* Added placeholder text to site when loading JS

* Added hidden text to site for scraping * Login token will be destroyed if fetch site totals is called and the token is bad * Moved passwords out of application and into a .env file that is loaded on startup * Changed prod database password for primary user (which is dev) * Set up .env for dev and prod
2020-04-13 07:44:57 +00:00 · 2020-04-13 07:44:57 +00:00 · 278b204b3b
commit 278b204b3b
parent 3535f0cb24
8 changed files with 61 additions and 19 deletions
--- a/.gitignore
+++ b/.gitignore
@ -6,4 +6,4 @@ pids
 *.pid
 *.seed
 *.pid.lock
-
+.env
--- a/client/index.html
+++ b/client/index.html
@ -15,17 +15,43 @@
  <body>
    <div id="app">
      <!-- placeholder data for scrapers with no JS -->
-      <h1>You have found a Solid Scribe</h1>
-      <img src="/api/static/assets/logo.svg" alt="logo">
-      <h1>Solid Scribe</h1>
-      <h2>A note application that respects your privacy.</h2>
-      <p>Take notes with a clean editor that works on desktop or mobile.</p>
-      <p>Search notes, links and files to find what you need.</p>
-      <p>Accessable everywhere.</p>
-      <p>Categorize notes with tags.</p>
-      <p>Share data with fellow users.</p>
-      <p>Encrypt notes for additional security.</p>
-      <b>This site requires Javascipt to run.</b>
+      <style>
+
+        .centered {
+          position: fixed;
+          top: 50%;
+          left: 50%;
+          transform: translate(-50%, -50%);
+          text-align: center;
+          font-family: Arial, Helvetica, sans-serif;
+        }
+        .logo {
+          width: 200px;
+          height: auto;
+        }
+        .scrape-info {
+          opacity: 0;
+        }
+      </style>
+    
+      <div class="centered">
+        <img class="logo" src="/api/static/assets/logo.svg" alt="logo">
+        <h1>Solid Scribe</h1>
+        <h3>Loading...</h3>
+      </div>
+
+      <div class="scrape-info">
+        <h1>Solid Scribe</h1>
+        <h2>A note application that respects your privacy.</h2>
+        <p>Take notes with a clean editor that works on desktop or mobile.</p>
+        <p>Search notes, links and files to find what you need.</p>
+        <p>Accessable everywhere.</p>
+        <p>Categorize notes with tags.</p>
+        <p>Share data with fellow users.</p>
+        <p>Encrypt notes for additional security.</p>
+        <b>This site requires Javascipt to run.</b>
+      </div>
+
    </div>
    <!-- built files will be auto injected -->
  </body>
--- a/client/src/stores/mainStore.js
+++ b/client/src/stores/mainStore.js
@ -133,6 +133,10 @@ export default new Vuex.Store({
 			.then( ({data}) => {
 				commit('setUserTotals', data)
 			})
+			.catch( error => {
+				commit('destroyLoginToken')
+				location.reload()
+			})
 		}
 	}
 })
--- a/package-lock.json
+++ b/package-lock.json
@ -487,6 +487,11 @@
      "resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz",
      "integrity": "sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug=="
    },
+    "dotenv": {
+      "version": "8.2.0",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.2.0.tgz",
+      "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
+    },
    "ecc-jsbn": {
      "version": "0.1.2",
      "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz",
--- a/package.json
+++ b/package.json
@ -11,6 +11,7 @@
  "dependencies": {
    "body-parser": "^1.18.3",
    "cheerio": "^1.0.0-rc.3",
+    "dotenv": "^8.2.0",
    "express": "^4.16.4",
    "express-rate-limit": "^5.1.1",
    "gm": "^1.23.1",
--- a/server/config/database.js
+++ b/server/config/database.js
@ -3,9 +3,9 @@ const mysql = require('mysql2');

 // Create the connection pool.
 const pool = mysql.createPool({
-	host: 'localhost',
-	user: 'dev',
-	password: "LazaLinga&33Can't!Do!That34",
+	host: process.env.DB_HOST,
+	user: process.env.DB_USER,
+	password: process.env.DB_PASS,
 	database: 'application',
 	waitForConnections: true,
 	connectionLimit: 20,
--- a/server/helpers/Auth.js
+++ b/server/helpers/Auth.js
@ -2,16 +2,16 @@ var jwt = require('jsonwebtoken');

 let Auth = {}

-const secretKey = '@TODO define secret constant its important!!!'
+const tokenSecretKey = process.env.JSON_KEY

 Auth.createToken = (userId) => {
 	const signedData = {'id': userId, 'date':Date.now()}
-	const token = jwt.sign(signedData, secretKey)
+	const token = jwt.sign(signedData, tokenSecretKey)
 	return token
 }
 Auth.decodeToken = (token) => {
 	return new Promise((resolve, reject) => {
-		jwt.verify(token, secretKey, function(err, decoded){
+		jwt.verify(token, tokenSecretKey, function(err, decoded){
 			if(err || decoded.id == undefined){
 				reject('Bad Token')
 				return
--- a/server/index.js
+++ b/server/index.js
@ -1,11 +1,17 @@
+//Set up environmental variables, pulled from .env file used as process.env.DB_HOST
+const os = require('os') //Used to get path of home directory
+const result = require('dotenv').config({ path:(os.homedir()+'/.env') })
+
 //Allow user of @ in in require calls. Config in package.json
 require('module-alias/register')

+//Auth helper, used for decoding users web token
 let Auth = require('@helpers/Auth')

+//Helmet adds additional security to express server
 const helmet = require('helmet')

-
+//Setup express server
 const express = require('express')
 const app = express()
 app.use( helmet() )