You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123 lines
3.3 KiB

  1. var express = require("express"),
  2. app = express(),
  3. bodyParser = require("body-parser"),
  4. methodOverride = require("method-override"),
  5. mongoose = require('mongoose');
  6. var morgan = require('morgan');
  7. var jwt = require('jsonwebtoken'); // used to create, sign, and verify tokens
  8. var config = require('./config'); // get our config file
  9. // Connection to DB
  10. mongoose.connect(config.database, function(err, res) {
  11. if(err) throw err;
  12. console.log('Connected to Database');
  13. });
  14. app.set('superSecret', config.secret); // secret variable
  15. // Middlewares
  16. app.use(bodyParser.urlencoded({ extended: false }));
  17. app.use(bodyParser.json());
  18. app.use(methodOverride());
  19. // use morgan to log requests to the console
  20. app.use(morgan('dev'));
  21. // Import Models and controllers
  22. var userMdl = require('./models/userModel')(app, mongoose);
  23. var userCtrl = require('./controllers/userController');
  24. var travelMdl = require('./models/travelModel')(app, mongoose);
  25. var travelCtrl = require('./controllers/travelController');
  26. /*// Example Route
  27. var router = express.Router();
  28. router.get('/', function(req, res) {
  29. res.send("Hello world!");
  30. });
  31. app.use(router);*/
  32. app.use(express.static(__dirname + '/web'));
  33. //CORS
  34. app.use(function(req, res, next) {
  35. res.header("Access-Control-Allow-Origin", "*");
  36. res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
  37. res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  38. next();
  39. });
  40. // API routes ------------------------------------------------------
  41. var apiRoutes = express.Router();
  42. apiRoutes.route('/users')
  43. .get(userCtrl.findAllUsers)
  44. .post(userCtrl.addUser);
  45. apiRoutes.route('/users/:id')
  46. .get(userCtrl.findById);
  47. apiRoutes.route('/users/byusername/:username')
  48. .get(userCtrl.findUserByUsername);
  49. apiRoutes.route('/travels/user/:userid')
  50. .get(travelCtrl.findAllTravelsFromUsername);
  51. apiRoutes.route('/auth')
  52. .post(userCtrl.login);
  53. apiRoutes.route('/travels')
  54. .get(travelCtrl.findAllTravels);
  55. apiRoutes.route('/travels/:id')
  56. .get(travelCtrl.findById)
  57. // route middleware to verify a token
  58. apiRoutes.use(function(req, res, next) {
  59. // check header or url parameters or post parameters for token
  60. var token = req.body.token || req.query.token || req.headers['x-access-token'];
  61. // decode token
  62. if (token) {
  63. // verifies secret and checks exp
  64. jwt.verify(token, app.get('superSecret'), function(err, decoded) {
  65. if (err) {
  66. return res.json({ success: false, message: 'Failed to authenticate token.' });
  67. } else {
  68. // if everything is good, save to request for use in other routes
  69. req.decoded = decoded;
  70. next();
  71. }
  72. });
  73. } else {
  74. // if there is no token
  75. // return an error
  76. return res.status(403).send({
  77. success: false,
  78. message: 'No token provided.'
  79. });
  80. }
  81. });
  82. apiRoutes.route('/users/:id')
  83. .put(userCtrl.updateUser)
  84. .delete(userCtrl.deleteUser);
  85. apiRoutes.route('/travels')
  86. .post(travelCtrl.addTravel);
  87. apiRoutes.route('/travels/:id')
  88. .put(travelCtrl.updateTravel)
  89. .delete(travelCtrl.deleteTravel);
  90. app.use('/api', apiRoutes);
  91. // end of API routes -------------------------------------
  92. // Start server
  93. app.listen(config.port, function() {
  94. console.log("Node server running on http://localhost:3000");
  95. });