put code on github for public review

README.md

@@ -0,0 +1,49 @@
+# EOSconnect
+##### Allow users to sign in to your application using their EOS account.
+
+### Installation
+
+Clone the repo and run 
+
+    npm install
+
+Add env vars:
+
+    stripeKey = Used for payments for new apps
+    sessionKey = A random string. Used to encrypt session cookies
+    db_user = Database user
+    db_pass = Database password
+    jwt_token = Random string.
+
+### Run
+
+    npm start
+
+### Demo
+
+A demo implementation can be found at [https://demo.eosconnect.app](https://demo.eosconnect.app).
+The source code for this app is availabe on github: [https://github.com/wehmoen/eosconnect-example-nodejs-app](https://github.com/wehmoen/eosconnect-example-nodejs-app)
+
+
+### API
+
+*/users/me* - Get user profile (require valid access token)     
+
+
+### Tokens
+
+Tokens are created with JWT, the payload is public. Here is how it look:
+
+    {
+        "app": "app",
+        "scopes": [
+            "login"
+        ],
+        "account": "username"
+    }
+
+Tokens are valid for 3600 seconds.
+
+### Libaries
+
+- nodeJs: [@wehmoen/ec-sdk](https://www.npmjs.com/package/@wehmoen/ec-sdk)    

app.js

@@ -0,0 +1,58 @@
+let createError = require('http-errors');
+let express = require('express');
+let path = require('path');
+let cookieParser = require('cookie-parser');
+let logger = require('morgan');
+let session = require('express-session');
+let cors = require('cors');
+let middle = require('./routes/middle');
+
+let indexRouter = require('./routes/index');
+let usersRouter = require('./routes/users');
+let internalRouter = require('./routes/internal');
+let apiRouter = require('./routes/api');
+let app = express();
+
+app.set('trust proxy', true);
+
+app.use(cors());
+
+app.use(session({
+    secret: process.env.sessionKey,
+    resave: false,
+    saveUninitialized: true,
+    cookie: {path: '/', secure: false}
+}));
+
+// view engine setup
+app.set('views', path.join(__dirname, 'views'));
+app.set('view engine', 'twig');
+
+app.use(logger('dev'));
+app.use(express.json());
+app.use(express.urlencoded({extended: false}));
+app.use(cookieParser());
+app.use(express.static(path.join(__dirname, 'public')));
+
+app.use('/', indexRouter);
+app.use('/users', usersRouter);
+app.use('/int', middle.validateAccessToken, internalRouter);
+app.use('/api', apiRouter);
+
+// catch 404 and forward to error handler
+app.use(function (req, res, next) {
+    next(createError(404));
+});
+
+// error handler
+app.use(function (err, req, res, next) {
+    // set locals, only providing error in development
+    res.locals.message = err.message;
+    res.locals.error = req.app.get('env') === 'development' ? err : {};
+
+    // render the error page
+    res.status(err.status || 500);
+    res.render('404');
+});
+
+module.exports = app;

bin/www

@@ -0,0 +1,90 @@
+#!/usr/bin/env node
+
+/**
+ * Module dependencies.
+ */
+
+var app = require('../app');
+var debug = require('debug')('eosconnect.app:server');
+var http = require('http');
+
+/**
+ * Get port from environment and store in Express.
+ */
+
+var port = normalizePort(process.env.PORT || '3000');
+app.set('port', port);
+
+/**
+ * Create HTTP server.
+ */
+
+var server = http.createServer(app);
+
+/**
+ * Listen on provided port, on all network interfaces.
+ */
+
+server.listen(port);
+server.on('error', onError);
+server.on('listening', onListening);
+
+/**
+ * Normalize a port into a number, string, or false.
+ */
+
+function normalizePort(val) {
+  var port = parseInt(val, 10);
+
+  if (isNaN(port)) {
+    // named pipe
+    return val;
+  }
+
+  if (port >= 0) {
+    // port number
+    return port;
+  }
+
+  return false;
+}
+
+/**
+ * Event listener for HTTP server "error" event.
+ */
+
+function onError(error) {
+  if (error.syscall !== 'listen') {
+    throw error;
+  }
+
+  var bind = typeof port === 'string'
+    ? 'Pipe ' + port
+    : 'Port ' + port;
+
+  // handle specific listen errors with friendly messages
+  switch (error.code) {
+    case 'EACCES':
+      console.error(bind + ' requires elevated privileges');
+      process.exit(1);
+      break;
+    case 'EADDRINUSE':
+      console.error(bind + ' is already in use');
+      process.exit(1);
+      break;
+    default:
+      throw error;
+  }
+}
+
+/**
+ * Event listener for HTTP server "listening" event.
+ */
+
+function onListening() {
+  var addr = server.address();
+  var bind = typeof addr === 'string'
+    ? 'pipe ' + addr
+    : 'port ' + addr.port;
+  debug('Listening on ' + bind);
+}

dump.sql

@@ -0,0 +1,23 @@
+
+create table apps(
+	id int auto_increment
+		primary key,
+	name varchar(12) not null,
+	description varchar(2048) null,
+	logo mediumtext not null,
+	redirect_uri json not null,
+	owner varchar(12) default 'steemthebest' not null,
+	constraint apps_name_uindex
+		unique (name)
+);
+
+
+create table token (
+	id int auto_increment
+		primary key,
+	account varchar(12) not null,
+	token varchar(512) null,
+	created datetime null,
+	client_id varchar(12) null
+);
+

helper.js

@@ -0,0 +1,76 @@
+let mysql = require('mysql');
+let db = mysql.createConnection({
+    host: 'localhost',
+    user: process.env.db_user,
+    password: process.env.db_pass,
+    database: 'eosconnect'
+});
+
+db.connect(error => {
+    db.query('DELETE FROM token WHERE created < ADDDATE(NOW(), INTERVAL -1 HOUR)', (err, result) => {
+        console.log('Removed ' + result.affectedRows + ' expired tokens.');
+        setInterval(() => {
+            db.query('DELETE FROM token WHERE created < ADDDATE(NOW(), INTERVAL -1 HOUR)', (err, result) => {
+                console.log('Removed ' + result.affectedRows + ' expired tokens.');
+            })
+        }, 1000 * 60)
+    })
+});
+
+db.countUserByApp = async (name) => {
+    return new Promise((resolve, reject) => {
+        db.query("SELECT account FROM token WHERE client_id = ? GROUP BY account", [name], (err, result) => {
+            resolve(result);
+        })
+    })
+};
+
+db.getApp = async (name) => {
+    return new Promise((resolve, reject) => {
+        db.query("SELECT * FROM apps WHERE name = ?", [name], (err, result) => {
+            resolve(result);
+        })
+    })
+};
+
+db.getAppsByOwner = async (owner) => {
+    return new Promise((resolve, reject) => {
+        db.query("SELECT * FROM apps WHERE owner = ?", [owner], (err, result) => {
+            resolve(result);
+        })
+    })
+};
+
+db.getToken = async (token) => {
+    return new Promise((resolve, reject) => {
+        db.query("SELECT * FROM token WHERE `token` = ?", [token], (err, result) => {
+            resolve(result);
+        })
+    })
+};
+
+db.insertToken = async (app_name, username, token) => {
+    return new Promise((resolve, reject) => {
+        db.query("INSERT INTO token (account, token, client_id, created) VALUES (?,?,?,?)",
+            [username, token, app_name, (new Date()).toISOString().slice(0, 19).replace('T', ' ')],
+            (err, result) => {
+                resolve(true);
+            }
+        )
+    })
+};
+
+db.log = async (app, ip, token, endpoint, body, account) => {
+    return new Promise((resolve, reject) => {
+        db.query("INSERT INTO log (client_id, ip_adress, access_token, endpoint, request_body, account, request) VALUES (?,?,?,?,?,?,?)",
+            [app, ip, token, endpoint, body, account, (new Date()).toISOString().slice(0, 19).replace('T', ' ')], () => {
+            resolve()
+        })
+    })
+};
+
+module.exports = {
+    db,
+    scopes: ["login","accountcreate"],
+    jwt_token: process.env.jwt_token
+};