278b204b3b
* Added hidden text to site for scraping * Login token will be destroyed if fetch site totals is called and the token is bad * Moved passwords out of application and into a .env file that is loaded on startup * Changed prod database password for primary user (which is dev) * Set up .env for dev and prod
180 lines
4.5 KiB
JavaScript
180 lines
4.5 KiB
JavaScript
//Set up environmental variables, pulled from .env file used as process.env.DB_HOST
|
|
const os = require('os') //Used to get path of home directory
|
|
const result = require('dotenv').config({ path:(os.homedir()+'/.env') })
|
|
|
|
//Allow user of @ in in require calls. Config in package.json
|
|
require('module-alias/register')
|
|
|
|
//Auth helper, used for decoding users web token
|
|
let Auth = require('@helpers/Auth')
|
|
|
|
//Helmet adds additional security to express server
|
|
const helmet = require('helmet')
|
|
|
|
//Setup express server
|
|
const express = require('express')
|
|
const app = express()
|
|
app.use( helmet() )
|
|
const port = 3000
|
|
|
|
|
|
//
|
|
// Request Rate Limiter
|
|
//
|
|
const rateLimit = require('express-rate-limit');
|
|
const limiter = rateLimit({
|
|
windowMs: 10 * 60 * 1000, // minutes
|
|
max: 1000 // limit each IP to 100 requests per windowMs
|
|
});
|
|
|
|
// apply to all requests
|
|
app.use(limiter);
|
|
|
|
|
|
|
|
var http = require('http').createServer(app);
|
|
var io = require('socket.io')(http, {
|
|
path:'/socket'
|
|
});
|
|
|
|
// Make io accessible to our router
|
|
app.use(function(req,res,next){
|
|
req.io = io;
|
|
next();
|
|
});
|
|
|
|
io.on('connection', function(socket){
|
|
|
|
// console.log('New user ', socket.id)
|
|
|
|
//When a user connects, add them to their own room
|
|
// This allows the server to emit events to that specific user
|
|
// access socket.io in the controller with req.io
|
|
socket.on('user_connect', token => {
|
|
Auth.decodeToken(token)
|
|
.then(userData => {
|
|
socket.join(userData.id)
|
|
}).catch(error => {
|
|
console.log(error)
|
|
})
|
|
})
|
|
|
|
socket.on('join_room', roomId => {
|
|
// console.log('Join room ', roomId)
|
|
socket.join(roomId)
|
|
|
|
const usersInRoom = io.sockets.adapter.rooms[roomId]
|
|
if(usersInRoom){
|
|
// console.log('Users in room', usersInRoom.length)
|
|
io.to(roomId).emit('update_user_count', usersInRoom.length)
|
|
}
|
|
})
|
|
|
|
socket.on('leave_room', roomId => {
|
|
socket.leave(roomId)
|
|
// console.log('User Left room')
|
|
|
|
const usersInRoom = io.sockets.adapter.rooms[roomId]
|
|
if(usersInRoom){
|
|
// console.log('Users in room', usersInRoom.length)
|
|
io.to(roomId).emit('update_user_count', usersInRoom.length)
|
|
}
|
|
|
|
})
|
|
|
|
socket.on('note_diff', data => {
|
|
|
|
//Each user joins a room when they open the app.
|
|
io.in(data.id).clients((error, clients) => {
|
|
if (error) throw error;
|
|
//Go through each client in note room and send them the diff
|
|
clients.forEach(socketId => {
|
|
if(socketId != socket.id){
|
|
io.to(socketId).emit('incoming_diff', data.diff)
|
|
}
|
|
})
|
|
|
|
});
|
|
|
|
})
|
|
|
|
socket.on('disconnect', function(){
|
|
// console.log('user disconnected');
|
|
});
|
|
});
|
|
|
|
|
|
http.listen(3001, function(){
|
|
console.log('socket.io liseting on port 3001');
|
|
});
|
|
|
|
//Enable json body parsing in requests. Allows me to post data in ajax calls
|
|
app.use(express.json({limit: '5mb'}))
|
|
|
|
|
|
//Prefix defied by route in nginx config
|
|
const prefix = '/api'
|
|
|
|
//App Auth, all requests will come in with a token, decode the token and set global var
|
|
app.use(function(req, res, next){
|
|
//auth token set by axios in headers
|
|
let token = req.headers.authorizationtoken
|
|
if(token && token != null && typeof token === 'string'){
|
|
Auth.decodeToken(token)
|
|
.then(userData => {
|
|
req.headers.userId = userData.id //Update headers for the rest of the application
|
|
next()
|
|
}).catch(error => {
|
|
|
|
res.statusMessage = error //Throw 400 error if token is bad
|
|
res.status(400).end()
|
|
})
|
|
} else {
|
|
next() //No token. Move along.
|
|
}
|
|
})
|
|
|
|
// Testing Area
|
|
// let att = require('@models/Attachment')
|
|
// let testUrl = 'https://dba.stackexchange.com/questions/23908/how-to-search-a-mysql-database-with-encrypted-fields'
|
|
// testUrl = 'https://www.solidscribe.com/#/'
|
|
// console.log('About to scrape: ', testUrl)
|
|
// att.processUrl(61, 3213, testUrl)
|
|
// .then(results => {
|
|
// console.log('Scrape happened')
|
|
// })
|
|
//
|
|
//
|
|
|
|
//Test
|
|
app.get(prefix, (req, res) => res.send('The api is running'))
|
|
|
|
//Serve up uploaded files
|
|
app.use(prefix+'/static', express.static( __dirname+'/../staticFiles' ))
|
|
|
|
//Public routes
|
|
var public = require('@routes/publicController')
|
|
app.use(prefix+'/public', public)
|
|
|
|
//user endpoint
|
|
var user = require('@routes/userController')
|
|
app.use(prefix+'/user', user)
|
|
|
|
//notes endpoint
|
|
var notes = require('@routes/noteController')
|
|
app.use(prefix+'/note', notes)
|
|
|
|
//tags endpoint
|
|
var tags = require('@routes/tagController')
|
|
app.use(prefix+'/tag', tags)
|
|
|
|
//notes endpoint
|
|
var attachment = require('@routes/attachmentController')
|
|
app.use(prefix+'/attachment', attachment)
|
|
|
|
//quick notes endpoint
|
|
var quickNote = require('@routes/quicknoteController')
|
|
app.use(prefix+'/quick-note', quickNote)
|
|
|
|
//Output running status
|
|
app.listen(port, () => console.log(`Listening on port ${port}!`)) |