module.exports = function(app) {
var Wine = db.define('Wine', {
id: {
type: Sequelize.INTEGER,
autoIncrement: true,
primaryKey: true,
allowNull: false
},
name: Sequelize.STRING(45),
year: Sequelize.STRING(45),
grapes: Sequelize.STRING(45),
country: Sequelize.STRING(45),
region: Sequelize.STRING(45),
description: Sequelize.BLOB,
picture: Sequelize.STRING
}
, {
tableName: 'wine',
timestamps: false
}
)
db
.sync({ force: false }) // si se pone a true borra la tabla
.complete(function (err) {
if (!!err) {
console.log('An error occurred while creating the table:', err)
} else {
console.log('It worked!')
}
})
var opciones={endpoit:'/api',allowed:new Array('Wine')}
app.use(restful(db, opciones))
}
exports.init = function(app, passport) {
console.log('Initializing Routes...');
// Angular Routes
app.get('/', index.index);
app.get('/reserve', index.index);
app.get('/calendar', index.index);
app.get('/policies', index.index);
// Admin Route
app.get('/admin', auth.isAuthenticated, auth.isAdmin, index.index);
app.get('/admin/*', auth.isAuthenticated, auth.isAdmin, index.index);
// Use LDAP in production, insecure local authentication in development
if ('production' === app.get('env')) {
app.post('/login', passport.authenticate('ldapauth', { successRedirect: '/', failureRedirect: '/', failureFlash: true }));
} else {
app.post('/login', passport.authenticate('local', { successRedirect: '/', failureRedirect: '/', failureFlash: true }));
}
app.post('/logout', function(req, res){ req.logOut(); res.send(200); });
app.get('/loggedin', function(req, res) { res.send(req.isAuthenticated() ? req.user : '******'); });
// Secure REST API
app.all('/api/*', auth.isAuthenticated);
// Automatically add CRUD to models in db
app.use(restful(db.sequelize, { endpoint: '/api' }));
app.get('/getReservations/:computerId/:date', reservations.getReservation);
// Send welcome email
app.post('/sendWelcomeEmail', index.sendWelcomeEmail);
// Finish with setting up the computerID param
// Note: the computer.computer function will be called everytime then it will call the next function.
app.param('computerId', computers.computer);
app.param('date', reservations.getDate);
};
if(keyVal[1] == "true") {
dropDatabase = true;
} else {
dropDatabase = false;
}
}
}
}
if(dropDatabase) {
connection.sequelize.sync({force: true}).success(function () {
console.log("Base created !");
});
}
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
//app.configure(function() {
app.use(restful(connection.sequelize, { /* options */ }))
//})
var port = process.env.PORT || 3000;
http.createServer(app).listen(port, function(){
console.log("Express server listening on port " + port)
});
app.use(bodyParser.urlencoded({extended: true}));
app.use(bodyParser.json());
app.use(methodOverride('X-HTTP-Method-Override'));
// CORS Support
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
});
app.use(restful(sequelize, { endpoint: '/restful', allowed: new Array() }));
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
app.get('/test', function (req, res) {
res.render('test');
});
// Load the models.
models = require('./models/index');
app.delete('/api/Products/:id', insecurity.denyAll()); // Deleting products is forbidden entirely to keep the O-Saft url-change challenge solvable
/* Challenges: GET list of challenges allowed. Everything else forbidden independent of authorization (hence the random secret) */
app.post('/api/Challenges', insecurity.denyAll());
app.use('/api/Challenges/:id', insecurity.denyAll());
/* REST API */
app.use('/rest/user/authentication-details', insecurity.isAuthorized());
app.use('/rest/basket/:id', insecurity.isAuthorized());
app.use('/rest/basket/:id/order', insecurity.isAuthorized());
/* Challenge evaluation before sequelize-restful takes over */
app.post('/api/Feedbacks', verify.forgedFeedbackChallenge());
/* Verifying DB related challenges can be postponed until the next request for challenges is coming via sequelize-restful */
app.use(verify.databaseRelatedChallenges());
/* Sequelize Restful APIs */
app.use(restful(models.sequelize, { endpoint: '/api', allowed: ['Users', 'Products', 'Feedbacks', 'BasketItems', 'Challenges'] }));
/* Custom Restful API */
app.post('/rest/user/login', user.login());
app.get('/rest/user/change-password', user.changePassword());
app.get('/rest/user/whoami', user.retrieveLoggedInUser());
app.get('/rest/user/authentication-details', user.retrieveUserList());
app.get('/rest/product/search', shop.searchProducts());
app.get('/rest/basket/:id', shop.retrieveBasket());
app.post('/rest/basket/:id/checkout', shop.placeOrder());
app.put('/rest/basket/:id/coupon/:coupon', shop.applyCoupon());
app.get('/rest/admin/application-version', site.retrieveAppVersion());
app.get('/redirect', site.performRedirect());
/* File Serving */
app.get('/the/devs/are/so/funny/they/hid/an/easter/egg/within/the/easter/egg', site.serveEasterEgg());
app.use(site.serveAngularClient());
/* Error Handling */