var express = require("express"),
|
|
app = express(),
|
|
bodyParser = require("body-parser"),
|
|
methodOverride = require("method-override"),
|
|
mongoose = require('mongoose');
|
|
|
|
|
|
var morgan = require('morgan');
|
|
var jwt = require('jsonwebtoken'); // used to create, sign, and verify tokens
|
|
var config = require('./config'); // get our config file
|
|
|
|
|
|
// Connection to DB
|
|
mongoose.connect(config.database, function(err, res) {
|
|
if(err) throw err;
|
|
console.log('Connected to Database');
|
|
});
|
|
app.set('superSecret', config.secret); // secret variable
|
|
|
|
// Middlewares
|
|
app.use(bodyParser.urlencoded({ extended: false }));
|
|
app.use(bodyParser.json());
|
|
app.use(methodOverride());
|
|
|
|
// use morgan to log requests to the console
|
|
app.use(morgan('dev'));
|
|
|
|
// Import Models and controllers
|
|
var userMdl = require('./models/userModel')(app, mongoose);
|
|
var userCtrl = require('./controllers/userController');
|
|
|
|
var thoughtMdl = require('./models/thoughtModel')(app, mongoose);
|
|
var thoughtCtrl = require('./controllers/thoughtController');
|
|
|
|
/*// Example Route
|
|
var router = express.Router();
|
|
router.get('/', function(req, res) {
|
|
res.send("Hello world!");
|
|
});
|
|
app.use(router);*/
|
|
app.use(express.static(__dirname + '/web'));
|
|
|
|
|
|
//CORS
|
|
app.use(function(req, res, next) {
|
|
res.header("Access-Control-Allow-Origin", "*");
|
|
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
|
|
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
|
|
next();
|
|
});
|
|
|
|
// API routes ------------------------------------------------------
|
|
var apiRoutes = express.Router();
|
|
|
|
apiRoutes.route('/users')
|
|
.get(userCtrl.findAllUsers)
|
|
.post(userCtrl.addUser);
|
|
apiRoutes.route('/users/:id')
|
|
.get(userCtrl.findById);
|
|
apiRoutes.route('/users/byusername/:username')
|
|
.get(userCtrl.findUserByUsername);
|
|
apiRoutes.route('/thoughts/user/:userid')
|
|
.get(thoughtCtrl.findAllThoughtsFromUsername);
|
|
|
|
apiRoutes.route('/auth')
|
|
.post(userCtrl.login);
|
|
|
|
apiRoutes.route('/thoughts')
|
|
.get(thoughtCtrl.findAllThoughts);
|
|
|
|
apiRoutes.route('/thoughts/:id')
|
|
.get(thoughtCtrl.findById)
|
|
|
|
// route middleware to verify a token
|
|
apiRoutes.use(function(req, res, next) {
|
|
|
|
// check header or url parameters or post parameters for token
|
|
var token = req.body.token || req.query.token || req.headers['x-access-token'];
|
|
|
|
// decode token
|
|
if (token) {
|
|
|
|
// verifies secret and checks exp
|
|
jwt.verify(token, app.get('superSecret'), function(err, decoded) {
|
|
if (err) {
|
|
return res.json({ success: false, message: 'Failed to authenticate token.' });
|
|
} else {
|
|
// if everything is good, save to request for use in other routes
|
|
req.decoded = decoded;
|
|
next();
|
|
}
|
|
});
|
|
|
|
} else {
|
|
|
|
// if there is no token
|
|
// return an error
|
|
return res.status(403).send({
|
|
success: false,
|
|
message: 'No token provided.'
|
|
});
|
|
|
|
}
|
|
});
|
|
|
|
apiRoutes.route('/users/:id')
|
|
.put(userCtrl.updateActivity)
|
|
.delete(userCtrl.deleteActivity);
|
|
|
|
apiRoutes.route('/thoughts')
|
|
.post(thoughtCtrl.addThought);
|
|
|
|
apiRoutes.route('/thoughts/:id')
|
|
.put(thoughtCtrl.updateActivity)
|
|
.delete(thoughtCtrl.deleteActivity);
|
|
|
|
app.use('/api', apiRoutes);
|
|
// end of API routes -------------------------------------
|
|
|
|
// Start server
|
|
app.listen(config.port, function() {
|
|
console.log("Node server running on http://localhost:3000");
|
|
});
|