console.log("looking up user"); mongodb.collection("hwusers").findOne({ email: email }, (err, doc) => { console.log("got user from db"); if (doc && doc.email == email) { // we're good callback(null, doc.email); } else { callback(null, null); } }); }, { failureRedirect: '/', userField: "email" }), function(req, res) { // success! res.redirect("/"); }); app.get('/user/index', passwordless.restricted({ failureRedirect: '/' }), function(req, res) { var str = `Hello ${req.session.passwordless}<br>` + '<a href="/user/generate">Generate key</a><br>' + '<a href="/user/site/">Site</a>'; res.send(str); }); app.get('/user/generate', passwordless.restricted({ failureRedirect: '/' }), function(req, res) { const key = uuid.v4(); mongodb.collection("hwusers").update({ email: req.session.passwordless }, { $set: { key: key } }, (err, doc) => { if (err) { res.send("error"); } else { var str = key + "<br>" + '<a href="/user/index">Back</a>'; res.send(str);
var passwordless = require('passwordless'); var role = require('connect-acl')(require('../lib/roles')); var Promise = require('sequelize').Promise; var csv = require('csv'); var moment = require('moment'); router.get('/', role.can('view program'), function(req, res) { Program.findAll({ where: {hidden: false}, order: 'premium_activity DESC, name ASC' }).then(function(programs) { res.render('programs/program', { title: '- All Programs', all_programs: programs }); }); }); router.get('/oos', passwordless.restricted({ failureRedirect: '/login', originField: 'origin' }), role.isAny(['admin', 'hq staff']), function(req, res) { Program.findAll({ order: 'id ASC', where: { hidden: false }, include: [{model: OOS, as: 'OOS'}] }).then(function(programs) { res.render('programs/oos_count', { title: '- Program OOS Count', programs: programs }); }); }); router.get('/pals', passwordless.restricted({ failureRedirect: '/login', originField: 'origin' }), role.isAny(['admin', 'hq staff']), function(req, res) { Program.findAll({ order: 'id ASC', where: { hidden: false }, include: [{model: OOS, as: 'OOS'}, {model: OOS, as: 'ProgramActivityLeader'}] }).then(function(results) { var programs = { offsite: [], onsite: [] }; results.forEach(function(result) { console.log(result.dataValues.location); programs[result.dataValues.location].push(result); }); res.render('programs/pals', { title: '- Program PALs', programs: programs
var express = require('express'); var router = express.Router(); var passwordless = require('passwordless'); // var passwordless = require('../../../'); /* GET home page. */ router.get('/', function(req, res) { res.render('index', { user: req.user }); }); /* GET restricted site. */ router.get('/restricted', passwordless.restricted(), function(req, res) { res.render('restricted', { user: req.user }); }); /* GET login screen. */ router.get('/login', function(req, res) { res.render('login', { user: req.user }); }); /* GET logout. */ router.get('/logout', passwordless.logout(), function(req, res) { res.redirect('/'); }); /* POST login screen. */ router.post('/sendtoken',
module.exports = function(app) { app.get('/', function home(req, res, next) { console.log('Request - Home'); res.end('What are you doing here?'); }); app.get('/restricted', passwordless.restricted(), function restricted(req, res) { console.log('Request - Restricted'); res.end('You have access, my friend.'); }); // Android app login redirect app.get('/app_login', function appLogin(req, res) { // Deep link within app, will open /login using app's http client var url = 'catbox://login/?t=' + req.query.t + '&u=' + req.query.u; res.redirect(url); }); // Accept token on /login app.get('/login', passwordless.acceptToken({ successRedirect: '/login_success' }), function loginFailed(req, res) { // We reach in case acceptToken fails res.json({ 'result': 'failed', 'reason': 'Invalid token or user.' }); }); // Success message after passwordless accepts the token app.get('/login_success', passwordless.restricted(), function loginSuccess(req, res) { var db = monk(config.db); var users = db.get('user'); console.log('Login - Successful'); users.findOne({ _id: req.user }, function(err, document, callback) { if (err) console.log(err); db.close(); res.json({ 'result': 'success', 'user': document }); }); }); // Login token delivery app.post('/request_token', passwordless.requestToken(auth.sendToken), function requestTokenSent(req, res) { console.log('Login - Email sent'); res.json({ 'result': 'success' }); }); // User Functions app.post('/change_name', passwordless.restricted(), function changeName(req, res) { var db = monk(config.db); var users = db.get('user'); console.log('Update - Name'); users.update({ _id: req.user }, { $set: { name: req.body.name, } }, function(err, count, callback) { if (err) console.log(err); db.close(); res.json({ 'result': 'success' }); }); }); app.post('/me', passwordless.requestToken(auth.sendToken), function requestUser(req, res) { var db = monk(config.db); var users = db.get('user'); console.log('Request - Me'); users.findOne({ _id: req.user }, function(err, document, callback) { if (err) console.log(err); db.close(); res.json({ 'result': 'success', 'user': document }); }); }); // Nearby boxes app.get('/boxes', passwordless.restricted(), function boxes(req, res) { var db = monk(config.db); var boxes = db.get('box'); var point; console.log('Request - Nearby Boxes'); try { point = JSON.parse(req.query.coordinates); boxes.find({ centroid: { $near: { $geometry: { type: "Point", coordinates: [point[0], point[1]] } } } }, function(err, results, callback) { if (err) console.log(err); db.close(); res.json(results); }); } catch (e) { console.log(e); res.json({ 'result': 'failed' }); } }); // Nearby boxes inside a polygon app.get('/boxes_within', passwordless.restricted(), function boxes(req, res) { var db = monk(config.db); var boxes = db.get('box'); var points = []; var rawPoints; console.log('Request - Boxes Within'); try { rawPoints = JSON.parse(req.query.coordinates); for (var i in rawPoints) { points.push([ rawPoints[i][0], rawPoints[i][1] ]); } points.push(points[0]); // repeat first point at the end boxes.findOne({ shape: { $geoWithin: { $geometry: { type: "Polygon", coordinates: [ points ] } } } }, function(err, document, callback) { if (err) console.log(err); db.close(); res.json(document); }); } catch (e) { console.log(e); res.json({ 'result': 'failed' }); } }); // Add box app.post('/add_box', passwordless.restricted(), function addBox(req, res) { var db; var boxes; var data = req.body; var shape = new Region(); var rawPoints; console.log('Add - Box'); console.log(data); try { rawPoints = JSON.parse(data.coordinates); console.log(rawPoints); for (var i in rawPoints) { shape.points.push([ rawPoints[i][0], rawPoints[i][1] ]); } shape.points.push(shape.points[0]); // repeat first point at the end console.log("Checking duplicates"); console.log(shape.points); // Validate data required fields if (!( util.isEmpty(shape) || util.isEmpty(data.name) )) { db = monk(config.db); boxes = db.get('box'); boxes.findOne({ $or: [{ name: data.name }, { shape: { $geoIntersects: { $geometry: { type: "Polygon", coordinates: [ shape.points ] } } } }] }, function(err, document, callback) { if (err) console.log(err); console.log(document); if (util.isEmpty(document)) { // Continue with insertion boxes.insert({ user_id: req.user, name: data.name, content: data.content, centroid: { type: "Point", coordinates: shape.centroid() }, shape: { type: "Polygon", coordinates: [ shape.points ] } }, function(err, inserted) { if (err) console.log(err); db.close(); res.json({ 'result': 'success' }); }); } else { // Duplicate name, return duplicate message db.close(); res.json({ 'result': 'duplicate', 'message': 'A box within these dimensions or with the same name already exists.' }); } }); } else { res.json({ 'result': 'failed', 'message': 'Cannot parse request, invalid shape or name. Please make sure the order of longitude latitude pairs is correct.' }); } } catch (e) { console.log(e); res.json({ 'result': 'failed' }); } }); // Catch 404 and forward to error handler app.use( function notFound(req, res, next) { var err = new Error('404 - Not found.'); err.status = 404; console.log('404 - Not found.'); next(err); }); // Dev error handler app.use( function errorHandler(err, req, res, next) { res.status(err.status || 500); next(err); }); };
}); } else { req.session.user = { role: 'anonymous', roles: roles['anonymous'].can }; next(); } }); app.use(role.middleware()); app.use('/', routes.index); app.use('/oos', passwordless.restricted({ failureRedirect: '/login', originField: 'origin' }), role.can('view oos'), routes.oos ); app.use('/programs', routes.programs); app.use('/program_guide', routes.program_guide); app.use('/program_selection', passwordless.restricted({ failureRedirect: '/login', originField: 'origin' }), routes.program_selection); app.use('/units', passwordless.restricted({ failureRedirect: '/login', originField: 'origin' }), routes.units); app.use('/admin', passwordless.restricted({ failureRedirect: '/login', originField: 'origin' }), role.isAny(['admin']),
console.log('sending token for user', user); callback(null, user.id); } else { callback(null, null); } } ); } ), routes.sendToken ); const redirectToFrontPage = (req, res) => res.redirect('/'); app.get('/login', redirectToFrontPage); app.get('/logout', passwordless.logout(), redirectToFrontPage); app.get('/challenge.html', passwordless.restricted(), routes.challenge); app.use(apiUrlBase, passwordless.restricted()); app.get(apiUrlBase + 'search', routes.search); app.get(apiUrlBase + 'line/:page/:line', routes.lineRead); app.get(apiUrlBase + 'line/:id', routes.lineRead); app.put(apiUrlBase + 'line/:id', routes.lineUpdate); app.get(apiUrlBase + 'status', routes.status); app.post(apiUrlBase + 'mark-blank/:page/:line', routes.markBlank); app.get(apiUrlBase + 'completed.tsv', compression(), routes.completedTsv); app.get(apiUrlBase + 'dt-line/:checker', compression(), routes.dtLine); app.get(apiUrlBase + 'dt-line', compression(), routes.dtLine); app.get(apiUrlBase + 'circulators', routes.getCirculators); app.post(apiUrlBase + 'circulators', routes.createOrUpdateCirculator); app.get(apiUrlBase + 'circulators/:id', routes.getCirculator); app.put(apiUrlBase + 'circulators/:id', routes.createOrUpdateCirculator); app.delete(apiUrlBase + 'circulators/:id', routes.deleteCirculator);