userRouter.post('/', function (req, res) {
log.error(req.body);
var patient = new Patient({
firstName: req.body.firstName,
lastName: req.body.lastName,
secondName: req.body.secondName,
email: req.body.email,
password: req.body.password,
phone: req.body.phone,
location: req.body.location,
gender: req.body.gender,
birthDate: req.body.birthDate,
policyNumber: req.body.policyNumber
});
patient.save(function (err) {
if (!err) {
log.info("Patient created");
return res.send({status: 'OK', patient: patient, apiKey: patient.apiKey, _id: patient._id});
} else {
console.log(err);
if (err.name == 'ValidationError') {
res.statusCode = 400;
res.send({error: 'Validation error'});
} else {
res.statusCode = 500;
res.send({error: 'Server Error'});
}
log.error('Internal error(%d): %s', res.statusCode, err.message);
}
});
});
return function (req, res, next) {
return next();
if (doctorArea && !patientArea) {
return next();
}
var token = req.get('X-API-KEY');
if (patientArea && !doctorArea) {
Patient.findOne({apiKey: token}, function (err, patient) {
if (err) {
res.statusCode = 500;
return res.send({error: 'Server Error'});
}
if (!patient) {
res.statusCode = 500;
return res.send({error: 'Server Error'});
}
console.log(patient._id);
if (patient.checkApiKey(token)) {
req.authStrategy = 'Header';
req.user = patient;
return next();
}
});
}
if (patientArea && doctorArea) {
if (req.isAuthenticated())
return next();
else {
Patient.findOne({apiKey: token}, function (err, patient) {
if (err) {
res.statusCode = 500;
return res.send({error: 'Server Error'});
}
if (!patient) {
res.statusCode = 500;
return res.send({error: 'Server Error'});
}
console.log(patient._id);
if (patient.checkApiKey(token)) {
req.authStrategy = 'Header';
req.user = patient;
return next();
}
});
}
}
}
userRouter.get('/:id', reqHandler.isLoggedIn(true,true), function (req, res) {
log.debug(req.get('apikey'));
if (req.authStrategy === 'Header') {
if (req.params.id !== req.user._id) {
res.statusCode = 401;
return res.send({error: 'You can request only your profile'});
}
}
return Patient.findById(req.params.id, function (err, patient) {
if (!patient) {
res.statusCode = 404;
return res.send({error: 'Patient not found'});
}
if (!err) {
return res.send({
status: 'OK',
patient: patient
});
} else {
res.statusCode = 500;
log.error('Internal error(%d): %s', res.statusCode, err.message);
res.send({
error: 'Server error'
});
}
})
});
userRouter.put('/:id', passport.authenticate('Header'), function (req, res) {
return Patient.findById(req.params.id, function (err, patient) {
if (!patient) {
res.statusCode = 404;
return res.send({error: 'Patient not found'});
}
patient.firstName = req.body.firstName;
patient.lastName = req.body.lastName;
patient.secondName = req.body.secondName;
patient.location = req.body.location;
patient.policyNumber = req.body.policyNumber;
return patient.save(function (err) {
if (!err) {
log.info('Patient updated');
return res.send({status: 'OK', patient: patient});
} else {
if (err.name == 'ValidationError') {
res.statusCode = 400;
res.send({error: 'Validation Error'});
} else {
res.statusCode = 500;
res.send({error: 'Server error'});
}
log.error('Internal error(%d): %s', res.statusCode, err.message);
}
});
})
});
userRouter.get('/settings', function (req, res) {
Patient.count({}, function (err, c) {
if (!err) {
var totalPages = Math.ceil(c / pageLimit);
return res.send({status: 'OK', count: c, pageLimit: pageLimit, totalPages: totalPages});
} else {
return res.send({error: 'Server error'});
}
})
});
passport.use(new headerStrategy({ header: 'X-API-KEY', passReqToCallback: true }, function (req, token, done) {
Patient.findOne({ apiKey: token }, function (err, patient) {
if (err) {
return done(err);
}
if (!patient) return done(null, false, { error: 'Invalid token.' });
if (!patient.checkApiKey(token)) {
return done(null, false, { error: 'Incorrect token.' });
}
req.authStrategy = 'Header';
return done(null, patient);
});
}));
userRouter.get('/', reqHandler.isLoggedIn(true, true), function (req, res) {
var offset = 0;
console.log(req.query);
if (req.query.offset)
offset = parseInt(req.query.offset);
var query = Patient.find({});
query.skip(offset);
query.limit(pageLimit);
var count = 0;
Patient.count({}, function (err, c) {
if (!err)
count = c;
});
return query.exec(function (err, patients) {
if (!err) {
return res.send({status: 'OK', offset: offset, patients: patients});
} else {
res.statusCode = 500;
log.error('Internal error(%d): %s', res.statusCode, err.message);
return res.send({error: 'Server error'});
}
});
});
passport.use(new BasicStrategy(function (email, password, done) {
Patient.findOne({ email: email }, function (err, patient) {
if (err) {
log.debug('Bad request');
return done(err);
}
if (!patient) {
log.debug('Bad request2');
return done(null, false, { error: "No authentication data provided" });
}
if (!patient.checkPassword(password)) {
return done(null, false);
}
return done(null, patient);
});
}));
function isApiAuthenticated(req) {
if (!req.get('X-API-KEY')) {
return false;
}
var token = req.get('X-API-KEY');
var patient = Patient.findOne({apiKey: token}, function (err, patient) {
if (err) return null;
if (!patient) return null;
console.log(patient._id);
if (patient.checkApiKey(token)) return patient;
});
console.log(patient._id);
if (patient._id) {
req.login(patient._id, function (err) {
if (!err)
console.log('Updated');
return true;
});
}
}