Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 'use strict';
- //require
- var mongoose = require('mongoose');
- var objectid = require('mongoose').ObjectID;
- var crypto = require('crypto'),
- algorithm = 'aes-256-ctr',
- password = 'd6F3Efeq';
- var session = require('express-session');
- var path = require('path');
- const express = require('express')
- const app = express();
- var multer = require('multer');
- var bodyParser = require('body-parser')
- var server = require('http').createServer(app);
- var socketapp = require("socket.io")(server);
- var fs = require('fs');
- var vm = require('vm');
- var cookieParser = require('cookie-parser');
- const Vue = require('vue')
- var renderer = require('vue-server-renderer').createRenderer()
- //website settings
- app.use(express.static(__dirname + '/public'));
- app.use(bodyParser.urlencoded({
- extended: false
- }));
- //functions
- //passport
- app.use(require('express-session')({
- secret: '3D7B97B5CC044AC6B38E2242E089E62BBF3876C446478E7DBE81D0C774E2177C',
- }));
- app.use(cookieParser());
- app.all('*', function (req, res, next) {
- res.header('Access-Control-Allow-Origin', '*');
- res.header('Access-Control-Allow-Headers', 'X-Requested-With');
- next();
- });
- var auth = function (req, res, next) {
- if(req.session){
- if (req.session.anvandare) {
- mongoose.connect(dburl, function (err, db) {
- db.collection('users').findOne({
- username: req.session.user
- }, function (err, user) {
- if (!user) {
- req.session.destroy();
- res.redirect("/login");
- } else {
- next()
- }
- });
- });
- } else {
- res.redirect('/login');
- };
- }else{
- res.redirect('/login');
- }
- };
- var rightuser = function (req, res, next) {
- if (req.session.anvandare == encrypt(req.params.name)) {
- next()
- } else {
- res.redirect('/customer')
- }
- };
- // mongoose schemas
- var UserSchema = mongoose.Schema({
- username: String,
- password: String,
- email: String,
- joined: String,
- fullname: String,
- live: String,
- rafflescreated: String,
- raffleswon: String,
- coinflips: String,
- profileimage: String,
- });
- var user = mongoose.model("users", UserSchema);
- //encryption
- const ENCRYPTION_KEY = "JQEK1POIJT09WKO93AWGG5AMGEKJ4TDE";
- const IV_LENGTH = 16;
- function encrypt(text) {
- let iv = new Buffer(IV_LENGTH);
- var enckey = ENCRYPTION_KEY;
- let cipher = crypto.createCipheriv('aes-256-cbc',ENCRYPTION_KEY, iv);
- let encrypted = cipher.update(text);
- encrypted = Buffer.concat([encrypted, cipher.final()]);
- return iv.toString('hex') + ':' + encrypted.toString('hex');
- }
- function decrypt(text) {
- let textParts = text.split(':');
- let iv = new Buffer(textParts.shift(), 'hex');
- let encryptedText = new Buffer(textParts.join(':'), 'hex');
- let decipher = crypto.createDecipheriv('aes-256-cbc', new Buffer(ENCRYPTION_KEY), iv);
- let decrypted = decipher.update(encryptedText);
- decrypted = Buffer.concat([decrypted, decipher.final()]);
- return decrypted.toString();
- }
- //multer upload fix
- var storage = multer.diskStorage({
- destination: 'public/uploads/',
- filename: function (req, file, cb) {
- crypto.pseudoRandomBytes(16, function (err, raw) {
- if (err) return cb(err)
- cb(null, path.extname(file.originalname))
- })
- }
- })
- var singlestorage = multer.diskStorage({
- destination: 'public/uploads/',
- filename: function(req,file,cb){
- cb(null, Date.now()+"-"+file.originalname )
- }
- });
- var upload = multer({
- storage: storage
- })
- var uploadsingle = multer({
- storage: singlestorage,
- });
- //Mongoose settings
- mongoose.Promise = global.Promise;
- var Schema = mongoose.Schema;
- var dburl = 'mongodb://root:password@94.46.48.64:27017/RAFFLESTORE';
- mongoose.connect(dburl);
- mongoose.connection.on('error', function () {
- console.log('Could not connect to the database. Exiting now...');
- process.exit();
- });
- mongoose.connection.once('open', function () {
- console.log("Successfully connected to the database");
- })
- //mongoose schema
- //routing
- app.get('/', function (req, res) {
- res.sendFile(path.join(__dirname + '/public/index.html'));
- });
- app.get('/addproduct', function (req, res) {
- res.sendFile(path.join(__dirname + '/public/addproduct.html'));
- });
- //Get data from database
- //get users
- app.get('/api/:name', (req, res, next) => {
- mongoose.connect(dburl, function (err, db) {
- var collection = db.collection(req.params.name).find({}).toArray(function (err, result) {
- if (err) throw err;
- res.json(result);
- db.close();
- });
- });
- });
- app.post('/addingproduct', upload.array('images', 10), (req, res) => {
- var imagesfiles = [];
- req.files.forEach(function (file) {
- imagesfiles.push(file.path);
- });
- var pdata = new Schema({
- productname: String,
- size: Number,
- tickets: Number,
- price: Number,
- description: String,
- images: [String]
- });
- console.log(imagesfiles);
- var products = mongoose.model("products", pdata);
- var form = req.body;
- var productsdata = new products({
- productName: form.productname,
- size: form.size,
- tickets: form.tickets,
- price: form.price,
- images: imagesfiles,
- description: form.description
- });
- if (req.files) {
- productsdata.save()
- .then(item => {
- res.send("Product added!")
- });
- } else {
- res.send("Missing files")
- }
- });
- // Customer
- //customer regiuster schema
- app.get('/customer', auth, rightuser, function (req, res) {
- });
- app.get('/customer/:name', function (req, res) {
- mongoose.connect(dburl, function (err, db) {
- var collection = db.collection("users").findOne({
- username: encrypt(req.params.name)
- }, function (err, result) {
- var singeduser = decrypt(req.session.anvandare);
- var customer = new Vue({
- template: require('fs').readFileSync('./public/customer.html', 'utf-8'),
- data: {
- username: req.params.name,
- fullname: result.fullname,
- from: result.live,
- time: result.joined,
- rafflescreated: result.rafflescreated,
- raffleswon: result.raffleswon,
- coinflips: result.coinflips,
- userid: result._id,
- image: "/uploads/" + result.profileimage.filename,
- rank: "default",
- signedinuser: singeduser,
- }
- })
- renderer.renderToString(customer, (err, html) => {
- if (err) {
- console.log(err)
- return
- }
- res.end(`${html}`)
- })
- });
- });
- });
- app.post('/updatesettings', uploadsingle.single('image'), function (req, res) {
- if (req.file) {
- console.log("file uploaded");
- var image = req.file;
- } else {
- console.log("no image")
- var image = req.body.profileimage
- }
- var items = {
- fullname: req.body.fullname,
- live: req.body.live,
- profileimage: image
- }
- mongoose.connect(dburl, function (err, db) {
- db.collection("users").updateOne({
- "_id": mongoose.Types.ObjectId(req.body.id)
- }, {
- $set: items
- },
- function (err, result) {
- if (err) {
- res.send(err)
- } else {
- res.redirect("/customer");
- db.close()
- }
- });
- });
- });
- app.post('/updatesecurity', function (req, res) {
- var items = {
- password: encrypt(req.body.password),
- email: encrypt(req.body.email)
- }
- mongoose.connect(dburl, function (err, db) {
- db.collection("users").updateOne({
- "_id": mongoose.Types.ObjectId(req.body.id)
- }, {
- $set: items
- },
- function (err, result) {
- if (err) {
- res.send(err)
- } else {
- res.redirect("/customer");
- db.close()
- }
- });
- });
- });
- //register user
- app.get('/register', function (req, res) {
- res.sendFile(path.join(__dirname + '/public/userregister.html'));
- });
- app.post('/registeruser', function (req, res) {
- var joined = new Date()
- var month = joined.getMonth() + 1
- var day = joined.getDate()
- var year = joined.getFullYear()
- var fulljoined = month + "-" + day + "-" + year
- var registeruser = new user({
- username: encrypt(req.body.username),
- password: encrypt(req.body.password),
- email: encrypt(req.body.mail),
- joined: fulljoined,
- fullname: "undefined",
- live: "undefined",
- rafflescreated: 0,
- raffleswon: 0,
- coinflips: 0,
- profileimage: "/img/defaultprofileimg.png",
- rank: "default",
- });
- registeruser.save(function (err, data) {
- if (err) {
- console.log(err);
- res.send("There has been an error, We doing our best to fix this problem")
- } else {
- res.redirect('/customer')
- }
- });
- });
- //register login
- app.get('/login', function (req, res) {
- res.sendFile(path.join(__dirname + '/public/userlogin.html'));
- });
- app.post('/userlogin', function (req, res) {
- mongoose.connect(dburl, function (err, db) {
- var collection = db.collection("users").findOne({
- username: encrypt(req.body.username)
- }, function (err, user) {
- if (!user) {
- res.send("invalid username or password ")
- } else {
- var password = decrypt(user.password)
- if (req.body.password === password) {
- req.session.anvandare = encrypt(req.body.username);
- res.redirect('/customer/' + req.body.username);
- res.end()
- } else {
- res.send("invalid username or password")
- }
- }
- });
- });
- });
- app.get('/logout', function (req, res) {
- req.session.destroy(function (err) {
- res.redirect('/login')
- })
- });
- //produkter
- app.listen(80, () => console.log('Listening to port 80!'))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement