|
|
var express = require("express"), app = express(), bodyParser = require("body-parser"), methodOverride = require("method-override"), mongoose = require('mongoose');
var morgan = require('morgan');var jwt = require('jsonwebtoken'); // used to create, sign, and verify tokens
var config = require('./config'); // get our config file
mongoose.Promise = global.Promise;// Connection to DB
mongoose.connect(config.database, function(err, res) { if (err) throw err; console.log('Connected to Database');});app.set('superSecret', config.secret); // secret variable
// Middlewares
app.use(bodyParser.json({limit: '50mb'}));app.use(bodyParser.urlencoded({limit: '50mb', extended: true}));app.use(methodOverride());
// use morgan to log requests to the console
app.use(morgan('dev'));
// Import Models and controllers
/*var userMdl = require('./models/userModel')(app, mongoose);*/var userMdl = require('./models/userModel');var notificationMdl = require('./models/notificationModel');var travelMdl = require('./models/travelModel');var commentMdl = require('./models/commentModel');var adminMdl = require('./models/adminModel');var userCtrl = require('./controllers/userController');var searchCtrl = require('./controllers/searchController');var travelCtrl = require('./controllers/travelController');var adminCtrl = require('./controllers/adminController');
app.use(express.static(__dirname + '/www'));
//CORS
app.use(function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS'); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Access-Token"); next();});
// API routes ------------------------------------------------------
var apiRoutes = express.Router();
// public routes
apiRoutes.route('/login') .post(userCtrl.login);apiRoutes.route('/signup') .post(userCtrl.signup);apiRoutes.route('/users') .get(userCtrl.getAllUsers);apiRoutes.route('/users/id/:userid') .get(userCtrl.getUserById);apiRoutes.route('/travels') .get(travelCtrl.getAllTravels);apiRoutes.route('/travels/id/:travelid') .get(travelCtrl.getTravelById);
apiRoutes.route('/admin/login') .post(adminCtrl.login);/*apiRoutes.route('/admin/signup') .post(adminCtrl.signup);*/
// route middleware to verify the token
apiRoutes.use(function(req, res, next) { // check header or url parameters or post parameters for token
var token = req.body.token || req.query.token || req.headers['x-access-token']; // decode token
if (token) {// verifies secret and checks exp
jwt.verify(token, app.get('superSecret'), function(err, decoded) { if (err) { return res.send(204, { success: false, message: 'Failed to authenticate token.' }); } else {// if everything is good, save to request for use in other routes
req.decoded = decoded; next(); } }); } else { // if there is no token, return an error
return res.status(204).send({ success: false, message: 'No token provided.' });
}}); //end token verification middleware
// private routes (needs to be logged)
//admin routes
apiRoutes.route('/admins') .get(adminCtrl.getAllAdmins);apiRoutes.route('/admin/network') .get(adminCtrl.network);apiRoutes.route('/admin/user/network/:userid') .get(adminCtrl.getUserNetwork);apiRoutes.route('/admin/travels/id/:travelid') .delete(adminCtrl.deleteTravel);apiRoutes.route('/admin/users/id/:userid') .delete(adminCtrl.deleteUser);apiRoutes.route('/admin/users/validate/id/:userid') .post(adminCtrl.validateUser);apiRoutes.route('/admin/users/unvalidate/id/:userid') .post(adminCtrl.unvalidateUser);
// general routes
apiRoutes.route('/search/:searchstring') .get(searchCtrl.searchByString);apiRoutes.route('/numnotifications') .get(userCtrl.getNumNotificationsByToken);apiRoutes.route('/notifications') .get(userCtrl.getNotifications);
// user routes
apiRoutes.route('/users/token') .get(userCtrl.getUserByToken);apiRoutes.route('/users')//agafa l'user a partir del token
.put(userCtrl.updateUser)//no comprovat
.delete(userCtrl.deleteUser);apiRoutes.route('/changePassword')//agafa l'user a partir del token
.put(userCtrl.changePassword);apiRoutes.route('/users/id/likes/:userid') .get(userCtrl.getUserLikes);apiRoutes.route('/users/id/like/:userid') .post(userCtrl.likeUser);apiRoutes.route('/users/id/unlike/:userid') .post(userCtrl.unlikeUser);
//travels routes
apiRoutes.route('/users/id/travels/:userid') .get(userCtrl.getTravelsByUserId);apiRoutes.route('/travels') .post(travelCtrl.addTravel);apiRoutes.route('/travels/id/modify/:travelid') .put(travelCtrl.updateTravel) .delete(travelCtrl.deleteTravel);apiRoutes.route('/travels/join/:travelid') .post(travelCtrl.addJoinPetition);apiRoutes.route('/travels/unjoin/:travelid') .post(travelCtrl.unJoin);apiRoutes.route('/travels/leave/:travelid') .post(travelCtrl.leave);apiRoutes.route('/travels/declineJoin/:travelid') .post(travelCtrl.declineJoin);apiRoutes.route('/travels/acceptJoin/:travelid') .post(travelCtrl.acceptJoin);
//not yet used routes
apiRoutes.route('/travels/comment/:travelid') .get(travelCtrl.getCommentsByTravelId);/*apiRoutes.route('/travels/join/:travelId') .post(travelCtrl.addJoin);apiRoutes.route('/travels/unjoin/:travelId') .post(travelCtrl.doUnjoin);*/
/*apiRoutes.route('/travels/:travelId/join') .post(travelCtrl.addJoin);apiRoutes.route('/travels/:travelId/unjoin') .post(travelCtrl.doUnjoin);*/apiRoutes.route('/users/:userId/fav') .post(userCtrl.addFav);apiRoutes.route('/users/:userId/unfav') .post(userCtrl.doUnfav);
apiRoutes.route('/travels/:travelId/comment') .post(travelCtrl.addComment);
app.use('/api', apiRoutes);// end of API routes -------------------------------------
// Start server
app.listen(config.port, function() { console.log("Node server running on http://localhost:" + config.port);});
|
