    .get(userCtrl.getUserById);
+
+// OJU AQUÏ TREC la verificació de token temporalment, per fer les proves des de l'app
+// route middleware to verify a token
+apiRoutes.use(function(req, res, next) {
+
+    // check header or url parameters or post parameters for token
+    var token = req.body.token || req.query.token || req.headers['x-access-token'];
+
+    // decode token
+    if (token) {
+        // verifies secret and checks exp
+        jwt.verify(token, app.get('superSecret'), function(err, decoded) {
+            if (err) {
+                return res.send(204,
+                {
+                    success: false,
+                    message: 'Failed to authenticate token.'
+                });
+            } else {
+                // if everything is good, save to request for use in other routes
+                req.decoded = decoded;
+                //console.log("decoded " + decoded);
+                next();
+            }
+        });
+
+    } else {
+
+        // if there is no token
+        // return an error
+        return res.status(204).send({
+            success: false,
+            message: 'No token provided.'
+        });
+
+    }
+}); //fi verificació de token
+
+apiRoutes.route('/users/token')
+    .get(userCtrl.getUserByToken);
+apiRoutes.route('/users')//agafa l'user a partir del token
+    .put(userCtrl.updateUser)//no comprovat
+    .delete(userCtrl.deleteUser);
+
+
+app.use('/api', apiRoutes);
+// end of API routes -------------------------------------
+
+// Start server
+app.listen(config.port, function() {
+    console.log("Node server running on port" + config.port);
+});