Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Day 3 #36

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Day 3 #36

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
2d3658e
done
noahgribbin Mar 7, 2017
056e8b6
added gallery routes
noahgribbin Mar 8, 2017
53308be
POST pic routes/test
noahgribbin Mar 8, 2017
ad1f4d2
added travis yml
noahgribbin Mar 9, 2017
486d11e
added coveralls
noahgribbin Mar 9, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .coveralls.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
service_name: travis-ci
repo_token: swd8oweVDiONheCgxzP0lxarI45ODDJxd
65 changes: 65 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@

# Created by https://www.gitignore.io/api/node

### Node ###
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*

# Runtime data
pids
*.pid
*.seed
*.pid.lock

# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov

# Coverage directory used by tools like istanbul
coverage

# nyc test coverage
.nyc_output

# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
.grunt

# Bower dependency directory (https://bower.io/)
bower_components

# node-waf configuration
.lock-wscript

# Compiled binary addons (http://nodejs.org/api/addons.html)
build/Release

# Dependency directories
node_modules/
jspm_packages/

# Typescript v1 declaration files
typings/

# Optional npm cache directory
.npm

# Optional eslint cache
.eslintcache

# Optional REPL history
.node_repl_history

# Output of 'npm pack'
*.tgz

# Yarn Integrity file
.yarn-integrity

# dotenv environment variables file
.env


# End of https://www.gitignore.io/api/node
19 changes: 19 additions & 0 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
language: node_js
node_js:
- 'stable'
services:
- mongodb
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- gcc-4.8
- g++-4.8
env:
- CXX=g++-4.8
sudo: required
before_script: npm i
script:
-npm run test
-npm run lint
37 changes: 37 additions & 0 deletions lib/basic-auth-middleware.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
'use strict';

const createError = require('http-errors');
const debug = require('debug')('cfgram:basic-auth-middleware');

module.exports = function(req, res, next) {
debug('basic auth');

// console.log('LOOK HERE NOAH, BEFORE:', req.headers.authorization);
var authHeader = req.headers.authorization;
// console.log('LOOK HERE NOAH, AFTER:', req.headers.authorization);
if(!authHeader) {
return next(createError(401, 'authorization header required'));
}

var base64str = authHeader.split('Basic ')[1];
if(!base64str) {
return next(createError(401, 'username and password required'));
}

var utf8str = new Buffer(base64str, 'base64').toString();
var authArr = utf8str.split(':');

req.auth = {
username: authArr[0],
password: authArr[1]
};

if(!req.auth.username){
return next(createError(401, 'username required'));
}
if(!req.auth.password){
return next(createError(401, 'password required'));
}

next();
};
38 changes: 38 additions & 0 deletions lib/bearer-auth-middleware.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
'use strict';

const jwt = require('jsonwebtoken');
const createError = require('http-errors');
const debug = require('debug')('cfgram:bearer-auth-middleware');

const User = require('../model/user.js');

module.exports = function(req, res, next) {
debug('bearer-auth');
// console.log('req headers auth:', req.headers.authorization);
// console.log('Request:', req);
var authHeader = req.headers.authorization;
// console.log('req headers:', req.headers);
if(!authHeader) {
return next(createError(401, 'authorization header required'));
}

var token = authHeader.split('Bearer ')[1];
if(!token) {
return next(createError(401, 'token required'));
}
// console.log('Auth Header:', authHeader);
// console.log('token', token);
jwt.verify(token, process.env.APP_SECRET, (err, decoded) => {
if (err) return next(err);
// console.log('DECODED:', decoded);

User.findOne({ findHash: decoded.token})
.then( user => {
req.user = user;
next();
})
.catch(err => {
next(createError(401, err.message));
});
});
};
29 changes: 29 additions & 0 deletions lib/error-middleware.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
'use strict';

const createError = require('http-errors');
const debug = require('debug')('cfgram:error-middleware');

module.exports = function(err, req, res, next) {
debug('error middleware');

console.error('msg:', err.message);
console.error('name:', err.name);

if (err.name === 'ValidationError') {
err = createError(400, err.message);
res.status(err.status).send(err.name);
next();
return;
}

if (err.status) {
res.status(err.status).send(err.name);
next();
return;
}


err = createError(500, err.message);
res.status(err.status).send(err.name);
next();
};
13 changes: 13 additions & 0 deletions model/gallery.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
'use strict';

const mongoose = require('mongoose');
const Schema = mongoose.Schema;

const gallerySchema = Schema({
name: {type: String, required: true},
desc: {type: String, required: true},
created: {type: Date, required: true, default: Date.now},
userID: {type: Schema.Types.ObjectId, required: true}
});

module.exports = mongoose.model('gallery', gallerySchema);
16 changes: 16 additions & 0 deletions model/pic.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
'use strict';

const mongoose = require('mongoose');
const Schema = mongoose.Schema;

const picSchema = Schema({
name: {type: String, required: true},
desc: {type: String, required: true},
userID: {type: Schema.Types.ObjectId, required: true},
galleryID: {type: Schema.Types.ObjectId, required: true},
imageURI: {type: String, required: true, unique: true},
objectKey: {type: String, required: true, unique: true},
created: {type: Date, default: Date.now},
});

module.exports = mongoose.model('pic', picSchema);
76 changes: 76 additions & 0 deletions model/user.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
'use strict';

const crypto = require('crypto');
const bcrypt = require('bcrypt');
const jwt = require('jsonwebtoken');
const mongoose = require('mongoose');
const createError = require('http-errors');
const Promise = require('bluebird');
const debug = require('debug')('cfgram:user');

const Schema = mongoose.Schema;

const userSchema = Schema({
username: { type: String, required: true, unique: true },
email: { type: String, required: true, unique: true },
password: { type: String, required: true },
findHash: { type: String, unique: true }
});

userSchema.methods.generatePasswordHash = function(password) {
debug('generatePasswordHash');

return new Promise((resolve, reject) => {
bcrypt.hash(password, 10, (err, hash) => {
if(err) return reject(err);
this.password = hash;
resolve(this);
});
});
};

userSchema.methods.comparePasswordHash = function(password) {
debug('comparePasswordHash');

return new Promise((resolve, reject) => {
bcrypt.compare(password, this.password, (err, valid) => {
if(err) return reject(err);
if(!valid) return reject(createError(401, 'wrong password'));
resolve(this);
});
});
};

userSchema.methods.generateFindHash = function() {
debug('generateFindHash');

return new Promise((resolve, reject) => {
let tries = 0;

_generateFindHash.call(this);

function _generateFindHash(){
this.findHash = crypto.randomBytes(32).toString('hex');
this.save()
.then( () => resolve(this.findHash))
.catch( err => {
if(tries > 3) return reject(err);
tries++;
_generateFindHash.call(this);

});
}
});
};

userSchema.methods.generateToken = function() {
debug('generateToken');

return new Promise((resolve, reject) => {
this.generateFindHash()
.then( findHash => resolve(jwt.sign({token: findHash}, process.env.APP_SECRET)))
.catch( err => reject(err));
});
};

module.exports = mongoose.model('user', userSchema);
49 changes: 49 additions & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
{
"name": "16-basic_auth",
"version": "1.0.0",
"description": "![cf](https://i.imgur.com/7v5ASc8.png) Lab 16 - Basic Auth\r ======",
"main": "server.js",
"directories": {
"test": "test"
},
"scripts": {
"test": "DEBUG='cfgram*' mocha",
"coveralls": "istanbul cover ./node_modules/mocha/bin/_mocha --report lcovonly -- -R spec && cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js && rm -rf ./coverage",
"start": "DEBUG='cfgram*' node server.js"
},
"repository": {
"type": "git",
"url": "git+https://github.com/noahgribbin/16-basic_auth.git"
},
"keywords": [],
"author": "",
"license": "ISC",
"bugs": {
"url": "https://github.com/noahgribbin/16-basic_auth/issues"
},
"homepage": "https://github.com/noahgribbin/16-basic_auth#readme",
"dependencies": {
"aws-sdk": "^2.24.0",
"bcrypt": "^1.0.2",
"bluebird": "^3.5.0",
"body-parser": "^1.17.1",
"cors": "^2.8.1",
"debug": "^2.6.1",
"del": "^2.2.2",
"dotenv": "^4.0.0",
"express": "^4.15.2",
"http-errors": "^1.6.1",
"jsonwebtoken": "^7.3.0",
"mongoose": "^4.8.6",
"morgan": "^1.8.1",
"multer": "^1.3.0"
},
"devDependencies": {
"aws-sdk-mock": "^1.6.1",
"chai": "^3.5.0",
"coveralls": "^2.12.0",
"istanbul": "^0.4.5",
"mocha": "^3.2.0",
"superagent": "^3.5.0"
}
}
36 changes: 36 additions & 0 deletions route/auth-router.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
'use strict';

const jsonParser = require('body-parser').json();
const debug = require('debug')('cfgram:auth-router');
const Router = require('express').Router;
const basicAuth = require('../lib/basic-auth-middleware.js');
const createError = require('http-errors');

const User = require('../model/user.js');

const authRouter = module.exports = Router();

authRouter.post('/api/signup', jsonParser, function(req, res, next) {
debug('POST /api/signup');

let password = req.body.password;
delete req.body.password;

let user = new User(req.body);

user.generatePasswordHash(password)
.then( user => user.save())
.then( user => user.generateToken())
.then( token => res.send(token))
.catch(err => next(createError(400, err.message)));
});

authRouter.get('/api/signin', basicAuth, function(req, res, next) {
debug('GET /api/signin');

User.findOne({ username: req.auth.username })
.then( user => user.comparePasswordHash(req.auth.password))
.then( user => user.generateToken())
.then( token => res.send(token))
.catch(next);
});
Loading