var express = require("express"), app = express(), bodyParser = require("body-parser"), methodOverride = require("method-override"), mongoose = require('mongoose'); var morgan = require('morgan'); var jwt = require('jsonwebtoken'); // used to create, sign, and verify tokens var config = require('./config'); // get our config file mongoose.Promise = global.Promise; // Connection to DB mongoose.connect(config.database, function(err, res) { if (err) throw err; console.log('Connected to Database'); }); app.set('superSecret', config.secret); // secret variable // Middlewares app.use(bodyParser.json({limit: '50mb'})); app.use(bodyParser.urlencoded({limit: '50mb', extended: true})); app.use(methodOverride()); // use morgan to log requests to the console app.use(morgan('dev')); // Import Models and controllers /* var userMdl = require('./models/userModel')(app, mongoose); */ var userMdl = require('./models/userModel'); var notificationMdl = require('./models/notificationModel'); var travelMdl = require('./models/travelModel'); var commentMdl = require('./models/commentModel'); var adminMdl = require('./models/adminModel'); var userCtrl = require('./controllers/userController'); var searchCtrl = require('./controllers/searchController'); var travelCtrl = require('./controllers/travelController'); var adminCtrl = require('./controllers/adminController'); app.use(express.static(__dirname + '/www')); //CORS app.use(function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS'); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Access-Token"); next(); }); // API routes ------------------------------------------------------ var apiRoutes = express.Router(); // public routes apiRoutes.route('/login') .post(userCtrl.login); apiRoutes.route('/signup') .post(userCtrl.signup); apiRoutes.route('/users') .get(userCtrl.getAllUsers); apiRoutes.route('/users/id/:userid') .get(userCtrl.getUserById); apiRoutes.route('/travels') .get(travelCtrl.getAllTravels); apiRoutes.route('/travels/id/:travelid') .get(travelCtrl.getTravelById); apiRoutes.route('/admin/login') .post(adminCtrl.login); /*apiRoutes.route('/admin/signup') .post(adminCtrl.signup);*/ // route middleware to verify the token apiRoutes.use(function(req, res, next) { // check header or url parameters or post parameters for token var token = req.body.token || req.query.token || req.headers['x-access-token']; // decode token if (token) {// verifies secret and checks exp jwt.verify(token, app.get('superSecret'), function(err, decoded) { if (err) { return res.send(204, { success: false, message: 'Failed to authenticate token.' }); } else {// if everything is good, save to request for use in other routes req.decoded = decoded; next(); } }); } else { // if there is no token, return an error return res.status(204).send({ success: false, message: 'No token provided.' }); } }); //end token verification middleware // private routes (needs to be logged) //admin routes apiRoutes.route('/admins') .get(adminCtrl.getAllAdmins); apiRoutes.route('/admin/network') .get(adminCtrl.network); apiRoutes.route('/admin/user/network/:userid') .get(adminCtrl.getUserNetwork); apiRoutes.route('/admin/travels/id/:travelid') .delete(adminCtrl.deleteTravel); apiRoutes.route('/admin/users/id/:userid') .delete(adminCtrl.deleteUser); apiRoutes.route('/admin/users/validate/id/:userid') .post(adminCtrl.validateUser); apiRoutes.route('/admin/users/unvalidate/id/:userid') .post(adminCtrl.unvalidateUser); // general routes apiRoutes.route('/search/:searchstring') .get(searchCtrl.searchByString); apiRoutes.route('/numnotifications') .get(userCtrl.getNumNotificationsByToken); apiRoutes.route('/notifications') .get(userCtrl.getNotifications); // user routes apiRoutes.route('/users/token') .get(userCtrl.getUserByToken); apiRoutes.route('/users')//agafa l'user a partir del token .put(userCtrl.updateUser)//no comprovat .delete(userCtrl.deleteUser); apiRoutes.route('/changePassword')//agafa l'user a partir del token .put(userCtrl.changePassword); apiRoutes.route('/users/id/likes/:userid') .get(userCtrl.getUserLikes); apiRoutes.route('/users/id/like/:userid') .post(userCtrl.likeUser); apiRoutes.route('/users/id/unlike/:userid') .post(userCtrl.unlikeUser); //travels routes apiRoutes.route('/users/id/travels/:userid') .get(userCtrl.getTravelsByUserId); apiRoutes.route('/travels') .post(travelCtrl.addTravel); apiRoutes.route('/travels/id/modify/:travelid') .put(travelCtrl.updateTravel) .delete(travelCtrl.deleteTravel); apiRoutes.route('/travels/join/:travelid') .post(travelCtrl.addJoinPetition); apiRoutes.route('/travels/unjoin/:travelid') .post(travelCtrl.unJoin); apiRoutes.route('/travels/leave/:travelid') .post(travelCtrl.leave); apiRoutes.route('/travels/declineJoin/:travelid') .post(travelCtrl.declineJoin); apiRoutes.route('/travels/acceptJoin/:travelid') .post(travelCtrl.acceptJoin); //not yet used routes apiRoutes.route('/travels/comment/:travelid') .get(travelCtrl.getCommentsByTravelId); /*apiRoutes.route('/travels/join/:travelId') .post(travelCtrl.addJoin); apiRoutes.route('/travels/unjoin/:travelId') .post(travelCtrl.doUnjoin);*/ /*apiRoutes.route('/travels/:travelId/join') .post(travelCtrl.addJoin); apiRoutes.route('/travels/:travelId/unjoin') .post(travelCtrl.doUnjoin); */ apiRoutes.route('/users/:userId/fav') .post(userCtrl.addFav); apiRoutes.route('/users/:userId/unfav') .post(userCtrl.doUnfav); apiRoutes.route('/travels/:travelId/comment') .post(travelCtrl.addComment); app.use('/api', apiRoutes); // end of API routes ------------------------------------- // Start server app.listen(config.port, function() { console.log("Node server running on http://localhost:" + config.port); });