-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathexpress_server.js
218 lines (186 loc) · 6.38 KB
/
express_server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
////////////////////////////////////////////////////////////////////////
/*
SETUP
FUNCTIONS
VARIABLES
*/
// app config
const express = require('express');
const app = express();
const PORT = 8080;
const bodyParser = require('body-parser');
app.use(bodyParser.urlencoded({extended: true}));
const cookieSession = require('cookie-session');
app.use(cookieSession({name: 'session', secret: 'grey-rose-juggling-volcanoes'}));
const bcrypt = require('bcrypt');
app.set('view engine', 'ejs');
// functions
const { getUserByEmail, generateRandomString, urlsForUser } = require('./helpers');
// variables
const urlDatabase = {};
const users = {};
////////////////////////////////////////////////////////////////////////
/*
ROUTING
*/
// root - GET
// redirects to /urls if logged in, otherwise to /login
app.get('/', (req, res) => {
if (req.session.userID) {
res.redirect('/urls');
} else {
res.redirect('/login');
}
});
// urls index page - GET
// shows urls that belong to the user, if they are logged in
app.get('/urls', (req, res) => {
const userID = req.session.userID;
const userUrls = urlsForUser(userID, urlDatabase);
const templateVars = { urls: userUrls, user: users[userID] };
if (!userID) {
res.statusCode = 401;
}
res.render('urls_index', templateVars);
});
// new url creation - POST
// adds new url to database, redirects to short url page
app.post('/urls', (req, res) => {
if (req.session.userID) {
const shortURL = generateRandomString();
urlDatabase[shortURL] = {
longURL: req.body.longURL,
userID: req.session.userID
};
res.redirect(`/urls/${shortURL}`);
} else {
const errorMessage = 'You must be logged in to do that.';
res.status(401).render('urls_error', {user: users[req.session.userID], errorMessage});
}
});
// new url creation page - GET
// validates if the user is logged in before displaying page
app.get('/urls/new', (req, res) => {
if (req.session.userID) {
const templateVars = {user: users[req.session.userID]};
res.render('urls_new', templateVars);
} else {
res.redirect('/login');
}
});
// short url page - GET
// shows details about the url if it belongs to user
app.get('/urls/:shortURL', (req, res) => {
const shortURL = req.params.shortURL;
const userID = req.session.userID;
const userUrls = urlsForUser(userID, urlDatabase);
const templateVars = { urlDatabase, userUrls, shortURL, user: users[userID] };
if (!urlDatabase[shortURL]) {
const errorMessage = 'This short URL does not exist.';
res.status(404).render('urls_error', {user: users[userID], errorMessage});
} else if (!userID || !userUrls[shortURL]) {
const errorMessage = 'You are not authorized to see this URL.';
res.status(401).render('urls_error', {user: users[userID], errorMessage});
} else {
res.render('urls_show', templateVars);
}
});
// url edit - POST
// updates longURL if url belongs to user
app.post('/urls/:shortURL', (req, res) => {
const shortURL = req.params.shortURL;
if (req.session.userID && req.session.userID === urlDatabase[shortURL].userID) {
urlDatabase[shortURL].longURL = req.body.updatedURL;
res.redirect(`/urls`);
} else {
const errorMessage = 'You are not authorized to do that.';
res.status(401).render('urls_error', {user: users[req.session.userID], errorMessage});
}
});
// delete url - POST
// deletes url from database if it belongs to user
app.post('/urls/:shortURL/delete', (req, res) => {
const shortURL = req.params.shortURL;
if (req.session.userID && req.session.userID === urlDatabase[shortURL].userID) {
delete urlDatabase[shortURL];
res.redirect('/urls');
} else {
const errorMessage = 'You are not authorized to do that.';
res.status(401).render('urls_error', {user: users[req.session.userID], errorMessage});
}
});
// redirecting - GET
// redirects to the long (actual) url
app.get('/u/:shortURL', (req, res) => {
if (urlDatabase[req.params.shortURL]) {
res.redirect(urlDatabase[req.params.shortURL].longURL);
} else {
const errorMessage = 'This short URL does not exist.';
res.status(404).render('urls_error', {user: users[req.session.userID], errorMessage});
}
});
// login page - GET
// redirects to urls index page if already logged in
app.get('/login', (req, res) => {
if (req.session.userID) {
res.redirect('/urls');
return;
}
const templateVars = {user: users[req.session.userID]};
res.render('urls_login', templateVars);
});
// logging in - POST
// redirects to urls index page if credentials are valid
app.post('/login', (req, res) => {
const user = getUserByEmail(req.body.email, users);
if (user && bcrypt.compareSync(req.body.password, user.password)) {
req.session.userID = user.userID;
res.redirect('/urls');
} else {
const errorMessage = 'Login credentials not valid. Please make sure you enter the correct username and password.';
res.status(401).render('urls_error', {user: users[req.session.userID], errorMessage});
}
});
// logging out - POST
// clears cookies and redirects to urls index page
app.post('/logout', (req, res) => {
res.clearCookie('session');
res.clearCookie('session.sig');
res.redirect('/urls');
});
// registration page - GET
// redirects to urls index page if already logged in
app.get('/register', (req, res) => {
if (req.session.userID) {
res.redirect('/urls');
return;
}
const templateVars = {user: users[req.session.userID]};
res.render('urls_registration', templateVars);
});
// registering - POST
// redirects to urls index page if credentials are valid
app.post('/register', (req, res) => {
if (req.body.email && req.body.password) {
if (!getUserByEmail(req.body.email, users)) {
const userID = generateRandomString();
users[userID] = {
userID,
email: req.body.email,
password: bcrypt.hashSync(req.body.password, 10)
};
req.session.userID = userID;
res.redirect('/urls');
} else {
const errorMessage = 'Cannot create new account, because this email address is already registered.';
res.status(400).render('urls_error', {user: users[req.session.userID], errorMessage});
}
} else {
const errorMessage = 'Empty username or password. Please make sure you fill out both fields.';
res.status(400).render('urls_error', {user: users[req.session.userID], errorMessage});
}
});
// server listen
app.listen(PORT, () => {
console.log(`Example app listening on port ${PORT}`);
});