var express = require('express');var router = express.Router();var moment =

1. var express = require('express');
2. var router = express.Router();
3. var moment = require('moment');
4. var jwt = require('jwt-simple');
5. var db = require('../db');
6. var nodemailer = require('nodemailer');
7.  
8. router.all(new RegExp("[^(\/signin|\/register|\/sendVerificationMail)]"), function(req, res) {
9. var token = (req.header('X-Access-Token'));
10. if (token) {
11. try {
12. var decoded = jwt.decode(token, req.app.get('jwtTokenSecret'));
13. var username = decoded.username;
14. db.getConnection(function(err, connection) {
15. connection.query('SELECT * from User where username = ?', [username], function(err, rows) {
16. console.log(username);
17. if (rows.length >0) {
18. if (decoded.exp <= moment().valueOf()) {
19. res.status(401);
20. res.json({
21. "Result": "Unautorized(1)"
22. });
23. }
24. else {
25. var expires = moment().add(1, 'days').valueOf();
26. var token = jwt.encode({
27. username: username,
28. exp: expires
29. }, req.app.get('jwtTokenSecret'));
30. res.status(200);
31. res.json({
32. "expires": expires,
33. "token": token,
34. "user": username,
35. "Result": "Autorized!"
36. })
37. }
38. }
39. else {
40. res.status(401);
41. res.json({
42. "Result": "Unautorized(2)"
43. });
44. }
45. });
46. });
47.  
48. }
49. catch (err) {
50. res.status(401);
51. res.json({
52. "Result": "Unautorized(3)"
53. });
54. console.log("Authorization failed: " + err);
55. }
56. }
57. else {
58. res.status(401);
59. res.json({
60. "Result": "Unautorized(4)"
61. });
62. }
63. });
64.  
65. router.post('/signin', function(req, res) {
66. var username = req.body.username;
67. var password = req.body.password;
68. db.getConnection(function(err, connection) {
69. connection.query({
70. sql: 'SELECT * from User where username = ? and password = ?',
71. timeout: 5000,
72. values: [username, password]
73. }, function(err, rows) {
74. if (rows.length > 0) {
75. var loginName = rows[0].username;
76. var loginPass = rows[0].password;
77. }
78.  
79. if (username !== loginName || password !== loginPass) {
80. res.sendStatus(401);
81. }
82. else {
83. var expires = moment().add(1, 'days').valueOf();
84. var token = jwt.encode({
85. username: username,
86. exp: expires
87. }, req.app.get('jwtTokenSecret'));
88. res.status(200);
89. res.json({
90. "expires": expires,
91. "token": token,
92. "user": username
93. });
94. }
95. });
96. });
97. });
98. router.post('/register', function(req, res) {
99. var username = req.body.username;
100. var password = req.body.password;
101. var verify_password = req.body.verify_password;
102. var email = req.body.email;
103. console.log(req.body);
104. db.getConnection(function(err, connection) {
105. connection.query({
106. sql: 'SELECT * from User where username = ? OR email = ?',
107. timeout: 5000,
108. values: [username, email]
109. }, function(err, rows) {
110. var patt = /^(([a-zA-Z]|[0-9])|([-]|[_]|[.]))+[@](([a-zA-Z0-9])|([-])){2,63}[.](([a-zA-Z0-9]){2,63})+$/gi;
111. if (rows.length > 0) {
112. res.status(422).send('Username or email already taken');
113. }
114. else if (password !== verify_password) {
115. res.status(422).send('Passwords do not match');
116. }
117. else if (!patt.test(email)) {
118. res.status(422).send('Invalid email');
119. }
120. else {
121. db.getConnection(function(err, connection) {
122. var data = {
123. username: username,
124. password: verify_password,
125. email: email
126. }
127. connection.query('INSERT INTO User SET ?', data, function(err, rows) {
128. res.status(200).send('User added!');
129. });
130. });
131. }
132. });
133. });
134. });
135. router.post('/sendVerificationMail', function(req, res, next) {
136. var _email = req.body.email;
137. console.log(_email);
138. var transporter = nodemailer.createTransport('smtps://csgrip2016%40gmail.com:koelkast@123@smtp.gmail.com');
139.  
140. function s4() {
141. return Math.floor((1 + Math.random()) * 0x10000)
142. .toString(16)
143. .substring(1);
144. }
145. var _token = s4() + s4() + '-' + s4() + '-' + s4() + '-' +
146. s4() + '-' + s4() + s4() + s4();
147.  
148. // setup e-mail data with unicode symbols
149. var mailOptions = {
150. from: '"De koelkast" <csgrip2016@gmail.com>', // sender address
151. to: _email, // list of receivers
152. subject: 'Reset CSGrip password', // Subject line
153. text: 'Hello, \n You can reset your password with the following verification code: '+ _token + ' .\n ' // plaintext body
154. };
155.  
156. // send mail with defined transport object
157. transporter.sendMail(mailOptions, function(error, info){
158. if(error){
159. return console.log(error);
160. }
161. db.getConnection(function(err, connection) {
162. connection.query({
163. sql: 'SELECT * from User where email = ?',
164. timeout: 5000,
165. values: [_email]
166. }, function(err, rows) {
167. if (rows.length === 1) {
168. db.getConnection(function(err, connection) {
169. var data = {
170. token: _token
171. }
172. connection.query('UPDATE User SET ? WHERE email = ?', data, _email, function(err, rows) {
173. res.status(200).send('Email send: ' + info.response);
174. });
175. });
176. console.log('Email send: ' + info.response);
177. }else {
178. res.status(400);
179. res.json({
180. "Result": "Email does not exist"
181. });
182. }
183. })
184. });
185. });
186. });
187. function guid() {
188. function s4() {
189. return Math.floor((1 + Math.random()) * 0x10000)
190. .toString(16)
191. .substring(1);
192. }
193. return s4() + s4() + '-' + s4() + '-' + s4() + '-' +
194. s4() + '-' + s4() + s4() + s4();
195. }
196. router.get('/get/users', function(req, res, next) {
197. db.getConnection(function(err, connection) {
198. connection.query('SELECT * from users where username = ? and password = ?', ['dennis', 'test'], function(err, rows) {
199. // And done with the connection.
200. // connection.release();
201. res.status(200);
202. res.json({
203. "Result": rows[0]
204. });
205. });
206. });
207. });
208. module.exports = router;