-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
129 lines (103 loc) · 3.44 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
// Basic template with Node.JS, Express, CursusDB
import express from 'express'
import Client from 'cursusdb-node'
const app = express();
const client = new Client("0.0.0.0", "7681", "username", "password", false)
app.use(express.json());
// Get all posts
app.get('/posts', async (req, res) => {
let authenticated = checkAuth(req.headers)
if (!authenticated) {
res.status(401)
res.send(`{"message": "Not allowed."}`)
return
}
client.Query(`select * from posts;`).then((results) => {
res.send(results)
})
});
// Insert new post into posts collection
app.post('/posts', async (req, res) => {
let authenticated = checkAuth(req.headers)
if (!authenticated) {
res.status(401)
res.send(`{"message": "Not allowed."}`)
return
}
if (!req.body.title && !req.body.body) {
res.send(`{"message": "Missing post title and body."}`)
return
}
// posts collection json document structure example:
// {"title": "Test post 1", "body": "Hello world!"}
client.Query(`insert into posts(${JSON.stringify(req.body)});`).then((results) => {
res.send(results)
})
});
// Takes a post title and updates body
app.put('/posts', async (req, res) => {
let authenticated = checkAuth(req.headers)
if (!authenticated) {
res.status(401)
res.send(`{"message": "Not allowed."}`)
return
}
if (!req.body.title && !req.body.body) {
res.send(`{"message": "Missing post title and body for update."}`)
return
}
client.Query(`update 1 in posts where title = '${req.body.title}' set body = '${req.body.body}';`).then((results) => {
res.send(results)
})
});
// Takes a post title and deletes it
app.delete('/posts', async (req, res) => {
let authenticated = checkAuth(req.headers)
if (!authenticated) {
res.status(401)
res.send(`{"message": "Not allowed."}`)
return
}
if (!req.body.title) {
res.send(`{"message": "Missing post title."}`)
return
}
client.Query(`delete 1 from posts where title = '${req.body.title}';`).then((results) => {
res.send(results)
})
});
// On end close database connection
process.on('SIGTERM', () => {
client.Close()
});
client.Connect().then((res) => {
console.log(res)
const port = parseInt(process.env.PORT) || 8080;
app.listen(port, () => {
console.log(`listening on port ${port}`);
});
}).catch((err) => {
console.error(err)
process.exit(1)
})
function checkAuth(headers) {
if (headers["authorization"].split("Basic ").length < 2) {
return false
}
let authorization = Buffer.from(headers["authorization"].split("Basic ")[1], 'base64').toString('utf8').split(":")
if (authorization.length < 2) {
return false
}
let username = authorization[0]
let password = authorization[1]
// For this example we wont read from the database and add to much here
// But you should add another api to create users and make sure to bcrypt passwords.
// const user = client.Query(`select 1 from users where username = 'x';)
// Check the users password hash against plain with bcrypt
// Again for this example we will keep it simple
if (username == "template" && password == "template") {
return true
} else {
return false
}
}