Started to build out the app. Its got a basic set of features and it should really be in VC

server/config/database.js

@@ -0,0 +1,16 @@
+//Import mysql2 package
+const mysql = require('mysql2');
+
+// Create the connection pool.
+const pool = mysql.createPool({
+	host: 'localhost',
+	user: 'dev',
+	password: "LazaLinga&33Can't!Do!That34",
+	database: 'application',
+	waitForConnections: true,
+	connectionLimit: 20,
+	queueLimit: 0
+});
+
+//Export the pool for user elsewhere
+module.exports = pool

server/helpers/Auth.js

@@ -0,0 +1,26 @@
+var jwt = require('jsonwebtoken');
+
+let Auth = {}
+
+const secretKey = '@TODO define secret constant its important!!!'
+
+Auth.createToken = (userId) => {
+	const signedData = {'id': userId, 'date':Date.now()}
+	const token = jwt.sign(signedData, secretKey)
+	return token
+}
+Auth.decodeToken = (token) => {
+	return new Promise((resolve, reject) => {
+		jwt.verify(token, secretKey, function(err, decoded){
+			if(err || decoded.id == undefined){
+				reject('Bad Token')
+				return
+			}
+			//Pass back decoded token
+			resolve(decoded)
+			return
+		});
+	})
+}
+
+module.exports = Auth

server/index.js

@@ -0,0 +1,52 @@
+//Allow user of @ in in require calls. Config in package.json
+require('module-alias/register')
+
+let Auth = require('@helpers/Auth')
+
+const express = require('express')
+const app = express()
+const port = 3000
+
+//Enable json body parsing in requests. Allows me to post data in ajax calls
+app.use(express.json())
+
+//Prefix defied by route in nginx config
+const prefix = '/api'
+
+//App Auth, all requests will come in with a token, decode the token and set global var
+app.use(function(req, res, next){
+
+	let token = req.headers.authorization
+	if(token && token != null && typeof token === 'string'){
+		Auth.decodeToken(token)
+		.then(userData => {
+
+			req.headers.userId = userData.id //Update headers for the rest of the application
+			next()
+		}).catch(error => {
+
+			res.statusMessage = error //Throw 400 error if token is bad
+		    res.status(400).end()
+		})
+	} else {
+		next() //No token. Move along.
+	}
+})
+
+//Test 
+app.get(prefix, (req, res) => res.send('The api is running'))
+
+//Init user endpoint
+var user = require('@routes/user')
+app.use(prefix+'/user', user)
+
+//Init notes endpoint
+var notes = require('@routes/notesController')
+app.use(prefix+'/notes', notes)
+
+//Init tags endpoint
+var tags = require('@routes/tagsController')
+app.use(prefix+'/tags', tags)
+
+//Output running status
+app.listen(port, () => console.log(`Listening on port ${port}!`))

server/models/Notes.js

@@ -0,0 +1,129 @@
+let db = require('@config/database')
+
+let Notes = module.exports = {}
+
+Notes.create = (userId, noteText) => {
+	return new Promise((resolve, reject) => {
+
+		const created = new Date().toISOString().slice(0, 19).replace('T', ' ')
+
+		db.promise()
+		.query('INSERT INTO notes (user, text, created) VALUES (?,?,?)', [userId, noteText, created])
+		.then((rows, fields) => {
+			resolve(rows[0].insertId) //Only return the new note ID when creating a new note
+		})
+		.catch(console.log)
+	})
+}
+
+Notes.update = (userId, noteId, noteText) => {
+	return new Promise((resolve, reject) => {
+		const now = new Date().toISOString().slice(0, 19).replace('T', ' ')
+		db.promise()
+		.query('UPDATE notes SET text = ?, updated = ? WHERE id = ? AND user = ? LIMIT 1', [noteText, now, noteId, userId])
+		.then((rows, fields) => {
+			console.log(rows)
+			resolve(rows[0])
+		})
+		.catch(console.log)
+	})
+}
+
+Notes.delete = (userId, noteId) => {
+	return new Promise((resolve, reject) => {
+		//Create new note, return created or finger your butt
+	})
+}
+
+Notes.get = (userId, noteId) => {
+	return new Promise((resolve, reject) => {
+		db.promise()
+		.query('SELECT text, updated FROM notes WHERE user = ? AND id = ? LIMIT 1', [userId,noteId])
+		.then((rows, fields) => {
+			resolve(rows[0][0])
+		})
+		.catch(console.log)
+	})
+}
+
+Notes.getLatest = (userId) => {
+	return new Promise((resolve, reject) => {
+		db.promise()
+		.query('SELECT id, SUBSTRING(text, 1, 100) as text FROM notes WHERE user = ? ORDER BY updated DESC, created DESC', [userId])
+		.then((rows, fields) => {
+			resolve(rows[0])
+		})
+		.catch(console.log)
+	})
+}
+
+Notes.search = (userId, searchQuery, searchTags) => {
+	return new Promise((resolve, reject) => {
+
+
+		//Default note lookup gets all notes
+		let noteSearchQuery = `
+			SELECT notes.id, SUBSTRING(text, 1, 100) as text 
+			FROM notes 
+			LEFT JOIN notes_tags ON (notes.id = notes_tags.note_id)
+			WHERE user = ?`
+		let searchParams = [userId]
+
+		if(searchQuery != ''){
+			//If a search query is defined, search notes for that word
+			searchParams.push('%'+searchQuery+'%')
+			noteSearchQuery += ' AND text LIKE ?'
+		}
+		if(searchTags.length > 0){
+			//If tags are passed, use those tags in search
+			searchParams.push(searchTags)
+			noteSearchQuery += ' AND notes_tags.tag_id IN (?)'
+		}
+
+		//Finish up note query
+		noteSearchQuery += ' GROUP BY notes.id ORDER BY updated DESC, created DESC'
+
+		//Define return data objects
+		let returnData = {
+			'notes':[],
+			'tags':[]
+		}
+
+		db.promise()
+		.query(noteSearchQuery, searchParams)
+		.then((noteRows, noteFields) => {
+
+			//Push all notes
+			returnData['notes'] = noteRows[0]
+
+			//Pull Tags off of selected notes
+			let noteIds = []
+			returnData['notes'].forEach(note => {
+				noteIds.push(note.id)
+			})
+
+			//If no notes are returned, there are no tags, return empty
+			if(noteIds.length == 0){
+				resolve(returnData)
+			}
+
+			//Only show tags of selected notes
+			db.promise()
+			.query(`SELECT tags.id, tags.text, count(tags.id) as usages FROM notes_tags
+					JOIN tags ON (tags.id = notes_tags.tag_id)
+					WHERE notes_tags.user_id = ?
+					AND note_id IN (?)
+					GROUP BY tags.id
+					ORDER BY usages DESC;`,[userId, noteIds])
+			.then((tagRows, tagFields) => {
+
+				returnData['tags'] = tagRows[0]
+
+				resolve(returnData)
+			})
+			.catch(console.log)
+
+		})
+		.catch(console.log)
+	})
+}

server/models/Tags.js

@@ -0,0 +1,108 @@
+let db = require('@config/database')
+
+let Tags = module.exports = {}
+
+
+Tags.removeTagFromNote = (userId, tagId) => {
+	return new Promise((resolve, reject) => {
+		db.promise()
+		.query(`DELETE FROM notes_tags WHERE id = ? AND user_id = ? LIMIT 1;`, [tagId, userId])
+		.then((rows, fields) => {
+			resolve(rows[0]) //Return new ID
+		})
+		.catch(console.log)
+	})
+}
+
+Tags.addToNote = (userId, noteId, tagText) => {
+	return new Promise((resolve, reject) => {
+
+		//Lookup tag
+		Tags.lookup(tagText)
+		.then( lookup => {
+			
+			//Tag does not exist, insert new tag, then associate it with a note
+			if(lookup.length == 0){
+				//Insert new tag
+				Tags.add(tagText)
+				.then( newTagId => {
+					Tags.associateWithNote(userId, noteId, newTagId)
+					.then( result => {
+						resolve(result)
+					})
+				})
+			}
+
+			//Tag already exists, associate it with a note
+			if(lookup.length > 0){
+				Tags.associateWithNote(userId, noteId, lookup[0].id)
+				.then( result => {
+					resolve(result)
+				})
+			}
+
+		})
+	})
+}
+
+Tags.associateWithNote = (userId, noteId, tagId) => {
+	return new Promise((resolve, reject) => {
+
+		//Check if tag already exists on note before adding note
+		db.promise()
+		.query(`SELECT * FROM notes_tags WHERE note_id = ? AND tag_id = ? AND user_id = ?;`, [noteId, tagId, userId])
+		.then((rows, fields) => {
+
+			//If matching tag does not exist on note
+			if(rows[0].length == 0){
+
+				//Add tag to note
+				db.promise()
+				.query(`INSERT INTO notes_tags (note_id, tag_id, user_id) VALUES (?,?,?);`, [noteId, tagId, userId])
+				.then((rows, fields) => {
+					resolve(rows[0]) 
+				})
+				.catch(console.log)
+			} else {
+
+				reject('Error: Tag already exists on note.')
+			}
+		})
+		.catch(console.log)
+	})
+}
+
+Tags.add = (tagText) => {
+	return new Promise((resolve, reject) => {
+		db.promise()
+		.query(`INSERT INTO tags (text, hash) VALUES (?,?);`, [tagText,0])
+		.then((rows, fields) => {
+			resolve(rows[0].insertId) //Return new ID
+		})
+		.catch(console.log)
+	})
+}
+
+Tags.get = (userId, noteId) => {
+	return new Promise((resolve, reject) => {
+		db.promise()
+		.query(`SELECT notes_tags.id, tags.text FROM notes_tags
+				JOIN tags ON (tags.id = notes_tags.tag_id)
+				WHERE user_id = ? AND note_id = ?;`, [userId, noteId])
+		.then((rows, fields) => {
+			resolve(rows[0]) //Return all tags found by query
+		})
+		.catch(console.log)
+	})
+}
+
+Tags.lookup = (tagText) => {
+	return new Promise((resolve, reject) => {
+		db.promise()
+		.query(`SELECT * FROM tags WHERE text = ?;`, [tagText])
+		.then((rows, fields) => {
+			resolve(rows[0]) //Return all tags found by query
+		})
+		.catch(console.log)
+	})
+}

server/models/Users.js

@@ -0,0 +1,131 @@
+
+var crypto = require('crypto')
+
+let db = require('@config/database')
+let Auth = require('@helpers/Auth')
+
+let User = module.exports = {}
+
+//Login a user, if that user does not exist create them
+//Issues login token
+User.login = (username, password) => {
+	return new Promise((resolve, reject) => {
+
+		const lowerName = username.toLowerCase();
+
+		db.promise()
+		.query('SELECT * FROM users WHERE username = ? LIMIT 1', [lowerName])
+		.then((rows, fields) => {
+
+			//Pull out user data from database results
+			const lookedUpUser = rows[0][0];
+
+			//User not found, create a new account with set data
+			if(rows[0].length == 0){
+				User.create(lowerName, password)
+				.then(result => {
+					resolve(result)
+				})
+				return
+			}
+
+			//hash the password and check for a match
+			const salt = new Buffer(lookedUpUser.salt, 'binary')
+			crypto.pbkdf2(password, salt, lookedUpUser.iterations, 512, 'sha512', function(err, delivered_key){
+				if(delivered_key.toString('hex') === lookedUpUser.password){
+
+					//Passback a json web token
+					const token = Auth.createToken(lookedUpUser.id)
+					resolve(token)
+
+				} else {
+
+					reject('Password does not match database')
+				}
+			})
+		})
+		.catch(console.log)
+
+	})
+}
+
+//Create user account
+//Issues login token
+User.create = (username, password) => {
+
+	//For some reason, username won't get into the promise. But password will @TODO figure this out
+	const lowerName = username.toLowerCase().trim()
+
+	return new Promise((resolve, reject) => {
+
+		db.promise()
+		.query('SELECT * FROM users WHERE username = ? LIMIT 1', [lowerName])
+		.then((rows, fields) => {
+
+			if(rows[0].length === 0){ //No users returned, create new one. Start with hashing password
+
+				//Params for hash function
+				let shasum = crypto.createHash('sha512') //Prepare Hash
+				const ran = parseInt(Date.now()) //Get current time in miliseconds
+				const semiRandomInt = Math.floor(Math.random()*11) //Grab a random number
+				const otherRandomInt = (ran*semiRandomInt+ran)*semiRandomInt-ran //Mix things up a bit
+				shasum.update(''+otherRandomInt) //Update Hasd
+
+				const saltString = shasum.digest('hex')
+				const salt = new Buffer(saltString, 'binary') //Generate Salt hash
+				const iterations = 25000
+
+				crypto.pbkdf2(password, salt, iterations, 512, 'sha512', function(err, delivered_key) {
+
+					//Create new user object with freshly salted password
+					var currentDate = new Date().toISOString().slice(0, 19).replace('T', ' ');
+					var new_user = {
+						username: lowerName,
+						password: delivered_key.toString('hex'),
+						salt: salt,
+						iterations: iterations,
+						last_login: currentDate,
+						created: currentDate
+					};
+
+					db.promise()
+					.query('INSERT INTO users SET ?', new_user)
+					.then((rows, fields) => {
+
+						if(rows[0].affectedRows == 1){
+
+							const newUserId = rows[0].insertId
+							const loginToken = Auth.createToken(newUserId)
+							resolve(loginToken)
+
+						} else {
+							//Emit Error to user
+							reject('New user could not be created')
+						}
+					})
+					.catch(console.log)
+				})
+			} else {
+				reject('Username already in use.')
+			}//END user create
+		})
+		.catch(console.log)
+
+		
+	})
+}
+
+//Just used for testing
+User.getUsername = (userId) => {
+	return new Promise((resolve, reject) => {
+
+		db.promise()
+		.query('SELECT username FROM users WHERE id = ? LIMIT 1', [userId])
+		.then((rows, fields) => {
+			const data = rows[0][0]
+
+			resolve(data)
+		})
+		.catch(console.log)
+	})
+}

server/routes/notesController.js

@@ -0,0 +1,45 @@
+var express = require('express')
+var router = express.Router()
+
+let Notes = require('@models/Notes');
+let userId = null
+
+// middleware that is specific to this router
+router.use(function setUserId (req, res, next) {
+	if(userId = req.headers.userId){
+		userId = req.headers.userId
+	}
+	
+	next()
+})
+
+//Get the latest notes the user has created
+router.post('/latest', function (req, res) {
+	Notes.getLatest(userId)
+	.then( data => res.send(data) )
+})
+
+router.post('/get', function (req, res) {
+	Notes.get(userId, req.body.noteId)
+	.then( data => res.send(data) )
+})
+
+router.post('/create', function (req, res) {
+	Notes.create(userId, req.body.title)
+	.then( id => res.send({id}) )
+})
+
+router.post('/update', function (req, res) {
+	Notes.update(userId, req.body.noteId, req.body.text)
+	.then( id => res.send({id}) )
+})
+
+router.post('/search', function (req, res) {
+	Notes.search(userId, req.body.searchQuery, req.body.searchTags)
+	.then( notesAndTags => res.send(notesAndTags))
+})
+
+
+
+
+module.exports = router

server/routes/tagsController.js

@@ -0,0 +1,33 @@
+var express = require('express')
+var router = express.Router()
+
+let Tags = require('@models/Tags');
+let userId = null
+
+// middleware that is specific to this router
+router.use(function setUserId (req, res, next) {
+	if(userId = req.headers.userId){
+		userId = req.headers.userId
+	}
+	
+	next()
+})
+
+//Get the latest notes the user has created
+router.post('/addtonote', function (req, res) {
+	Tags.addToNote(userId, req.body.noteId, req.body.tagText.toLowerCase())
+	.then( data => res.send(data) )
+})
+
+router.post('/removefromnote', function (req, res) {
+	Tags.removeTagFromNote(userId, req.body.tagId)
+	.then( data => res.send(data) )
+})
+
+//Get the latest notes the user has created
+router.post('/get', function (req, res) {
+	Tags.get(userId, req.body.noteId)
+	.then( data => res.send(data) )
+})
+
+module.exports = router

server/routes/user.js

@@ -0,0 +1,46 @@
+var express = require('express')
+var router = express.Router()
+
+let User = require('@models/Users');
+
+// middleware that is specific to this router
+router.use(function timeLog (req, res, next) {
+	// console.log('Time: ', Date.now())
+	next()
+})
+// define the home page route
+router.get('/', function (req, res) {
+	res.send('User Home Page ' + User.getUsername())
+})
+// define the about route
+router.get('/about', function (req, res) {
+	User.getUsername(req.headers.userId)
+	.then( data => res.send(data) )
+})
+// define the about route
+router.post('/login', function (req, res) {
+
+	//Pull out variables we want
+	const username = req.body.username
+	const password = req.body.password
+
+	let returnData = {
+		success: false,
+		token: ''
+	}
+
+	User.login(username, password)
+		.then(function(loginToken){
+
+			//Return json web token to user
+			returnData['success'] = true
+			returnData['token'] = loginToken
+			res.send(returnData)
+		})
+		.catch(e => {
+			console.log(e)
+			res.send(returnData)
+		})
+})
+
+module.exports = router