Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var express = require('express');
- var router = express.Router();
- var moment = require('moment');
- var jwt = require('jwt-simple');
- var db = require('../db');
- var nodemailer = require('nodemailer');
- router.all(new RegExp("[^(\/signin|\/register|\/sendVerificationMail)]"), function(req, res) {
- var token = (req.header('X-Access-Token'));
- if (token) {
- try {
- var decoded = jwt.decode(token, req.app.get('jwtTokenSecret'));
- var username = decoded.username;
- db.getConnection(function(err, connection) {
- connection.query('SELECT * from User where username = ?', [username], function(err, rows) {
- console.log(username);
- if (rows.length >0) {
- if (decoded.exp <= moment().valueOf()) {
- res.status(401);
- res.json({
- "Result": "Unautorized(1)"
- });
- }
- else {
- var expires = moment().add(1, 'days').valueOf();
- var token = jwt.encode({
- username: username,
- exp: expires
- }, req.app.get('jwtTokenSecret'));
- res.status(200);
- res.json({
- "expires": expires,
- "token": token,
- "user": username,
- "Result": "Autorized!"
- })
- }
- }
- else {
- res.status(401);
- res.json({
- "Result": "Unautorized(2)"
- });
- }
- });
- });
- }
- catch (err) {
- res.status(401);
- res.json({
- "Result": "Unautorized(3)"
- });
- console.log("Authorization failed: " + err);
- }
- }
- else {
- res.status(401);
- res.json({
- "Result": "Unautorized(4)"
- });
- }
- });
- router.post('/signin', function(req, res) {
- var username = req.body.username;
- var password = req.body.password;
- db.getConnection(function(err, connection) {
- connection.query({
- sql: 'SELECT * from User where username = ? and password = ?',
- timeout: 5000,
- values: [username, password]
- }, function(err, rows) {
- if (rows.length > 0) {
- var loginName = rows[0].username;
- var loginPass = rows[0].password;
- }
- if (username !== loginName || password !== loginPass) {
- res.sendStatus(401);
- }
- else {
- var expires = moment().add(1, 'days').valueOf();
- var token = jwt.encode({
- username: username,
- exp: expires
- }, req.app.get('jwtTokenSecret'));
- res.status(200);
- res.json({
- "expires": expires,
- "token": token,
- "user": username
- });
- }
- });
- });
- });
- router.post('/register', function(req, res) {
- var username = req.body.username;
- var password = req.body.password;
- var verify_password = req.body.verify_password;
- var email = req.body.email;
- console.log(req.body);
- db.getConnection(function(err, connection) {
- connection.query({
- sql: 'SELECT * from User where username = ? OR email = ?',
- timeout: 5000,
- values: [username, email]
- }, function(err, rows) {
- var patt = /^(([a-zA-Z]|[0-9])|([-]|[_]|[.]))+[@](([a-zA-Z0-9])|([-])){2,63}[.](([a-zA-Z0-9]){2,63})+$/gi;
- if (rows.length > 0) {
- res.status(422).send('Username or email already taken');
- }
- else if (password !== verify_password) {
- res.status(422).send('Passwords do not match');
- }
- else if (!patt.test(email)) {
- res.status(422).send('Invalid email');
- }
- else {
- db.getConnection(function(err, connection) {
- var data = {
- username: username,
- password: verify_password,
- email: email
- }
- connection.query('INSERT INTO User SET ?', data, function(err, rows) {
- res.status(200).send('User added!');
- });
- });
- }
- });
- });
- });
- router.post('/sendVerificationMail', function(req, res, next) {
- var _email = req.body.email;
- console.log(_email);
- var transporter = nodemailer.createTransport('smtps://csgrip2016%40gmail.com:koelkast@123@smtp.gmail.com');
- function s4() {
- return Math.floor((1 + Math.random()) * 0x10000)
- .toString(16)
- .substring(1);
- }
- var _token = s4() + s4() + '-' + s4() + '-' + s4() + '-' +
- s4() + '-' + s4() + s4() + s4();
- // setup e-mail data with unicode symbols
- var mailOptions = {
- from: '"De koelkast" <csgrip2016@gmail.com>', // sender address
- to: _email, // list of receivers
- subject: 'Reset CSGrip password', // Subject line
- text: 'Hello, \n You can reset your password with the following verification code: '+ _token + ' .\n ' // plaintext body
- };
- // send mail with defined transport object
- transporter.sendMail(mailOptions, function(error, info){
- if(error){
- return console.log(error);
- }
- db.getConnection(function(err, connection) {
- connection.query({
- sql: 'SELECT * from User where email = ?',
- timeout: 5000,
- values: [_email]
- }, function(err, rows) {
- if (rows.length === 1) {
- db.getConnection(function(err, connection) {
- var data = {
- token: _token
- }
- connection.query('UPDATE User SET ? WHERE email = ?', data, _email, function(err, rows) {
- res.status(200).send('Email send: ' + info.response);
- });
- });
- console.log('Email send: ' + info.response);
- }else {
- res.status(400);
- res.json({
- "Result": "Email does not exist"
- });
- }
- })
- });
- });
- });
- function guid() {
- function s4() {
- return Math.floor((1 + Math.random()) * 0x10000)
- .toString(16)
- .substring(1);
- }
- return s4() + s4() + '-' + s4() + '-' + s4() + '-' +
- s4() + '-' + s4() + s4() + s4();
- }
- router.get('/get/users', function(req, res, next) {
- db.getConnection(function(err, connection) {
- connection.query('SELECT * from users where username = ? and password = ?', ['dennis', 'test'], function(err, rows) {
- // And done with the connection.
- // connection.release();
- res.status(200);
- res.json({
- "Result": rows[0]
- });
- });
- });
- });
- module.exports = router;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement