* Added placeholder text to site when loading JS
* Added hidden text to site for scraping * Login token will be destroyed if fetch site totals is called and the token is bad * Moved passwords out of application and into a .env file that is loaded on startup * Changed prod database password for primary user (which is dev) * Set up .env for dev and prod
This commit is contained in:
parent
3535f0cb24
commit
278b204b3b
2
.gitignore
vendored
2
.gitignore
vendored
@ -6,4 +6,4 @@ pids
|
||||
*.pid
|
||||
*.seed
|
||||
*.pid.lock
|
||||
|
||||
.env
|
||||
|
@ -15,8 +15,32 @@
|
||||
<body>
|
||||
<div id="app">
|
||||
<!-- placeholder data for scrapers with no JS -->
|
||||
<h1>You have found a Solid Scribe</h1>
|
||||
<img src="/api/static/assets/logo.svg" alt="logo">
|
||||
<style>
|
||||
|
||||
.centered {
|
||||
position: fixed;
|
||||
top: 50%;
|
||||
left: 50%;
|
||||
transform: translate(-50%, -50%);
|
||||
text-align: center;
|
||||
font-family: Arial, Helvetica, sans-serif;
|
||||
}
|
||||
.logo {
|
||||
width: 200px;
|
||||
height: auto;
|
||||
}
|
||||
.scrape-info {
|
||||
opacity: 0;
|
||||
}
|
||||
</style>
|
||||
|
||||
<div class="centered">
|
||||
<img class="logo" src="/api/static/assets/logo.svg" alt="logo">
|
||||
<h1>Solid Scribe</h1>
|
||||
<h3>Loading...</h3>
|
||||
</div>
|
||||
|
||||
<div class="scrape-info">
|
||||
<h1>Solid Scribe</h1>
|
||||
<h2>A note application that respects your privacy.</h2>
|
||||
<p>Take notes with a clean editor that works on desktop or mobile.</p>
|
||||
@ -27,6 +51,8 @@
|
||||
<p>Encrypt notes for additional security.</p>
|
||||
<b>This site requires Javascipt to run.</b>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<!-- built files will be auto injected -->
|
||||
</body>
|
||||
</html>
|
||||
|
@ -133,6 +133,10 @@ export default new Vuex.Store({
|
||||
.then( ({data}) => {
|
||||
commit('setUserTotals', data)
|
||||
})
|
||||
.catch( error => {
|
||||
commit('destroyLoginToken')
|
||||
location.reload()
|
||||
})
|
||||
}
|
||||
}
|
||||
})
|
5
package-lock.json
generated
5
package-lock.json
generated
@ -487,6 +487,11 @@
|
||||
"resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz",
|
||||
"integrity": "sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug=="
|
||||
},
|
||||
"dotenv": {
|
||||
"version": "8.2.0",
|
||||
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.2.0.tgz",
|
||||
"integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
|
||||
},
|
||||
"ecc-jsbn": {
|
||||
"version": "0.1.2",
|
||||
"resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz",
|
||||
|
@ -11,6 +11,7 @@
|
||||
"dependencies": {
|
||||
"body-parser": "^1.18.3",
|
||||
"cheerio": "^1.0.0-rc.3",
|
||||
"dotenv": "^8.2.0",
|
||||
"express": "^4.16.4",
|
||||
"express-rate-limit": "^5.1.1",
|
||||
"gm": "^1.23.1",
|
||||
|
@ -3,9 +3,9 @@ const mysql = require('mysql2');
|
||||
|
||||
// Create the connection pool.
|
||||
const pool = mysql.createPool({
|
||||
host: 'localhost',
|
||||
user: 'dev',
|
||||
password: "LazaLinga&33Can't!Do!That34",
|
||||
host: process.env.DB_HOST,
|
||||
user: process.env.DB_USER,
|
||||
password: process.env.DB_PASS,
|
||||
database: 'application',
|
||||
waitForConnections: true,
|
||||
connectionLimit: 20,
|
||||
|
@ -2,16 +2,16 @@ var jwt = require('jsonwebtoken');
|
||||
|
||||
let Auth = {}
|
||||
|
||||
const secretKey = '@TODO define secret constant its important!!!'
|
||||
const tokenSecretKey = process.env.JSON_KEY
|
||||
|
||||
Auth.createToken = (userId) => {
|
||||
const signedData = {'id': userId, 'date':Date.now()}
|
||||
const token = jwt.sign(signedData, secretKey)
|
||||
const token = jwt.sign(signedData, tokenSecretKey)
|
||||
return token
|
||||
}
|
||||
Auth.decodeToken = (token) => {
|
||||
return new Promise((resolve, reject) => {
|
||||
jwt.verify(token, secretKey, function(err, decoded){
|
||||
jwt.verify(token, tokenSecretKey, function(err, decoded){
|
||||
if(err || decoded.id == undefined){
|
||||
reject('Bad Token')
|
||||
return
|
||||
|
@ -1,11 +1,17 @@
|
||||
//Set up environmental variables, pulled from .env file used as process.env.DB_HOST
|
||||
const os = require('os') //Used to get path of home directory
|
||||
const result = require('dotenv').config({ path:(os.homedir()+'/.env') })
|
||||
|
||||
//Allow user of @ in in require calls. Config in package.json
|
||||
require('module-alias/register')
|
||||
|
||||
//Auth helper, used for decoding users web token
|
||||
let Auth = require('@helpers/Auth')
|
||||
|
||||
//Helmet adds additional security to express server
|
||||
const helmet = require('helmet')
|
||||
|
||||
|
||||
//Setup express server
|
||||
const express = require('express')
|
||||
const app = express()
|
||||
app.use( helmet() )
|
||||
|
Loading…
Reference in New Issue
Block a user