-
Notifications
You must be signed in to change notification settings - Fork 1
/
fritter.js
118 lines (99 loc) · 3.5 KB
/
fritter.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
// Running "npm start" from this top-level directory
// will set the app running at hostname:3000
var express = require('express');
var path = require('path');
var session = require('express-session');
var bodyParser = require('body-parser');
var hbs = require('hbs');
var util = require('./util/util');
var app = express();
// Parse request bodies
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
// Connect to database
var mongoose = require('mongoose');
// mongoose.connect('mongodb://localhost/fritterdb');
mongoose.connect("mongodb://heroku_qmzntzh9:[email protected]:49925/heroku_qmzntzh9");
var db = mongoose.connection;
db.on('error', console.error.bind(console, 'connection error:'));
db.once('open', function (callback) {
console.log("database connected to", db.name);
});
// Get the user database
var User = require('./models/users');
// view engine setup
app.set('views', path.join(__dirname, 'views'));
console.log("set views to", path.join(__dirname, 'views'));
app.set('view engine', "hbs");
console.log("set view engine to hbs");
hbs.registerPartials(path.join(__dirname, 'views/partials'));
console.log("registered partials");
// Express looks up files relative to the static directory
app.use(express.static('public'));
console.log("set static resources directory");
// Ensure session usage with middleware
app.use(session({ secret: 'notsosecret', resave: true, saveUninitialized: true }));
console.log("use session plugin");
// Use the appropriate routes
var fritterRoutes = require('./routes/index');
app.use('/fritter', fritterRoutes);
console.log("use fritter routes");
// Send basic request to fritter
app.get('/', function (req, res) {
console.log("redirecting to fritter");
res.redirect('fritter');
});
// Ensure authentication with middleware
app.use(function (req, res, next) {
console.log("ensuring authentication");
// If the user claims to be authenticated, check that they really are
if (req.session.authenticated) {
var storedHash = req.session.passwordHash;
User.findOne({ username: req.session.username }, function (err, user) {
if (err) {
console.log(err);
} else {
// Check that the stored password hash for the current session is the same
// as the purported user's password hash
if (storedHash == user.passwordHash) {
res.json({ username: req.session.username, username_selector: "username.hbs"});
// next();
} else {
// If it's not, de-authenticate the user and send them back to the homepage
req.session.authenticated = false;
res.redirect('/');
}
}
});
} else {
res.json({ username_selector: "no_username.hbs" });
}
});
// catch 404 and forward to error handler
app.use(function(req, res, next) {
console.log("caught 404");
var err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handlers
// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.json({
'message': err.message,
'error': err
});
});
}
// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.json({
'error': err.message
});
});
module.exports = app;