Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var mysql = require('mysql');
- var db_config = ({
- host : '35.156.58.36',
- user : 'evolveUser',
- password : 'CapOne5216',
- database : 'MobileAuth',
- dateStrings: true
- });
- var express = require('express');
- var app = express();
- var fs = require("fs");
- var cors = require('cors');
- var bodyParser = require('body-parser');
- var crypto = require('crypto');
- var dateFormat = require('dateformat');
- app.use(cors());
- app.use(bodyParser.json());
- var conn;
- function handleDisconnect() {
- conn = mysql.createConnection(db_config);
- conn.connect(function(err) { // The server is either down
- if(err) { // or restarting (takes a while sometimes).
- console.log('error when connecting to db:', err);
- setTimeout(handleDisconnect, 2000); // We introduce a delay before attempting to reconnect,
- } // to avoid a hot loop, and to allow our node script to
- }); // process asynchronous requests in the meantime.
- // If you're also serving http, display a 503 error.
- conn.on('error', function(err) {
- console.log('db error', err);
- if(err.code === 'PROTOCOL_CONNECTION_LOST') { // Connection to the MySQL server is usually
- handleDisconnect(); // lost due to either server restart, or a
- } else { // connnection idle timeout (the wait_timeout
- throw err; // server variable configures this)
- }
- });
- }
- handleDisconnect();
- var server = app.listen(8081, function () {
- var host = server.address().address;
- var port = server.address().port;
- console.log("MobileAuth server listening at http://%s:%s", host, port)
- });
- app.get('/login/:email', function (req, res) {
- conn.query('SELECT * FROM User WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- console.log("login request for: " + req.params.email);
- if(rows.length==0) {
- return res.send('false');
- } else {
- // reset the login flag
- conn.query('UPDATE User SET loginFlag=0 WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- });
- return res.send('true');
- }
- });
- });
- app.get('/auth-wait/:email', function (req, res) {
- conn.query('SELECT loginFlag FROM User WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- console.log("checking auth for: " + req.params.email);
- if(rows.length!=0) {
- if(rows[0].loginFlag==1) {
- console.log(req.params.email + " logged in successfully");
- // reset the login flag
- conn.query('UPDATE User SET loginFlag=0 WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- });
- // tell them they're in
- return res.send('true');
- } else {
- return res.send('false');
- }
- }
- });
- });
- app.post('/register', function(req, res) {
- // hash the password and pin
- var hashedPassword = crypto.createHash('sha256').update(req.body.password).digest('base64');
- var hashedPIN = crypto.createHash('sha256').update(req.body.pin).digest('base64');
- // insert into the database
- conn.query('SELECT * FROM User WHERE email like ?', req.body.email, function(err, rows, fields) {
- // make sure no duplicate users exist
- if(rows.length==0) {
- conn.query('INSERT INTO User (email, password, firstname, lastname, mobilenum, pin) VALUES (?, ?, ?, ?, ?, ?);',
- [req.body.email, hashedPassword, req.body.fname, req.body.lname, req.body.mobileNum, hashedPIN], function(err, rows, fields) {
- if (err) throw err;
- console.log("registered user: " + req.body.email);
- });
- }
- });
- });
- // route to return first name
- app.get('/fname/:email', function (req, res) {
- conn.query('SELECT firstname FROM User WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- if(rows.length!=0) {
- return res.send(rows[0].firstname);
- }
- });
- });
- // route to return last login method where 0 = PIN and 1 = touch
- app.get('/last-method/:email', function (req, res) {
- conn.query('SELECT lastMethod FROM Stats WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- if(rows.length!=0) {
- return res.send(String(rows[0].lastMethod));
- }
- });
- });
- // route to return last login date
- app.get('/last-date/:email', function (req, res) {
- conn.query('SELECT lastDate FROM Stats WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- if(rows.length!=0) {
- var t = rows[0].lastDate;
- t = t.split(/[- :]/);
- var d = new Date(Date.UTC(t[0], t[1]-1, t[2], t[3], t[4], t[5]));
- d = dateFormat(d, "dddd mmm dS yyyy h:MMtt");
- return res.send(String(d));
- }
- });
- });
- // route to return last login location
- app.get('/last-loc/:email', function (req, res) {
- conn.query('SELECT lastLoc FROM Stats WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- if(rows.length!=0) {
- return res.send(rows[0].lastLoc);
- }
- });
- });
- // route to return last device
- app.get('/last-device/:email', function (req, res) {
- conn.query('SELECT lastDevice FROM Stats WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- if(rows.length!=0) {
- return res.send(rows[0].lastDevice);
- }
- });
- });
- // route to check if they're an admin
- app.get('/admin/:email', function (req, res) {
- conn.query('SELECT isAdmin FROM User WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- console.log("checking admin rights for: " + req.params.email);
- if(rows.length!=0) {
- if(rows[0].isAdmin==1) {
- console.log(req.params.email + " is an admin");
- // tell them they're an admin
- return res.send('true');
- } else {
- return res.send('false');
- }
- }
- });
- });
- // route to return method totals
- app.get('/method-freq', function (req, res) {
- conn.query('SELECT * FROM Stats;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- var totPIN = 0;
- var totTouch = 0;
- for(var i=0; i<rows.length; i++) {
- totPIN+=rows[i].countPIN;
- totTouch+=rows[i].countTouch;
- }
- var freqObj = {
- "totPIN": totPIN,
- "totTouch": totTouch
- }
- return res.send(JSON.stringify(freqObj));
- });
- });
- // route to return login frequency
- app.get('/login-freq', function (req, res) {
- conn.query('SELECT * FROM LoginFreq;', function(err, rows, fields) {
- if (err) throw err;
- if(rows.length!=0) {
- return res.send(rows[rows.length-1]);
- }
- });
- });
- // route to return non-sensitive user details
- app.get('/details/:email', function (req, res) {
- conn.query('SELECT email, firstname, lastname, mobilenum FROM User WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- if(rows.length!=0) {
- return res.send(JSON.stringify(rows[0]));
- }
- });
- });
- app.post('/update-details/:email', function(req, res) {
- // get previous details just in case
- var oldPass;
- var oldPIN;
- var passToUse;
- var pinToUse;
- conn.query('SELECT * FROM User WHERE email like ?', req.params.email, function(err, rows, fields) {
- if(rows.length!=0) {
- oldPass = rows[0].password;
- oldPIN = rows[0].pin;
- if(!req.body.password || req.body.password.length==0) req.body.password = oldPass;
- if(!req.body.pin || req.body.pin.length==0) req.body.pin = oldPIN;
- // hash the password and pin
- var hashedPassword;
- if(req.body.password===oldPass) {
- hashedPassword = oldPass;
- console.log("using old pass");
- } else {
- hashedPassword = crypto.createHash('sha256').update(req.body.password).digest('base64');
- }
- var hashedPIN;
- if(req.body.pin===oldPIN) {
- hashedPIN = oldPIN;
- console.log("using old pin");
- } else {
- hashedPIN = crypto.createHash('sha256').update(req.body.pin).digest('base64');
- }
- // update the database
- conn.query('SELECT * FROM User WHERE email like ?', req.params.email, function(err, rows, fields) {
- conn.query('UPDATE User SET email=?, password=?, firstname=?, lastname=?, mobilenum=?, pin=? WHERE email LIKE ?;',
- [req.body.email, hashedPassword, req.body.fname, req.body.lname, req.body.mobileNum, hashedPIN, req.params.email], function(err, rows, fields) {
- if (err) throw err;
- console.log("updated user: " + req.params.email);
- return res.send('true');
- });
- });
- }
- });
- });
- // app login route
- app.post('/app-login/:email/:password', function (req, res) {
- var hashedPassword = crypto.createHash('sha256').update(req.params.password).digest('base64');
- conn.query('SELECT * FROM User WHERE email LIKE ? AND password LIKE ?;', [req.params.email, hashedPassword], function(err, rows, fields) {
- if (err) throw err;
- console.log("app login request for: " + req.params.email);
- if(rows.length==0) {
- console.log(req.params.email + " didn't log in successfully");
- return res.send('false');
- } else {
- console.log(req.params.email + " logged in successfully");
- return res.send('true');
- }
- });
- });
- // app pin check route
- app.post('/app-pin/:email/:pin', function (req, res) {
- var hashedPIN = crypto.createHash('sha256').update(req.params.pin).digest('base64');
- conn.query('SELECT * FROM User WHERE email LIKE ? AND pin LIKE ?;', [req.params.email, hashedPIN], function(err, rows, fields) {
- if (err) throw err;
- console.log("app pin request for: " + req.params.email);
- if(rows.length==0) {
- console.log(req.params.email + "'s pin was wrong");
- return res.send('false');
- } else {
- console.log(req.params.email + "'s pin was right");
- return res.send('true');
- }
- });
- });
- // app authenticate flag route
- app.post('/app-auth/:email', function (req, res) {
- conn.query('UPDATE User SET loginFlag=1 WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- console.log(req.params.email + " has authenticated");
- if(rows.length==0) {
- return res.send('false');
- } else {
- return res.send('true');
- }
- });
- });
- // app stats route
- app.post('/app-stats/:month/:email', function (req, res) {
- // set the last location, date, method and device
- conn.query('UPDATE Stats SET lastLoc=?, lastDate=?, lastMethod=?, lastDevice=? WHERE email LIKE ?;', [req.body.lastLoc, req.body.lastDate, req.body.lastMethod, req.body.lastDevice, req.params.email], function(err, rows, fields) {
- if (err) throw err;
- });
- if(req.body.lastMethod==0) {
- // PIN
- conn.query('UPDATE Stats SET countPIN=countPIN+1 WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- });
- } else if(req.body.lastMethod==1) {
- // Touch
- conn.query('UPDATE Stats SET countTouch=countTouch+1 WHERE email LIKE ?;', req.params.email, function(err, rows, fields) {
- if (err) throw err;
- });
- }
- // update the frequency
- var date = new Date();
- var year = date.getFullYear();
- conn.query('UPDATE LoginFreq SET ?=?+1 WHERE year LIKE ?;', [req.params.month, year], function(err, rows, fields) {
- if (err) throw err;
- });
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement