lab-regan day 3

lab-regan/.eslintrc

@@ -0,0 +1,19 @@
+{
+  "rules": {
+    "no-console": "off",
+    "indent": [ "error", 2 ],
+    "quotes": [ "error", "single" ],
+    "semi": ["error", "always"],
+    "linebreak-style": [ "error", "unix" ]
+  },
+  "env": {
+    "es6": true,
+    "node": true,
+  },
+  "ecmaFeatures": {
+    "modules": true,
+    "experimentalObjectRestSpread": true,
+    "impliedStrict": true
+  },
+  "extends": "eslint:recommended"
+}

lab-regan/.gitignore

@@ -0,0 +1,131 @@
+
+# Created by https://www.gitignore.io/api/osx,node,linux,windows
+
+### Linux ###
+*~
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# KDE directory preferences
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+###Local Files###
+
+### Node ###
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (http://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Typescript v1 declaration files
+typings/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+
+
+
+### OSX ###
+*.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+ehthumbs.db
+ehthumbs_vista.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# End of https://www.gitignore.io/api/osx,node,linux,windows

lab-regan/README.md

@@ -0,0 +1,5 @@
+Basic Authorization
+
+This program contains uses bcrypt in conjunction with node.js's native module crypto to securely save users login credentials.
+
+For Grading purposes it contains a .env file which houses a couple environment variables we need to communicate with our MongoDB database and generate tokens.

lab-regan/gulpfile.js

@@ -0,0 +1,13 @@
+'use strict';
+
+const gulp = require('gulp');
+const eslint = require('gulp-eslint');
+
+gulp.task('lint', function(){
+  return gulp.src(['**/*.js', '!node_modules'])
+  .pipe(eslint())
+  .pipe(eslint.format())
+  .pipe(eslint.failAfterError());
+});
+
+gulp.task('default', ['lint']);

lab-regan/lib/basic-auth-middleware.js

@@ -0,0 +1,39 @@
+'use strict';
+
+const createError = require('http-errors');
+const debug = require('debug')('cfgram:basic-auth-middleware');
+
+module.exports = function(req, res, next){
+  debug('basic auth');
+
+
+  var authHeader = req.headers.authorization;
+
+  if(!authHeader){
+    return next(createError(401, 'authorization header required'));
+  };
+
+  var base64str = authHeader.split('Basic ')[1];
+  if(!base64str){
+    return next(createError(401, 'username and password required'));
+  };
+
+  var utf8str = new Buffer(base64str, 'base64').toString();
+  var authArr = utf8str.split(':');
+
+  req.auth = {
+    username: authArr[0],
+    password: authArr[1]
+  };
+
+  if(!req.auth.username){
+    return next(createError(401, 'username required'));
+  };
+
+  if(!req.auth.password){
+    return next(createError(401, 'password required'));
+  };
+
+  next();
+
+};

lab-regan/lib/bearer-auth-middleware.js

@@ -0,0 +1,33 @@
+'use strict';
+
+const debug = require('debug')('cfgram:bearer-auth-middleware');
+const createError = require('http-errors');
+const jwt = require('jsonwebtoken');
+
+const User = require('../model/user.js');
+
+module.exports = function(req, res, next){
+  debug('bearer auth middleware');
+
+  var authHeader = req.headers.authorization;
+  if(!authHeader){
+    return next(createError(401, 'not fun'));
+  };
+  var token = authHeader.split('Bearer ')[1];
+  if(!token){
+    return next(createError(401, 'not good very bad'));
+  };
+
+  jwt.verify(token, process.env.APP_SECRET, (err, decoded) => {
+    if(err) return next(err);
+    User.findOne({ findHash: decoded.token })
+    .then( user => {
+      req.user = user;
+      next();
+    })
+    .catch(err => {
+      next(createError(401, err.message));
+    });
+  });
+
+};

lab-regan/lib/error-middleware.js

@@ -0,0 +1,37 @@
+'use strict';
+
+const createError = require('http-errors');
+const debug = require('debug')('cfgram:error-middleware');
+
+module.exports = function(err, req, res, next){
+  debug('error-middleware');
+
+  console.error('msg:', err.message);
+  console.error('name:', err.name);
+
+//400 solution
+  if(err.message === 'data and salt arguments required'){
+    err = createError(400, 'so bad');
+    debug(err.status);
+    res.status(err.status).send(err.name);
+    next();
+    return;
+  };
+
+  if(err.status){
+    res.status(err.status).send(err.name);
+    next();
+    return;
+  };
+
+  if(err.name === 'ValidationError'){
+    err = createError(400, err.message);
+    res.status(err.status).send(err.name);
+    next();
+    return;
+  };
+
+  err = createError(404, err.message);
+  res.status(err.status).send(err.name);
+  next();
+};

lab-regan/model/gallery.js

@@ -0,0 +1,13 @@
+'use strict';
+
+const mongoose = require('mongoose');
+const Schema = mongoose.Schema;
+
+const gallerySchema = Schema({
+  name: {type: String, required: true},
+  desc: {type: String, required: true},
+  created: {type: Date, required: true, default: Date.now },
+  userID: { type: Schema.Types.ObjectId, required: true }
+});
+
+module.exports = mongoose.model('gallery', gallerySchema);

lab-regan/model/pic.js

@@ -0,0 +1,16 @@
+'use strict';
+
+const mongoose = require('mongoose');
+const Schema = mongoose.Schema;
+
+const picSchema = Schema({
+  name: {type: String, required: true},
+  desc: {type: String, required: true},
+  userID: {type: Schema.Types.ObjectId, required: true},
+  galleryID: {type: Schema.Types.ObjectId, required: true},
+  imageURI: {type: String, required: true, unique: true},
+  objectKey: {type: String, required: true, unique: true},
+  created: {type: Date, default: Date.now}
+});
+
+module.exports = mongoose.model('pic', picSchema);

lab-regan/model/user.js

@@ -0,0 +1,71 @@
+'use strict';
+
+const mongoose = require('mongoose');
+const debug = require('debug')('cfgram:user');
+const Promise = require('bluebird');
+const createError = require('http-errors');
+const crypto = require('crypto');
+const bcrypt = require('bcrypt');
+const jwt = require('jsonwebtoken');
+
+const Schema = mongoose.Schema;
+
+const userSchema = Schema({
+  username: {type: String, required: true, unique: true},
+  password: {type: String, required: true},
+  email: {type: String, required: true, unique: true},
+  findHash: {type: String, unique: true}
+});
+
+userSchema.methods.generatePasswordHash = function(password){
+  debug('generatePasswordHash');
+  return new Promise((resolve, reject) => {
+    bcrypt.hash(password, 10, (err, hash) => {
+      if(err) return reject(err);
+      this.password = hash;
+      resolve(this);
+    });
+  });
+};
+
+userSchema.methods.comparePasswordHash = function(password){
+  debug('comparePasswordHash');
+  return new Promise((resolve, reject) => {
+    bcrypt.compare(password, this.password, (err, valid) => {
+        if(err) return reject(err);
+        if(!valid) return reject(createError(401, 'wrong password'));
+        resolve(this);
+    });
+  });
+};
+
+userSchema.methods.generateFindHash = function(){
+  debug('generateFindHash');
+  return new Promise((resolve, reject) => {
+    let tries = 0;
+    _generateFindHash.call(this);
+    function _generateFindHash(){
+      debug('ok we are also herererere');
+      this.findHash = crypto.randomBytes(32).toString('hex');
+      this.save()
+      .then( () => resolve(this.findHash))
+      .catch( err => {
+        debug('we are in the catch statement');
+        if(tries > 3) return reject(err);
+        tries++;
+        _generateFindHash.call(this);
+      });
+    };
+  });
+};
+
+userSchema.methods.generateToken = function(){
+  debug('generateToken');
+  return new Promise((resolve, reject) => {
+    this.generateFindHash()
+    .then( findHash => resolve(jwt.sign({token: findHash}, process.env.APP_SECRET )))
+    .catch( err => reject(err));
+  });
+};
+
+module.exports = mongoose.model('user', userSchema);