-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.js
More file actions
130 lines (99 loc) · 3.66 KB
/
index.js
File metadata and controls
130 lines (99 loc) · 3.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
const express = require("express");
const bcrypt = require("bcryptjs");
const bodyParser = require("body-parser");
const randomToken = require('random-token');
const cors = require("cors");
const app = express();
const port = 8081;
app.use(bodyParser.json());
app.use(cors());
class Post {
title
receiver
sender
post
img
url
constructor(post) {
title = post.title;
receiver = post.user;
sender = username;
post = post.post;
img = post.img == undefined ? null : post.img;
url = post.url == undefined ? null : post.url;
}
insert() {
return `
insert into userinfo (author, title, receiver, url, img, post)
values (${sender}, ${title}, ${receiver}, ${url}, ${img}, ${post})`;
}
};
const db = require('better-sqlite3')('db/messago.db');
db.pragma('journal_mode = WAL');
const users = db.prepare('SELECT * FROM users;').all();
const userinfo = db.prepare('SELECT * FROM userinfo;').all();
const posts = db.prepare('SELECT * FROM posts;').all();
// console.log(users.find(e => e.username == username));
const tokens = {
};
app.get('/', (req, res) => {
res.sendStatus(200);
});
app.post('/token', (req, res) => {
const { username, password } = req.body;
let user = users.find(e => {
console.log("e:",e.username);
return e.username == username;
});
console.log("username: '%s'", username);
if (user.username == undefined || user.username == null) {
res.statusCode = 403;
res.send(JSON.stringify({ status: "error", message: `Username ${username} doesn't exist in the db. Are you registered?`}));
}
let hash = user.password_hash;
if (bcrypt.compareSync(password, hash)) {
if (Object.hasOwn(username)) {
delete tokens[username];
}
let token = randomToken(32);
tokens[username] = { "token": token };
res.statusCode = 200;
res.send(JSON.stringify({ status: "success", token: token }));
} else {
res.statusCode = 403;
res.send(JSON.stringify({ status: "error", message: `Username or password is incorrect, failed to generate new token.`}));
}
});
app.post('/check', (req, res) => {
const { username, token } = req.body;
if (tokens[username].token == undefined || tokens[username] == undefined) {
res.statusCode = 403;
res.send(JSON.stringify({ status: "error", message: `Username ${username} doesn't exist in the db. Are you registered?`}));
}
// console.log(tokens[username], token);
if (tokens[username].token == token) {
res.statusCode = 200;
res.send(JSON.stringify({ status: "success", exists: true }));
} else {
res.statusCode = 403;
res.send(JSON.stringify({ status: "error", exists: false, message: `Token doesn't exist; generate new token.`}));
}
});
app.post('/post', (req, res) => {
const { username, token } = req.body.auth;
if (tokens[username].token == undefined || tokens[username] == undefined) {
res.statusCode = 403;
res.send(JSON.stringify({ status: "error", message: `Username ${username} doesn't exist in the db. Are you registered?`}));
}
// console.log(tokens[username], token);
if (tokens[username].token == token) {
const post = req.body.post;
let data = new Post(post);
posts.exec(data.insert());
res.statusCode = 202;
res.send(JSON.stringify({ status: "success", message: `Post successfully sent to ${data.receiver}!`}));
}
});
app.listen(port, () => {
console.log(`messago api server starting at http://localhost:${port}`);
});