-
Notifications
You must be signed in to change notification settings - Fork 2
/
app.js
213 lines (169 loc) · 5.42 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
/**
* Module dependencies.
*/
var express = require('express')
, routes = require('./routes')
, http = require('http')
, path = require('path');
/**
* Configurations
*/
var config = require('./config.json')
/**
* Mongo DB setup
*/
var mongoose = require ("mongoose");
var uristring = process.env.MONGOLAB_URI || process.env.MONGOHQ_URL || 'mongodb://localhost/DevMongo';
mongoose.connect(uristring, function (err, res) {
if (err) {
console.log ('ERROR connecting to: ' + uristring + '. ' + err);
} else {
console.log ('Successfully connected to: ' + uristring);
}
});
/**
* Redis setup
*/
var RedisStore = require('connect-redis')(express);
var redis = require('redis');
var url = require('url');
if (process.env.REDISCLOUD_URL) {
var redisURL = url.parse(process.env.REDISCLOUD_URL);
var client = redis.createClient(redisURL.port, redisURL.hostname, {no_ready_check: true});
client.auth(redisURL.auth.split(":")[1]);
console.log ('Connecting to Redis instance at: ' + redisURL);
} else {
var client = redis.createClient();
console.log ('Connecting to local Redis instance ');
}
/**
* Authentication Setup
*/
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var User = require("./models/UserModel")
//Set up Authentication Middleware
passport.use(new LocalStrategy(
function(username, password, done) {
User.findOne({username:username}, function(err,user){
if(err){
return done(err);
}
if(!user){
return done(null, false, { message: 'Problem authenticating the user' });
}
//Test matching password
user.comparePassword(password, function(err,isMatch){
if(err) throw err;
if(!isMatch){
return done(null, false, { message: 'Problem authentication the user' });
res.send({
success:true,
message: "Must provide a username and password",
user:user
})
}else{
return done(null, user);
}
})
})
}
));
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
//The actual middleware to place on the route
function authenticate(req, res, next) {
if (req.isAuthenticated()) {
console.dir(req.session.passport.user)
req['sanitizedUser'] = {
username: req.session.passport.user.username,
id: req.session.passport.user.objectId
};
//Check for roles on the user object here
return next(); }
res.redirect('/login')
}
var app = express();
app.configure(function(){
app.set('port', process.env.PORT || 3000);
app.set('views', __dirname + '/views');
app.set('view engine', 'ejs');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.cookieParser(config.application.cookieSecret));
app.use(express.session({
secret: config.application.sessionSecret,
store: new RedisStore({client: client})
}));
app.use(passport.initialize()); //For authentication
app.use(passport.session()); //For authentication
app.use(app.router);
app.use(express.static(path.join(__dirname, 'app')));
});
/**
* Environmental configurations
*/
app.configure('development', function(){
app.use(express.errorHandler());
});
/**
* Route definitions
*/
// Open access routes
app.get('/', routes.index);
app.get('/entryPoint', routes.index); // Do any initial session setup here
// Authentication/User Management routes
//TODO Implement a get for login
app.post('/login', passport.authenticate('local', {successRedirect: '/entryPoint', failureRedirect: '/login' }));//A page to login syncronously
app.get('/logout',function(req,res){
req.logout();
res.redirect('/');
})
app.post('/logout',function(req,res){
req.logout();
res.redirect('/');
})
//TODO place this code into the 'user' modules
app.get('/user',function(req,res){
User.find({}).exec(function(err, result) {
if (!err) {
res.send(result);
} else {
res.end('Error in first query. ' + err)
};
});
})
app.post('/user',function( req, res){
if(!req.body.username || !req.body.password){
res.send({success:false,message: "Must provide a username and password"})
return;
}
User.findOne({username:req.body.username}, function(err,user){
var newUser = new User(req.body);
newUser.save(function( err, createdUser){
if(err){
if(err.code==11000){
res.send({success:false,message:"Username taken"})
return
}
res.send({success:false,message:"Could not create user"})
}else{
console.dir(createdUser)
res.send({success:true,user:createdUser})
}
});
});
})
// Protected routes
//Place authenticate in the argument list to protect route
//app.get('/protected',authenticate, routes.protected)
//TODO implement a role filtering system
http.createServer(app).listen(app.get('port'), function(){
console.log("Express server listening on port " + app.get('port'));
});