* Added placeholder text to site when loading JS
* Added hidden text to site for scraping * Login token will be destroyed if fetch site totals is called and the token is bad * Moved passwords out of application and into a .env file that is loaded on startup * Changed prod database password for primary user (which is dev) * Set up .env for dev and prod
This commit is contained in:
parent
3535f0cb24
commit
278b204b3b
2
.gitignore
vendored
2
.gitignore
vendored
@ -6,4 +6,4 @@ pids
|
|||||||
*.pid
|
*.pid
|
||||||
*.seed
|
*.seed
|
||||||
*.pid.lock
|
*.pid.lock
|
||||||
|
.env
|
||||||
|
@ -15,8 +15,32 @@
|
|||||||
<body>
|
<body>
|
||||||
<div id="app">
|
<div id="app">
|
||||||
<!-- placeholder data for scrapers with no JS -->
|
<!-- placeholder data for scrapers with no JS -->
|
||||||
<h1>You have found a Solid Scribe</h1>
|
<style>
|
||||||
<img src="/api/static/assets/logo.svg" alt="logo">
|
|
||||||
|
.centered {
|
||||||
|
position: fixed;
|
||||||
|
top: 50%;
|
||||||
|
left: 50%;
|
||||||
|
transform: translate(-50%, -50%);
|
||||||
|
text-align: center;
|
||||||
|
font-family: Arial, Helvetica, sans-serif;
|
||||||
|
}
|
||||||
|
.logo {
|
||||||
|
width: 200px;
|
||||||
|
height: auto;
|
||||||
|
}
|
||||||
|
.scrape-info {
|
||||||
|
opacity: 0;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
|
||||||
|
<div class="centered">
|
||||||
|
<img class="logo" src="/api/static/assets/logo.svg" alt="logo">
|
||||||
|
<h1>Solid Scribe</h1>
|
||||||
|
<h3>Loading...</h3>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="scrape-info">
|
||||||
<h1>Solid Scribe</h1>
|
<h1>Solid Scribe</h1>
|
||||||
<h2>A note application that respects your privacy.</h2>
|
<h2>A note application that respects your privacy.</h2>
|
||||||
<p>Take notes with a clean editor that works on desktop or mobile.</p>
|
<p>Take notes with a clean editor that works on desktop or mobile.</p>
|
||||||
@ -27,6 +51,8 @@
|
|||||||
<p>Encrypt notes for additional security.</p>
|
<p>Encrypt notes for additional security.</p>
|
||||||
<b>This site requires Javascipt to run.</b>
|
<b>This site requires Javascipt to run.</b>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
<!-- built files will be auto injected -->
|
<!-- built files will be auto injected -->
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
@ -133,6 +133,10 @@ export default new Vuex.Store({
|
|||||||
.then( ({data}) => {
|
.then( ({data}) => {
|
||||||
commit('setUserTotals', data)
|
commit('setUserTotals', data)
|
||||||
})
|
})
|
||||||
|
.catch( error => {
|
||||||
|
commit('destroyLoginToken')
|
||||||
|
location.reload()
|
||||||
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
5
package-lock.json
generated
5
package-lock.json
generated
@ -487,6 +487,11 @@
|
|||||||
"resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz",
|
"resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz",
|
||||||
"integrity": "sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug=="
|
"integrity": "sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug=="
|
||||||
},
|
},
|
||||||
|
"dotenv": {
|
||||||
|
"version": "8.2.0",
|
||||||
|
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.2.0.tgz",
|
||||||
|
"integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
|
||||||
|
},
|
||||||
"ecc-jsbn": {
|
"ecc-jsbn": {
|
||||||
"version": "0.1.2",
|
"version": "0.1.2",
|
||||||
"resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz",
|
"resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz",
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
"dependencies": {
|
"dependencies": {
|
||||||
"body-parser": "^1.18.3",
|
"body-parser": "^1.18.3",
|
||||||
"cheerio": "^1.0.0-rc.3",
|
"cheerio": "^1.0.0-rc.3",
|
||||||
|
"dotenv": "^8.2.0",
|
||||||
"express": "^4.16.4",
|
"express": "^4.16.4",
|
||||||
"express-rate-limit": "^5.1.1",
|
"express-rate-limit": "^5.1.1",
|
||||||
"gm": "^1.23.1",
|
"gm": "^1.23.1",
|
||||||
|
@ -3,9 +3,9 @@ const mysql = require('mysql2');
|
|||||||
|
|
||||||
// Create the connection pool.
|
// Create the connection pool.
|
||||||
const pool = mysql.createPool({
|
const pool = mysql.createPool({
|
||||||
host: 'localhost',
|
host: process.env.DB_HOST,
|
||||||
user: 'dev',
|
user: process.env.DB_USER,
|
||||||
password: "LazaLinga&33Can't!Do!That34",
|
password: process.env.DB_PASS,
|
||||||
database: 'application',
|
database: 'application',
|
||||||
waitForConnections: true,
|
waitForConnections: true,
|
||||||
connectionLimit: 20,
|
connectionLimit: 20,
|
||||||
|
@ -2,16 +2,16 @@ var jwt = require('jsonwebtoken');
|
|||||||
|
|
||||||
let Auth = {}
|
let Auth = {}
|
||||||
|
|
||||||
const secretKey = '@TODO define secret constant its important!!!'
|
const tokenSecretKey = process.env.JSON_KEY
|
||||||
|
|
||||||
Auth.createToken = (userId) => {
|
Auth.createToken = (userId) => {
|
||||||
const signedData = {'id': userId, 'date':Date.now()}
|
const signedData = {'id': userId, 'date':Date.now()}
|
||||||
const token = jwt.sign(signedData, secretKey)
|
const token = jwt.sign(signedData, tokenSecretKey)
|
||||||
return token
|
return token
|
||||||
}
|
}
|
||||||
Auth.decodeToken = (token) => {
|
Auth.decodeToken = (token) => {
|
||||||
return new Promise((resolve, reject) => {
|
return new Promise((resolve, reject) => {
|
||||||
jwt.verify(token, secretKey, function(err, decoded){
|
jwt.verify(token, tokenSecretKey, function(err, decoded){
|
||||||
if(err || decoded.id == undefined){
|
if(err || decoded.id == undefined){
|
||||||
reject('Bad Token')
|
reject('Bad Token')
|
||||||
return
|
return
|
||||||
|
@ -1,11 +1,17 @@
|
|||||||
|
//Set up environmental variables, pulled from .env file used as process.env.DB_HOST
|
||||||
|
const os = require('os') //Used to get path of home directory
|
||||||
|
const result = require('dotenv').config({ path:(os.homedir()+'/.env') })
|
||||||
|
|
||||||
//Allow user of @ in in require calls. Config in package.json
|
//Allow user of @ in in require calls. Config in package.json
|
||||||
require('module-alias/register')
|
require('module-alias/register')
|
||||||
|
|
||||||
|
//Auth helper, used for decoding users web token
|
||||||
let Auth = require('@helpers/Auth')
|
let Auth = require('@helpers/Auth')
|
||||||
|
|
||||||
|
//Helmet adds additional security to express server
|
||||||
const helmet = require('helmet')
|
const helmet = require('helmet')
|
||||||
|
|
||||||
|
//Setup express server
|
||||||
const express = require('express')
|
const express = require('express')
|
||||||
const app = express()
|
const app = express()
|
||||||
app.use( helmet() )
|
app.use( helmet() )
|
||||||
|
Loading…
Reference in New Issue
Block a user