var express = require('express');var app = express();var bodyPar

1. var express = require('express');
2. var app = express();
3. var bodyParser = require('body-parser');
4. var morgan = require('morgan');
5. var mongoose = require('mongoose');
6. var passport = require('passport');
7. var config = require('./config/database'); // get db config file
8. var User = require('./app/models/user'); // get the mongoose model
9. var port = process.env.PORT || 8080;
10. var jwt = require('jwt-simple');
11. var Cookies = require('cookies');
12. var cookieParser = require('cookie-parser');
13.  
14. // get our request parameters
15. app.use(bodyParser.urlencoded({ extended: false }));
16. app.use(bodyParser.json());
17. app.use(cookieParser());
18.  
19. // log to console
20. app.use(morgan('dev'));
21.  
22. // Use the passport package in our application
23. app.use(passport.initialize());
24.  
25. // Serve static 'todo' files
26. app.use(express.static('todo'));
27.  
28. // Serve Global Files
29. app.use('/assets', express.static('assets'));
30.  
31. app.use(function (req, res, next) {
32. req.headers['authorization'] = 'JWT ' + req.cookies['access_token'] || 0;
33. next();
34. });
35.  
36. // Frontpage Route (GET http://localhost:8080)
37. app.get('/', function(req, res) {
38. res.sendfile('assets/front/templates/index.html');
39. });
40.  
41. app.get('/todo', passport.authenticate('jwt', { session: false}), function(req, res) {
42. res.sendfile('assets/todo/templates/todo.html');
43. });
44.  
45. // connect to database
46. mongoose.connect(config.database);
47.  
48. // pass passport for configuration
49. require('./config/passport')(passport);
50.  
51. // bundle our routes
52. var apiRoutes = express.Router();
53.  
54. // create a new user account (POST http://localhost:8080/signup)
55. apiRoutes.post('/signup', function(req, res) {
56. if (!req.body.name || !req.body.password) {
57. res.json({success: false, msg: 'Please pass name and password.'});
58. } else {
59. var newUser = new User({
60. name: req.body.name,
61. email: req.body.email,
62. password: req.body.password
63. });
64. // save the user
65. newUser.save(function(err) {
66. if (err) {
67. return res.json({success: false, msg: 'Username already exists.'});
68. }
69. res.json({success: true, msg: 'Successfully created new user.'});
70. });
71. }
72. });
73.  
74. // route to authenticate a user (POST http://localhost:8080/authenticate)
75. apiRoutes.post('/authenticate', function(req, res) {
76. User.findOne({
77. name: req.body.name
78. }, function(err, user) {
79. if (err) throw err;
80.  
81. if (!user) {
82. User.findOne({
83. email: req.body.name
84. }, function(err, user) {
85. if (err) throw err;
86.  
87. if (!user) {
88. //res.send({success: false, msg: 'Authentication failed. User not found.'});
89. res.sendfile('assets/auth-fail/templates/auth-fail.html');
90. } else {
91. // check if password matches
92. user.comparePassword(req.body.password, function (err, isMatch) {
93. if (isMatch && !err) {
94. // if user is found and password is right create a token
95. var token = jwt.encode(user, config.secret);
96. // return the information including token as JSON
97. res.cookie('access_token', token);
98.  
99. res.redirect('/memberinfo');
100. //res.sendfile('assets/todo/templates/todo.html');
101. } else {
102. res.sendfile('assets/auth-fail/templates/auth-fail.html');
103. }
104. });
105. }
106. });
107. } else {
108. // check if password matches
109. user.comparePassword(req.body.password, function (err, isMatch) {
110. if (isMatch && !err) {
111. // if user is found and password is right create a token
112. var token = jwt.encode(user, config.secret);
113. // return the information including token as JSON
114. res.cookie('access_token', token);
115.  
116. res.redirect('/memberinfo');
117.  
118. } else {
119. res.sendfile('assets/auth-fail/templates/auth-fail.html');
120. }
121. });
122. }
123. });
124.  
125. });
126.  
127. apiRoutes.get('/memberinfo', passport.authenticate('jwt', { session: false}), function(req, res) {
128. var token = getToken(req.headers);
129. if (token) {
130. var decoded = jwt.decode(token, config.secret);
131. User.findOne({
132. name: decoded.name
133. }, function(err, user) {
134. if (err) throw err;
135.  
136. if (!user) {
137. return res.status(403).send({success: false, msg: 'Authentication failed. User not found.'});
138. } else {
139. res.json({success: true, msg: 'Welcome into the member area, ' + user.name + '!'});
140. }
141. });
142. } else {
143. return res.status(403).send({success: false, msg: 'No token provided.'});
144. }
145. });
146.  
147. getToken = function (headers) {
148. if (headers && headers.authorization) {
149. var parted = headers.authorization.split(' ');
150. if (parted.length === 2) {
151. return parted[1];
152. } else {
153. return null;
154. }
155. } else {
156. return null;
157. }
158. };
159.  
160. apiRoutes.get('/logout', function(req, res) {
161. res.cookie('access_token', '');
162. req.headers['authorization'] = '';
163. res.json({success: true, msg: 'See ya!'});
164. });
165.  
166. // connect the api routes under /api/*
167. app.use('/', apiRoutes);
168.  
169. // Start the server
170. app.listen(port);
171. console.log('Well...here we go again!: http://localhost:' + port);