-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.js
102 lines (79 loc) · 2.41 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
/**
* Simple ExpressJS app to simulate API used for Spectero frontend.
*/
const express = require('express')
const cors = require('cors')
const app = express()
const router = express.Router()
const bodyParser = require('body-parser')
const expressJWT = require('express-jwt')
const jwt = require('jsonwebtoken')
const data = require('./data.js')
const port = 3000 // Port for server (default: 3000)
const secret = 'a$+,@:}-QNaCJK/gPy65%zj>tKZ>)w4/' // Secret hash for JSON web token (plaintext is obviously most secure way to handle this ^_^)
app.use(cors())
let formatResponse = function (code, errors, message, data, endpoint) {
return {
code: code,
errors: errors,
message: message,
data: data,
endpoint: endpoint
}
}
let sendResult = function (req, res, next) {
let status = res.locals.code || 200
res.status(status).json({
code: status,
errors: res.locals.errors || [],
message: res.locals.message || null,
data: res.locals.data || null,
endpoint: res.locals.endpoint || req.url
})
}
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: true }));
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*')
res.header('Access-Control-Allow-Headers', 'X-Requested-With')
next()
})
app.use(expressJWT({ secret: secret }).unless({ path: ['/login', '/nodes'] }))
app.route('/nodes')
.get(function (req, res, next) {
res.locals.data = { nodes: data.nodes }
next()
}, sendResult)
// Basic login handler
app.route('/login')
.post(function (req, res, next) {
let username = req.body.username
let password = req.body.password
let user = data.users[username]
// Username/password missing
if ( !username || !password ) {
res.locals.code = 400
res.locals.errors = ['Missing username or password.']
return next()
}
// User not found
if ( user === undefined || user.password !== password ) {
res.locals.code = 401
res.locals.errors = ['Invalid username or password.']
return next()
}
// Logged in!
let myToken = jwt.sign({ username: username }, secret)
res.locals.data = {authToken: myToken}
next()
}, sendResult)
app.use('/', router)
// Handle 404 not found result
app.all('*', function (req, res, next) {
res.locals.code = 404
res.locals.errors = ['404 Not Found']
next()
}, sendResult)
app.listen(port, function () {
console.log(`Server started on port ${port}`)
})