hooked up mongo

app.js

@@ -6,10 +6,15 @@
 var express = require('express')
   , http = require('http')
   , path = require('path')
-  , fs = require('fs');
+  , fs = require('fs')
+  , mongodb = require('mongodb')
+  , shared = require('./db/shared');
 
 var app = express();
 
+shared.set('db', setupMongo());
+
+// TODO: DELETE THESE
 app.data = {};
 app.data.users = JSON.parse(fs.readFileSync('db/users.json'));
 
@@ -19,7 +24,7 @@ var sessOptions = {
 };
 
 app.configure(function () {
-  app.set('port', process.env.PORT || 3000);
+  app.set('port', process.env.VMC_APP_PORT || process.env.PORT || 3000);
   app.set('views', __dirname + '/views');
   app.set('view engine', 'jade');
   app.use(express.favicon());
@@ -79,6 +84,24 @@ function initFile(app, file, type) {
   }
 };
 
+function setupMongo() {
+  if (process.env.VCAP_SERVICES) {
+    var env = JSON.parse(process.env.VCAP_SERVICES)
+      , mongo = env['mongodb-1.8'][0]['credentials'];
+  } else {
+    var mongo = {
+      hostname: "localhost",
+      port: 27017,
+      username: "",
+      password: "",
+      db: "workflowy"
+    }
+  }
+
+  var server = new mongodb.Server(mongo.hostname, mongo.port, {});
+  return new mongodb.Db(mongo.db, server, {w: 1});
+};
+
 initMiddlewares();
 initControllers();
 

controllers/index.js

@@ -1,5 +1,8 @@
 var https = require('https')
-  , fs = require('fs');
+  , fs = require('fs')
+  , shared = require('../db/shared')
+  , mongodb = require('mongodb')
+  , db = shared.get('db');
 
 exports.init = function(app) {
 
@@ -29,17 +32,24 @@ function updateSettings(app) {
   return function (req, res, next) {
     var newSettings = req.body.settings;
 
-    for (var i = 0; i < app.data.users.length; ++i) {
-      if (app.data.users[i].id === req.session.user.id) {
-        app.data.users[i].settings = newSettings;
-        fs.writeFileSync('db/users.json', JSON.stringify(app.data.users));
-      }
-    }
+    updateUser(req.session.user.user, {settings: newSettings}, function (err) {
+      if (err) return res.send({status: 'err', msg: err.msg});
+      req.session.user.settings = newSettings;
+      res.send('ok');
+    });
+  };
+};
 
-    req.session.user.settings = newSettings;
+function updateUser(username, update, cb) {
+  db.open(function (err, client) {
+    if (err) return cb(err);
 
-    res.send('ok');
-  };
+    var coll = new mongodb.Collection(client, 'users');
+    coll.findAndModify({user: username}, [], {$set: update}, {}, function (err, object) {
+      db.close();
+      return cb(err);
+    });
+  });
 };
 
 function getWorkflowy(req, res, next) {

db/shared.js

@@ -0,0 +1,9 @@
+var dataStore = {};
+
+exports.set = function (key, value) {
+  dataStore[key] = value;
+};
+
+exports.get = function (key) {
+  return dataStore[key];
+};

middlewares/auth.js

@@ -1,4 +1,8 @@
-var fs = require('fs');
+var fs = require('fs')
+  , bcrypt = require('bcrypt')
+  , shared = require('../db/shared')
+  , mongodb = require('mongodb')
+  , db = shared.get('db');
 
 exports.init = function(app) {
   app.middleware.login = login(app);
@@ -9,71 +13,74 @@ exports.init = function(app) {
 
 function login(app) {
   return function (req, res, next) {
-    var users = app.data.users;
-
-    var user = req.body.user;
-    var pass = req.body.pass;
-
-    for (var i = 0; i < users.length; ++i) {
-      if (users[i].user === user || users[i].email === user) {
-        if (users[i].pass === pass) {
-          users[i].lastLoginIP = req.connection.remoteAddress;
-          fs.writeFileSync('db/users.json', JSON.stringify(app.data.users));
-          req.session.user = users[i];
-          return res.send({status: 'ok'});
-        }
+    var username = req.body.user
+      , pass = req.body.pass;
+
+    getUser(username, function (err, user) {
+      if (err) return res.send({status: "err", msg: err.msg});
+      if (!user) return res.send({status: 'err', msg: 'Incorrect Username'});
+
+      if (bcrypt.compareSync(pass, user.pass)) {
+        user.lastLoginIP = req.connection.remoteAddress;
+        req.session.user = user;
+        updateUser(user.user, {lastLoginIP: user.lastLoginIP}, function (){});
+        return res.send({status: 'ok'});
       }
-    }
 
-    res.send({status: 'err', msg: 'Incorrect Username / Password'});
+      return res.send({status: 'err', msg: 'Incorrect Password'});
+    });
   };
 };
 
 function register(app) {
   return function (req, res, next) {
-    var users = app.data.users
-      , user = req.body;
+    var user = req.body;
 
     if (user.rkey !== 'speedyshop1')
       return res.send({status: 'err', msg: 'Wrong Token'});
 
-    for (var i = 0; i < users.length; ++i) {
-      if (users[i].user === user.user)
-        return res.send({status: 'err', msg: 'Username Taken'});
-      if (users[i].email === user.email)
-        return res.send({status: 'err', msg: 'Email Taken'});
-    }
-
-    delete user.cpass;
-    delete user.rkey;
-
-    user.settings = {
-      showCalendar: 'true',
-      wfCookie: '',
-      wfLabels: [
-        {
-          name: 'Homework',
-          id: '#hw'
-        },
-        {
-          name: 'Tests',
-          id: '#test'
-        },
-        {
-          name: 'Todo',
-          id: '#todo'
-        }
-      ]
-    };
-
-    user.id = Date.now() + "" + Math.floor(Math.random() * 1000 + 1);
-    user.lastLoginIP = req.connection.remoteAddress;
-
-    app.data.users.push(user);
-    fs.writeFileSync('db/users.json', JSON.stringify(app.data.users));
 
-    req.session.user = user;
-    res.send({status: 'ok'});
+    userExists(user.user, function (err, exists) {
+      if (exists) return res.send({status: 'err', msg: 'Username Taken'});
+
+      finishRegister();
+    });
+
+    function finishRegister() {
+      delete user.cpass;
+      delete user.rkey;
+
+      var salt = bcrypt.genSaltSync(10);
+      user.pass = bcrypt.hashSync(user.pass, salt);
+
+      user.settings = {
+        showCalendar: 'true',
+        wfCookie: '',
+        wfLabels: [
+          {
+            name: 'Homework',
+            id: '#hw'
+          },
+          {
+            name: 'Tests',
+            id: '#test'
+          },
+          {
+            name: 'Todo',
+            id: '#todo'
+          }
+        ]
+      };
+
+      user.id = Date.now() + "" + Math.floor(Math.random() * 1000 + 1);
+      user.lastLoginIP = req.connection.remoteAddress;
+
+      saveNewUser(user, function (err) {
+        if (err) return res.send({status: 'err', msg: err.msg});
+        req.session.user = user;
+        res.send({status: 'ok'});
+      });
+    };
   };
 };
 
@@ -93,3 +100,55 @@ function isLoggedIn(loggedIn, path) {
     next();
   };
 };
+
+
+
+function userExists(username, cb) {
+  db.open(function (err, client) {
+    if (err) return cb(err);
+
+    var coll = new mongodb.Collection(client, 'users');
+    coll.findOne({user: username}, function (err, user) {
+      db.close();
+      if (err) return cb(err);
+      if (user) return cb(null, true);
+      return cb(null, false);
+    });
+  });
+};
+
+function updateUser(username, update, cb) {
+  db.open(function (err, client) {
+    if (err) return cb(err);
+
+    var coll = new mongodb.Collection(client, 'users');
+    coll.findAndModify({user: username}, [], {$set: update}, {}, function (err, object) {
+      db.close();
+      return cb(err);
+    });
+  });
+};
+
+function saveNewUser(user, cb) {
+  db.open(function (err, client) {
+    if (err) return cb(err);
+
+    var coll = new mongodb.Collection(client, 'users');
+    coll.insert(user, function (err, docs) {
+      db.close();
+      return cb(err);
+    });
+  });
+};
+
+function getUser(username, cb) {
+  db.open(function (err, client) {
+    if (err) return cb(err);
+
+    var coll = new mongodb.Collection(client, 'users');
+    coll.findOne({user: username}, function (err, user) {
+      db.close();
+      return cb(err, user);
+    });
+  });
+};

package.json

@@ -8,6 +8,8 @@
   "dependencies": {
     "express": "3.0.4",
     "jade": "*",
-    "stylus": "*"
+    "stylus": "*",
+    "bcrypt": "~0.7.3",
+    "mongodb": "~1.2.8"
   }
-}
+}