our-sejahtera-backend/app.js

const express = require('express');
const { Sequelize, DataTypes, STRING } = require('sequelize');
const session = require('express-session');
const bcrypt = require('bcrypt');
const QRCode = require('qrcode');
const { createSecureServer } = require('http2');
require("dotenv-flow").config();

var SequelizeStore = require("connect-session-sequelize")(session.Store);

const COOKIE_EXPIRY_DURATION = 60 * 60 * 3 * 1000; // 3 hours in milliseconds

const isProduction = process.env.NODE_ENV == "production";
const isDev = process.env.NODE_ENV == "development";

console.log(`Node Environment: ${process.env.NODE_ENV}`);

const sequelize = (() => {
    if (isProduction) {
        return new Sequelize(process.env.DB_DATA_NAME, process.env.DB_USER, process.env.DB_PASS, {
            host: process.env.DB_PATH,
            dialect: process.env.DB_DATA_DIALECT,
        });
    } else {
        return new Sequelize('sqlite::memory:');
    }
})();

const storeDB = (() => {
    if (isProduction) {
        new Sequelize(process.env.DB_STORE_NAME, process.env.DB_USER, process.env.DB_PASS, {
            host: process.env.DB_PATH,
            dialect: process.env.DB_DATA_DIALECT,
        });
    } else {
        return new Sequelize('sqlite::memory:');
    }
})();

const store = new SequelizeStore({
    db: storeDB,
    expiration: COOKIE_EXPIRY_DURATION,
});
store.sync();

const Contact = sequelize.define('Contact', {
    user: {
        type: DataTypes.INTEGER,
        allowNull: false,
    },
    with: {
        type: DataTypes.INTEGER,
        allowNull: false,
    },
});
Contact.sync();

const User = sequelize.define('User', {
    email: {
        type: DataTypes.STRING,
        allowNull: false,
        unique: true,
    },
    name: {
        type: DataTypes.STRING,
    },
    hash: {
        type: STRING,
    },
    phoneNumber: {
        type: DataTypes.STRING,
    },
    verification: {
        type: DataTypes.STRING,
    },
    org: {
        type: DataTypes.STRING,
    },
});

User.sync().then(() => {
    User.create({
        email: "admin@msolidariti.org",
        name: "Demo",
        hash: bcrypt.hashSync("test", 10),
        phoneNumber: "123",
    }).catch(e => {
        console.log("Couldn't create demo account. Probably exists.");
    });
});


function authUser(email, password, done) {
    User.findOne({
        where: {
            email: email
        }
    }).then(user => {
        if (!user) {
            done(false, "User not found")
        } else {
            const auth = bcrypt.compareSync(password, user.hash);
            done(auth, auth ? "Authorized" : "Wrong password");
        }
    });
}

function refreshVerification(user, done) {
    let newVerification = bcrypt.hashSync(`${new Date().getTime()}-${user.hash}`, 5).replace(/[^a-zA-Z0-9]+/g, "");
    newVerification = newVerification.substr(0, newVerification.length / 2);
    user.verification = newVerification;
    user.save().then(result => {
        done(result)
    });
}

function createQRCode(email, done) {

    User.findOne({
        where: {
            email: email
        }
    }).then(user => {
        refreshVerification(user, result => {
            const verifyURL = `${process.env.SERVER_API_URL}/verify/${encodeURIComponent(result.verification)}`;
            QRCode.toDataURL(verifyURL, { width: 300, height: 300 }, (err, url) => {
                done(err, url);
            })
        });
    });
}

function checkVerification(id, done) {
    User.findOne({
        where: {
            verification: decodeURIComponent(id),
        }
    }).then(user => {
        if (user) {
            done(true, "User verified", user.id);
        } else {
            done(false, "No such verification");
        }
    });
}

function createUser(email, password, name, phoneNumber, done) {
    hash = bcrypt.hashSync(password, 10);
    User.create({
        email: email,
        name: name,
        hash: hash,
        phoneNumber: phoneNumber,
    }).then(user => {
        if (!user) {
            done(false, "Could not create user");
        } else {
            done(true, "Success");
        }
    }).catch(reason => {
        if (reason.name == "SequelizeUniqueConstraintError") {
            done(false, "User already exists");
        } else {
            done(false, "Unknown error");
        }
    });
}

function addContact(userEmail, withUserID, done) {
    User.findOne({ where: { email: userEmail } }).then(user => {
        Contact.create({ user: user.id, with: withUserID })
            .then(res => {
                done(true, "Successfully added contact");
            })
            .catch(e => {
                done(false, e);
            });
    })
}

function getCookieExpiry() {
    return new Date(Date.now() + COOKIE_EXPIRY_DURATION);
}

const app = express();
app.use(session({
    secret: process.env.SERVER_SESSION_SECRET,
    resave: false,
    saveUninitialized: false,
}))
app.use(express.json())

app.post('/login', (req, res) => {
    reqEmail = req.body.email.toLowerCase();
    const auth = authUser(reqEmail, req.body.password, (success, msg) => {
        if (success) {
            req.session.regenerate(() => {
                cookieExpiry = getCookieExpiry();
                req.session.user = reqEmail;
                res.send({ authorized: success, message: msg })
            });
        } else {
            res.status(401).send({ authorized: success, message: msg });
        }
    });
});

app.post('/create', (req, res) => {
    reqEmail = req.body.email.toLowerCase();
    if (req.session.verified) {
        createUser(reqEmail, req.body.password, req.body.name, req.body.phoneNumber, (success, msg) => {
            cookieExpiry = getCookieExpiry();
            req.session.user = reqEmail;
            if (success) {
                addContact(req.session.user, req.session.verifiedBy, (sucesss, msg) => {
                    res.send({ success: success, message: msg });
                });
            } else {
                res.send({ success: success, message: msg });
            }
        });
    } else {
        res.status(401).send("Not verified");
    }
})

app.get('/code', (req, res) => {
    if (!req.session.user) {
        res.status(401).send("Not logged in");
        return;
    }
    createQRCode(req.session.user, (err, url) => {
        res.send({ error: err, data: url });
    });
})

app.get("/verify/:id", (req, res) => {
    checkVerification(req.params.id, (success, msg, withUserID) => {
        cookieExpiry = getCookieExpiry();
        req.session.verified = success;
        req.session.verifiedBy = withUserID;

        if (success) {
            if (req.session.user) { // If Logged In
                addContact(req.session.user, withUserID, (success, msg) => {
                    if (success) {
                        res.redirect(`${process.env.WEBSITE_URL}/#/success`)
                    } else {
                        res.status(400).send(msg);
                    }
                });
            } else { // If Not Logged In
                if (success) {
                    res.redirect(`${process.env.WEBSITE_URL}/#/create`)
                } else {
                    res.status(400).send(msg);
                }
            }
        } else {
            res.status(400).send(msg);
        }
    });
});

const port = process.env.PORT || 8080;

app.listen(port, () => {
    console.log(`Listening on port ${port}`);
})
added user creation, login, qr-code verification 3 years ago			`const express = require('express');`
			`const { Sequelize, DataTypes, STRING } = require('sequelize');`
			`const session = require('express-session');`
			`const bcrypt = require('bcrypt');`
			`const QRCode = require('qrcode');`
			`const { createSecureServer } = require('http2');`
remove cookies 3 years ago			`require("dotenv-flow").config();`
added user creation, login, qr-code verification 3 years ago
remove cookies 3 years ago			`var SequelizeStore = require("connect-session-sequelize")(session.Store);`
added user creation, login, qr-code verification 3 years ago
add contact tracing 3 years ago			`const COOKIE_EXPIRY_DURATION = 60 * 60 * 3 * 1000; // 3 hours in milliseconds`

remove cookies 3 years ago			`const isProduction = process.env.NODE_ENV == "production";`
			`const isDev = process.env.NODE_ENV == "development";`

			console.log(`Node Environment: ${process.env.NODE_ENV}`);

			`const sequelize = (() => {`
			`if (isProduction) {`
			`return new Sequelize(process.env.DB_DATA_NAME, process.env.DB_USER, process.env.DB_PASS, {`
			`host: process.env.DB_PATH,`
			`dialect: process.env.DB_DATA_DIALECT,`
			`});`
			`} else {`
			`return new Sequelize('sqlite::memory:');`
			`}`
			`})();`

			`const storeDB = (() => {`
			`if (isProduction) {`
			`new Sequelize(process.env.DB_STORE_NAME, process.env.DB_USER, process.env.DB_PASS, {`
			`host: process.env.DB_PATH,`
			`dialect: process.env.DB_DATA_DIALECT,`
			`});`
			`} else {`
			`return new Sequelize('sqlite::memory:');`
			`}`
			`})();`

			`const store = new SequelizeStore({`
			`db: storeDB,`
			`expiration: COOKIE_EXPIRY_DURATION,`
			`});`
			`store.sync();`

add contact tracing 3 years ago			`const Contact = sequelize.define('Contact', {`
			`user: {`
			`type: DataTypes.INTEGER,`
			`allowNull: false,`
			`},`
			`with: {`
			`type: DataTypes.INTEGER,`
			`allowNull: false,`
			`},`
			`});`
			`Contact.sync();`

added user creation, login, qr-code verification 3 years ago			`const User = sequelize.define('User', {`
			`email: {`
			`type: DataTypes.STRING,`
			`allowNull: false,`
			`unique: true,`
			`},`
			`name: {`
			`type: DataTypes.STRING,`
			`},`
			`hash: {`
			`type: STRING,`
			`},`
			`phoneNumber: {`
			`type: DataTypes.STRING,`
			`},`
			`verification: {`
			`type: DataTypes.STRING,`
			`},`
			`org: {`
			`type: DataTypes.STRING,`
			`},`
			`});`

add contact tracing 3 years ago			`User.sync().then(() => {`
			`User.create({`
			`email: "admin@msolidariti.org",`
			`name: "Demo",`
			`hash: bcrypt.hashSync("test", 10),`
			`phoneNumber: "123",`
remove cookies 3 years ago			`}).catch(e => {`
			`console.log("Couldn't create demo account. Probably exists.");`
add contact tracing 3 years ago			`});`
			`});`

added user creation, login, qr-code verification 3 years ago
			`function authUser(email, password, done) {`
			`User.findOne({`
			`where: {`
			`email: email`
			`}`
			`}).then(user => {`
			`if (!user) {`
			`done(false, "User not found")`
			`} else {`
			`const auth = bcrypt.compareSync(password, user.hash);`
			`done(auth, auth ? "Authorized" : "Wrong password");`
			`}`
			`});`
			`}`

			`function refreshVerification(user, done) {`
add contact tracing 3 years ago			let newVerification = bcrypt.hashSync(`${new Date().getTime()}-${user.hash}`, 5).replace(/[^a-zA-Z0-9]+/g, "");
			`newVerification = newVerification.substr(0, newVerification.length / 2);`
added user creation, login, qr-code verification 3 years ago			`user.verification = newVerification;`
			`user.save().then(result => {`
			`done(result)`
			`});`
			`}`

			`function createQRCode(email, done) {`

			`User.findOne({`
			`where: {`
			`email: email`
			`}`
			`}).then(user => {`
			`refreshVerification(user, result => {`
add contact tracing 3 years ago			const verifyURL = `${process.env.SERVER_API_URL}/verify/${encodeURIComponent(result.verification)}`;
added user creation, login, qr-code verification 3 years ago			`QRCode.toDataURL(verifyURL, { width: 300, height: 300 }, (err, url) => {`
			`done(err, url);`
			`})`
			`});`
			`});`
			`}`

add contact tracing 3 years ago			`function checkVerification(id, done) {`
			`User.findOne({`
			`where: {`
			`verification: decodeURIComponent(id),`
			`}`
			`}).then(user => {`
			`if (user) {`
			`done(true, "User verified", user.id);`
			`} else {`
			`done(false, "No such verification");`
			`}`
			`});`
added user creation, login, qr-code verification 3 years ago			`}`

			`function createUser(email, password, name, phoneNumber, done) {`
			`hash = bcrypt.hashSync(password, 10);`
			`User.create({`
			`email: email,`
			`name: name,`
			`hash: hash,`
			`phoneNumber: phoneNumber,`
			`}).then(user => {`
			`if (!user) {`
			`done(false, "Could not create user");`
			`} else {`
			`done(true, "Success");`
			`}`
			`}).catch(reason => {`
			`if (reason.name == "SequelizeUniqueConstraintError") {`
			`done(false, "User already exists");`
			`} else {`
			`done(false, "Unknown error");`
			`}`
			`});`
			`}`

add contact tracing 3 years ago			`function addContact(userEmail, withUserID, done) {`
			`User.findOne({ where: { email: userEmail } }).then(user => {`
			`Contact.create({ user: user.id, with: withUserID })`
			`.then(res => {`
			`done(true, "Successfully added contact");`
			`})`
			`.catch(e => {`
			`done(false, e);`
			`});`
			`})`
			`}`

			`function getCookieExpiry() {`
			`return new Date(Date.now() + COOKIE_EXPIRY_DURATION);`
			`}`

added user creation, login, qr-code verification 3 years ago			`const app = express();`
			`app.use(session({`
			`secret: process.env.SERVER_SESSION_SECRET,`
			`resave: false,`
			`saveUninitialized: false,`
			`}))`
			`app.use(express.json())`

			`app.post('/login', (req, res) => {`
add contact tracing 3 years ago			`reqEmail = req.body.email.toLowerCase();`
			`const auth = authUser(reqEmail, req.body.password, (success, msg) => {`
remove cookies 3 years ago			`if (success) {`
			`req.session.regenerate(() => {`
			`cookieExpiry = getCookieExpiry();`
			`req.session.user = reqEmail;`
			`res.send({ authorized: success, message: msg })`
			`});`
			`} else {`
			`res.status(401).send({ authorized: success, message: msg });`
			`}`
added user creation, login, qr-code verification 3 years ago			`});`
			`});`

			`app.post('/create', (req, res) => {`
add contact tracing 3 years ago			`reqEmail = req.body.email.toLowerCase();`
			`if (req.session.verified) {`
			`createUser(reqEmail, req.body.password, req.body.name, req.body.phoneNumber, (success, msg) => {`
			`cookieExpiry = getCookieExpiry();`
			`req.session.user = reqEmail;`
port set by appengine 3 years ago			`if (success) {`
			`addContact(req.session.user, req.session.verifiedBy, (sucesss, msg) => {`
			`res.send({ success: success, message: msg });`
register contact on account create 3 years ago			`});`
port set by appengine 3 years ago			`} else {`
register contact on account create 3 years ago			`res.send({ success: success, message: msg });`
			`}`
added user creation, login, qr-code verification 3 years ago			`});`
			`} else {`
			`res.status(401).send("Not verified");`
			`}`
			`})`

			`app.get('/code', (req, res) => {`
			`if (!req.session.user) {`
			`res.status(401).send("Not logged in");`
			`return;`
			`}`
			`createQRCode(req.session.user, (err, url) => {`
			`res.send({ error: err, data: url });`
			`});`
			`})`

			`app.get("/verify/:id", (req, res) => {`
register contact on account create 3 years ago			`checkVerification(req.params.id, (success, msg, withUserID) => {`
add contact tracing 3 years ago			`cookieExpiry = getCookieExpiry();`
added user creation, login, qr-code verification 3 years ago			`req.session.verified = success;`
register contact on account create 3 years ago			`req.session.verifiedBy = withUserID;`
add contact tracing 3 years ago
added user creation, login, qr-code verification 3 years ago			`if (success) {`
add contact tracing 3 years ago			`if (req.session.user) { // If Logged In`
register contact on account create 3 years ago			`addContact(req.session.user, withUserID, (success, msg) => {`
add contact tracing 3 years ago			`if (success) {`
			res.redirect(`${process.env.WEBSITE_URL}/#/success`)
			`} else {`
			`res.status(400).send(msg);`
			`}`
			`});`
			`} else { // If Not Logged In`
			`if (success) {`
			res.redirect(`${process.env.WEBSITE_URL}/#/create`)
			`} else {`
			`res.status(400).send(msg);`
			`}`
			`}`
			`} else {`
			`res.status(400).send(msg);`
added user creation, login, qr-code verification 3 years ago			`}`
			`});`
			`});`

port set by appengine 3 years ago			`const port = process.env.PORT \|\| 8080;`
added user creation, login, qr-code verification 3 years ago
			`app.listen(port, () => {`
			console.log(`Listening on port ${port}`);
			`})`