lawDoc.save(function (err, saved) { if (err) return _handleError(err, req, res); log('publish law %s at %s', lawDoc.id, lawDoc.publishedAt); if (notifier.enabled()) { var lawUrl = url.format({ protocol: config('protocol') , hostname: config('host') , port: config('publicPort') , pathname: '/law/' + lawDoc.id }); notifier.notify('law-published') .withData( { law: lawDoc, url: lawUrl } ) .send(function (err, data) { if (err) { log('Error when sending notification for event %s', 'law-published'); return _handleError(new Error('Error when sending notification for event %s', 'law-published'), req, res); } log('Law %s published', lawDoc.id); return res.json(200); }) } else { if (err) return _handleError(err, req, res); return res.json(200); } });
var exports = module.exports = function(app) { // Initialize data models var dataDb = db.getDefaultConnection(); require('./law')(dataDb); require('./tag')(dataDb); require('./comment')(dataDb); require('./feed')(dataDb); require('./token')(dataDb); // Treat User model as per configuration var usersDb = dataDb; // If a separate database is configured, create a dedicated connection var usingSeparateUsersDb = !!(config('mongoUsersUrl') && (config('mongoUsersUrl') != config('mongoUrl'))); if (usingSeparateUsersDb) { usersDb = db.createConnection(config('mongoUsersUrl')); } exports.User = require('./user')(usersDb); // Perform primary connection db.connect(config('mongoUrl')); }
.populate('replies.author', 'id firstName lastName fullName email profilePictureUrl', function(err) { if (err) { log('Found error %j', err); return fn(err); }; reply = comment.replies.id(doc.id); if (notifier.enabled() && comment.author != reply.author.id) { var lawUrl = url.format({ protocol: config('protocol') , hostname: config('host') , port: config('publicPort') , pathname: '/law/' + comment.reference }); notifier.notify('reply-argument') .to(reply.author.email) .withData( { reply: reply, comment: comment, url: lawUrl} ) .send(function (err, data) { if (err) { log('Error when sending notification for event %s', 'reply-argument'); return fn(null, reply); } log('Delivering reply %s', reply.id); return fn(null, reply); }) } else { log('Delivering reply %s', reply.id); return fn(null, reply); } });
app.get('*', function(req, res, next){ log('Facebook Request generic page'); var baseUrl = url.format({ protocol: config('protocol') , hostname: config('host') , port: config('publicPort') }); res.render(resolve(__dirname, 'generic.jade'), { baseUrl : baseUrl, config : config}); })
api.token.createEmailValidationToken(citizen, meta, function (err, token) { if (err) return callback(err); log('email validation token created %j', token); var validateUrl = url.format({ protocol: config('protocol') , hostname: config('host') , port: config('publicPort') , pathname: '/signup/validate/' + token.id , query: (citizen.reference ? { reference: citizen.reference } : null) }); if (notifier.enabled()) { // Notifier enabled, relying on it for signup mail var payload = { user: citizen.email, event: event, validateUrl: validateUrl } notifier.notify(event) .to(citizen.email) .withData( { validateUrl: validateUrl } ) .send(function (err, data) { if (err) { log('Error when sending notification for event %s to user %j', event, citizen); return callback(err); } return callback(null, data); }) } else { // Notifier disabled, send mail directly var subject = t('DemocracyOS - Welcome!'); var htmlBody = template({ citizenName: citizen.fullName, validateUrl: validateUrl, t: t }); mailer.send(citizen, subject, htmlBody, { tags: [token.scope] }, function (err) { if (err) return callback(err); log('email validation mail sent to %s', citizen.email); return callback(err, citizen); }); } });
api.law.get(req.params.id, function (err, lawDoc) { if (err) return _handleError(err, req, res); log('Serving Facebook law %s', lawDoc.id); var baseUrl = url.format({ protocol: config('protocol') , hostname: config('host') , port: config('publicPort') }); res.render(resolve(__dirname, 'law.jade'), { law: lawDoc, baseUrl : baseUrl, config : config, strip: strip }); });
exports.create = function (name, fn) { var database = [name, date(), crypto.randomBytes(2).toString('hex')].join('-'); var username = name + '-' + crypto.randomBytes(12).toString('hex'); var password = crypto.randomBytes(48).toString('base64'); var uri = mongodbUri.parse(config('deploymentMongoUrl')); uri.database = database; uri.username = username; uri.password = password; uri = urlencode.decode(mongodbUri.format(uri)); adminClient.connect(function(err, client){ if (err) return fn(err); var db = client.db(database); db.addUser(username, password, { roles: [{ role: 'readWrite', db: database }] }, function(err) { if (err) return fn(err); log('User "%s" created for database "%s".', username, database); fn(null, uri); }); }); }
module.exports = function(app) { /* * Connect to mongo */ mongoose.connect(config('mongoUrl'), { db: { safe: true }}); /* * Citizen Model */ require('./citizen'); /* * Proposal Model */ require('./proposal'); /* * Law Model */ require('./law'); /** * Tag Model */ require('./tag'); /* * Delegation Model */ require('./delegation'); /* * Comment Model */ require('./comment'); /* * Feed Model */ require('./feed'); /* * Token Model */ require('./token'); }
api.token.createEmailValidationToken(citizen, meta, function (err, token) { if (err) return callback(err); log('email validation token created %j', token); var subject = t('DemocracyOS - Welcome!'); var validateUrl = url.format({ protocol: config('protocol') , hostname: config('host') , port: config('publicPort') , pathname: '/signup/validate/' + token.id }); var htmlBody = template({ citizenName: citizen.fullName, validateUrl: validateUrl, t: t }); mailer.send(citizen, subject, htmlBody, { tags: [token.scope] }, function (err) { if (err) return callback(err); log('email validation mail sent to %s', citizen.email); return callback(err, citizen); }); });
api.token.createPasswordResetToken(citizen, meta, function (err, token) { if (err) return callback(err); log('password reset token created %j', token); var subject = t('DemocracyOS - Password reset requested'); var resetUrl = url.format({ protocol: config('protocol') , hostname: config('host') , port: config('publicPort') , pathname: '/forgot/reset/' + token.id }); var htmlBody = template({ citizenName: citizen.fullName, resetUrl: resetUrl, t: t }); mailer.send(citizen, subject, htmlBody, { tags: [token.scope] }, function (err) { if (err) return callback(err); log('password reset mail sent to %s', citizen.email); return callback(err, citizen); }); });
exports.doSignUp = function doSignUp (profile, meta, callback) { var citizen = new Citizen(profile); log('new citizen [%s] from Local signup [%s]', citizen.id, profile.email); citizen.avatar = 'http://gravatar.com/avatar/'.concat(utils.md5(citizen.email)).concat('?d=mm&size=200'); citizen.firstName = profile.firstName; citizen.lastName = profile.lastName; if (config('env') == 'development') citizen.emailValidated = true; Citizen.register(citizen, profile.password, function(err, citizen) { if (err) return callback(err); log('Saved citizen [%s]', citizen.id); sendValidationEmail(citizen, meta, callback); }); }
module.exports = function setupSSL(app) { var ssl = 'https' == config('protocol'); if (ssl) { var redirect = config('ssl').redirect; log('SSL is enabled and SSL mode is "%s"', redirect); switch (redirect) { case 'normal': app.use(enforce.HTTPS()); log('SSL is enabled with HTTP -> HTTPS automatic redirection'); break; case 'reverse-proxy': app.use(enforce.HTTPS(true)); log('Using redirection to HTTPS compatible with reverse-proxies (e.g.: Heroku/Nodejitsu/nginx)'); log('**WARNING** Do NOT use if not behind a reverse proxy; this can be easily spoofed in a direct client/server connection!'); break; case 'azure': app.use(enforce.HTTPS(false, true)); log('Using redirection to HTTPS compatible with Windows Azure'); log('**WARNING** Do NOT use outside Windows Azure; this can be easily spoofed outside their environment!'); break; case 'no-redirect': log('SSL is enabled with NO HTTP -> HTTPS redirection'); log('**WARNING** This is not recommended for production environments unless you have other means of redirection.'); log('It\'s ok if you are in a development environment'); default: log('**WARNING**SSL is enabled but no valid redirection strategy was configured'); log('Defaulting to no-redirect strategy. This is NOT recommended for production enviroments!'); log('It\'s ok if you are in a development environment'); break; } } };
module.exports = function language(req, res, next) { var user = req.user; var lang = config('locale'); if (req.query.lang) { // set lang = valid(req.query.lang) ? req.query.lang : lang; log('Setting language %s', lang); if (user) { log('User %s signed in, changing their language', user.id); res.cookie('lang', lang); user.lang = lang; user.save(function (err) { if (err) return res.send(500); return res.redirect(req.path); }); } else { log('No user signed in, setting cookie value to %s', lang); return res.cookie('lang', lang).redirect(req.path); } } else { // get if (user) { if (!user.lang) { lang = req.cookies.lang res.cookie('lang', lang); user.lang = lang; return user.save(function (err) { if (err) return res.send(500); return res.redirect(req.path); }); } lang = user.lang; } else { lang = req.cookies.lang || lang; } log('Setting language to %s', lang); res.cookie('lang', lang); next(); } }
exports.getFor = function getFor(query, paging, fn) { log('Looking for comments for %s %s', query.context, query.reference); paging = paging || { page: 0, limit: config('comments per page'), sort: 'score', exclude_user: null }; Comment .find(query) .populate('author', 'id firstName lastName fullName email profilePictureUrl') .sort(paging.sort || 'score') .skip(paging.page * paging.limit) .limit(paging.limit) .exec(function(err, comments) { if (err) { log('Found error %j', err); return fn(err); }; log('Delivering comments %j', pluck(comments, 'id')); fn(null, comments); }); };
var exports = module.exports = function models() { /** * Connect to mongo */ var dataDb = db.getDefaultConnection(); /** * Register Models */ [ 'deployment', 'feed' ].forEach(function(model){ require('./'+model)(dataDb); }); // Register user separately since we need to expose it exports.User = require('./user')(dataDb); // Perform primary connection db.connect(config('mongoUrl')); }
/** * Module dependencies. */ var express = require('express'); var config = require('lib/config'); /** * Exports Application */ var app = module.exports = express(); function redirect(req, res, next) { var path = req.params.path || ''; var url = config('settings url') + (path ? '/' + path : ''); res.redirect(url); } if (config('settings url')) { app.get('/settings', redirect); app.get('/settings/:path', redirect); }; app.get('/settings', require('lib/layout')); app.get('/settings/profile', require('lib/layout')); app.get('/settings/password', require('lib/layout')); app.get('/settings/notifications', require('lib/layout'));
server.listen(config('privatePort'), function() { log('Application started on port %d', config('privatePort')); });
module.exports = function configuration (app) { /** * Load configuration settings * for development setup */ if (config('env') == 'development') { /** * Add build middleware */ app.use(require('lib/build').middleware); } /** * Load configuration settings * for testing setup */ if (config('env') == 'testing') { // Log config settigs load log( 'testing settings' ); } /** * Load configuration settings * for production setup */ if (config('env') == 'production') { // Log config settigs load log( 'production settings' ); /** * Set `nowww` middleware helper */ app.use( nowww() ); /** * Set `native` express compression middleware */ app.use( compression() ); } /** * Load configuration settings * for common setup */ /** * Save config in app */ app.set('config', config); /** * Set application port */ app.set('port', app.get('config').port || 3000); /** * Set `public-assets` default path */ app.use(express.static(resolve('public'))); /** * Configure native `express` body parser */ // parse application/x-www-form-urlencoded app.use(bodyParser.urlencoded()) // parse application/json app.use(bodyParser.json()) // parse application/vnd.api+json as json app.use(bodyParser.json({ type: 'application/vnd.api+json' })) /** * Configure native `express` cookie parser */ app.use( cookieParser('nodejs-boilerplate') ); /** * Configure native `express` session middleware */ app.use(session({ cookie: { maxAge: 1000 * 60 * 60 * 24 * 7 }, secret: 'nodejs-boilerplate', store: new MongoStore({ url: config('mongoUrl') }) })); /** * Use `passport` setup & helpers middleware */ app.use(passport.initialize()); /** * Use `passport` sessions middleware */ app.use(passport.session()); /** * Set custom error handler */ app.use(function(err, req, res, next) { // log console.log('Some odd error: %j', err); // now let it go next(); }); /** * Set native `express` error handler */ app.use(errorhandler()); }
var log = require('lib/debug')('manager:db-handler') var config = require('lib/config'); var crypto = require('crypto'); var mongodbUri = require('mongodb-uri'); var urlencode = require('urlencode'); var AdminClient = require('./admin-client'); var adminClient = new AdminClient(config('deploymentMongoUrl')); exports.create = function (name, fn) { var database = [name, date(), crypto.randomBytes(2).toString('hex')].join('-'); var username = name + '-' + crypto.randomBytes(12).toString('hex'); var password = crypto.randomBytes(48).toString('base64'); var uri = mongodbUri.parse(config('deploymentMongoUrl')); uri.database = database; uri.username = username; uri.password = password; uri = urlencode.decode(mongodbUri.format(uri)); adminClient.connect(function(err, client){ if (err) return fn(err); var db = client.db(database); db.addUser(username, password, { roles: [{ role: 'readWrite', db: database }] }, function(err) { if (err) return fn(err);
app.configure(function() { // Log config settigs load log( 'common settings' ); /** * Save config in app */ app.set('config', config); /** * Basic HTTP-Auth restriction middleware * for production access only. */ if (config.auth.basic && config.auth.basic.username && config.auth.basic.password) { var basic = auth({ authRealm: 'Authentication required', authList : [config.auth.basic.username+':'+config.auth.basic.password] }); app.use(function(req, res, next) { basic.apply(req, res, function(username) { return next(); }); }); } /** * Set application http server port from `env` * Defaults to 3000 */ app.set( 'port', config('privatePort') || 3000 ); /** * Set `public-assets` default path */ app.use(express.static(resolve('public'))); app.use(express.urlencoded()); app.use(express.json()); /** * Cross Origin Resource Sharing */ var domains = config('cors domains'); if (domains && domains.length) { var options; if (domains.length == 1 && domains[0] == '*') { options = null; } else { options = { origin: function(origin, callback){ var originIsWhitelisted = domains.indexOf(origin) !== -1; callback(null, originIsWhitelisted); } }; } app.use(cors(options)); } /** * Use `passport` setup & helpers middleware */ app.use(passport.initialize()); /** * Configure native `express` cookie parser */ app.use(cookieParser(config('secret'))); /** * JSON Web Tokens */ app.use(jwt.middlewares.user(config('secret'))); /** * Set template local variables */ app.use(function(req, res, next) { // Set user as local var if authenticated if(req.isAuthenticated() && req.user) res.locals.citizen = req.user; res.locals.t = t; // Call next middleware next(); }); /** * Use `twitter-card` and 'facebook-card' middlewares */ app.use(require('lib/twitter-card/middleware')); app.use(require('lib/facebook-card/middleware')); });
* Delegation API Service */ app.use('/api', require('lib/delegation')); /** * Load localization dictionaries to translation application */ translations.help(t); /** * Init `t-component` component with parameter locale */ t.lang(config('locale')); /** * Set native `express` router middleware */ app.use(app.router); // Here we should have our own error handler! /** * Set native `express` error handler */ app.use(express.errorHandler());
app.configure(function() { // Log config settigs load log( 'common settings' ); /** * Save config in app */ app.set('config', config); /** * Config mandrill mailer */ mandrillMailer(app); /** * Basic HTTP-Auth restriction middleware * for production access only. */ if (config.auth.basic && config.auth.basic.username && config.auth.basic.password) { var basic = auth({ authRealm: "Authentication required", authList : [config.auth.basic.username+":"+config.auth.basic.password] }); app.use(function(req, res, next) { basic.apply(req, res, function(username) { return next(); }); }); } /** * Set application http server port from `env` * Defaults to 3005 */ app.set( 'port', config('privatePort') || 3005 ); /** * Set `public-assets` default path */ app.use(express.static(resolve('public'))); /** * Configure native `express` body parser */ // `express.bodyParsers()` uses `connect.multipart()` // check https://github.com/senchalabs/connect/wiki/Connect-3.0 // for more details on the temporal fix. // app.use( express.bodyParser() ); app.use(express.urlencoded()); app.use(express.json()); /** * Configure native `express` cookie parser */ app.use( express.cookieParser('democracyos-cookie') ); /** * Configure native `express` session middleware */ app.use( express.session( { cookie: { maxAge: 1000 * 60 * 60 * 24 * 7 }, secret: 'democracyos-secret', key: "democracyos.org", store: new MongoStore( { mongoose_connection: mongoose.connection } ) } ) ); /** * Use `express.csrf` middleware */ app.use(express.csrf()); app.use(function (req, res, next) { res.locals.csrfToken = req.csrfToken(); next(); }); /** * Use `passport` setup & helpers middleware */ app.use(passport.initialize()); /** * Use `passport` sessions middleware */ app.use(passport.session()); /** * Set template local variables */ app.use(function(req, res, next) { // Set user as local var if authenticated if(req.isAuthenticated() && req.user) res.locals.citizen = req.user; res.locals.t = t; // Call next middleware next(); }); /** * Use `twitter-card` and 'facebook-card' middlewares */ app.use(require('lib/twitter-card/middleware')); app.use(require('lib/facebook-card/middleware')); });
app.configure(function() { // Log config settigs load log( 'common settings' ); /** * Save config in app */ app.set('config', config); /** * Set `mongoUrl` from config settings */ app.set( 'mongoUrl', config('mongoUrl') ); /** * Config mandrill mailer */ mandrillMailer(app); /** * Basic HTTP-Auth restriction middleware * for production access only. */ if (config.auth.basic && config.auth.basic.username && config.auth.basic.password) { var basic = auth({ authRealm: "Authentication required", authList : [config.auth.basic.username+":"+config.auth.basic.password] }); app.use(function(req, res, next) { basic.apply(req, res, function(username) { return next(); }); }); } /** * Set application http server port from `env` * Defaults to 3005 */ app.set( 'port', config('port') || 3005 ); /** * Set `public-assets` default path */ app.use( express.static( path.join(__dirname, '..', '/public') ) ); /** * Configure native `express` body parser */ app.use( express.bodyParser() ); /** * Configure native `express` cookie parser */ app.use( express.cookieParser('democracyos-cookie') ); /** * Configure native `express` session middleware */ app.use( express.session( { cookie: { maxAge: 1000 * 60 * 60 * 24 * 7 }, secret: 'democracyos-secret', key: "democracyos.org", store: new MongoStore( { url: app.get('mongoUrl') } ) } ) ); /** * Use `passport` setup & helpers middleware */ app.use(passport.initialize()); /** * Use `passport` sessions middleware */ app.use(passport.session()); /** * Set template local variables */ app.use(function(req, res, next) { // Set user as local var if authenticated if(req.isAuthenticated() && req.user) res.locals.citizen = req.user; res.locals.t = t; // Call next middleware next(); }); /** * Set native `express` router middleware */ app.use(app.router); // Here we should have our own error handler! /** * Set native `express` error handler */ app.use(express.errorHandler()); });
function redirect(req, res, next) { var path = req.params.path || ''; var url = config('settings url') + (path ? '/' + path : ''); res.redirect(url); }