API tools faq
paste
Guest User

Untitled

a guest
Jan 2nd, 2018
36
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.61 KB | None | 0 0
raw download clone embed print report
  1. app.js
  2.  
  3. var express = require('express');
  4. var path = require('path');
  5. var favicon = require('serve-favicon');
  6. var logger = require('morgan');
  7. var cookieParser = require('cookie-parser');
  8. var bodyParser = require('body-parser');
  9.  
  10. var passport = require('passport');
  11. var authenticate = require('./authenticate');
  12. const uploadRouter = require('./routes/uploadRouter');
  13. var session = require('express-session');
  14. var FileStore = require('session-file-store')(session);
  15.  
  16. var index = require('./routes/index');
  17. var users = require('./routes/users');
  18.  
  19. var dishRouter = require('./routes/dishRouter');
  20. var promoRouter = require('./routes/promoRouter');
  21. var leaderRouter = require('./routes/leaderRouter');
  22. var favoriteRouter = require('./routes/favorite');
  23.  
  24. const mongoose = require('mongoose');
  25. mongoose.Promise = require('bluebird');
  26.  
  27. const Dishes = require('./models/dishes.js');
  28. const Leader = require('./models/leaders.js');
  29. const Promotion = require('./models/promotion.js');
  30. const User = require('./models/users.js');
  31.  
  32. // const url = 'mongodb://localhost:27017/confusion';
  33.  
  34. var config = require('./config');
  35. const url = config.mongoUrl;
  36.  
  37. const connect = mongoose.connect(url, {
  38. useMongoClient: true
  39. });
  40.  
  41. connect.then((db) => {
  42. console.log('connected to server');
  43. },(err) => { console.log(err); })
  44.  
  45. var app = express();
  46.  
  47. // view engine setup
  48. app.set('views', path.join(__dirname, 'views'));
  49. app.set('view engine', 'jade');
  50.  
  51. // uncomment after placing your favicon in /public
  52. //app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
  53. app.use(logger('dev'));
  54. app.use(bodyParser.json());
  55. app.use(bodyParser.urlencoded({ extended: false }));
  56. // app.use(cookieParser('12345-67890-09876-54321'));
  57.  
  58. app.use(session({
  59. name: 'session-id',
  60. secret: '12345-67890-09876-54321',
  61. saveUninitialized: false,
  62. resave: false,
  63. store: new FileStore()
  64. }));
  65.  
  66. app.use(passport.initialize());
  67. app.use(passport.session());
  68.  
  69. // Secure traffic only
  70. app.all('*', (req, res, next) => {
  71. if (req.secure) {
  72. return next();
  73. }
  74. else {
  75. res.redirect(307, 'https://' + req.hostname + ':' + app.get('secPort') + req.url);
  76. }
  77. });
  78. // function auth(req,res,next) {
  79. // console.log(req.signedCookies);
  80. // if(!req.signedCookies.user) {
  81. // var authHeader = req.headers.authorization;
  82. // if(!authHeader) {
  83. // var err = new Error('you are not authenticated');
  84. // res.setHeader('WWW-Authenticate','Basic');
  85. // err.status = 401;
  86. // next(err);
  87. // return next(err);
  88. // }
  89.  
  90. // var auth = new Buffer(authHeader.split(' ')[1], 'base64').toString().split(':');
  91.  
  92. // var username = auth[0];
  93. // var password = auth[1];
  94.  
  95. // if(username == 'admin' && password == 'password') {
  96. // res.cookie('user','admin',{signed:true});
  97. // next();
  98. // } else {
  99. // var err = new Error('you are not authenticated');
  100. // res.setHeader('WWW-Authenticate','Basic');
  101. // err.status = 401;
  102. // return next(err);
  103. // }
  104.  
  105. // } else {
  106. // if(req.signedCookies.user == "admin") {
  107. // next();
  108. // } else {
  109. // var err = new Error('you are not authenticated');
  110. // err.status = 401;
  111. // return next(err);
  112. // }
  113. // }
  114.  
  115.  
  116. // }
  117.  
  118.  
  119. // function auth (req, res, next) {
  120. // console.log(req.session);
  121.  
  122. // if (!req.session.user) {
  123. // var authHeader = req.headers.authorization;
  124. // if (!authHeader) {
  125. // var err = new Error('You are not authenticated!');
  126. // res.setHeader('WWW-Authenticate', 'Basic');
  127. // err.status = 401;
  128. // next(err);
  129. // return;
  130. // }
  131. // var auth = new Buffer(authHeader.split(' ')[1], 'base64').toString().split(':');
  132. // var user = auth[0];
  133. // var pass = auth[1];
  134. // if (user == 'admin' && pass == 'password') {
  135. // req.session.user = 'admin';
  136. // next(); // authorized
  137. // } else {
  138. // var err = new Error('You are not authenticated!');
  139. // res.setHeader('WWW-Authenticate', 'Basic');
  140. // err.status = 401;
  141. // next(err);
  142. // }
  143. // }
  144. // else {
  145. // if (req.session.user === 'admin') {
  146. // console.log('req.session: ',req.session);
  147. // next();
  148. // }
  149. // else {
  150. // var err = new Error('You are not authenticated!');
  151. // err.status = 401;
  152. // next(err);
  153. // }
  154. // }
  155. // }
  156.  
  157. app.use('/', index);
  158. app.use('/users', users);
  159. app.use('/imageUpload',uploadRouter);
  160. app.use('/favorite',favoriteRouter);
  161.  
  162. // function auth (req, res, next) {
  163. // console.log(req.session);
  164.  
  165. // if(!req.session.user) {
  166. // var err = new Error('You are not authenticated!');
  167. // err.status = 403;
  168. // return next(err);
  169. // }
  170. // else {
  171. // if (req.session.user === 'authenticated') {
  172. // next();
  173. // }
  174. // else {
  175. // var err = new Error('You are not authenticated!');
  176. // err.status = 403;
  177. // return next(err);
  178. // }
  179. // }
  180. // }
  181.  
  182.  
  183. // function auth (req, res, next) {
  184. // console.log(req.user);
  185.  
  186. // if (!req.user) {
  187. // var err = new Error('You are not authenticated!');
  188. // res.setHeader('WWW-Authenticate', 'Basic');
  189. // err.status = 401;
  190. // next(err);
  191. // }
  192. // else {
  193. // next();
  194. // }
  195. // }
  196.  
  197. // app.use(auth);
  198.  
  199. app.use(express.static(path.join(__dirname, 'public')));
  200.  
  201.  
  202. app.use('/dishes', dishRouter);
  203. app.use('/promotion', promoRouter);
  204. app.use('/leaders', leaderRouter);
  205.  
  206. // catch 404 and forward to error handler
  207. app.use(function(req, res, next) {
  208. var err = new Error('Not Found');
  209. err.status = 404;
  210. next(err);
  211. });
  212.  
  213. // error handler
  214. app.use(function(err, req, res, next) {
  215. // set locals, only providing error in development
  216. res.locals.message = err.message;
  217. res.locals.error = req.app.get('env') === 'development' ? err : {};
  218.  
  219. // render the error page
  220. res.status(err.status || 500);
  221. res.render('error');
  222. });
  223.  
  224. module.exports = app;
  225.  
  226.  
  227. ==============================================================
  228. favorite.js
  229.  
  230. const mongoose = require('mongoose');
  231. const Schema = mongoose.Schema;
  232. require('mongoose-currency').loadType(mongoose);
  233. const Currency = mongoose.Types.Currency;
  234.  
  235.  
  236. var favoriteSchema = new Schema({
  237.  
  238. user: {
  239. type: mongoose.Schema.Types.ObjectId,
  240. ref: 'User'
  241. },
  242. dish: [ {
  243. type: mongoose.Schema.Types.ObjectId,
  244. ref: 'Dish'
  245. }]
  246. }, {
  247. timestamps: true
  248. });
  249.  
  250. var Favorite = mongoose.model('Favorite', favoriteSchema);
  251.  
  252. module.exports = Favorite;
  253.  
  254. ========================================================================
  255.  
  256. favoriteRouter.js
  257.  
  258.  
  259. const express = require('express');
  260. const bodyParser = require('body-parser');
  261. const mongoose = require('mongoose');
  262. var authenticate = require('../authenticate');
  263. const cors = require('./cors');
  264. const Favorite = require('../models/favorite');
  265. const favoriteRouter = express.Router();
  266.  
  267. favoriteRouter.use(bodyParser.json());
  268.  
  269. favoriteRouter.route('/')
  270. .options(cors.corsWithOptions, (req, res) => { res.sendStatus(200); })
  271. .get(cors.cors,(req,res,next) => {
  272. Favorite.find({})
  273. .populate('user')
  274. .populate('dish')
  275. .then((fav) => {
  276. res.statusCode = 200;
  277. res.setHeader('Content-Type', 'application/json');
  278. res.json(fav);
  279. }, (err) => next(err))
  280. .catch((err) => next(err));
  281. })
  282. .post(cors.corsWithOptions,authenticate.verifyUser,(req, res, next) => {
  283. authenticate.verifyAdmin(req.user._id, (p, q) => {
  284. if(q == true) {
  285. Favorite.find({})
  286. .then((favData) => {
  287. if(favData.user == req.user._id) {
  288. for(let i = 0;i<favData.dish.length;i++) {
  289. for(let j = 0;j< req.body.dish;j++) {
  290. if(favData.dish[i] != req.body.dish[j]) {
  291. favData.dish.push(req.body.dish[j])
  292. }
  293. }
  294. }
  295.  
  296. favData.save()
  297. .then((favdata) => {
  298. res.statusCode = 200;
  299. res.setHeader('Content-Type', 'application/json');
  300. res.json(favdata);
  301. }, (err) => next(err));
  302.  
  303. } else {
  304. Favorite.create(req.body)
  305. .then((fav) => {
  306. console.log('fav created', fav);
  307. res.statusCode = 200;
  308. res.setHeader('Content-Type','application/json');
  309. res.json(fav);
  310. },(err) => next(err))
  311. .catch((err) => next(err));
  312. }
  313.  
  314. })
  315.  
  316. } else if(q == false){
  317. console.log('admin false');
  318. res.statusCode = 403;
  319. res.end('you are not authorize to perform this operation');
  320.  
  321. } else {
  322. next(err);
  323. }
  324. })
  325.  
  326. })
  327. .delete(cors.corsWithOptions,authenticate.verifyUser,(req, res, next) => {
  328. authenticate.verifyAdmin(req.user._id, (p, q,next) => {
  329. if(q == true) {
  330. Favorite.remove({})
  331. .then((resp) => {
  332. res.statusCode = 200;
  333. res.setHeader('Content-Type','application/json');
  334. res.json(resp);
  335. },(err) => next(err))
  336. .catch((err) => next(err));
  337. }
  338. else if(q == false) {
  339. res.statusCode = 403;
  340. res.end('you are not authorize to perform this operation');
  341. } else {
  342. next(err);
  343. }
  344. });
  345. });
  346.  
  347.  
  348. favoriteRouter.route('/:dishId')
  349. .options(cors.corsWithOptions, (req, res) => { res.sendStatus(200); })
  350. .post(cors.corsWithOptions,authenticate.verifyUser,(req, res, next) => {
  351. authenticate.verifyAdmin(req.user._id, (p, q,next) => {
  352. if(q == true) {
  353. Favorite.find({})
  354. .then((favData) => {
  355. var index ;
  356. var finalIndex;
  357. for(index =0;index<favData.length;index++) {
  358. if(favData[index].user.equals(req.user._id))
  359. finalIndex = index;
  360. }
  361. if(favData[finalIndex].user.equals(req.user._id)) {
  362. var pushVal = false;
  363. for(let i = 0;i<favData[finalIndex].dish.length;i++) {
  364. if(!favData[finalIndex].dish[i].equals(req.params.dishId)) {
  365. pushVal = true;
  366. } else {
  367. pushVal = false;
  368. }
  369.  
  370. }
  371. if(pushVal) {
  372. favData[finalIndex].dish.push(req.params.dishId);
  373. favData[finalIndex].save()
  374. .then((favdata) => {
  375. res.statusCode = 200;
  376. res.setHeader('Content-Type', 'application/json');
  377. res.json(favdata);
  378. }, (err) => next(err));
  379. }
  380. else {
  381. res.statusCode = 403;
  382. res.json("already dishid exist");
  383. }
  384.  
  385. }
  386. });
  387. }
  388. else if(q == false) {
  389. res.statusCode = 403;
  390. res.end('you are not authorize to perform this operation');
  391. } else {
  392. next(err);
  393. }
  394.  
  395.  
  396. })
  397. })
  398.  
  399. .delete(cors.corsWithOptions,authenticate.verifyUser,(req, res, next) => {
  400.  
  401. authenticate.verifyAdmin(req.user._id, (p, q,next) => {
  402. if(q == true) {
  403.  
  404.  
  405. Favorite.find({})
  406. .then((favData) => {
  407. var index ;
  408. var finalIndex;
  409. for(index =0;index<favData.length;index++) {
  410. if(favData[index].user.equals(req.user._id))
  411. finalIndex = index;
  412. }
  413. if(favData[finalIndex].user.equals(req.user._id)) {
  414. var popVal = false;
  415. for(let i = 0;i<favData[finalIndex].dish.length;i++) {
  416. if(favData[finalIndex].dish[i].equals(req.params.dishId)) {
  417. popVal = true;
  418. }
  419.  
  420. }
  421. console.log("popVal",popVal)
  422. if(popVal) {
  423. var popIndex = favData[finalIndex].dish.indexOf(req.params.dishId)
  424. if(popIndex> -1) {
  425. favData[finalIndex].dish.splice(popIndex, 1);
  426. }
  427. favData[finalIndex].save()
  428. .then((favdata) => {
  429. res.statusCode = 200;
  430. res.setHeader('Content-Type', 'application/json');
  431. res.json(favdata);
  432. }, (err) => next(err));
  433. }
  434. else {
  435. res.statusCode = 403;
  436. res.json("dishid doesnot exist");
  437. }
  438.  
  439. }
  440. });
  441. }
  442. else if(q == false) {
  443. res.statusCode = 403;
  444. res.end('you are not authorize to perform this operation');
  445. } else {
  446. next(err);
  447. }
  448.  
  449.  
  450.  
  451. });
  452. });
  453.  
  454.  
  455. module.exports = favoriteRouter;
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!