API tools faq
paste
Guest User

Untitled

a guest
Oct 30th, 2018
373
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 21.66 KB | None | 0 0
raw download clone embed print report
  1. var express = require('express');
  2. var path = require('path');
  3. var favicon = require('serve-favicon');
  4. var logger = require('morgan');
  5. var cookieParser = require('cookie-parser');
  6. var bodyParser = require('body-parser');
  7. // var session = require('client-sessions');
  8. var session = require('express-session');
  9. var flash = require('connect-flash');
  10. var csrf = require('csurf');
  11. var cors = require('cors');
  12.  
  13. //======== newly added =====
  14. // var csrfProtection = csrf({ cookie: true });
  15.  
  16. //==== end of all ==========
  17.  
  18. // var RedisStore = require('connect-redis')(session);
  19.  
  20. // var fileUpload = require('express-fileupload');
  21.  
  22. var app = express();
  23.  
  24. // app.use(fileUpload());
  25.  
  26. // view engine setup
  27. app.set('views', path.join(__dirname, 'views'));
  28. app.set('view engine', 'ejs');
  29.  
  30. // uncomment after placing your favicon in /public
  31. //app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
  32. app.use(logger('dev'));
  33. app.use(bodyParser.json());
  34. app.use(bodyParser.json({limit: '100mb'}));
  35. app.use(bodyParser.urlencoded({limit: '100mb', extended: true, parameterLimit:50000}));
  36. app.use(cors());
  37. app.options('*', cors());
  38. app.use(cookieParser());
  39.  
  40. app.set('trust proxy', 1) // trust first proxy
  41. app.use(session({
  42. secret : 'irutirutiurtuiru',
  43. expires : new Date(Date.now() + 3600000),
  44. resave : false,
  45. saveUninitialized : true,
  46. }));
  47. app.use(flash());
  48.  
  49. //To disable x-powered-by details in header
  50. app.disable('x-powered-by');
  51. app.use(csrf({ cookie: true }));
  52.  
  53. var index = require('./routes/index');
  54. var users = require('./routes/users');
  55. var tags = require('./routes/tags');
  56. var access = require('./routes/access');
  57. var brand = require('./routes/brand');
  58. var user = require('./routes/user');
  59. var article = require('./routes/article');
  60. var articlenew = require('./routes/articlenew');
  61. // var imageUpload = require('./routes/imageUpload');
  62. var faq = require('./routes/faq');
  63. var login = require('./routes/login');
  64. var admin = require('./routes/admins');
  65. var editorpick = require('./routes/editorpick');
  66. var log = require('./routes/log');
  67. var articleadminview = require('./routes/articleadminview');
  68. var logout = require('./routes/logout');
  69. var domain = require('./routes/domain');
  70.  
  71. var banner = require('./routes/banner');
  72. var bannerview = require('./routes/bannerview');
  73. var moderater = require('./routes/moderater');
  74. var poll = require('./routes/poll');
  75. var articleviewcount = require('./routes/articleviewcount');
  76. var report = require('./routes/report');
  77. var whitepaper = require('./routes/whitepaper');
  78. var changepassword = require('./routes/changepassword');
  79. var editprofile = require('./routes/editprofile');
  80.  
  81.  
  82. app.use(require('stylus').middleware(path.join(__dirname, 'public')));
  83. app.use(express.static(path.join(__dirname, 'public')));
  84.  
  85. app.use('/', index);
  86. // app.use('/users', users);
  87. app.use('/tags',tags);
  88. app.use('/access', access);
  89. app.use('/brand', brand);
  90. app.use('/user', user);
  91. app.use('/article', article);
  92. app.use('/articlenew', articlenew);
  93. // app.use('/imageUpload', imageUpload);
  94. app.use('/faq', faq);
  95. app.use('/login', login);
  96. app.use('/admins', admin);
  97. app.use('/editorpick', editorpick);
  98. app.use('/log', log);
  99. app.use('/articleadminview', articleadminview);
  100. app.use('/logout', logout);
  101. app.use('/domain', domain);
  102. app.use('/banner', banner);
  103. app.use('/bannerview', bannerview);
  104. app.use('/moderater', moderater);
  105. app.use('/poll', poll);
  106. app.use('/articleviewcount',articleviewcount);
  107. app.use('/report', report);
  108. app.use('/whitepaper', whitepaper);
  109. app.use('/changepassword', changepassword);
  110. app.use('/editprofile', editprofile);
  111.  
  112. //client session
  113. // app.use(session({
  114. // cookieName: 'session',
  115. // secret: 'random_string_goes_here',
  116. // duration: 30 * 60 * 1000,
  117. // activeDuration: 5 * 60 * 1000,
  118. // }));
  119.  
  120. // app.use(session({
  121. // secret: 'fnss0893oin$(@&',
  122. // resave: false,
  123. // saveUninitialized: true
  124. // }));
  125.  
  126.  
  127. // catch 404 and forward to error handler
  128. app.use(function(req, res, next) {
  129.  
  130. // res.header("Access-Control-Allow-Origin", "*");
  131. // res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  132.  
  133. var err = new Error('Not Found');
  134. err.status = 404;
  135. next(err);
  136. });
  137.  
  138. // error handler
  139. app.use(function(err, req, res, next) {
  140. // set locals, only providing error in development
  141. res.locals.message = err.message;
  142. res.locals.error = req.app.get('env') === 'development' ? err : {};
  143.  
  144. res.locals._csrf = req.csrfToken();
  145. // if(err.code == 'EBADCSRFTOKEN'){
  146. // res.render('csrfError');
  147. // }
  148.  
  149. // render the error page
  150. res.status(err.status || 500);
  151. // res.render('404');
  152. res.render('error');
  153. });
  154.  
  155. module.exports = app;
  156.  
  157. $(function(){
  158. loginPage();
  159. });
  160. function loginPage(){
  161. $('#footer').load('footer', function(){
  162. $('.footer').addClass('posAbs');
  163. });
  164.  
  165. $('.preloader').fadeOut();
  166.  
  167. $(document).on('click', '#signin', function() {
  168. //Retreving the input values
  169. login();
  170. });
  171. $( "#loginpass" ).on( "keydown", function(event) {
  172. if(event.which == 13){
  173. login();
  174. }
  175. });
  176. $('.forgot-btn').on('click', function(){
  177. $(".loginContainer").fadeOut(400, function(){
  178. $(".resetContainer").fadeIn(400);
  179. });
  180. });
  181. $('.resetpass-btn').on('click', function(){
  182. forgotPass();
  183. });
  184. $( ".emailId" ).on( "keydown", function(event) {
  185. if(event.which == 13){
  186. forgotPass();
  187. }
  188. });
  189. $('.notifycontent, .submitted').hide();
  190. $('.notifya').on('click', function(){
  191. $('.notifyMain').hide();
  192. $('.notifycontent').show();
  193. })
  194. $(document).on('click', '.notifysubmit', function(){
  195. var email = $('#notifyEmail').val();
  196. if(email == ""){
  197. var h = $('#notifyEmail').parent().find('.highlighter');
  198. h.show();
  199. h.addClass('shake animated');
  200. $('#notifyEmail').addClass('error');
  201. h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  202. $(this).removeClass("shake animated");
  203. setTimeout(function() {
  204. h.fadeOut(300);
  205. }, 5000);
  206. });
  207. return false;
  208. }
  209. else if(email != ""){
  210. var expr = /^([w-.]+)@(([[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.)|(([w-]+.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(]?)$/;
  211. if(!expr.test(email)){
  212. var h = $('#notifyEmail').parent().find('.highlighter');
  213. h.show().html('Enter a valid Email');
  214. h.addClass('shake animated');
  215. $('#notifyEmail').addClass('error');
  216. h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  217. $(this).removeClass("shake animated");
  218. setTimeout(function() {
  219. h.fadeOut(300);
  220. }, 5000);
  221. });
  222. return false;
  223. }
  224. else{
  225. mailAdmin(email);
  226. $('#notifyadmin').modal('hide');
  227. }
  228.  
  229. }
  230.  
  231. });
  232. inputValidate();
  233. }
  234. function loginerror() {
  235. var email = $('.email').val();
  236. var password = $('.password').val();
  237. if(email == ''){
  238. var h = $('.email').parent().find('.highlighter');
  239. h.show();
  240. h.addClass('shake animated');
  241. $('.email').addClass('error');
  242. h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  243. $(this).removeClass("shake animated");
  244. setTimeout(function() {
  245. h.fadeOut(300);
  246. }, 5000);
  247. });
  248.  
  249. }
  250. else if(password == ''){
  251. var h = $('.password').parent().find('.highlighter');
  252. h.show();
  253. h.addClass('shake animated');
  254. $('.password').addClass('error');
  255. h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  256. $(this).removeClass("shake animated");
  257. setTimeout(function() {
  258. h.fadeOut(300);
  259. }, 5000);
  260. });
  261. }
  262. }
  263.  
  264. function forgotPass(){
  265. var emailId = $('.emailId').val();
  266. var emailRegex = new RegExp(/^([w.-]+)@([w-]+)((.(w){2,3})+)$/i);
  267. var valid = emailRegex.test(emailId);
  268. if (!valid) {
  269. var h = $('.emailId').parent().find('.highlighter');
  270. h.show();
  271. h.addClass('shake animated');
  272. $('.emailId').addClass('error');
  273. h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  274. $(this).removeClass("shake animated");
  275. setTimeout(function() {
  276. h.fadeOut(300);
  277. }, 5000);
  278. });
  279. return false;
  280. } else{
  281. $('.preloader').fadeIn(300);
  282. forgotPassword(emailId);
  283. }
  284. }
  285.  
  286. function forgotPassword(email){
  287. var settings = {
  288. "url": base_url+"/forgotpassword/"+email,
  289. "method": "GET",
  290. "async" : true,
  291. };
  292. $.ajax(settings).done(function(data) {
  293. if (data.status === true) {
  294. $('#resetPass h4').html('Your password reset link has been mailed to '+email);
  295. $('.preloader').fadeOut(300);
  296. $('#resetPass').modal('show');
  297. pageCheck = "reset"
  298. }
  299. else {
  300. checkactiveUser(email, pageCheck);
  301. }
  302.  
  303. }).fail(function(jqXHR, textStatus, errorThrown) {
  304. if (jqXHR.status == 403 || jqXHR.status == 405) {
  305. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  306. forgotPassword();
  307. }
  308. console.log('Server error. Please try again.');
  309. });
  310. }
  311.  
  312. function login(){
  313. var email = $('.email').val();
  314. var password = $('.password').val();
  315. var csrfToken = fetchtoken();
  316. pageCheck = "login"
  317. if ((email != '') && (password != '')) {
  318. var settings = {
  319. "url": base_url+"/login",
  320. "method": "POST",
  321. dataType: 'json',
  322. // headers: {
  323. // "x-CSRF-token": csrfToken,
  324. // },
  325. data:{
  326. "email": email,
  327. "password": password,
  328. // "_csrf": csrfToken
  329. },
  330. crossdomain : true
  331. };
  332. $.ajax(settings).done(function(data) {
  333. if (data.status === true) {
  334. alert();
  335. // var data = data.data;
  336. // token = data.accesstoken;
  337. // var userId = data.id;
  338. // localStorage.setItem('userId', userId);
  339. // localStorage.setItem('token', token);
  340. // var userInfo = JSON.stringify(data);
  341. // localStorage.setItem('pollVisited', data.pollVisitedFlag);
  342. // window.open('home', '_self');
  343. }
  344. else {
  345. if(data.msg == "Email id doesnt exist"){
  346. $('#loginError').modal('show');
  347. }
  348. else{
  349. $('.preloader').fadeIn();
  350. checkactiveUser(email, pageCheck);
  351. // var h = $('.password').parent().find('.highlighter');
  352. // h.show().html('Enter a valid password');
  353. // h.addClass('shake animated');
  354. // $('.password').addClass('error');
  355. // h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  356. // $(this).removeClass("shake animated");
  357. // setTimeout(function() {
  358. // h.fadeOut(300);
  359. // }, 5000);
  360. // });
  361. }
  362.  
  363. }
  364. }).fail(function(jqXHR, textStatus, errorThrown) {
  365. if (jqXHR.status == 403 || jqXHR.status == 405 || jqXHR.status == 502) {
  366. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  367. loginPage();
  368. }
  369. console.log(jqXHR.status + textStatus + errorThrown);
  370. });
  371.  
  372. } else {
  373. loginerror();
  374. }
  375. }
  376.  
  377. function inputValidate(){
  378. $('input').focus(function(){
  379. $(this).removeClass('error');
  380. $('.highlighter').fadeOut(300);
  381. });
  382. }
  383.  
  384. function logintimeLog(token){
  385. var settings = {
  386. "url": base_url+"/logintimelog/"+ token,
  387. "method": "GET",
  388. };
  389. $.ajax(settings).done(function(data) {
  390. if (data.status === true) {
  391. console.log('log in');
  392. } else {
  393. console.log('Response status is false');
  394. logintimeLog();
  395. }
  396. }).fail(function(jqXHR, textStatus, errorThrown) {
  397. if (jqXHR.status == 403 || jqXHR.status == 405 || jqXHR.status == 502) {
  398. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  399. logintimeLog();
  400. }
  401. console.log('Server error. Please try again.');
  402. logintimeLog();
  403. });
  404. }
  405.  
  406. function checkactiveUser(email, x){
  407. var settings = {
  408. "url": base_url+"/userexist",
  409. "method": "POST",
  410. data:{
  411. "email": email,
  412. }
  413. };
  414. $.ajax(settings).done(function(data) {
  415. if (data.status === true) {
  416. if(data.active === 0){
  417. $('.verify-btn').attr('disabled', true).removeClass('green').addClass('disabled');
  418. $('#onboarding h4').html('Your account is verified.');
  419. $('#onboarding p').html('Complete your sign-up to start using RMA.');
  420. $('#onboarding .sign-here').hide();
  421. $('#onboarding .black-filled').html('Okay');
  422. $('#onboarding').modal('show');
  423. $('.preloader').fadeOut(300);
  424. }
  425. else{
  426. if(x == 'login'){
  427. $('.preloader').fadeOut(300);
  428. var h = $('.password').parent().find('.highlighter');
  429. h.show().html('Enter a valid password');
  430. h.addClass('shake animated');
  431. $('.password').addClass('error');
  432. h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  433. $(this).removeClass("shake animated");
  434. setTimeout(function() {
  435. h.fadeOut(300);
  436. }, 5000);
  437. });
  438. }
  439. else{
  440. $('.preloader').fadeOut(300);
  441. $('#onboarding').modal('show');
  442. }
  443. }
  444. }
  445. else{
  446. if(x == "reset"){
  447. $('#notifyadmin').modal('show');
  448. }
  449. if(x == 'login'){
  450. var h = $('.password').parent().find('.highlighter');
  451. h.show().html('Enter a valid password');
  452. h.addClass('shake animated');
  453. $('.password').addClass('error');
  454. h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  455. $(this).removeClass("shake animated");
  456. setTimeout(function() {
  457. h.fadeOut(300);
  458. }, 5000);
  459. });
  460. }
  461.  
  462. }
  463. }).fail(function(jqXHR, textStatus, errorThrown) {
  464. if (jqXHR.status == 403 || jqXHR.status == 405) {
  465. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  466. emailVerification();
  467. }
  468. console.log('Server error. Please try again.');
  469. });
  470. }
  471. function mailAdmin(email){
  472. $('.preloader').fadeIn();
  473. var settings = {
  474. "url": base_url+"/mailtoadmin",
  475. "method": "POST",
  476. data:{
  477. "email": email,
  478. }
  479. };
  480. $.ajax(settings).done(function(data) {
  481. if (data.status === true) {
  482. $('.notifycontent').hide();
  483. $('.submitted').show();
  484. $('#notifyadmin').modal('show');
  485. $('.preloader').fadeOut();
  486.  
  487. }
  488. }).fail(function(jqXHR, textStatus, errorThrown) {
  489. if (jqXHR.status == 403 || jqXHR.status == 405) {
  490. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  491. emailVerification();
  492. }
  493. console.log('Server error. Please try again.');
  494. });
  495. }
  496. function fetchtoken(){
  497. var settings = {
  498. "url": base_url+"/fetchtoken",
  499. "method": "GET",
  500. };
  501. $.ajax(settings).done(function(data) {
  502. $('input[name="_csrf"]').val(data.token);
  503. return data.token;
  504. }).fail(function(jqXHR, textStatus, errorThrown) {
  505. if (jqXHR.status == 403 || jqXHR.status == 405) {
  506. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  507. fetchtoken();
  508. }
  509. console.log('Server error. Please try again.');
  510. });
  511. }
  512.  
  513. HTTP/1.1 200 OK
  514. Server: nginx
  515. Date: Sat, 25 Feb 2017 13:14:44 GMT
  516. Content-Type: application/json; charset=utf-8
  517. Content-Length: 48
  518. Connection: keep-alive
  519. Access-Control-Allow-Origin: *
  520. set-cookie: _csrf=2bd-cKtDQuEeKrACQAJr-Rhu; Path=/
  521. set-cookie: connect.sid=s%3AMIz1TNRpYTI7Pk8uO6MgzOd5M6a31cyW.0RYKkWw9w6om7GGQSawE89hDskJJ5nQ7HZdI24jdmF8; Path=/; HttpOnly
  522. ETag: W/"30-GhAlz0fz9nu44Q5ZUCXJSw"
  523. Cache-Control: max-age=0, no-cache, no-store, must-revalidate
  524. Pragma: no-cache
  525. X-Xss-Protection: 1; mode=block
  526. X-Frame-Options: SAMEORIGIN
  527. X-Content-Type-Options: nosniff
  528.  
  529. HTTP/1.1 403 Forbidden
  530. Server: nginx
  531. Date: Sat, 25 Feb 2017 13:14:44 GMT
  532. Content-Type: text/html; charset=utf-8
  533. Transfer-Encoding: chunked
  534. Connection: keep-alive
  535. Access-Control-Allow-Origin: *
  536. set-cookie: _csrf=WOF-6ruV7OretakTDESz0gdv; Path=/
  537. set-cookie: connect.sid=s%3A6ft632U8-ykvlzSrUiPcBM4ULBHtIl_A.FuiSoiQ6%2BC22ThR%2Br5PwwHgCLP1nve2mFSLwoluLJTs; Path=/; HttpOnly
  538. ETag: W/"445-JIguc6Asgpp7T6tcOBhH9w"
  539. Content-Encoding: gzip
  540.  
  541. <input id="_csrf" type="hidden" value="1Lf4MPRe-vaeSnvXKNmDIlGIBx4epL6izVFA" name="_csrf">
  542.  
  543. function fetchtoken(){
  544. var settings = {
  545. "url": base_url+"/fetchtoken",
  546. "method": "GET",
  547. };
  548. return $.ajax(settings).done(function(data) {
  549. return data.token;
  550. }).fail(function(jqXHR, textStatus, errorThrown) {
  551. if (jqXHR.status == 403 || jqXHR.status == 405) {
  552. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  553. return fetchtoken();
  554. }
  555.  
  556. return null;
  557. console.log('Server error. Please try again.');
  558. });
  559. }
  560.  
  561. function login(){
  562. var email = $('.email').val();
  563. var password = $('.password').val();
  564. pageCheck = "login"
  565. fetchtoken().then(function(csrfToken) {
  566. if ((email != '') && (password != '')) {
  567. var settings = {
  568. "url": base_url+"/login",
  569. "method": "POST",
  570. dataType: 'json',
  571. data:{
  572. "email": email,
  573. "password": password,
  574. "_csrf": csrfToken
  575. },
  576. crossdomain : true
  577. };
  578. $.ajax(settings).done(function(data) {
  579. if (data.status === true) {
  580. alert("Logged in!");
  581. // var data = data.data;
  582. // token = data.accesstoken;
  583. // var userId = data.id;
  584. // localStorage.setItem('userId', userId);
  585. // localStorage.setItem('token', token);
  586. // var userInfo = JSON.stringify(data);
  587. // localStorage.setItem('pollVisited', data.pollVisitedFlag);
  588. // window.open('home', '_self');
  589. }
  590. else {
  591. if(data.msg == "Email id doesnt exist"){
  592. $('#loginError').modal('show');
  593. }
  594. else{
  595. $('.preloader').fadeIn();
  596. checkactiveUser(email, pageCheck);
  597. // var h = $('.password').parent().find('.highlighter');
  598. // h.show().html('Enter a valid password');
  599. // h.addClass('shake animated');
  600. // $('.password').addClass('error');
  601. // h.one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
  602. // $(this).removeClass("shake animated");
  603. // setTimeout(function() {
  604. // h.fadeOut(300);
  605. // }, 5000);
  606. // });
  607. }
  608. }
  609. }).fail(function(jqXHR, textStatus, errorThrown) {
  610. if (jqXHR.status == 403 || jqXHR.status == 405 || jqXHR.status == 502) {
  611. console.log('Server error. ' + jqXHR.status + '. ' + textStatus + '. ' + errorThrown);
  612. loginPage();
  613. }
  614. console.log(jqXHR.status + textStatus + errorThrown);
  615. });
  616. } else {
  617. loginerror();
  618. }
  619. });
  620. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!