diff --git a/.gitignore b/.gitignore
index efdbb51..2dba698 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,4 +6,4 @@ pids
*.pid
*.seed
*.pid.lock
-
+.env
diff --git a/client/index.html b/client/index.html
index b01d7bc..1ef8a5c 100644
--- a/client/index.html
+++ b/client/index.html
@@ -15,17 +15,43 @@
-
You have found a Solid Scribe
-
-
Solid Scribe
-
A note application that respects your privacy.
-
Take notes with a clean editor that works on desktop or mobile.
-
Search notes, links and files to find what you need.
-
Accessable everywhere.
-
Categorize notes with tags.
-
Share data with fellow users.
-
Encrypt notes for additional security.
-
This site requires Javascipt to run.
+
+
+
+
+
Solid Scribe
+
Loading...
+
+
+
+
Solid Scribe
+
A note application that respects your privacy.
+
Take notes with a clean editor that works on desktop or mobile.
+
Search notes, links and files to find what you need.
+
Accessable everywhere.
+
Categorize notes with tags.
+
Share data with fellow users.
+
Encrypt notes for additional security.
+
This site requires Javascipt to run.
+
+
diff --git a/client/src/stores/mainStore.js b/client/src/stores/mainStore.js
index a36932a..c92a965 100644
--- a/client/src/stores/mainStore.js
+++ b/client/src/stores/mainStore.js
@@ -133,6 +133,10 @@ export default new Vuex.Store({
.then( ({data}) => {
commit('setUserTotals', data)
})
+ .catch( error => {
+ commit('destroyLoginToken')
+ location.reload()
+ })
}
}
})
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index 8fe5e1e..910fbdd 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -487,6 +487,11 @@
"resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz",
"integrity": "sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug=="
},
+ "dotenv": {
+ "version": "8.2.0",
+ "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.2.0.tgz",
+ "integrity": "sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw=="
+ },
"ecc-jsbn": {
"version": "0.1.2",
"resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz",
diff --git a/package.json b/package.json
index 504afa6..0df1be8 100644
--- a/package.json
+++ b/package.json
@@ -11,6 +11,7 @@
"dependencies": {
"body-parser": "^1.18.3",
"cheerio": "^1.0.0-rc.3",
+ "dotenv": "^8.2.0",
"express": "^4.16.4",
"express-rate-limit": "^5.1.1",
"gm": "^1.23.1",
diff --git a/server/config/database.js b/server/config/database.js
index 8fae1f8..bbbba5c 100644
--- a/server/config/database.js
+++ b/server/config/database.js
@@ -3,9 +3,9 @@ const mysql = require('mysql2');
// Create the connection pool.
const pool = mysql.createPool({
- host: 'localhost',
- user: 'dev',
- password: "LazaLinga&33Can't!Do!That34",
+ host: process.env.DB_HOST,
+ user: process.env.DB_USER,
+ password: process.env.DB_PASS,
database: 'application',
waitForConnections: true,
connectionLimit: 20,
diff --git a/server/helpers/Auth.js b/server/helpers/Auth.js
index 8faa7a8..af10fd8 100644
--- a/server/helpers/Auth.js
+++ b/server/helpers/Auth.js
@@ -2,16 +2,16 @@ var jwt = require('jsonwebtoken');
let Auth = {}
-const secretKey = '@TODO define secret constant its important!!!'
+const tokenSecretKey = process.env.JSON_KEY
Auth.createToken = (userId) => {
const signedData = {'id': userId, 'date':Date.now()}
- const token = jwt.sign(signedData, secretKey)
+ const token = jwt.sign(signedData, tokenSecretKey)
return token
}
Auth.decodeToken = (token) => {
return new Promise((resolve, reject) => {
- jwt.verify(token, secretKey, function(err, decoded){
+ jwt.verify(token, tokenSecretKey, function(err, decoded){
if(err || decoded.id == undefined){
reject('Bad Token')
return
diff --git a/server/index.js b/server/index.js
index 9ca8deb..9562143 100644
--- a/server/index.js
+++ b/server/index.js
@@ -1,11 +1,17 @@
+//Set up environmental variables, pulled from .env file used as process.env.DB_HOST
+const os = require('os') //Used to get path of home directory
+const result = require('dotenv').config({ path:(os.homedir()+'/.env') })
+
//Allow user of @ in in require calls. Config in package.json
require('module-alias/register')
+//Auth helper, used for decoding users web token
let Auth = require('@helpers/Auth')
+//Helmet adds additional security to express server
const helmet = require('helmet')
-
+//Setup express server
const express = require('express')
const app = express()
app.use( helmet() )