initial commit

Author: pendo324

api/activate.js

@@ -0,0 +1,13 @@
+const db = require('./../db.js');
+const express = require('express');
+
+const app = express.Router();
+
+app.get('/activate/:code([a-zA-Z0-9]{64})', (req, res) => {
+  db.query('update tracker.user set activated=$1, activation_code=$2, where activation_code=$3',
+    [true, null, req.params.code]).then(result => {
+      res.send(200);
+    });
+});
+
+module.exports = app;

api/blogPosts.js

@@ -0,0 +1,14 @@
+const express = require('express');
+const db = require('./../db.js');
+
+const app = express.Router();
+
+app.get('/blogPosts/:amount', (req, res) => {
+	db.query('select * from tracker.blogposts limit $1', [req.params.amount]).then(result => {
+		res.json(result.rows.map((post, index) => {
+			return { title: post.title, content: post.content, timestamp: post.time };
+		}));
+	});
+});
+
+module.exports = app;

api/createAccount.js

@@ -0,0 +1,47 @@
+const express = require('express');
+const db = require('./../db.js');
+const bcrypt = require('bcrypt');
+const emailer = require('./emailer');
+const crypto = require('crypto');
+
+const app = express.Router();
+
+const checkAccountExists = (username, email) => {
+  return db.query('select username from tracker.user where username=$1 or email=$2', [username, email]).then(result => {
+    if (result.rows.length > 0) {
+      return Promise.reject(new Error('Invalid username/email.'));
+    }
+    return Promise.resolve();
+  });
+};
+
+const hashPassword = password => {
+  return bcrypt.hashSync(password, 10);
+};
+
+const makeActivationCode = username => {
+  const hash = crypto.createHash('sha256');
+  const code = process.env.COOKIE_SECRET + username + Math.floor((new Date).getTime()/1000).toString();
+  hash.update(code);
+  return hash.digest('hex');
+};
+
+app.post('/create', (req, res) => {
+  checkAccountExists(req.body.username, req.body.email).then(() => {
+    const activationCode = makeActivationCode(req.body.username);
+    db.query('insert into tracker.user (username, password_hash, email, activation_code) values ($1, $2, $3, $4)', 
+              [req.body.username, hashPassword(req.body.password), req.body.email, activationCode]).then(result => { 
+                res.sendStatus(200);
+                emailer.sendActivationEmail(req.body.email, activationCode);
+              }).catch(err => {
+                console.log(err);
+                res.sendStatus(503);
+              });
+  }).catch(err => {
+    console.log(err);
+    res.status(409);
+    res.send('Invalid username/email.');
+  });
+});
+
+module.exports = app;

api/emailer.js

@@ -0,0 +1,32 @@
+const nodemailer = require('nodemailer');
+//const sendmailTransport = require('nodemailer-sendmail-transport');
+
+const transporter = nodemailer.createTransport({
+  host: 'topkek.us',
+  port: 25,
+  secure: false,
+  auth: {
+    user: process.env.MAIL_USER,
+    pass: process.env.MAIL_PASS
+  }
+});
+
+const makeActivationURL = (activationCode) => {
+  return `http://${process.env.DOMAIN}:${process.env.WEB_PORT}/activate/${activationCode}`;
+};
+
+module.exports.sendActivationEmail = (to, activationCode) => {
+  const mailOptions = {
+    from: 'Topkek <[email protected]>',
+    to: to,
+    subject: 'Email verification',
+    text: `Please click on the link below to activate your account:\n\n ${makeActivationURL(activationCode)}`
+  };
+
+  transporter.sendMail(mailOptions, (err, info) => {
+    if (err) {
+      console.log(err);
+    }
+    console.log(`Message sent: ${info.response}`);
+  });
+};

api/index.js

@@ -0,0 +1,24 @@
+const express = require('express');
+
+const app = express.Router();
+
+// routes
+const createAccount = require('./createAccount.js');
+const login = require('./login.js');
+const unauthorized = require('./unauthorized.js');
+const logout = require('./logout.js');
+const logged = require('./isLoggedIn.js');
+const activate = require('./activate.js');
+const blogPosts = require('./blogPosts.js');
+const upload = require('./upload.js');
+
+app.use(login);
+app.use(createAccount);
+app.use(activate);
+app.use(blogPosts);
+//app.use(unauthorized);
+app.use(logout);
+app.use(logged);
+app.use(upload);
+
+module.exports = app;

api/isLoggedIn.js

@@ -0,0 +1,10 @@
+const express = require('express');
+
+const app = express.Router();
+
+app.all('/logged', (req, res) => {
+	const user = req.session.currentUser;
+	res.send(user);
+});
+
+module.exports = app;

api/login.js

@@ -0,0 +1,25 @@
+const express = require('express');
+const db = require('./../db.js');
+const bcrypt = require('bcrypt');
+
+const app = express.Router();
+
+app.post('/login', (req, res) => {
+  db.query('select username, account_id, password_hash from tracker.user where username=$1', [req.body.username]).then(result => {
+  	if (bcrypt.compareSync(req.body.password, result.rows[0].password_hash)) {
+      req.session.currentUser = {
+        username: req.body.username,
+        id: result.rows[0].account_id
+      };
+
+      req.session.save(function(err) {
+        res.send();
+      });
+  	}
+  }).catch(err => {
+  	console.log(err);
+		res.sendStatus(404);
+  });
+});
+
+module.exports = app;

api/logout.js

@@ -0,0 +1,12 @@
+const express = require('express');
+
+const app = express.Router();
+
+app.get('/logout', (req, res) => {
+	req.session.destroy(err => {
+		if (err) throw err;
+		res.send(200);
+	});
+});
+
+module.exports = app;

api/unauthorized.js

@@ -0,0 +1,13 @@
+const express = require('express');
+
+const app = express.Router();
+
+app.all('*', (req, res, next) => {
+  if (!req.session.currentUser) {
+    res.sendStatus(401);
+  }
+
+  next();
+});
+
+module.exports = app;

api/upload.js

@@ -0,0 +1,20 @@
+const express = require('express');
+const multer = require('multer');
+const cyrpto = require('crypto');
+const db = require('./../db.js');
+const _ = require('lodash');
+
+const app = express.Router();
+
+const storage = multer.diskStorage({
+  destination: (req, file, cb) => {
+    cb(null, `/home/justin/torrents/${(new Date).getMonth()}`);
+  },
+  filename: (req, file, cb) => {
+    cb(null, file.hash);
+  }
+});
+
+const hashTorrent = (torrentBuffer) => {
+
+};