Advertisement
Guest User

Untitled

a guest
Sep 4th, 2018
169
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.79 KB | None | 0 0
  1. "use strict";
  2. var mongoose = require("mongoose");
  3. var crypto = require("crypto");
  4. const express = require("express");
  5. var Customer = require("../server/models/customer");
  6. var Order = require("../server/models/order");
  7. var User = require("../server/models/user");
  8. const app = express();
  9.  
  10. mongoose.connect(
  11. "mongodb://admin:Golden95!2345@ds239412.mlab.com:39412/quadbudscore"
  12. );
  13.  
  14. var db = mongoose.connection;
  15. db.on("error", console.error.bind(console, "connection error:"));
  16. db.once("open", function() {
  17. // we're connected!
  18. console.log("Connected to remote DB");
  19. });
  20. const bodyParser = require("body-parser");
  21. app.use(bodyParser.urlencoded({ extended: true }));
  22. app.use(bodyParser.json());
  23.  
  24. app.use(function(req, res, next) {
  25. res.header("Access-Control-Allow-Origin", "*");
  26. res.header(
  27. "Access-Control-Allow-Headers",
  28. "Origin, X-Requested-With, Content-Type, Accept"
  29. );
  30. next();
  31. });
  32.  
  33. app.get("/", (req, res) => res.send("Hello World!"));
  34.  
  35. app.get("/orders", (req, res) => {
  36. Order.find((err, orders) => {
  37. if (err) console.error(err);
  38.  
  39. if (orders.length > 0) {
  40. console.log("Found orders: ", orders.length);
  41. }
  42. res.status(200).json({o: orders});
  43. });
  44. });
  45.  
  46. app.get("/findOrders", (req, res) => {
  47. if (!req.query.phone) {
  48. res.status(500).json({err: 'No phone provided'});
  49. }
  50. Order.find({phone: req.query.phone}, (err, orders) => {
  51. if (err) console.error(err);
  52.  
  53. res.status(200).json({reply: 'success', o: orders});
  54. });
  55. });
  56.  
  57. app.post("/login", (req, res) => {
  58. //req.body has u & p
  59. if (req.body && req.body.u && req.body.p) {
  60. //hash & find
  61. var saltedHashbrowns = saltHashPassword(req.body.u + req.body.p);
  62. User.find({ loginHash: saltedHashbrowns.p.passwordHash }, (err, users) => {
  63. if (err) console.error(err);
  64.  
  65. console.log("Found user(s)", users);
  66. if (users.length > 0) {
  67. if (users[0].name.includes("Scott")) {
  68. res.status(200).json({ reply: "Granted" });
  69. } else {
  70. res.status(500).json({ error: "Internal server error" });
  71. }
  72. } else {
  73. res.status(401).json({error: 'Unauthorized'});
  74. }
  75. });
  76. }
  77. });
  78.  
  79. app.post("/markOrderVerified", (req, res) => {
  80. console.log(req.body);
  81. if (req.body.order._id) {
  82. Order.findById(req.body.order._id, (err, orders) => {
  83. if (err) console.log(err);
  84.  
  85. if (orders) {
  86. orders.stage = 2;
  87. orders.save();
  88. res.status(200).json({ success: "ok" });
  89. } else {
  90. res.status(500).json({ error: "More than one order", errMsg: orders });
  91. }
  92. });
  93. } else {
  94. res.status(500).json({ error: "Internal server error" });
  95. }
  96. });
  97.  
  98. app.post("/markOrderComplete", (req, res) => {
  99. console.log(req.body);
  100. if (req.body.order._id) {
  101. Order.findById(req.body.order._id, (err, orders) => {
  102. if (err) console.log(err);
  103.  
  104. if (orders) {
  105. orders.completed = true;
  106. orders.stage = 4;
  107. orders.save();
  108. res.status(200).json({ success: "ok" });
  109. } else {
  110. res.status(500).json({ error: "More than one order", errMsg: orders });
  111. }
  112. });
  113. } else {
  114. res.status(500).json({ error: "Internal server error" });
  115. }
  116. });
  117.  
  118. app.post("/newOrder", (req, res) => {
  119. //Req will have our body and our details for making a customer and new order to save in db.
  120. console.log(req.body);
  121. var orderRequest = req.body;
  122.  
  123. var customer = new Customer({ name: "test" });
  124.  
  125. //Map our request body to our order
  126. //Validate we have enough fields
  127. if (!orderRequest.name && !orderRequest.phone && !orderRequest.address) {
  128. res.status(500).json({error: "Missing name/phone/address"});
  129. }
  130.  
  131. var order = new Order({
  132. order: orderRequest.order,
  133. address: orderRequest.address,
  134. phone: orderRequest.phone,
  135. name: orderRequest.name,
  136. payment: orderRequest.paymentMethod,
  137. notes: orderRequest.notes,
  138. stage: 1
  139. });
  140.  
  141. //Let's try and find our existing customer
  142. //Use phone number
  143. Customer.find({ phone: orderRequest.phone }, function(err, customers) {
  144. if (err) return console.error(err);
  145.  
  146. if (Array.isArray(customers) && customers.length > 0) {
  147. if (customers.length == 1) {
  148. console.log(
  149. "Found an existing customer with this phone number",
  150. customers[0]
  151. );
  152.  
  153. //Add new order to existing orders
  154. let customer = customers[0];
  155. order._customer = customer;
  156. customer.orders.push(order);
  157.  
  158. order.save(function(err, order) {
  159. if (err) console.error(err);
  160.  
  161. console.log("Saved new order", order);
  162. res.status(200).json({reply: "Success, new order created", o: order});
  163. });
  164. } else {
  165. console.log(
  166. "Found multiple customers with this phone number",
  167. customers
  168. );
  169. res.status(500).json({error: "Multiple customers with this phone number", c: customers});
  170. }
  171. } else {
  172. //Create new
  173.  
  174. customer.name = orderRequest.name;
  175. customer.email = orderRequest.email;
  176. customer.address = orderRequest.address;
  177. customer.phone = orderRequest.phone;
  178. customer.notes = orderRequest.notes;
  179. customer.orders.push(orderRequest.order);
  180.  
  181. order.save(function(err, order) {
  182. if (err) console.error(err);
  183.  
  184. console.log("Saved new order", order);
  185. });
  186. customer.save(function(err, customer) {
  187. if (err) return console.error(err);
  188. console.log("New customer saved");
  189. });
  190. }
  191. });
  192. });
  193.  
  194. app.listen(3000, () => console.log("Example app listening on port 3000!"));
  195.  
  196. /**
  197. * generates random string of characters i.e salt
  198. * @function
  199. * @param {number} length - Length of the random string.
  200. */
  201. var genRandomString = function(length) {
  202. return crypto
  203. .randomBytes(Math.ceil(length / 2))
  204. .toString("hex") /** convert to hexadecimal format */
  205. .slice(0, length); /** return required number of characters */
  206. };
  207.  
  208. /**
  209. * hash password with sha512.
  210. * @function
  211. * @param {string} password - List of required fields.
  212. * @param {string} salt - Data to be validated.
  213. */
  214. var sha512 = function(password, salt) {
  215. var hash = crypto.createHmac(
  216. "sha512",
  217. "0cf4c58befcce2e2"
  218. ); /** Hashing algorithm sha512 */
  219. hash.update(password);
  220. var value = hash.digest("hex");
  221. return {
  222. salt: "0cf4c58befcce2e2",
  223. passwordHash: value
  224. };
  225. };
  226.  
  227. function saltHashPassword(userpassword) {
  228. var salt = genRandomString(16); /** Gives us salt of length 16 */
  229. var passwordData = sha512(userpassword, salt);
  230. console.log("UserPassword = " + userpassword);
  231. console.log("Passwordhash = " + passwordData.passwordHash);
  232. console.log("nSalt = " + passwordData.salt);
  233. return { s: salt, p: passwordData };
  234. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement