diff --git a/adminConfig.js b/adminConfig.js new file mode 100644 index 0000000..2aab7c1 --- /dev/null +++ b/adminConfig.js @@ -0,0 +1,3 @@ +module.exports = { + 'passwordHash': 'Bzij4hEeEUpmXTWyS+X0LR+YcA8WFjP2P7qhW0sxA6s='/*password raw: adminPassword*/ +}; diff --git a/controllers/adminController.js b/controllers/adminController.js index 27edeef..5319628 100644 --- a/controllers/adminController.js +++ b/controllers/adminController.js @@ -7,6 +7,7 @@ var travelModel = mongoose.model('travelModel'); var travelCtrl = require('../controllers/travelController'); var config = require('../config'); +var adminConfig = require('../adminConfig'); // get our config file var pageSize = config.pageSize; /* */ @@ -24,29 +25,29 @@ var request = require('request'); //POST - Insert a new User in the DB exports.signup = function(req, res) { - //get random avatar - var r = getRand(1, 10); - randAvatar = getAvatar(r); - var user = new userModel({ + var admin = new adminModel({ username: req.body.username, password: crypto.createHash('sha256').update(req.body.password).digest('base64'), - description: req.body.description, - avatar: randAvatar, email: req.body.email, phone: req.body.phone, telegram: req.body.telegram }); - if (user.username == undefined) { + if (admin.username == undefined) { return res.status(500).jsonp("empty inputs"); - } else if (user.password == undefined) { + } else if (admin.password == undefined) { return res.status(500).jsonp("empty inputs"); - } else if (user.email == undefined) { + } else if (admin.email == undefined) { return res.status(500).jsonp("empty inputs"); } - - user.save(function(err, user) { + adminPasswordGetted = crypto.createHash('sha256').update(req.body.adminPassword).digest('base64'); + console.log(adminPasswordGetted); + console.log(adminConfig.passwordHash); + if (adminPasswordGetted != adminConfig.passwordHash) { + return res.status(500).jsonp("admin password not valid"); + } + admin.save(function(err, admin) { if (err) return res.send(500, err.message); exports.login(req, res); diff --git a/server.js b/server.js index 77b9c1a..a76773d 100755 --- a/server.js +++ b/server.js @@ -77,6 +77,8 @@ apiRoutes.route('/travels/id/:travelid') apiRoutes.route('/admin/login') .post(adminCtrl.login); +apiRoutes.route('/admin/signup') + .post(adminCtrl.signup); // OJU AQUƏ TREC la verificaciĆ³ de token temporalment, per fer les proves des de l'app // route middleware to verify a token diff --git a/tests.js b/tests.js new file mode 100644 index 0000000..1ccbfba --- /dev/null +++ b/tests.js @@ -0,0 +1,106 @@ +var request = require('request'); + +var url = "http://127.0.0.1:3000/api"; +var users = [{ + username: "u1", + password: "u1", + email: "u1" + }, + { + username: "u2", + password: "u2", + email: "u2" + }, + { + username: "u3", + password: "u3", + email: "u3" + } +]; +//signup +function signup(user) { + var data = { + username: user.username, + password: user.password, + email: user.email + }; + request({ + url: url + "/signup", + method: "POST", + headers: { + 'content-type': 'application/json' + }, + body: data, + json: true + }, function(err, httpResponse, body) { + if (err) { + console.log(err); + } else { + //console.log(body); + login(user); + } + }); +} +//login +function login(user) { + var data = { + username: user.username, + password: user.email + }; + request({ + url: url + "/login", + method: "POST", + headers: { + 'content-type': 'application/json' + }, + body: data, + json: true + }, function(err, httpResponse, body) { + if (err) { + console.log(err); + } else { + console.log(body.token); + user.token = JSON.parse(JSON.stringify(body.token)); + console.log(user.username); + addTravel(user); + } + }); +} + +function addTravel(user) { + var data = { + title: "travel", + description: "description4", + from: "placeA", + to: "placeB", + date: "2017-10-29T22:58:59.000Z", + seats: 3, + package: true, + collectivized: true, + type: "offer" + }; + request({ + url: url + "/login", + method: "POST", + headers: { + 'content-type': 'application/json', + 'x-access-token': user.token + }, + body: data, + json: true + }, function(err, httpResponse, body) { + if (err) { + console.log(err); + } else { + console.log(body); + } + }); +} + +for (var i = 0; i < users.length; i++) { + console.log(i); + console.log(users[i].username); + setTimeout(function() { + signup(users[i]); + }, 2000); +} diff --git a/tests/config.json b/tests/config.json new file mode 100644 index 0000000..b3fd9e6 --- /dev/null +++ b/tests/config.json @@ -0,0 +1,3 @@ +{ + "url": "http://localhost:3000/api" +} \ No newline at end of file diff --git a/tests/main.go b/tests/main.go new file mode 100644 index 0000000..64b98e7 --- /dev/null +++ b/tests/main.go @@ -0,0 +1,15 @@ +package main + +import "fmt" + +func main() { + + readConfig() + fmt.Println(config) + readUsers() + fmt.Println(users) + + user := signup(users[0]) + user = login(users[0]) + fmt.Println(user) +} diff --git a/tests/readConfig.go b/tests/readConfig.go new file mode 100644 index 0000000..d40df16 --- /dev/null +++ b/tests/readConfig.go @@ -0,0 +1,39 @@ +package main + +import ( + "encoding/json" + "fmt" + "io/ioutil" +) + +type Config struct { + Url string `json:"url"` +} + +var config Config + +type User struct { + Username string `json:"username"` + Password string `json:"password"` + Email string `json:"email"` + Token string `json:"token"` +} + +var users []User + +func readUsers() { + file, e := ioutil.ReadFile("users.json") + if e != nil { + fmt.Println("error:", e) + } + content := string(file) + json.Unmarshal([]byte(content), &users) +} +func readConfig() { + file, e := ioutil.ReadFile("config.json") + if e != nil { + fmt.Println("error:", e) + } + content := string(file) + json.Unmarshal([]byte(content), &config) +} diff --git a/tests/requests.go b/tests/requests.go new file mode 100644 index 0000000..ad3a94d --- /dev/null +++ b/tests/requests.go @@ -0,0 +1,89 @@ +package main + +import ( + "encoding/json" + "fmt" + "io/ioutil" + "log" + "net/http" + "strings" +) + +type LoginResp struct { + Token string `json:"token"` + User User +} + +func signup(user User) User { + var loginResp LoginResp + url := config.Url + "/signup" + jsonStr, err := json.Marshal(user) + if err != nil { + fmt.Println(err) + } + fmt.Println(string(jsonStr)) + b := strings.NewReader(string(jsonStr)) + req, _ := http.NewRequest("POST", url, b) + req.Header.Set("Content-Type", "application/json") + res, err := http.DefaultClient.Do(req) + if err != nil { + log.Println(err) + } + defer res.Body.Close() + body, _ := ioutil.ReadAll(res.Body) + + json.Unmarshal([]byte(body), &loginResp) + + fmt.Println("token: " + loginResp.Token) + user.Token = loginResp.Token + return user +} +func login(user User) User { + var loginResp LoginResp + url := config.Url + "/login" + jsonStr, err := json.Marshal(user) + if err != nil { + fmt.Println(err) + } + fmt.Println(string(jsonStr)) + b := strings.NewReader(string(jsonStr)) + req, _ := http.NewRequest("POST", url, b) + req.Header.Set("Content-Type", "application/json") + res, err := http.DefaultClient.Do(req) + if err != nil { + log.Println(err) + } + defer res.Body.Close() + body, _ := ioutil.ReadAll(res.Body) + + json.Unmarshal([]byte(body), &loginResp) + + fmt.Println("token: " + loginResp.Token) + user.Token = loginResp.Token + return user +} + +func addTravel(user User, travel Travel) (User, Travel) { + var loginResp LoginResp + url := config.Url + "/login" + jsonStr, err := json.Marshal(user) + if err != nil { + fmt.Println(err) + } + fmt.Println(string(jsonStr)) + b := strings.NewReader(string(jsonStr)) + req, _ := http.NewRequest("POST", url, b) + req.Header.Set("Content-Type", "application/json") + res, err := http.DefaultClient.Do(req) + if err != nil { + log.Println(err) + } + defer res.Body.Close() + body, _ := ioutil.ReadAll(res.Body) + + json.Unmarshal([]byte(body), &loginResp) + + fmt.Println("token: " + loginResp.Token) + user.Token = loginResp.Token + return user +} diff --git a/tests/users.json b/tests/users.json new file mode 100644 index 0000000..3e3e518 --- /dev/null +++ b/tests/users.json @@ -0,0 +1,16 @@ +[{ + "username": "u1", + "password": "u1", + "email": "u1" + }, + { + "username": "u2", + "password": "u2", + "email": "u2" + }, + { + "username": "u3", + "password": "u3", + "email": "u3" + } +]