Guest User

Untitled

a guest
Feb 28th, 2018
126
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.17 KB | None | 0 0
  1. var express = require('express');
  2. var socketIO = require('socket.io');
  3. var http = require('http');
  4. var bcrypt = require('bcryptjs');
  5. var bodyParser = require('body-parser');
  6. var cors = require('cors');
  7. var jwt = require('jwt-simple');
  8. var moment = require('moment');
  9. var mongoose = require('mongoose');
  10. var path = require('path');
  11. var request = require('request');
  12.  
  13. var config = require('./config');
  14. var User = require('./models/user');
  15. mongoose.connect(config.db);
  16.  
  17. var port = process.env.PORT || 3000;
  18. var app = express();
  19. var server = http.createServer(app);
  20. var io = socketIO(server);
  21.  
  22. app.use(cors());
  23. app.use(bodyParser.json());
  24. app.use(bodyParser.urlencoded({ extended: false }));
  25. app.use(express.static(path.join(__dirname, '../public')));
  26.  
  27. function isAuthenticated(req, res, next){
  28. if(!(req.headers && req.headers.authorization)){
  29. return res.status(400).send({ message: 'You did not provide a JSON web token in the authorization header' });
  30. }
  31.  
  32. var header = req.headers.authorization.split(' ');
  33. var token = header[1];
  34. var payload = jwt.decode(token, config.tokenSecret);
  35. var now = moment().unix();
  36.  
  37. if(now > payload.exp){
  38. return res.status(401).send({ message: 'Token has expired.' });
  39. }
  40.  
  41. User.findById(payload.sub, function(err, user){
  42. if(!user){
  43. return res.status(400).send({ message: 'User no longer exists.' })
  44. }
  45. req.user = user;
  46. next();
  47. })
  48. };
  49.  
  50. function createToken(user) {
  51. var payload = {
  52. exp: moment().add(14, 'days').unix(),
  53. iat: moment().unix(),
  54. sub: user._id
  55. };
  56.  
  57. return jwt.encode(payload, config.tokenSecret);
  58. };
  59.  
  60. app.get('/', function(req, res){
  61. res.sendFile(path.join(__dirname, '../public', 'index.html'));
  62. });
  63.  
  64.  
  65. app.post('/auth/login', function(req, res){
  66. User.findOne({email: req.body.email}, '+password', function(err, user){
  67. if(!user){
  68. return res.status(401).send({message: { email: 'Incorrect email'}});
  69. }
  70. bcrypt.compare(req.body.password, user.password, function(err, isMatch){
  71. if(!isMatch){
  72. return res.status(401).send({message: {password: 'Incorrect password'}});
  73. }
  74.  
  75. user = user.toObject();
  76. delete user.password;
  77.  
  78. var token = createToken(user);
  79. res.send({token: token, user: user});
  80. })
  81. })
  82. })
  83.  
  84. app.post('/auth/signup', function(req, res){
  85. User.findOne({email: req.body.email}, function(err, existingUser){
  86. if(existingUser){
  87. return res.status(409).send({ message: 'Email is already taken'});
  88. }
  89. var user = new User({
  90. email: req.body.email,
  91. password: req.body.password
  92. });
  93. bcrypt.genSalt(10, function(err, salt){
  94. bcrypt.hash(user.password, salt, function(err, hash){
  95. user.password = hash;
  96.  
  97. user.save(function(){
  98. var token = createToken(user);
  99. res.send({ token: token, user:user });
  100. })
  101. })
  102. })
  103. })
  104. });
  105.  
  106. app.post('/auth/instagram', function(req, res){
  107. var accessTokenUrl = 'https://api.instagram.com/oauth/access_token';
  108.  
  109. var params = {
  110. client_id: req.body.clientId,
  111. redirect_uri: req.body.redirectUri,
  112. client_secret: config.clientSecret,
  113. code: req.body.code,
  114. grant_type: 'authorization_code'
  115. };
  116. request.post({ url: accessTokenUrl, form: params, json: true }, function(error, response, body){
  117. if(req.headers.authorization){
  118.  
  119.  
  120. User.findOne({ instagramId: body.user.id }, function(err, existingUser){
  121. var token = req.headers.authorization.split(' ')[1];
  122. var payload = jwt.decode(token, config.tokenSecret);
  123.  
  124. User.findById(payload.sub, '+password', function(err, localUser){
  125. if(!localUser){
  126. return res.status(400).send({message: 'User not found.'});
  127. }
  128. if(existingUser){
  129. existingUser.email = localUser.email;
  130. existingUser.password = localUser.password;
  131.  
  132. localUser.remove();
  133.  
  134. existingUser.save(function(){
  135. var token = createToken(existingUser);
  136. return res.send({ token: token, user: existingUser });
  137. })
  138. }else{
  139. localUser.instagramId = body.user.id;
  140. localUser.username = body.user.username;
  141. localUser.fullName = body.user.full_name;
  142. localUser.picture = body.user.profile_picture;
  143. localUser.accessToken = body.access_token;
  144.  
  145. localUser.save(function(){
  146. var token = createToken(localUser);
  147. res.send({ token: token, user: localUser });
  148. });
  149. }
  150. })
  151. });
  152. } else{
  153. User.findOne({ instagramId: body.user.id }, function(err, existingUser){
  154. if(existingUser){
  155. var token = createToken(existingUser);
  156. return res.send({ token: token, user: existingUser })
  157. }
  158.  
  159. var user = new User({
  160. instagramId: body.user.id,
  161. username: body.user.username,
  162. fullName: body.user.full_name,
  163. picture: body.user.profile_picture,
  164. accessToken: body.access_token
  165. });
  166.  
  167. user.save(function(){
  168. var token = createToken(user);
  169. res.send({ token: token, user: user });
  170. });
  171. });
  172. }
  173. });
  174. });
  175.  
  176. app.get('/api/chat', isAuthenticated, function(req, res){
  177. console.log(User._id);
  178. User.find({}, function(err, users){
  179. var userMap = {};
  180.  
  181. users.forEach(function(user){
  182. userMap[user] = user;
  183. });
  184. res.send(userMap);
  185. });
  186. });
  187.  
  188. app.get('/api/logout', isAuthenticated, function(req, res){
  189.  
  190. });
  191.  
  192.  
  193.  
  194.  
  195. server.listen(port, function(){
  196. console.log(`server is running on ${port}`);
  197. })
  198.  
  199. var mongoose = require('mongoose');
  200.  
  201. var userSchema = mongoose.model('User', new mongoose.Schema({
  202. instagramId: { type: String, index: true },
  203. email: { type: String, unique: true, lowercase: true },
  204. password: { type: String, select: false },
  205. username: String,
  206. fullName: String,
  207. picture: String,
  208. accessToken: String
  209. }));
  210.  
  211. module.exports = ('User', userSchema);
Add Comment
Please, Sign In to add comment