jslightham/kno-logic-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated all routes (#12)

Browse Source
This commit is contained in:
Johnathon Slightham
2023-01-19 10:41:12 -05:00
committed by GitHub
parent eabb8199dc
commit ec9092abf3
6 changed files with 105 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
config.js
View File

@@ -17,12 +17,16 @@ config.mail.pass = "password";
config.mail.from = "name";
/*
* Session purge settings
* Session settings
*/
// Maximum session length in days
config.maxSessionLength = 1;
config.maxRefreshLength = 360;
// Session string character length
config.sessionCharacterLength = 25;
config.refreshChracterLength = 60;
/*
* SSL settings
*/
@@ -49,5 +53,4 @@ config.http.port = 8080;
config.db = {}
config.db.connection = 'mongodb://localhost:27017/kno-logic';
module.exports = config;

11
index.js
View File

@@ -13,7 +13,6 @@ const postRoutes = require('./routes/post.route');
const categoryRoutes = require('./routes/category.route');
const mongoSanitize = require('express-mongo-sanitize');
const fs = require("fs");
const { Http2ServerRequest } = require('http2');
const https = require('https');
console.log("Starting Kno-Logic Backend Server");
@@ -46,10 +45,11 @@ app.use(function(req, res, next) {
app.use(mongoSanitize());
// Express routes
app.use('/admin', adminRoutes);
app.use('/user', userRoutes);
app.use('/post', postRoutes);
app.use('/category', categoryRoutes);
app.use('/v1/admin', adminRoutes);
app.use('/v1/user', userRoutes);
app.use('/v1/post', postRoutes);
app.use('/v1/category', categoryRoutes);
app.use('/manage', express.static('public'));
app.listen(config.http.port, () => {
console.log('Express server running on port:', PORT);
@@ -63,7 +63,6 @@ if (config.ssl.use) {
https.createServer(options, app).listen(config.ssl.port);
}
// Cron jobs
var purge = new CronJob('*/5 * * * *', utils.cron.purgeSessions);
purge.start();

6
routes/admin.route.js
View File

@@ -15,7 +15,7 @@ let User = require('../schema/user.model');
*/
adminRoutes.route('/stats').post((req, res) => {
if (!req.body) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
}
utils.account.checkSession(req.body.userId, req.body.sessionId, (isValidId) => {
@@ -31,13 +31,13 @@ adminRoutes.route('/stats').post((req, res) => {
User.count({}, (err, userCount) => {
stats.userCount = userCount;
stats.date = Date();
res.json(stats);
res.status(200).json({ success: true, response: stats });
});
});
});
});
} else {
res.status(401).send("Invalid permissions to view stats.");
res.status(401).json({ success: false, response: "Invalid permissions to view stats" });
return;
}
})

16
routes/category.route.js
View File

@@ -15,7 +15,7 @@ let User = require('../schema/user.model');
*/
categoryRoutes.route('/create').post((req, res) => {
if (!req.body) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
}
utils.account.checkSession(req.body.userId, req.body.sessionId, (isValidId) => {
@@ -24,14 +24,14 @@ categoryRoutes.route('/create').post((req, res) => {
let c = new Category(req.body);
c.save()
.then(() => {
res.json(c);
res.status(200).json({ success: true, response: c });
})
.catch((e) => {
console.error(e);
res.status(500).send("Error creating category");
res.status(500).json({ success: false, response: "Error creating category" });
});
} else {
res.status(401).send("Invalid permissions to create category.");
res.status(401).json({ success: false, response: "Invalid permissions to create category" });
return;
}
})
@@ -47,10 +47,10 @@ categoryRoutes.route('/all').get((req, res) => {
Category.find({}, (err, cArr) => {
if (err) {
console.error(err);
res.status(500).send("Error getting categories");
res.status(500).json({ success: false, response: "Error getting categories" });
return;
}
res.status(200).send(cArr);
res.status(200).json({ success: true, response: cArr });
});
});
@@ -63,11 +63,11 @@ categoryRoutes.route('/posts').get((req, res) => {
Post.find({}, (err, postArr) => {
if (err) {
console.error(err);
res.status(500).send("Error getting posts");
res.status(500).json({ success: false, response: "Error getting posts" });
return;
}
postArr = postArr.filter(post => post.category.includes(req.body._id));
res.status(200).send(postArr);
res.status(200).json({ success: true, response: postArr });
});
});

44
routes/post.route.js
View File

@@ -15,7 +15,7 @@ let User = require('../schema/user.model');
*/
postRoutes.route('/create').post((req, res) => {
if (!req.body) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
}
utils.account.checkSession(req.body.userId, req.body.sessionId, (isValidId) => {
@@ -25,14 +25,14 @@ postRoutes.route('/create').post((req, res) => {
p.date = utils.date.dateToEpoch(p.date);
p.save()
.then(() => {
res.json(p);
res.status(200).json({ success: true, response: p });
})
.catch((e) => {
console.error(e);
res.status(500).send("Error creating post");
res.status(500).json({ success: false, response: "Error creating post" });
});
} else {
res.status(401).send("Invalid permissions to create post.");
res.status(401).json({ success: false, response: "Invalid permissions to create post" });
return;
}
})
@@ -47,7 +47,7 @@ postRoutes.route('/create').post((req, res) => {
*/
postRoutes.route('/delete').post((req, res) => {
if (!req.body) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
}
utils.account.checkSession(req.body.userId, req.body.sessionId, (isValidId) => {
@@ -55,13 +55,13 @@ postRoutes.route('/delete').post((req, res) => {
if (isValidId && isAdmin) {
Post.findByIdAndDelete(req.body._id, (err, r) => {
if (err) {
res.status(500).send("Error deleting post");
res.status(500).json({ success: false, response: "Error deleting post" });
return;
}
res.status(200).send("Deleted post");
res.status(200).json({ success: true, response: "Deleted post" });
});
} else {
res.status(401).send("Invalid permissions to delete post.");
res.status(401).json({ success: false, response: "Invalid permissions to delete post." });
return;
}
})
@@ -76,7 +76,7 @@ postRoutes.route('/delete').post((req, res) => {
*/
postRoutes.route('/edit').post((req, res) => {
if (!req.body) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
}
utils.account.checkSession(req.body.userId, req.body.sessionId, (isValidId) => {
@@ -84,7 +84,7 @@ postRoutes.route('/edit').post((req, res) => {
if (isValidId && isAdmin) {
Post.findById(req.body._id, (err, r) => {
if (err) {
res.status(500).send("Error editing post");
res.status(500).json({ success: false, response: "Error editing post" });
return;
}
r.save()
@@ -93,12 +93,12 @@ postRoutes.route('/edit').post((req, res) => {
})
.catch((e) => {
console.error(e);
res.status(500).send("Error creating post");
res.status(500).json({ success: false, response: "Error creating post" });
});
res.status(200).send("Edited post");
res.status(200).json({ success: true, response: "Edited post" });
});
} else {
res.status(401).send("Invalid permissions to delete post.");
res.status(401).json({ success: false, response: "Invalid permissions to delete post." });
return;
}
})
@@ -115,10 +115,10 @@ postRoutes.route('/id').post((req, res) => {
Post.findById(req.body._id, (err, post) => {
if (err) {
console.error(err);
res.status(500).send("Error getting posts");
res.status(500).json({ success: false, response: "Error getting posts" });
return;
}
res.status(200).send(post);
res.status(200).json({ success: true, response: post });
});
});
@@ -133,10 +133,10 @@ postRoutes.route('/date').post((req, res) => {
Post.find({ date: d}, (err, post) => {
if (err) {
console.error(err);
res.status(500).send("Error getting posts");
res.status(500).json({ success: false, response: "Error getting posts" });
return;
}
res.status(200).send(post);
res.status(200).json({ success: true, response: post });
});
});
@@ -150,10 +150,10 @@ postRoutes.route('/all').get((req, res) => {
Post.find({}, (err, postArr) => {
if (err) {
console.error(err);
res.status(500).send("Error getting posts");
res.status(500).json({ success: false, response: "Error getting posts" });
return;
}
res.status(200).send(postArr);
res.status(200).json({ success: true, response: postArr });
});
});
@@ -169,13 +169,11 @@ postRoutes.route('/today').get((req, res) => {
Post.find({ date: date }, (err, postArr) => {
if (err) {
console.error(err);
res.status(500).send("Error getting posts");
res.status(500).json({ success: false, response: "Error getting posts" });
return;
}
res.status(200).send(postArr);
res.status(200).json({ success: true, response: postArr });
});
});
module.exports = postRoutes;

120
routes/user.route.js
View File

@@ -2,9 +2,9 @@ const utils = require('../utils/utils');
const express = require('express');
const bcrypt = require('bcrypt');
const userRoutes = express.Router();
const config = require('../config.js');
const saltRounds = 10;
const sessionLength = 25;
let Session = require('../schema/session.model');
let User = require('../schema/user.model');
@@ -19,44 +19,44 @@ let Reset = require('../schema/reset.model');
*/
userRoutes.route('/create').post((req, res) => {
if (!req.body) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
} else if (!req.body.email || !req.body.password || !req.body.name) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing fields" });
return;
} else if (req.body.email == "" || req.body.password == "" || req.body.name == "") {
res.status(401).send("Empty fields");
res.status(401).json({ success: false, response: "Empty fields" });
return;
}
let u = new User(req.body);
bcrypt.hash(u.password, saltRounds, (err, hash) => {
if (err) {
console.error(err);
res.status(500).send("Error creating user");;
res.status(500).json({ success: false, response: "Error creating user" });
} else {
u.password = hash;
User.find({ email: u.email }, (err, arr) => {
if (err) {
console.error(err);
res.status(500).send("Error creating user");
res.status(500).json({ success: false, response: "Error creating user" });
}
// Account already exists
if (arr.length != 0) {
res.status(409).send("Account already exists");
res.status(409).json({ success: false, response: "Account already exists" });
return;
}
u.permission = 0;
u.save()
.then(() => {
res.status(201).send("Success creating user");
res.status(201).json({ success: true, response: "Success creating user" });
})
.catch(() => {
res.status(500).send("Error creating user");;
res.status(500).json({ success: false, response: "Error creating user" });
});
});
}
});
});
/*
@@ -67,49 +67,57 @@ userRoutes.route('/create').post((req, res) => {
*/
userRoutes.route('/login').post((req, res) => {
if (!req.body) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
} else if (!req.body.email || !req.body.password) {
res.status(401).send("Missing body");
res.status(401).json({ success: false, response: "Missing body" });
return;
} else if (req.body.email == "" || req.body.password == "") {
res.status(401).send("Empty fields");
res.status(401).json({ success: false, response: "Empty fields" });
return;
}
User.findOne({ email: req.body.email }, (err, u) => {
if (err) {
console.error(err);
res.status(500).send("Error logging in user");
res.status(500).json({ success: false, response: "Error logging in user" });
return;
}
if (!u) {
res.status(401).send("No user exists with that email");
res.status(401).json({ success: false, response: "No user exists with that email" });
return;
}
bcrypt.compare(req.body.password, u.password, (err, result) => {
if (err) {
console.error(err);
res.status(500).send("Error logging in user");
res.status(500).json({ success: false, response: "Error logging in user" });
return;
}
if (result) {
let refresh = new Session();
refresh.sessionId = generateSession(config.refreshChracterLength);
refresh.userId = u._id;
refresh.date = new Date();
refresh.type = 1;
let s = new Session();
s.sessionId = generateSession();
s.sessionId = generateSession(config.sessionCharacterLength);
s.userId = u._id;
s.date = new Date();
s.type = 0;
s.save()
.then(() => {
res.json(s);
let send = { userId: u._id, sessionId: s.sessionId, refresh: refresh.sessionId}
res.status(200).json({ success: true, response: send});
})
.catch(() => {
res.status(500).send("Error logging in user");
res.status(500).json({ success: false, response: "Error logging in user"});
});
} else {
res.status(401).send("Incorrect password");
res.status(401).json({ success: false, response: "Incorrect password"});
}
});
@@ -126,24 +134,23 @@ userRoutes.route('/logout').post((req, res) => {
Session.findOne({ sessionId: req.body.sessionId }, (err, sess) => {
if (err) {
console.error(err);
res.status(500).send("Error logging out");
res.status(500).json({ success: false, response: "Error logging out" });
return;
}
if (!sess) {
res.status(400).send("No session found");
res.status(400).json({ success: false, response: "No session found" });
return;
}
sess.delete()
.then(() => {
res.status(201).send("Success deleting session");
res.status(201).json({ success: true, response: "Success deleting session" });
})
.catch((e) => {
console.error(e);
res.status(500).send("Error logging out");
res.status(500).json({ success: false, response: "Error logging out" });
});
});
});
@@ -161,21 +168,21 @@ userRoutes.route('/favorite/add').post((req, res) => {
User.findById(req.body.userId, (err, user) => {
if (err) {
console.error(err);
res.status(500).send("Error adding article");
res.status(500).json({ success: false, response: "Error adding article" });
return;
}
user.favorites.push(req.body.postId);
user.save()
.then(() => {
res.status(201).send("Success saving article");
res.status(201).json({ success: true, response: "Success saving article" });
})
.catch((e) => {
console.error(e);
res.status(500).send("Error saving article");
res.status(500).json({ success: false, response: "Error saving article" });
});
})
} else {
res.status(401).send("Unauthorized");
res.status(401).json({ success: false, response: "Unauthorized" });
}
})
})
@@ -192,21 +199,21 @@ userRoutes.route('/favorite/remove').post((req, res) => {
User.findById(req.body.userId, (err, user) => {
if (err) {
console.error(err);
res.status(500).send("Error removing article");
res.status(500).json({ success: false, response: "Error removing article" });
return;
}
user.favorites = utils.array.removeValue(user.favorites, req.body.articleId);
user.save()
.then(() => {
res.status(201).send("Success removing article");
res.status(201).json({ success: true, response: "Success removing article" });
})
.catch((e) => {
console.error(e);
res.status(500).send("Error removing article");
res.status(500).json({ success: false, response: "Error removing article" });
});
})
} else {
res.status(401).send("Unauthorized");
res.status(401).json({ success: false, response: "Unauthorized"});
}
})
})
@@ -223,15 +230,15 @@ userRoutes.route('/favorite/get').post((req, res) => {
User.findById(req.body.userId, (err, user) => {
if (err) {
console.error(err);
res.status(500).send("Error removing article");
res.status(500).json({ success: false, response: "Error removing article" });
return;
}
Post.find({ '_id': { $in: user.favorites } }, (err, postArray) => {
res.json(postArray);
res.status(200).json({ success: true, response: postArray });
})
})
} else {
res.status(401).send("Unauthorized");
res.status(401).json({ success: false, response: "Unauthorized" });
}
})
})
@@ -246,13 +253,13 @@ userRoutes.route('/refresh').post((req, res) => {
s.save()
.then(() => {
res.json(s);
res.status(200).json({ success: true, response: s });
})
.catch(() => {
res.status(500).send("Error logging in user");
res.status(500).json({ success: false, response: "Error logging in user" });
});
} else {
res.status(401).send("Incorrect refresh token");
res.status(401).json({ success: false, response: "Incorrect refresh token" });
}
}
)
@@ -265,9 +272,9 @@ userRoutes.route('/check-email').post((req, res) => {
}
if (arr.length > 0) {
res.status(400).send("Email already in use");
res.status(400).json({ success: false, response: "Email already in use" });
} else {
res.status(200).send("Email not in use");
res.status(200).json({ success: true, response: "Email not in use" });
}
})
});
@@ -282,13 +289,13 @@ userRoutes.route('/change-name').post((req, res) => {
if (user) {
user.name = req.body.name;
user.save();
res.status(200).send("Success changing name");
res.status(200).json({ success: true, response: "Success changing name" });
} else {
res.status(400).send("No user found with that ID");
res.status(400).json({ success: false, response: "No user found with that ID" });
}
})
} else {
res.status(401).send("Unauthorized");
res.status(401).json({ success: false, response: "Unauthorized" });
}
})
});
@@ -303,13 +310,13 @@ userRoutes.route('/change-email').post((req, res) => {
if (user) {
user.email = req.body.email;
user.save();
res.status(200).send("Success changing email");
res.status(200).json({ success: true, response: "Success changing email" });
} else {
res.status(400).send("No user found with that ID");
res.status(400).json({ success: false, response: "No user found with that ID" });
}
})
} else {
res.status(401).send("Unauthorized");
res.status(401).json({ success: false, response: "Unauthorized" });
}
})
});
@@ -324,13 +331,13 @@ userRoutes.route('/change-password').post((req, res) => {
if (user) {
user.password = req.body.password;
user.save();
res.status(200).send("Success changing password");
res.status(200).json({ success: true, response: "Success changing password" });
} else {
res.status(400).send("No user found with that ID");
res.status(400).json({ success: false, response: "No user found with that ID" });
}
})
} else {
res.status(401).send("Unauthorized");
res.status(401).json({ success: false, response: "Unauthorized" });
}
})
});
@@ -349,9 +356,9 @@ userRoutes.route('/forgot-password').post((req, res) => {
r.date = new Date();
r.save();
utils.mail.sendMail(user, "forgotPassword", [{from: "%name%", to: user.name}, {from: "%pin%", to: pin}]);
res.status(200).send("Success sending reset email");
res.status(200).json({ success: true, response: "Success sending reset email" });
} else {
res.status(400).send("No user found with that email");
res.status(400).json({ success: false, response: "No user found with that email" });
}
}
)
@@ -373,13 +380,13 @@ userRoutes.route('/reset-password').post((req, res) => {
reset.remove();
user.password = req.body.password;
user.save();
res.status(200).send("Success resetting password");
res.status(200).json({ success: true, response: "Success resetting password" });
} else {
res.status(400).send("Invalid pin");
res.status(400).json({ success: false, response: "Invalid pin" });
}
})
} else {
res.status(400).send("No user found with that email");
res.status(400).json({ success: false, response: "No user found with that email" });
}
}
)
@@ -389,8 +396,7 @@ userRoutes.route('/reset-password').post((req, res) => {
module.exports = userRoutes;
function generateSession() {
var length = sessionLength;
function generateSession(length) {
var result = [];
var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-+!@#$%^&*()';
var charactersLength = characters.length;