hwxdQXAB

· 5 years ago · May 20, 2020, 12:58 AM
1const express = require('express');
2const router = express.Router();
3const Card = require('../bin/card');
4const User = require('../bin/user');
5const model = require('../bin/model');
6const jwt = require('jsonwebtoken');
7const bcrypt = require('bcrypt');
8const cookieParser = require('cookie-parser');
9
10const secret_key = "MySecretKey"
11
12var path = require('path');
13
14/* GET home page. */
15router.get('/', function(req, res, next) {
16  res.sendFile(path.resolve('public/static/home.html'));
17});
18
19router.post('/login', async function (req, res) {
20  var user = await model.userRepository.getUserByName(req.body.name)
21  if (user != null) {
22    bcrypt.compare(req.body.password, user.password_hash, function(err, result) {
23      if (result) {
24        const token = jwt.sign({ user }, secret_key);
25        res.cookie('token',token, { httpOnly: true });
26        res.sendStatus(200);
27      } else {
28        res.status(400).send('Wrong password');
29      }
30    });
31  } else {
32    res.status(400).send('User with this name does not exist');
33  }
34});
35
36router.post('/register', async function (req, res) {
37  var user = await model.userRepository.getUserByName(req.body.name)
38  if (user == null) {
39    bcrypt.hash(req.body.password, 10, function(err, hash) {
40      user = new User(null, req.body.name, hash)
41      model.userRepository.saveUser(user);
42      const token = jwt.sign({ user }, secret_key);
43      res.cookie('token',token, { httpOnly: true });
44      res.sendStatus(200);
45    });
46  } else {
47    res.status(400).send('This name is already taken');
48  }
49})
50
51function ensureToken(req, res, next) {
52  var token = req.cookies['token'];
53  if (token) {
54    jwt.verify(token, secret_key, (err, decoded) => {
55      if (err) {
56        res.sendStatus(403)
57      } else {
58        req.decoded = decoded;
59        next();
60      }
61    });
62  } else {
63    res.sendStatus(401)
64  }
65}
66
67router.get('/card', ensureToken, async function (req, res) {
68  console.log(`[GET]`);
69  console.log(`Type: ${req.query.type}`);
70  let type = req.query.type;
71  res.send(await model.cardRepository.getCardsByType(type));
72});
73
74router.get('/me', ensureToken, async function (req, res) {
75  if (req.decoded) {
76    if (req.decoded.user)
77      res.send(req.decoded.user.name);
78    else
79      console.log('=(')
80  } else
81    console.log('=((')
82
83});
84
85router.post('/card', ensureToken, async function (req, res)
86{
87  console.log(`[POST]`);
88  console.log(req.body);
89  let card = new Card(null, req.body.type , req.body.title , req.body.text , `${req.file? req.file.filename : ""}`);
90  await model.cardRepository.saveCard(card);
91  res.sendStatus(200);
92});
93
94router.put('/card', ensureToken, async function (req, res) {
95  console.log(`[PUT]`);
96  console.log('Card id: '  + req.query.id);
97  console.log(req.body);
98  let newFileName;
99  let card = new Card(req.query.id, req.body.type , req.body.title , req.body.text , null);
100  await model.cardRepository.updateCard(card);
101  if (req.body.fileUpdated === "true") {
102    newFileName = req.file? req.file.filename : "";
103    await model.cardRepository.updateCardFile(card.id, newFileName);
104  }
105  res.sendStatus(200);
106});
107
108router.delete('/card', ensureToken, async function (req, res) {
109  console.log(`[DELETE]`);
110  console.log('Card id: ' + req.query.id);
111  await model.cardRepository.deleteCard(req.query.id);
112  res.sendStatus(200);
113});
114
115module.exports = router;