Added rate limiting and server security

Ton of little visual style tweaks and little up improvements for mobile

server/helpers/ProcessText.js

@@ -26,6 +26,17 @@ ProcessText.stripBlankHtmlLines = (string) => {
 	return string.replace(/\<p\>\<br\>\<\/p\>/g,'')
 }
 
+//Remove Double Empty HTML lines from a string
+ProcessText.stripDoubleBlankLines = (string) => {
+
+	if(string == undefined || string == null || string.length == 0){
+		return ''
+	}
+
+	//Blank lines look like this -> <p><br></p>
+	return string.replace(/\<p\>\<br\>\<\/p\>\<p\>\<br\>\<\/p\>/g,'')
+}
+
 ProcessText.getUrlsFromString = (string) => {
 	const urlPattern = /(?:(?:https?|ftp|file):\/\/|www\.|ftp\.)(?:\([-A-Z0-9+&@#/%=~_|$?!:,.]*\)|[-A-Z0-9+&@#/%=~_|$?!:,.])*(?:\([-A-Z0-9+&@#/%=~_|$?!:,.]*\)|[A-Z0-9+&@#/%=~_|$])/igm
 	return string.match(urlPattern)
@@ -41,11 +52,16 @@ ProcessText.getUrlsFromString = (string) => {
 		+ If note starts as a list, skip the title
 */
 
-ProcessText.deduceNoteTitle = (inString) => {
+ProcessText.deduceNoteTitle = (inTitle, inString) => {
 
-	let title = '' //Title of note
+	let title = inTitle //Title of note
 	let sub = '' //sub text below note
 
+	//Always return a title as a String
+	if(title == null){
+		title = ''
+	}
+
 	if(!inString || inString == null || inString.length == 0){
 		return {title, sub}
 	}
@@ -55,16 +71,17 @@ ProcessText.deduceNoteTitle = (inString) => {
 
 	const tagFreeLength = ProcessText.removeHtml(inString).length
 
-	if(tagFreeLength < 100){
-		sub = ProcessText.stripBlankHtmlLines(inString)
-		return {title, sub}
+	//
+	// Simplified attempt!
+	// Remove tags, push caret if greater than 200 chars...thats it
+	// Still needs, links to open in a new window.
+
+	sub = ProcessText.stripDoubleBlankLines(inString)
+	if(tagFreeLength > 200){
+		sub += '... <i class="green caret down icon"></i>'
 	}
 
-	//Primare Case - Short notes
-	if(tagFreeLength < 300){
-		sub = ProcessText.stripBlankHtmlLines(inString)
-		return {title, sub}
-	}
+	return {title, sub}
 
 	//Emergency ending tag if truncated. This will help regex find all the lines
 	inString += '</end>'
@@ -87,6 +104,7 @@ ProcessText.deduceNoteTitle = (inString) => {
 	let charLimit = 400
 	let listStart = false
 	let noTitleJustList = false
+	let appendCaret = false
 
 	for(let i=0; i < totalLines; i++){
 
@@ -167,8 +185,8 @@ ProcessText.deduceNoteTitle = (inString) => {
 			if(cleanCutString.length == 0){
 				cleanCutString = cutString
 			}
-
-			finalLines.push(cleanCutString + '... <i class="green caret down icon"></i>')
+			appendCaret = true
+			
 			break;
 		}
 
@@ -176,9 +194,13 @@ ProcessText.deduceNoteTitle = (inString) => {
 
 	}
 
+	if(tagFreeLength.length >= 300 || appendCaret){
+		finalLines.push('... <i class="green caret down icon"></i>')
+	}
+
 	//Pull out title if its not an empty string
-	if(ProcessText.removeHtml(finalLines[0]).trim().replace('&nbsp','').length > 0 && !noTitleJustList){
-		// title = finalLines.shift()
+	if(!noTitleJustList && title == ''){
+		title = ProcessText.removeHtml( finalLines.shift() ).replace('&nbsp','')
 	}
 	
 	sub = finalLines.join('')

server/index.js

@@ -3,10 +3,29 @@ require('module-alias/register')
 
 let Auth = require('@helpers/Auth')
 
+const helmet = require('helmet')
+
+
 const express = require('express')
 const app = express()
+app.use( helmet() )
 const port = 3000
 
+
+//
+// Request Rate Limiter 
+//
+const rateLimit = require('express-rate-limit');
+const limiter = rateLimit({
+	windowMs: 10 * 60 * 1000, // minutes
+	max: 1000 // limit each IP to 100 requests per windowMs
+});
+ 
+// apply to all requests
+app.use(limiter);
+
+
+
 var http = require('http').createServer(app);
 var io = require('socket.io')(http, {
 	path:'/socket'

server/models/Note.js

@@ -512,7 +512,7 @@ Note.solrQuery = (userId, searchQuery, searchTags) => {
 		} else {
 
 			//Number of characters before and after search word
-			const front = 5
+			const front = 20
 			const tail = 150
 
 			db.promise()
@@ -584,7 +584,7 @@ Note.search = (userId, searchQuery, searchTags, fastFilters) => {
 			let searchParams = [userId]
 			let noteSearchQuery = `
 				SELECT note.id, 
-					SUBSTRING(note_raw_text.text, 1, 1500) as text, 
+					SUBSTRING(note_raw_text.text, 1, 500) as text, 
 					note_raw_text.title as title,
 					note_raw_text.updated as updated, 
 					opened,
@@ -722,15 +722,10 @@ Note.search = (userId, searchQuery, searchTags, fastFilters) => {
 					if(note.encrypted == 1){ note.text = '' }
 
 					//Deduce note title
-					const textData = ProcessText.deduceNoteTitle(note.text)
+					const textData = ProcessText.deduceNoteTitle(note.title, note.text)
 					// console.log(textData)
-
-					// console.log(textData)
-						
-					if(note.title == null){
-						note.title = ''
-					}
 					
+					note.title = textData.title
 					note.subtext = textData.sub
 					note.titleLength = textData.titleLength
 					note.subtextLength = textData.subtextLength

server/models/Tag.js

@@ -5,6 +5,10 @@ let Tag = module.exports = {}
 Tag.userTags = (userId, searchQuery, searchTags, fastFilters) => {
 	return new Promise((resolve, reject) => {
 
+		if(searchQuery && searchQuery.length > 0){
+			return resolve([])
+		}
+
 		let query = `
 			SELECT 
 				tag.id, 
@@ -12,7 +16,7 @@ Tag.userTags = (userId, searchQuery, searchTags, fastFilters) => {
 				COUNT(note_tag.note_id) as usages
 			FROM tag
 			JOIN note_tag ON tag.id = note_tag.tag_id
-			JOIN note On note.id = note_tag.note_id
+			JOIN note ON note.id = note_tag.note_id
 			WHERE note_tag.user_id = ?
 		`