|
@ -1,16 +1,48 @@ |
|
|
const express = require('express'); |
|
|
const express = require('express'); |
|
|
const cors = require('cors') |
|
|
|
|
|
const { Sequelize, DataTypes, STRING } = require('sequelize'); |
|
|
const { Sequelize, DataTypes, STRING } = require('sequelize'); |
|
|
const session = require('express-session'); |
|
|
const session = require('express-session'); |
|
|
const bcrypt = require('bcrypt'); |
|
|
const bcrypt = require('bcrypt'); |
|
|
const QRCode = require('qrcode'); |
|
|
const QRCode = require('qrcode'); |
|
|
const { createSecureServer } = require('http2'); |
|
|
const { createSecureServer } = require('http2'); |
|
|
require("dotenv").config(); |
|
|
|
|
|
|
|
|
require("dotenv-flow").config(); |
|
|
|
|
|
|
|
|
const sequelize = new Sequelize('sqlite::memory:') |
|
|
|
|
|
|
|
|
var SequelizeStore = require("connect-session-sequelize")(session.Store); |
|
|
|
|
|
|
|
|
const COOKIE_EXPIRY_DURATION = 60 * 60 * 3 * 1000; // 3 hours in milliseconds
|
|
|
const COOKIE_EXPIRY_DURATION = 60 * 60 * 3 * 1000; // 3 hours in milliseconds
|
|
|
|
|
|
|
|
|
|
|
|
const isProduction = process.env.NODE_ENV == "production"; |
|
|
|
|
|
const isDev = process.env.NODE_ENV == "development"; |
|
|
|
|
|
|
|
|
|
|
|
console.log(`Node Environment: ${process.env.NODE_ENV}`); |
|
|
|
|
|
|
|
|
|
|
|
const sequelize = (() => { |
|
|
|
|
|
if (isProduction) { |
|
|
|
|
|
return new Sequelize(process.env.DB_DATA_NAME, process.env.DB_USER, process.env.DB_PASS, { |
|
|
|
|
|
host: process.env.DB_PATH, |
|
|
|
|
|
dialect: process.env.DB_DATA_DIALECT, |
|
|
|
|
|
}); |
|
|
|
|
|
} else { |
|
|
|
|
|
return new Sequelize('sqlite::memory:'); |
|
|
|
|
|
} |
|
|
|
|
|
})(); |
|
|
|
|
|
|
|
|
|
|
|
const storeDB = (() => { |
|
|
|
|
|
if (isProduction) { |
|
|
|
|
|
new Sequelize(process.env.DB_STORE_NAME, process.env.DB_USER, process.env.DB_PASS, { |
|
|
|
|
|
host: process.env.DB_PATH, |
|
|
|
|
|
dialect: process.env.DB_DATA_DIALECT, |
|
|
|
|
|
}); |
|
|
|
|
|
} else { |
|
|
|
|
|
return new Sequelize('sqlite::memory:'); |
|
|
|
|
|
} |
|
|
|
|
|
})(); |
|
|
|
|
|
|
|
|
|
|
|
const store = new SequelizeStore({ |
|
|
|
|
|
db: storeDB, |
|
|
|
|
|
expiration: COOKIE_EXPIRY_DURATION, |
|
|
|
|
|
}); |
|
|
|
|
|
store.sync(); |
|
|
|
|
|
|
|
|
const Contact = sequelize.define('Contact', { |
|
|
const Contact = sequelize.define('Contact', { |
|
|
user: { |
|
|
user: { |
|
|
type: DataTypes.INTEGER, |
|
|
type: DataTypes.INTEGER, |
|
@ -52,6 +84,8 @@ User.sync().then(() => { |
|
|
name: "Demo", |
|
|
name: "Demo", |
|
|
hash: bcrypt.hashSync("test", 10), |
|
|
hash: bcrypt.hashSync("test", 10), |
|
|
phoneNumber: "123", |
|
|
phoneNumber: "123", |
|
|
|
|
|
}).catch(e => { |
|
|
|
|
|
console.log("Couldn't create demo account. Probably exists."); |
|
|
}); |
|
|
}); |
|
|
}); |
|
|
}); |
|
|
|
|
|
|
|
@ -74,8 +108,6 @@ function authUser(email, password, done) { |
|
|
function refreshVerification(user, done) { |
|
|
function refreshVerification(user, done) { |
|
|
let newVerification = bcrypt.hashSync(`${new Date().getTime()}-${user.hash}`, 5).replace(/[^a-zA-Z0-9]+/g, ""); |
|
|
let newVerification = bcrypt.hashSync(`${new Date().getTime()}-${user.hash}`, 5).replace(/[^a-zA-Z0-9]+/g, ""); |
|
|
newVerification = newVerification.substr(0, newVerification.length / 2); |
|
|
newVerification = newVerification.substr(0, newVerification.length / 2); |
|
|
console.log(`Verification: ${newVerification}`) |
|
|
|
|
|
|
|
|
|
|
|
user.verification = newVerification; |
|
|
user.verification = newVerification; |
|
|
user.save().then(result => { |
|
|
user.save().then(result => { |
|
|
done(result) |
|
|
done(result) |
|
@ -105,7 +137,6 @@ function checkVerification(id, done) { |
|
|
} |
|
|
} |
|
|
}).then(user => { |
|
|
}).then(user => { |
|
|
if (user) { |
|
|
if (user) { |
|
|
console.log(user); |
|
|
|
|
|
done(true, "User verified", user.id); |
|
|
done(true, "User verified", user.id); |
|
|
} else { |
|
|
} else { |
|
|
done(false, "No such verification"); |
|
|
done(false, "No such verification"); |
|
@ -152,25 +183,25 @@ function getCookieExpiry() { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
const app = express(); |
|
|
const app = express(); |
|
|
app.set('trust proxy', 1) |
|
|
|
|
|
app.use(session({ |
|
|
app.use(session({ |
|
|
secret: process.env.SERVER_SESSION_SECRET, |
|
|
secret: process.env.SERVER_SESSION_SECRET, |
|
|
resave: false, |
|
|
resave: false, |
|
|
saveUninitialized: false, |
|
|
saveUninitialized: false, |
|
|
})) |
|
|
})) |
|
|
app.use(cors({ credentials: true, origin: process.env.WEBSITE_URL })) |
|
|
|
|
|
app.use(express.json()) |
|
|
app.use(express.json()) |
|
|
|
|
|
|
|
|
app.post('/login', (req, res) => { |
|
|
app.post('/login', (req, res) => { |
|
|
reqEmail = req.body.email.toLowerCase(); |
|
|
reqEmail = req.body.email.toLowerCase(); |
|
|
const auth = authUser(reqEmail, req.body.password, (success, msg) => { |
|
|
const auth = authUser(reqEmail, req.body.password, (success, msg) => { |
|
|
|
|
|
if (success) { |
|
|
req.session.regenerate(() => { |
|
|
req.session.regenerate(() => { |
|
|
cookieExpiry = getCookieExpiry(); |
|
|
cookieExpiry = getCookieExpiry(); |
|
|
req.session.cookie.expires = cookieExpiry; |
|
|
|
|
|
req.session.user = reqEmail; |
|
|
req.session.user = reqEmail; |
|
|
res.cookie("authorized", success, { domain: process.env.COOKIE_DOMAIN.split(","), sameSite: "none", secure: true, expires: cookieExpiry }); |
|
|
|
|
|
res.send({ authorized: success, message: msg }) |
|
|
res.send({ authorized: success, message: msg }) |
|
|
}); |
|
|
}); |
|
|
|
|
|
} else { |
|
|
|
|
|
res.status(401).send({ authorized: success, message: msg }); |
|
|
|
|
|
} |
|
|
}); |
|
|
}); |
|
|
}); |
|
|
}); |
|
|
|
|
|
|
|
@ -179,9 +210,7 @@ app.post('/create', (req, res) => { |
|
|
if (req.session.verified) { |
|
|
if (req.session.verified) { |
|
|
createUser(reqEmail, req.body.password, req.body.name, req.body.phoneNumber, (success, msg) => { |
|
|
createUser(reqEmail, req.body.password, req.body.name, req.body.phoneNumber, (success, msg) => { |
|
|
cookieExpiry = getCookieExpiry(); |
|
|
cookieExpiry = getCookieExpiry(); |
|
|
req.session.cookie.expires = cookieExpiry; |
|
|
|
|
|
req.session.user = reqEmail; |
|
|
req.session.user = reqEmail; |
|
|
res.cookie("authorized", success, { domain: process.env.COOKIE_DOMAIN.split(","), sameSite: "none", secure: true, expires: cookieExpiry }); |
|
|
|
|
|
if (success) { |
|
|
if (success) { |
|
|
addContact(req.session.user, req.session.verifiedBy, (sucesss, msg) => { |
|
|
addContact(req.session.user, req.session.verifiedBy, (sucesss, msg) => { |
|
|
res.send({ success: success, message: msg }); |
|
|
res.send({ success: success, message: msg }); |
|
@ -208,7 +237,6 @@ app.get('/code', (req, res) => { |
|
|
app.get("/verify/:id", (req, res) => { |
|
|
app.get("/verify/:id", (req, res) => { |
|
|
checkVerification(req.params.id, (success, msg, withUserID) => { |
|
|
checkVerification(req.params.id, (success, msg, withUserID) => { |
|
|
cookieExpiry = getCookieExpiry(); |
|
|
cookieExpiry = getCookieExpiry(); |
|
|
req.session.cookie.expires = cookieExpiry; |
|
|
|
|
|
req.session.verified = success; |
|
|
req.session.verified = success; |
|
|
req.session.verifiedBy = withUserID; |
|
|
req.session.verifiedBy = withUserID; |
|
|
|
|
|
|
|
@ -222,7 +250,6 @@ app.get("/verify/:id", (req, res) => { |
|
|
} |
|
|
} |
|
|
}); |
|
|
}); |
|
|
} else { // If Not Logged In
|
|
|
} else { // If Not Logged In
|
|
|
res.cookie("verified", success, { domain: process.env.COOKIE_DOMAIN.split(","), sameSite: "none", secure: true, expires: cookieExpiry }); |
|
|
|
|
|
if (success) { |
|
|
if (success) { |
|
|
res.redirect(`${process.env.WEBSITE_URL}/#/create`) |
|
|
res.redirect(`${process.env.WEBSITE_URL}/#/create`) |
|
|
} else { |
|
|
} else { |
|
|