var mongoose = require('mongoose');mongoose.connect('mongodb://localhost/cross

1. var mongoose = require('mongoose');
2. mongoose.connect('mongodb://localhost/crossnotify', {useNewUrlParser: true});
3. var md5 = require("md5");
4. var validator = require("email-validator");
5. var logger = require('mag')();
6. var UserSchema = new mongoose.Schema({
7.   email: {
8.     type: String,
9.     unique: true,
10.     required: true,
11.     trim: true
12.   },
13.   username: {
14.     type: String,
15.     unique: true,
16.     required: true,
17.     trim: true
18.   },
19.   password: {
20.     type: String,
21.     required: true
22.   },
23.   session: {
24.     type: String,
25.     required: true
26.   },
27.   authorized: {
28.     type: Number,
29.     required: true
30.   }
31. });
32. var User = mongoose.model('User', UserSchema);
33.  
34. var NotificationSchema = new mongoose.Schema({
35.     username: String,
36.     app: String,
37.     text: String
38. });
39.  
40. var Notification = mongoose.model('Notification', NotificationSchema);
41.  
42. module.exports = User;
43.  
44. var register = async function(emailr, usernamer, passwordr){
45.     var session_string = Math.random().toString(36).substring(2, 15);
46.     // console.log(passwordr);
47.     if(!validator.validate(emailr)){
48.       return "invalid email";
49.     }
50.    
51.     var userData = new User({
52.       email: emailr,
53.       username: usernamer,
54.       password: passwordr,
55.       session: session_string,
56.       authorized: 1
57.     });
58.    
59.     try{
60.       let user = await userData.save();
61.       return "ok@"+usernamer+":"+session_string;
62.     } catch (err){
63.       if (err.name === 'MongoError' && err.code === 11000) {
64.         return "alr";
65.       }
66.       return err.message;
67.     }
68.  
69. };
70.  
71. var login = async function(username, password){
72.     const user = await User.findOne({username: username});
73.     if(user == undefined) return "inv";
74.     if(password == user.password){
75.       return "ok@"+username+":"+user.session;
76.     }
77.     else return "inv";
78. };
79.  
80. var getSession = async function(username){
81.   const user = await User.findOne({username: username});
82.   if(user == undefined) return "lol";
83.   else return user.session;
84. }
85.  
86. const express = require('express')
87. const app = express()
88. const port = 34532
89.  
90. app.get('/send', async (request, response) => {
91.     var start = new Date()
92.     if(request.query.username && request.query.session && request.query.text && request.query.application){
93.       if(request.query.application == "android"){
94.         response.status(400).send("Wrong query");
95.       }
96.       else if(request.query.session != await getSession(request.query.username)){
97.         logger.error("Somebody send fake session key for user: " + request.query.username + " from ip: " + (request.headers['x-real-ip'] || request.connection.remoteAddress));
98.         logger.info("/send Time: " + (new Date() - start).toString() + "ms. Result: 500");
99.         response.status(500).send("You are hacker");
100.       }
101.       else{
102.         var data = new Notification({username: request.query.username, app: request.query.application, text: request.query.text});
103.         try{
104.           let notification = await data.save();
105.           logger.info("User: " + request.query.username + " send notification");
106.           logger.info("/send Time: " + (new Date() - start).toString() + "ms. Result: 100");
107.           response.status(200).send("ok");
108.         } catch (err){
109.           logger.warn("Error while " + request.query.username + " sent notification");
110.           logger.info("/send Time: " + (new Date() - start).toString() + "ms. Result: 500");
111.           if (err.name === 'MongoError' && err.code === 11000) {
112.             response.status(500).send("wtf");
113.           }
114.           else response.status(500).send(err.message);
115.         }
116.       }
117.     }
118.     else{
119.     }
120. })
121.  
122. app.get('/get', async (request, response) => {
123.   var start = new Date()
124.   if(request.query.username && request.query.session){
125.     if(request.query.session != await getSession(request.query.username)){
126.       logger.error("Somebody send fake session key for user: " + request.query.username + " from ip: " + (request.headers['x-real-ip'] || request.connection.remoteAddress));
127.       response.status(500).send("You are hacker");
128.     }
129.     else{
130.       var data = await Notification.find({username: request.query.username});
131.       await Notification.remove({username: request.query.username});
132.       logger.info(request.query.username + " asked his notifications");
133.       logger.info("/get Time: " + (new Date() - start).toString() + "ms. Result: 200");
134.       response.status(200).send(data);
135.     }
136.   }
137.   else{
138.     logger.info("/get Time: " + (new Date() - start).toString() + "ms. Result: 400");
139.     response.status(400).send("Wrong query");
140.   }
141. });
142.  
143. app.get('/register', async (request, response) => {
144.     var start = new Date()
145.     if(request.query.email && request.query.username && request.query.password){
146.       var result = await register(request.query.email, request.query.username, md5("ahahaha, max spasibo, " + request.query.password));
147.       // console.log(result);
148.       if(result.startsWith("ok")){
149.         logger.info("New user: " + request.query.username + " registered");
150.         logger.info("/register Time: " + (new Date() - start).toString() + "ms. Result: 200");
151.         response.status(200).send(result);
152.       }
153.       else{
154.         logger.info("/register Time: " + (new Date() - start).toString() + "ms. Result: 409");
155.         response.status(409).send(result);
156.       }
157.     }
158.     else{
159.       logger.info("/register Time: " + (new Date() - start).toString() + "ms. Result: 400");
160.       response.status(400).send("U made wrong qry");
161.     }
162. })
163.  
164.  
165.  
166. app.get('/login', async (request, response) => {
167.   var start = new Date()
168.     if(request.query.username && request.query.password){
169.       var result = await login(request.query.username, md5("ahahaha, max spasibo, " + request.query.password));
170.       if(result.startsWith('ok')){
171.         logger.info("User: " + request.query.username + " logined");
172.         logger.info("/login Time: " + (new Date() - start).toString() + "ms. Result: 200");
173.         response.status(200).send(result);
174.       }
175.       else{
176.         logger.info("/login Time: " + (new Date() - start).toString() + "ms. Result: 409");
177.         response.status(409).send(result);
178.       }
179.     }
180.     else{
181.       logger.info("/login Time: " + (new Date() - start).toString() + "ms. Result: 400");
182.       response.status(400).send("U made wrong qry");
183.     }
184. })
185.  
186. app.get('/', (request, response) => {
187.   response.status(404).send('Not found');
188. })
189.  
190. app.listen(port, (err) => {
191.     if (err) {
192.         return console.log('something bad happened', err)
193.     }
194.  
195.  
196.     console.log(`server is listening on ${port}`)
197. })
198.