-
Notifications
You must be signed in to change notification settings - Fork 1
/
app.js
197 lines (155 loc) · 5.14 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var passport = require('passport');
var expressSession = require('express-session');
var expressValidator = require('express-validator');
var crypto = require('crypto');
var Database = require('better-sqlite3');
var api = require("./api.js");
// Change the name of the sqlite database
var db = new Database('users5.db');
var app = express();
app.use(passport.initialize());
app.use(passport.session());
// connect.then((db) => {
// console.log("Connected correctly to server");
// }, (err) => { console.log(err); });
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true}));
app.use(cookieParser());
app.use(express.static('ui'));
app.use(expressValidator())
var LocalStrategy = require('passport-local').Strategy;
// app.use('/', routes);
// passport config
passport.serializeUser(function(user, done) {
return done(null, user);
});
passport.deserializeUser(function(id, done) {
var row = db.prepare('SELECT id, username FROM users WHERE id = ?').get(id);''
if (!row) return done(null, false);
return done(null, row);
});
require("./authenticate.js")(app);
// Get Landing Page Route
// ----------------------
app.get('/', function (req, res) {
res.sendfile('ui/login.html');
});
// Get Login Page Route
//----------------------
app.get('/login', function(req, res) {
res.sendfile('ui/login.html');
});
// Login Route
//-------------
function hashPassword(password, salt) {
var hash = crypto.createHash('sha256');
hash.update(password)
hash.update(salt);
return hash.digest('hex');
}
passport.use(new LocalStrategy(function(username, password, done) {
// console.log(db.prepare('SELECT * FROM users').get());
// console.log(db.prepare('SELECT salt FROM users WHERE username= "duhdoy"').get());
// console.log(username);
// console.log(password);
// console.log('"'+ username + '"');
var row = db.prepare(`SELECT salt FROM users WHERE username ='${username}'`).get();
// console.log(row);
if (!row) {
// console.log("Cannot find row here!");
return done(null, false);
}
var hash = hashPassword(password, row.salt);
var row = db.prepare(`SELECT username FROM users WHERE username = '${username}' AND password = '${hash}'`).get();
// console.log(row);
// console.log(hash);
// console.log(row.username);
if (!row) {
// console.log("Cannot find row");
return done(null, false);
}
return done(null, row);
}));
app.get('/successjson', function(req, res) {
res.json({success:true});
});
app.get('/failurejson', function(req, res) {
res.json({success:false});
});
app.post('/login',
passport.authenticate('local', {
successRedirect: 'successjson',
failureRedirect: "failurejson",
}));
// Registration Route
// ---------------------
app.post('/register', function(req,res) {
var emailinput = req.body.email;
var usernameinput = req.body.username;
var passwordinput = req.body.password;
var password2input = req.body.password2;
req.checkBody("username", 'Username is required').notEmpty();
req.checkBody("email", 'Email is required').notEmpty();
req.checkBody("email", 'Email is not valid').isEmail();
req.checkBody("password", 'Password is required').notEmpty();
req.checkBody("password", 'Passwords do not match').equals(req.body.password);
var errors = req.validationErrors();
var saltinput = crypto.randomBytes(16);
var hashpass = hashPassword(passwordinput, saltinput);
if (errors){
console.log(errors);
res.json({ success: false, message: errors });
} else {
//Insert into database user information
var stmt = db.prepare("INSERT INTO users VALUES (@username, @password, @salt, @email)");
stmt.run({username: usernameinput,
email: emailinput,
salt: saltinput,
password: hashpass});
// res.redirect('/');
// res.json({ success: true });
res.redirect("/spotifylogin");
}
});
app.get("/spotifylogin", function(req, res) {
api.authenticateWithSpotify(res, "http://tunefactor.tech/spotifycallback");
});
app.get("/spotifycallback", function(req, res) {
api.validateAndAddUser(req, res);
});
// Logout Route
//-------------
app.get('/logout', function(req, res) {
req.logout();
res.redirect('login.html');
});
//
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handler
/* app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
}); */
app.listen(3001, () => console.log("Listening on port 3001."));
module.exports = app;