-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapp.js
192 lines (137 loc) · 5.32 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
/*
* Various requires.
* express is our framework
-TODOS: DB connection opening should be a middleware
- DB connection closing should also be a middleware.
*/
var express = require ( 'express' ),
path = require ('path'),
fs = require ( 'fs' ), //fs to access our sqlite file
file = path.join ( __dirname , '/test.db'), //DB filename. Relative path.
exists = fs.existsSync ( file ),//Check if the db already exists.
sqlite3 = require ( 'sqlite3' ).verbose ( ), //The node-sqlite3 library
db = new sqlite3.cached.Database ( file , sqlite3.OPEN_READWRITE ), //The db handle
dust = require ( 'dustjs-linkedin' ),//Dust, the templaing engine of choice.
cons = require ( 'consolidate' ); //Consolidate, for dust to work with express.
app = express ( ), //Initialize the app.
http = require ( 'http' ),
https = require ('https'),
secure_r= require ('./lib/tls.js'),
pjax = require ('./lib/pjax.js');
//Tell the app to use dust.js for templating
app.engine ( 'dust' , cons.dust ) ;
app.set ( 'template_engine', 'dust' ) ;
app.set ( 'views', __dirname + '/templates') ;
app.set ( 'view engine' , 'dust' ) ;
//Other app settings
app.use ( express.favicon ( path.join ( __dirname , '/static/favicon.ico' ) ) ) ; //Favicon
app.use ( express.logger ('dev' ) );//use logger in dev context
app.use ( express.bodyParser ( ) );
app.use ( express.methodOverride ( ) ) ;
//We intend to use cookies and session for login.
app.use ( express.cookieParser ( 'wigglybits4every1!!' ) ) ;
app.use ( express.session ( ) );
app.use ( pjax ());
//app.use ( secure_r () );
//Static assets serving. We will move this to nginx directly when we set up reverse proxying
app.use ( express.static ( path.join ( __dirname , 'static' ) ) );
/* Routes definitions */
/* Only http_only requests first, so we use out http_only middleware here */
/* Default route, e.g. localhost/
* This will show the posts in reverse order of their insertion
*
*/
app.get ( '/' , function (req, res) {
//Fetch from the database in a serial order.
// TODO : Figure out how to parallelize this.
//
var logged_in = false;
if (req.session.user) logged_in = true;
if ( exists ) {
db.serialize( function () {
db.all( "SELECT id, title, post, slug FROM entries order by id desc" , function ( err , rows ) {
res.render('index' , { title : 'Posts', result: rows, logged_in: logged_in } );
});
});
}
});
app.get( '/post/:slug', function ( req , res ){
var logged_in = false;
var slug = req.params.slug || null;
if (req.session.user) logged_in = true;
if ( exists && slug ){
db.serialize( function () {
db.get( " SELECT id, title, post, slug from entries where slug = ?", [slug] , function (err , row) {
res.renderPjax("post", {result : row, logged_in : logged_in });
});
});
}
});
app.post( '/post/:id', restrict , function (req, res ){
var id = req.params.id || null;
var title = req.body.title || null;
var post = req.body.text || null;
var slug = req.body.slug || null;
db.serialize( function () {
db.run ( " UPDATE entries set title = ? , post = ? where id = ?", [title, post, id], function (err) {
console.log(JSON.stringify(err));
res.redirect("/post/" + slug);
});
});
});
app.post ('/add', restrict, function ( req, res ){
var title = req.body.title;
var slug = slugify(title);
var text = req.body.text;
db.run( "INSERT INTO entries (title, post, slug) values (?, ?, ?)", [title, text, slug] );
res.redirect('/');
});
/* /login GET route, for example localhost/login
* This just renders the login page, which will eventually POST to /login and create a session if the user is valid
*/
app.get ( '/login' , function ( req , res ) {
res.render('login');
});
app.post ('/login', function ( req, res ) {
var username = req.body.username || '';
var password = req.body.password || '';
if (username === 'stmishra@fastmail.fm' && password === 'bigpassword'){
req.session.user = 'stmishra@fastmail.fm';
res.redirect('/');
} else {
res.send ("Not logged in");
}
});
app.get ( '/logout', function ( req , res ){
req.session.destroy(function(){
res.redirect('/');
});
});
/*
* Sesion middle ware
*/
function restrict(req, res, next){
if (req.session.user){
next();
} else {
req.session.error = "Access denied";
res.redirect('/login');
}
}
function slugify(text) {
return text.toString().toLowerCase()
.replace(/\s+/g, '-') // Replace spaces with -
.replace(/[^\w\-]+/g, '') // Remove all non-word chars
.replace(/\-\-+/g, '-') // Replace multiple - with single -
.replace(/^-+/, '') // Trim - from start of text
.replace(/-+$/, ''); // Trim - from end of text
}
//var privateKey = fs.readFileSync('sslcert/server.key', 'utf8');
//var certificate = fs.readFileSync('sslcert/server.crt', 'utf8');
//var httpsServer = https.createServer({key : privateKey, cert: certificate}, app);
var httpServer = http.createServer( app );
httpServer.listen(8083);
//httpsServer.listen(443);
//Tell the user the app has started
//console.log("Secure App listening on port 443");
console.log(" App listening on port 8083");