const db = require('../db')const bcrypt = require('bcrypt');const sgMail = r

1. const db = require('../db')
2. const bcrypt = require('bcrypt');
3. const sgMail = require('@sendgrid/mail');
4. // const QRcode = require("../public/davidshimjs-qrcodejs-04f46c6/qrcode");
5. // require("../public/davidshimjs-qrcodejs-04f46c6/jquery.min")
6. const host = "localhost:3000";
7.  
8. /* must run these ini console beforehand in order for emails to work
9. 1. echo "export SENDGRID_API_KEY='API KEY'" > sendgrid.env
10. *the 'API KEY' I will have to message to you or w/e or else I get banned from sendgrid lol
11. 2. echo "sendgrid.env" >> .gitignore
12. 3. source ./sendgrid.env
13. */
14.  
15. module.exports = function (app, passport) {
16. /**
17. * testing the database
18. */
19. app.get("/test_database", function (req, res) {
20. db.query("SELECT * FROM user_table;", (err, result) => {
21. if (err) {
22. console.log(err);
23. res.send(err);
24. } else {
25. //res.send(result.rows)
26. res.json(result.rows);
27. console.log("still works");
28. //console.log(results)
29. }
30. });
31. });
32.  
33. app.get("/", function (req, res) {
34. res.render("index.hbs");
35. });
36.  
37. app.get("/login", function (req, res) {
38. res.render("login.hbs");
39. });
40.  
41. app.post('/login', function (req, res) {
42. console.log('test')
43. passport.authenticate('user', (err, user, message) => {
44. console.log('it gets here')
45. if (err) console.log(err)
46. else if (!user) {
47. console.log('Its not the user')
48. return res.redirect('/login')
49. } else {
50. req.logIn(user, function (err) {
51. if (err) console.log(err)
52. else {
53. console.log('Sign in successfull')
54. return res.redirect('/' + user.user_id);
55. }
56. })
57. }
58. })(req, res)
59. console.log('another test')
60. })
61.  
62. app.get('/logout', function (req, res) {
63. req.logout();
64. console.log('its trying to logout')
65. // req.session.destroy(function (err) {
66. // if (err) { return next(err); }
67. // // The response should indicate that the user is no longer authenticated.
68. // return res.send({ authenticated: req.isAuthenticated() });
69. // });
70. res.redirect('/');
71. });
72.  
73.  
74. app.get("/registration", function (req, res) {
75. res.render("registration.hbs");
76. });
77.  
78. app.post('/registration', function (req, res) {
79. let firstName = req.body.first_name,
80. lastName = req.body.last_name,
81. email = req.body.email,
82. password = req.body.password,
83. username = req.body.username
84. /* id = generated in postgres using these sql queries:
85. create sequence public.global_id_sequence;
86. CREATE OR REPLACE FUNCTION public.id_generator(OUT result bigint) AS $$
87. DECLARE
88. our_epoch bigint := 1314220021721;
89. seq_id bigint;
90. now_millis bigint;
91. shard_id int := 1;
92. BEGIN
93. SELECT nextval('public.global_id_sequence') % 1024 INTO seq_id;
94. SELECT FLOOR(EXTRACT(EPOCH FROM clock_timestamp()) * 1000) INTO now_millis;
95. result := (now_millis - our_epoch) << 23;
96. result := result | (shard_id << 10);
97. result := result | (seq_id);
98. END;
99. $$ LANGUAGE PLPGSQL;
100. select public.id_generator();
101. ---------------------------------------------------------------------------------
102. create table public.user_table(
103. user_id bigint not null default public.id_generator(),
104. email text not null unique,
105. first_name text,
106. last_name text,
107. username text,
108. password text
109. */
110. bcrypt.hash(password, 10, function (err, hash) {
111. if (err) {
112. console.log('error hashing');
113. console.log(err);
114. } else {
115. let query = {
116. text: 'INSERT INTO user_table ( first_name, last_name, email, username, password) VALUES ($1, $2, $3, $4, $5 )',
117. values: [firstName, lastName, email, username, hash]
118. }
119. db.query(query, (err, result) => {
120. console.log('it gets here')
121. if (err) {
122. console.log('Sign up unsuccessful');
123. console.log(err);
124. } else {
125. console.log('Sign up successfull')
126. //console.log(req.user)
127. res.redirect('/login')
128. }
129. })
130. }
131. })
132. });
133.  
134. //assumes user_id data type is text instead of an int
135. app.get("/:user_id", checkLoggedIn, function (req, res) {
136. let userID = req.params.user_id
137. let query = {
138. text: "SELECT * FROM user_table WHERE user_id = $1",
139. values: [userID]
140. }
141. db.query(query, (err, result) => {
142. if (err) {
143. console.log(err);
144. res.send(err);
145. } else {
146. let obj_query = {
147. text: 'SELECT name, user_id, object_id FROM object_table WHERE user_id = $1',
148. values: [userID]
149. }
150. db.query(obj_query, (error, obj_result) => {
151. if (error) {
152. res.send(error);
153. } else {
154. //console.log(obj_result.rows);
155. res.render('homepage',
156. {
157. 'user_id': result.rows[0].user_id,
158. 'first_name': result.rows[0].first_name,
159. 'last_name': result.rows[0].last_name,
160. 'email': result.rows[0].email,
161. 'username': result.rows[0].username,
162. 'password': result.rows[0].password,
163. 'objects': obj_result.rows
164. });
165. }
166. });
167. }
168. });
169. });
170.  
171. app.post("/:user_id", (req, res) => {
172. let objectName = req.body.object,
173. user_id = req.params.user_id,
174. url = "/" + user_id,
175. query = {
176. text: 'INSERT INTO object_table ( name, state, user_id ) VALUES ($1, $2, $3 )',
177. values: [objectName, 2, user_id]
178. };
179. db.query(query, (err, result) => {
180. if (err) {
181. console.log(err);
182. } else {
183. console.log('Item added!')
184. res.redirect(url)
185. }
186. })
187. });
188.  
189. app.get("/:user_id/:object_id", checkLoggedIn, (req, res) => {
190. /**
191. * first get user then get object
192. */
193. let object_id = req.params.object_id,
194. object = null,
195. query = {
196. text: "SELECT name, state FROM object_table where object_id = $1",
197. values: [object_id]
198. };
199.  
200. db.query(query, (err, result) => {
201. if (err) {
202. res.send(err);
203. } else {
204. object = result.rows[0];
205. //console.log(result.rows[0]);
206. //console.log(req.params);
207. /**
208. * qr code
209. */
210. // const qrcode = new QRcode("qrcode");
211. // qrcode.makeCode(host + "/" + req.params.user_id + "/" + req.params.object_id);
212. object.state = object.state === 2 ? "In-Possession" : object.state === 1 ? "Found" : "Lost";
213. res.render("specific_item.hbs", {object: object, id: req.params});
214. // res.sendFile("C:\Users\micha\Desktop\testqr\testing\index.html");
215. }
216.  
217. });
218. });
219.  
220. app.get("/:user_id/:object_id/recover", (req, res) => {
221. let object = {
222. user_id: req.params.user_id,
223. object_id: req.params.object_id,
224. }
225. res.render("recover_object.hbs", {object: object});
226. });
227.  
228. app.post("/:user_id/:object_id/recover", (req, res) => {
229. let object = {
230. user_id: req.params.user_id,
231. object_id: req.params.object_id,
232. email: ''
233. }
234. // let isSent = false;
235. let query = {
236. text: 'SELECT email FROM user_table where user_id = $1',
237. values: [object.user_id]
238. }
239. let email = ''
240. db.query(query, (err, result) => {
241. if (err) {
242. console.log(err);
243. } else {
244. email = result.rows[0].email
245. }
246. });
247. console.log(object.email +'this is the email');
248. sgMail.setApiKey(process.env.SENDGRID_API_KEY);
249. let msg = {
250. to: 'no552@nyu.edu',
251. from: 'noreply@QrFound.com',
252. subject: 'your item has been found!', //query to find item name?
253. text: req.body.textbox,
254. };
255. console.log(msg);
256. sgMail.send(msg);
257. // isSent= true;
258. res.redirect('/' + object.user_id + '/' + object.object_id + '/recover');
259. // res.render("recover_object.hbs", {object: object, isSent: isSent});
260. });
261.  
262. app.post("/:user_id/:object_id/update_status", (req, res) => {
263. // res.send(req.body.item_status);
264. // if (Object.keys(req.body).length !== 0) {
265. // const status = parseInt(req.body.item_status);
266. // db.query("UPDATE object_table set state = " + status + "where object_id = 12032017", (err, result) => {
267. // if (err) {
268. // res.send(err);
269. // }
270. // let url = "/" + req.body.user_id;
271. // res.redirect(url)
272. // });
273. // }
274.  
275. if (Object.keys(req.body).length !== 0) {
276. // console.log(req.body);
277. // console.log(req)
278. let status = req.body.item_status,
279. user = req.body.user,
280. object = req.body.object,
281. query = {
282. text: "UPDATE object_table SET state=$1 WHERE user_id=$2 AND object_id=$3",
283. values: [status, user, object]
284. }
285. // console.log(query)
286. db.query(query, (err, result) => {
287. if (err) {
288. return res.send(err);
289. } else {
290. let url = "/" + user + "/" + object;
291. res.redirect(url)
292. }
293. });
294. }
295. });
296.  
297. app.post("/:user_id/:object_id/delete", (req, res) => {
298. if (Object.keys(req.body).length !== 0) {
299. console.log(req.body);
300. let user = req.body.user,
301. object = req.body.object,
302. query = {
303. text: "DELETE FROM object_table WHERE user_id=$1 AND object_id=$2",
304. values: [user, object]
305. };
306. console.log(query);
307.  
308. db.query(query, (err, result) => {
309. if (err) {
310. return res.send(err);
311. } else {
312. let url = "/" + user;
313. res.redirect(url)
314. }
315. });
316. }
317. });
318.  
319.  
320.  
321. };
322.  
323. function checkLoggedIn(req, res, next) {
324. if (req.isAuthenticated()) {
325. return next();
326. } else {
327. res.redirect("/");
328. }
329. }