mifi/looking-monorepo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move backend files to backend/ subdirectory

Browse Source
This commit is contained in:
Mike Fitzpatrick
2025-07-25 19:09:35 -03:00
parent d04304b573
commit 1bd4ca0d98
59 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
backend/Dockerfile Normal file
View File

@@ -0,0 +1,11 @@
FROM node:latest
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3069
CMD ["npm", "start"]

36
backend/app.js Normal file
View File

@@ -0,0 +1,36 @@
var express = require('express');
var logger = require('morgan');
var bodyParser = require('body-parser');
var auth = require('./routes/auth');
//var cruises = require('./routes/cruises');
var geocache = require('./routes/geocache');
var profiles = require('./routes/profiles');
var users = require('./routes/users');
var app = express();
app.use(logger('dev'));
app.use(bodyParser.json({ limit: '5mb' }));
app.use(bodyParser.urlencoded({ extended: false }));
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.use('/auth', auth);
//app.use('/cruises', cruises);
app.use('/geocache', geocache);
app.use('/profiles', profiles);
app.use('/users', users);
// catch 404 and forward to error handler
app.use(function (req, res, next) {
var err = new Error('Not Found', { args: arguments });
err.status = 404;
next(err);
});
module.exports = app;

101
backend/bin/www Executable file
View File

@@ -0,0 +1,101 @@
#!/usr/bin/env node
/**
* Module dependencies.
*/
var app = require('../app');
var debug = require('debug')('urge-api:server');
var http = require('http');
var mongoose = require('mongoose');
/**
* Connect to the Mongo DB
*/
mongoose.connect('mongodb://localhost:27017/urge', (err) => {
if(err) {
throw new Error(err);
} else {
}
});
/**
* Get port from environment and store in Express.
*/
var port = normalizePort(process.env.PORT || '3069');
app.set('port', port);
/**
* Create HTTP server.
*/
var server = http.createServer(app);
/**
* Listen on provided port, on all network interfaces.
*/
server.listen(port);
server.on('error', onError);
server.on('listening', onListening);
/**
* Normalize a port into a number, string, or false.
*/
function normalizePort(val) {
var port = parseInt(val, 10);
if (isNaN(port)) {
// named pipe
return val;
}
if (port >= 0) {
// port number
return port;
}
return false;
}
/**
* Event listener for HTTP server "error" event.
*/
function onError(error) {
if (error.syscall !== 'listen') {
throw error;
}
var bind = typeof port === 'string'
? 'Pipe ' + port
: 'Port ' + port;
// handle specific listen errors with friendly messages
switch (error.code) {
case 'EACCES':
console.error(bind + ' requires elevated privileges');
process.exit(1);
break;
case 'EADDRINUSE':
console.error(bind + ' is already in use');
process.exit(1);
break;
default:
throw error;
}
}
/**
* Event listener for HTTP server "listening" event.
*/
function onListening() {
var addr = server.address();
var bind = typeof addr === 'string'
? 'pipe ' + addr
: 'port ' + addr.port;
debug('Listening on ' + bind);
}

21
backend/docker-compose.yml Normal file
View File

@@ -0,0 +1,21 @@
version: '3.8'
services:
backend:
build: .
ports:
- "3069:3069"
depends_on:
- mongo
environment:
- MONGODB_URI=mongodb://mongo:27017/urge
mongo:
image: mongo:4.4
ports:
- "27017:27017"
volumes:
- mongo-data:/data/db
volumes:
mongo-data:

21
backend/gulpfile.js Normal file
View File

@@ -0,0 +1,21 @@
const gulp = require('gulp');
const mocha = require('gulp-mocha');
const nodemon = require('gulp-nodemon');
gulp.task('default', () => {
nodemon({
script: './bin/www',
ext: 'js',
tasks: ['mocha'],
env: { 'NODE_ENV': 'development' }
})
});
gulp.task('mocha', () => {
gulp.src(process.cwd() + '/tests/index.js', {read: false})
.pipe(
mocha({
reporter: 'nyan'
})
);
});

BIN
backend/images/cruise/bally_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 616 KiB

BIN
backend/images/cruise/bally_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 141 KiB

BIN
backend/images/cruise/burlington-garage_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 370 KiB

BIN
backend/images/cruise/burlington-garage_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 97 KiB

BIN
backend/images/cruise/crowne-plaza-2_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 381 KiB

BIN
backend/images/cruise/crowne-plaza-2_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 106 KiB

BIN
backend/images/cruise/crowne-plaza_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 469 KiB

BIN
backend/images/cruise/crowne-plaza_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 139 KiB

BIN
backend/images/cruise/esplanade_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 748 KiB

BIN
backend/images/cruise/esplanade_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 143 KiB

BIN
backend/images/cruise/first-church_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 600 KiB

BIN
backend/images/cruise/first-church_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 130 KiB

BIN
backend/images/cruise/fresh-pond_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 816 KiB

BIN
backend/images/cruise/fresh-pond_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 120 KiB

BIN
backend/images/cruise/joses_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 746 KiB

BIN
backend/images/cruise/joses_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 221 KiB

BIN
backend/images/cruise/motel6_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 422 KiB

BIN
backend/images/cruise/motel6_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 106 KiB

BIN
backend/images/cruise/tufts_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 445 KiB

BIN
backend/images/cruise/tufts_thumbnail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 117 KiB

BIN
backend/images/message/2018-03-06-Brian-23.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 358 KiB

BIN
backend/images/message/2018-03-06-Brian-32.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 424 KiB

BIN
backend/images/message/IMG_20171119_011320.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 427 KiB

BIN
backend/images/message/Screenshot_20180129-234423.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 466 KiB

BIN
backend/images/message/avery_nick.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 372 KiB

BIN
backend/images/message/cologne.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 MiB

BIN
backend/images/message/grindr-screenshot1.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 183 KiB

BIN
backend/images/message/grindr-screenshot2.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 182 KiB

BIN
backend/images/message/hickey.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 194 KiB

BIN
backend/images/message/img033.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 MiB

BIN
backend/images/message/station-pic.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 153 KiB

BIN
backend/images/profile/profile-b-001_detail.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 275 KiB

BIN
backend/images/profile/profile-b-001_thumbnail.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 75 KiB

BIN
backend/images/profile/profile-j-001_detail.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 406 KiB

BIN
backend/images/profile/profile-j-001_thumbnail.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 624 KiB

BIN
backend/images/profile/profile-m-001_detail.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 573 KiB

BIN
backend/images/profile/profile-m-001_thumbnail.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 64 KiB

429
backend/models/geocache.js Normal file
View File

@@ -0,0 +1,429 @@
const mongoose = require('mongoose');
const GoogleMaps = require('@google/maps').createClient({
key: 'AIzaSyCvpBGztvxtRUNigOW9f0GXVRWlukJZsps'
});
var logger = require('../modules/logger');
const Schema = mongoose.Schema;
const GeocacheSchema = new Schema({
key: {
type: String,
required: true,
unique: true
},
formatted: {
type: String,
required: true
},
loc: {
type: {
type: String,
default: 'Point'
},
coordinates: [{
type: Number,
default: [0, 0]
}]
},
georesult: {
type: Schema.Types.Mixed
}
});
const Conversion = {
kilometersToMeters: (distance) => {
return parseFloat(distance * 1000);
},
kilometersToMiles: (distance) => {
return parseFloat(distance / 1.60934);
},
kilometersToNauticalMiles: (distance) => {
return parseFloat(distance * 0.539957);
},
metersToKilometers: (distance) => {
return parseFloat(distance / 1000);
},
metersToMiles: (distance) => {
return parseFloat(distance / 1609.34);
},
milesToKilometers: (distance) => {
return parseFloat(distance * 1.60934);
},
milesToMeters: (distance) => {
return parseFloat(distance * 1609.34);
},
milesToNauticalMiles: (distance) => {
return parseFloat(distance * 0.868976);
},
nauticalMilesToMeters: (distance) => {
return parseFloat(distance / 0.868976);
},
nauticalMilesToMiles: (distance) => {
return parseFloat(distance / 0.868976);
},
nauticalMilesToKilometers: (distance) => {
return parseFloat(distance * 1.852000674128);
}
};
GeocacheSchema.index({ name: 1, loc: '2dsphere' });
const GeocacheModel = mongoose.model('geocache', GeocacheSchema);
/*function distanceBetween (geoJSON1, geoJSON2, unit = 'mi') {
var radlat1 = Math.PI * geoJSON1.coordinates[1]/180;
var radlat2 = Math.PI * geoJSON2.coordinates[1]/180;
var theta = geoJSON1.coordinates[0] - geoJSON2.coordinates[0];
var radtheta = Math.PI * theta/180;
var dist = Math.sin(radlat1) * Math.sin(radlat2) + Math.cos(radlat1) * Math.cos(radlat2) * Math.cos(radtheta);
dist = Math.acos(dist);
dist = dist * 180/Math.PI;
dist = dist * 60 * 1.1515; // miles between
if (unit == "km") { dist = Conversion.metersToKilometers(Conversion.milesToMeters(dist)); }
if (unit == "m") { dist = dist * 1.609344; }
if (unit == "n") { dist = dist * 0.8684; }
return dist;
}*/
function queryGeodataApi (query, callback) {
GoogleMaps.geocode({
address: query
}, function(err, response) {
if (err) {
console.error('[GeocacheModel<<getGeoData>>] Address Geocoding Error', { address: query, response: response });
callback(null, err, null);
}
if (response.json && Array.isArray(response.json.results)) {
var data = {
key: sanitizeNameForKey(query),
formatted: response.json.results[0].formatted_address,
georesult: response.json.results[0],
loc: {
type: 'Point',
coordinates: [
response.json.results[0].geometry.location.lng,
response.json.results[0].geometry.location.lat
]
}
};
callback(null, null, data);
}
});
}
function sanitizeNameForKey (name) {
var key = name.replace(/[.,/#!$%^&*;:{}=\-_`~()]/g,'');
key = key.replace(/\s{2,}/g,' ');
key = key.trim();
key = key.toLowerCase();
return key;
}
module.exports = {
create: (e, geodata) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
var geocacheInstance = new GeocacheModel(geodata);
geocacheInstance.save((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
cb('create', null, result);
})
.catch((err) => {
cb('create', err, null);
});
},
conversion: Conversion,
find: (e, searchText) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.findOne({ key: sanitizeNameForKey(searchText) }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
cb('find', null, result);
})
.catch((err) => {
cb('find', err, null);
});
},
findLike: (e, searchText) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.find({ key: new RegExp('.*' + sanitizeNameForKey(searchText) + '.*', "i") }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
cb('findLike', null, result);
})
.catch((err) => {
cb('findLike', err, null);
});
},
findNear: (e, lng, lat, distance) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
var point = {
type: 'Point',
coordinates: [ lng, lat ]
};
var opts = {
spherical: true,
maxDistance: Conversion.milesToMeters(distance)
};
const promise = new Promise((resolve, reject) => {
GeocacheModel.geoNear(point, opts, (err, results) => {
if (err) {
reject(err);
}
if (results) {
resolve(results);
}
});
});
promise.then((result) => {
cb('findNear', null, result);
})
.catch((err) => {
cb('findNear', err, null);
});
},
getGeo: (e, id) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.findById(id, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
cb('getGeos', null, result);
})
.catch((err) => {
cb('getGeos', err, null);
});
},
getGeos: (e) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.find({}, (err, results) => {
if (err) {
reject(err);
}
if (results) {
resolve(results);
}
});
});
promise.then((result) => {
cb('getGeos', null, result);
})
.catch((err) => {
cb('getGeos', err, null);
});
},
getGeoJSON: (e, searchText) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
queryGeodataApi(searchText, (f, err, geodata) => {
if (err) {
reject(err);
}
if (geodata) {
resolve(geodata.loc);
}
});
});
promise.then((result) => {
cb('getGeoJSON', null, result);
})
.catch((err) => {
cb('getGeoJSON', err, null);
});
},
getGeoJSONFromCache: (e, searchText) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.findOne({ key: sanitizeNameForKey(searchText) }, (err, result) => {
if (err || !result) {
queryGeodataApi(searchText, (f, err, geodata) => {
if (err) {
reject(err);
}
if (geodata) {
let geocacheInstance = new GeocacheModel(geodata);
geocacheInstance.save((err, result) => {
if (err) {
logger.error('[Geocache::getGeoJSON] There was an error creating the GeoJSON entry.', { err: err });
}
logger.debug()
});
resolve(geodata.loc);
}
});
} else if (result) {
resolve(result.loc);
}
});
});
promise.then((result) => {
cb('getGeoJSONFromCache', null, result);
})
.catch((err) => {
cb('getGeoJSONFromCache', err, null);
});
},
populateFormatted: (e) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.find({}, (err, results) => {
if (err) {
reject(err);
}
if (results) {
for (let i = 0; i < results.length; i++) {
if (!results[i].formatted) {
results[i].formatted = results[i].georesult.formatted_address;
GeocacheModel.findByIdAndUpdate(results[i]._id, { $set: results[i] }, (err, result) => {
if (err) logger.error('There was an error populating the geocache formatted address.');
if (result) logger.log('The geocache entry was updated');
});
}
}
resolve({ status: 'OK', message: 'The geocache entries have been updated.'});
}
});
});
promise.then((result) => {
cb('populateFormattedAddresses', null, result);
})
.catch((err) => {
cb('populateFormattedAddresses', err, null);
});
},
populateKeys: (e) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.find({}, (err, results) => {
if (err) {
reject(err);
}
if (results) {
for (let i = 0; i < results.length; i++) {
if (!results[i].key) {
results[i].key = sanitizeNameForKey(results[i].name);
GeocacheModel.findByIdAndUpdate(results[i]._id, { $set: results[i] }, (err, result) => {
if (err) logger.error('There was an error populating the geocache entry key.');
if (result) logger.log('The geocache entry was updated');
});
}
}
resolve({ status: 'OK', message: 'The geocache entries have been updated.'});
}
});
});
promise.then((result) => {
cb('populateKeys', null, result);
})
.catch((err) => {
cb('populateKeys', err, null);
});
},
update: (e, id, geodata) => {
var cb = typeof e === 'object' && e.emit ? e.emit.bind(e) : e;
const promise = new Promise((resolve, reject) => {
GeocacheModel.findByIdAndUpdate(id, { $set: geodata }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
cb('update', null, result);
})
.catch((err) => {
cb('update', err, null);
});
}
};

55
backend/models/message.js Normal file
View File

@@ -0,0 +1,55 @@
const Images = require('../modules/images');
const Logger = require('../modules/logger');
const Mongoose = require('mongoose');
const MessageSchema = new Mongoose.Schema({
"text" : { type: String },
"image" : { type: String, index: true },
"isUser" : { type: Boolean, default: false, required: true, index: true },
"timestamp": { type: Date, default: Date.now() }
});
MessageSchema.pre('findOneAndUpdate', function (next) {
var message = this;
if (message.image && typeof message.image === 'object') {
Images.saveMessageImage(message.image, (err, filename) => {
if (err) {
Logger.error('[MessageSchema.pre(save)] There was an error processing the message image. [' + err + ']', { error: err });
}
if (filename) {
message.image = filename;
next();
}
})
} else {
next();
}
});
MessageSchema.pre('save', function (next) {
var message = this;
if (message.image && typeof message.image === 'object') {
Images.saveMessageImage(message.image, (err, filename) => {
if (err) {
Logger.error('[MessageSchema.pre(save)] There was an error processing the message image. [' + err + ']', { error: err });
}
if (filename) {
message.image = filename;
next();
}
})
} else {
next();
}
});
const MessageModel = Mongoose.model('messages', MessageSchema);
module.exports = {
schema: MessageSchema,
model: MessageModel
};

612
backend/models/profile.js Normal file
View File

@@ -0,0 +1,612 @@
const Images = require('../modules/images');
const Logger = require('../modules/logger');
const Mailer = require('../modules/mailer');
const Messages = require('../models/message');
const Mongoose = require('mongoose');
function outputMessagesAsText (messages, asHtml = false) {
var output = '';
for (let i = 0; i < messages.length; i++) {
if (asHtml) {
output += (!message.isUser ? '<p><b>Question: ' : '<b>Response</b><br>') + message.text + (!message.isUser ? '</b>' : '') + '</p>';
} else {
output += (!message.isUser ? 'Question: ' : 'Response\r\r') + message.text + '\r\r\r\r';
}
}
return output;
}
const ProfileSchema = new Mongoose.Schema({
"order" : { type: Number, default: 0 },
"details": {
"about": { type: String },
"age": { type: Number, index: true, default: 0 },
"location": { type: String },
"name": { type: String, index: true },
"pic": {
"detail": { type: String, default: "profile/default_detail.png" },
"thumb": { type: String, default: "profile/default_thumbnail.png" }
}
},
"messages": [ { type: Messages.schema } ],
"submitted": { type: Boolean, default: false },
"approved": { type: Boolean, default: false }
});
ProfileSchema.pre('findOneAndUpdate', function (next) {
var cnt = 0
var pic;
if (this.details && this.details.pic) {
pic = this.details.pic;
cnt = cnt + (typeof pic.detail === 'object' ? 1 : 0) + (typeof pic.thumb === 'object' ? 1 : 0);
}
if (cnt > 0) {
if (typeof pic.detail === 'object') {
Images.saveProfileDetailImage(pic.detail, (err, filename) => {
if (err) {
Logger.error('[MessageSchema.pre(save)] There was an error processing the message image. [' + err + ']', { error: err });
}
if (filename) {
pic.detail = filename;
cnt -= 1;
if (cnt === 0) next();
}
});
}
if (typeof pic.thumb === 'object') {
Images.saveProfileThumbnailImage(pic.thumb, (err, filename) => {
if (err) {
Logger.error('[MessageSchema.pre(save)] There was an error processing the message image. [' + err + ']', { error: err });
}
if (filename) {
pic.thumb = filename;
cnt -= 1;
if (cnt === 0) next();
}
});
}
} else {
next();
}
});
ProfileSchema.pre('save', function (next) {
var cnt = 0;
var pic;
if (this.details && this.details.pic) {
pic = this.details.pic
cnt = cnt + (typeof pic.detail === 'object' ? 1 : 0) + (typeof pic.thumb === 'object' ? 1 : 0);
}
if (cnt > 0) {
if (typeof pic.detail === 'object') {
Images.saveProfileDetailImage(pic.detail, (err, filename) => {
if (err) {
Logger.error('[MessageSchema.pre(save)] There was an error processing the message image. [' + err + ']', { error: err });
}
if (filename) {
pic.detail = filename;
cnt -= 1;
if (cnt === 0) next();
}
});
}
if (typeof pic.thumb === 'object') {
Images.saveProfileThumbnailImage(pic.thumb, (err, filename) => {
if (err) {
Logger.error('[MessageSchema.pre(save)] There was an error processing the message image. [' + err + ']', { error: err });
}
if (filename) {
pic.thumb = filename;
cnt -= 1;
if (cnt === 0) next();
}
});
}
} else {
next();
}
});
const ProfileModel = Mongoose.model('profiles', ProfileSchema);
function getChatImages (profileId, match, callback) {
callback = callback || (typeof match === 'function' ? match : function(){});
match = typeof match === 'object' ? match : {};
match['messages.image'] = { $exists: true };
ProfileModel
.aggregate([
{ $match: { _id: Mongoose.Types.ObjectId(profileId), 'messages.image': { $exists: true } } },
{ $unwind: '$messages' },
{ $match: match },
{ $replaceRoot: { newRoot: '$messages' } }
])
.project('image -_id')
.exec(callback);
}
module.exports = {
all: (e) => {
const promise = new Promise((resolve, reject) => {
ProfileModel
.find({})
.sort({ order: 1 })
.populate({
path: 'messages',
select: 'text image isUser timestamp',
options: { sort: { timestamp: 1 } }
})
.exec((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('all', null, result);
})
.catch((err) => {
e.emit('all', err, null);
});
},
allSubmitted: (e) => {
const promise = new Promise((resolve, reject) => {
ProfileModel
.find({ submitted: true, approved: true })
.sort({ order: 1 })
.populate({
path: 'messages',
select: 'text image isUser timestamp',
options: { sort: { timestamp: 1 } }
})
.exec((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('allSubmitted', null, result);
})
.catch((err) => {
e.emit('allSubmitted', err, null);
});
},
allVerified: (e) => {
const promise = new Promise((resolve, reject) => {
ProfileModel
.find({ submitted: { $in: [ null, false ] } })
.sort({ order: 1 })
.populate({
path: 'messages',
select: 'text image isUser timestamp',
options: { sort: { timestamp: 1 } }
})
.exec((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('allVerified', null, result);
})
.catch((err) => {
e.emit('allVerified', err, null);
});
},
allMessages: (e, profileId) => {
const promise = new Promise((resolve, reject) => {
ProfileModel
.find({ _id: profileId })
.select('messages')
.populate({
path: 'messages',
select: 'text image isUser timestamp',
options: { sort: { timestamp: 1 } }
})
.exec((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result.messages || []);
}
});
});
promise.then((result) => {
e.emit('allMessages', null, result);
})
.catch((err) => {
e.emit('allMessages', err, null);
});
},
allChatImages: (e, profileId) => {
const promise = new Promise((resolve, reject) => {
getChatImages(profileId, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('allChatImages', null, result);
})
.catch((err) => {
e.emit('allChatImages', err, null);
});
},
allChatImagesReceived: (e, profileId) => {
const promise = new Promise((resolve, reject) => {
getChatImages(profileId, { 'messages.isUser': true }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('allChatImagesReceived', null, result);
})
.catch((err) => {
e.emit('allChatImagesReceived', err, null);
});
},
allChatImagesSent: (e, profileId) => {
const promise = new Promise((resolve, reject) => {
getChatImages(profileId, { 'messages.isUser': false }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('allChatImagesSent', null, result);
})
.catch((err) => {
e.emit('allChatImagesSent', err, null);
});
},
approveSubmission: (e, profileId) => {
const promise = new Promise((resolve, reject) => {
ProfileModel.findOneAndUpdate(
{ _id: profileId },
{ $set: { approved: true } },
{ new: true },
(err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('approveSubmission', null, result);
})
.catch((err) => {
e.emit('approveSubmission', err, null);
});
},
create: (e, profiles) => {
var count = profiles.length;
var errors = [];
var results = [];
const promise = new Promise((resolve, reject) => {
for (let i = 0; i < profiles.length; i++) {
var profile = profiles[i];
var profileInstance = new ProfileModel(profile);
profileInstance.save((err, result) => {
if (err) {
count -= 1;
errors.push({
profile: profile,
error: err
});
if (count === 0) {
reject({ results: results, errors: errors });
}
}
if (result) {
count -= 1;
results.push(result);
if (count === 0) {
resolve({ results: results, errors: errors });
}
}
});
}
});
promise.then((result) => {
e.emit('create', null, result);
})
.catch((err) => {
e.emit('create', err, null);
});
},
delete: (e, id) => {
const promise = new Promise((resolve, reject) => {
ProfileModel.remove({ _id: id }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('delete', null, result);
})
.catch((err) => {
e.emit('delete', err, null);
});
},
deleteMessage: (e, profileId, messageId) => {
const promise = new Promise((resolve, reject) => {
ProfileModel.findById(profileId, (err, profile) => {
if (err) {
reject(err);
}
if (profile) {
let message = profile.messages.id(messageId);
if (message) {
message.remove();
profile.save((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
} else {
reject('The specified message does not exist');
}
}
});
});
promise.then((result) => {
e.emit('deleteMessage', null, result);
})
.catch((err) => {
e.emit('deleteMessage', err, null);
});
},
find: (e, find) => {
const promise = new Promise((resolve, reject) => {
var query = ProfileModel
.find(find.find)
.skip(find.options.skip)
.limit(find.options.limit)
.sort(find.options.sort)
.select(find.select || '');
if (!find.select || (find.select.length && find.select.indexOf('messages'))) {
query.populate({
path: 'messages',
select: 'order text image isUser',
options: { sort: { order: 1 } }
});
}
query.exec((err, results) => {
if (err) {
reject(err);
}
if (results) {
resolve(results);
}
});
});
promise.then((result) => {
e.emit('find', null, result);
})
.catch((err) => {
e.emit('find', err, null);
});
},
get: (e, profileId) => {
const promise = new Promise((resolve, reject) => {
ProfileModel.findById(profileId, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('get', null, result);
})
.catch((err) => {
e.emit('get', err, null);
});
},
getMessage: (e, prodileId, messageId) => {
const promise = new Promise((resolve, reject) => {
ProfileModel.findById(prodileId, (err, result) => {
if (err) {
reject(err);
}
if (result) {
let message = result.messages.id(messageId);
resolve(message ? message : {});
}
});
});
promise.then((result) => {
e.emit('getMessage', null, result);
})
.catch((err) => {
e.emit('getMessage', err, null);
});
},
processSubmission: (e, profile) => {
var profileModel = {};
profileModel.details = profile.details;
profileModel.details.pic = { detail: profile.image };
profileModel.messages = profile.messages;
profileModel.submitted = true;
profileModel.approved = false;
const promise = new Promise((resolve, reject) => {
var profileInstance = new ProfileModel(profileData);
profileInstance.save((err, result) => {
if (err) {
reject({ success: false, message: 'Failed to save user submission.', err: err });
}
if (result) {
let approveProfileLink = 'https://api.fitz.guru/urnings/profiles/approve/' + encodeURIComponent(result._id);
// setup email data with unicode symbols
let mail = {
from: '"Urnings|looking App" <system@appsby.fitz.guru>',
to: 'npfosi@gmail.com,mike@fitz.guru',
subject: 'New Profile Submission',
text: 'New Profile Submission\r\r\r\rName: ' + result.details.name + '(' + result.details.email + ')\r\rLocation: ' + result.details.location + '\r\rAbout: ' + result.details.about + '\r\rImage: ' + result.details.pic.detail + '\r\rMessages:\r' + outputMessagesAsText(result.messages) + '\r\r\r\rTo approve this profile: ' + approveProfileLink + '\r\r',
html: '<h2>New Profile Submission<h2><p><b>Name:</b> ' + result.details.name + '(<a href="mailto:' + result.details.email + '">' + result.details.email + '</a>)<br><b>Location:</b> ' + result.details.location + '<p><p>About:<br>' + result.details.about + '</p><p><b>Image:</b><br><img src="' + result.details.pic.detail + '"></p><div>Messages:<br>' + outputMessagesAsText(result.messages, true) + '</div><p>To approve this profile: <a href="' + approveProfileLink + '">click here</a>.</p>',
};
Mailer.send(mail, (mailErr, mailResult) => {
resolve({ success: true, mailer: { err: mailErr, result: mailResult } });
});
}
});
});
promise.then((result) => {
e.emit('processSubmission', null, result);
})
.catch((err) => {
e.emit('processSubmission', err, null);
});
},
update: (e, profileId, profile) => {
const promise = new Promise((resolve, reject) => {
ProfileModel.findOneAndUpdate(
{ _id: profileId },
{ $set: profile },
{ new: true },
(err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('update', null, result);
})
.catch((err) => {
e.emit('update', err, null);
});
},
updateMessage: (e, profileId, messageId, data) => {
const promise = new Promise((resolve, reject) => {
ProfileModel.findOneAndUpdate(
{ _id: profileId, 'messages._id': messageId },
{ $set: { 'messages.$': data } },
{ new: true },
(err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('updateMessage', null, result);
})
.catch((err) => {
e.emit('updateMessage', err, null);
});
}
};

325
backend/models/reset.js Normal file
View File

@@ -0,0 +1,325 @@
const Authentication = require('../modules/authentication');
const Crypto = require('crypto');
const Mongoose = require('mongoose');
const Mailer = require('nodemailer');
const Token = require('../modules/token');
const secret = 'Creepily hooking the gays up since 2008!';
var logger = require('../modules/logger');
function generateHmac (userId, expires) {
var string = String(userId) + '|' + String(expires);
return Crypto.createHmac('sha1', secret).update(string).digest('hex');
}
function sendMail (options, callback) {
// create reusable transporter object using the default SMTP transport
let transporter = Mailer.createTransport({
host: 'mail.fitz.guru',
port: 587,
secure: false, // secure:true for port 465, secure:false for port 587
auth: {
user: 'support@fitz.guru',
pass: 'NotSt@ff3d!'
}
});
callback = typeof callback === 'function' ? callback : (error, info) => {
if (error) {
return logger.error(error);
}
logger.debug('Message %s sent: %s', info.messageId, info.response);
};
// send mail with defined transport object
transporter.sendMail(options, callback);
}
const ResetSchema = new Mongoose.Schema({
user: { type: Mongoose.Schema.Types.ObjectId, required: true },
expires: { type: Date, default: Date.now },
used: { type: Boolean, default: false },
updated_at: { type: Date, default: Date.now }
});
const ResetModel = Mongoose.model('resets', ResetSchema);
module.exports = {
checkReset: (e, id, token, callback) => {
const promise = new Promise((resolve, reject) => {
ResetModel.findOne({ _id: id }, (err, result) => {
if (err) {
reject(err);
}
if (result && (token === generateHmac(result.user, result.expires)) && (Date.now() <= result.expires)) {
resolve({ user: String(result.user), err: null });
} else {
resolve({ user: false, err: 'The reset link has expired. Please request a new reset link from the login page.'});
}
});
});
promise.then((result) => {
if (e) {
e.emit('checkReset', null, result);
} else if (callback) {
callback(null, result.user);
} else {
return true;
}
})
.catch((err) => {
if (e) {
e.emit('checkReset', err, null);
} else if (callback) {
callback(err, null);
} else {
return false;
}
});
},
forceReset: (e, user, callback) => {
const promise = new Promise((forceResetMailResolve, forceResetMailReject) => {
const forceResetTokenPromise = new Promise((forceResetTokenResolve, forceResetTokenReject) => {
var tokenInstance = new ResetModel({ user: user._id, expires: (Date.now() + (72 * 60 * 60 * 1000)) });
tokenInstance.save((err, result) => {
if (err) {
forceResetTokenReject(err);
}
if (result) {
forceResetTokenResolve(result);
}
});
});
forceResetTokenPromise.then((result) => {
let resetLink = 'https://timberland.bizdex.cloud/reset/' + encodeURIComponent(result._id) + '/' + encodeURIComponent(generateHmac(result.user, result.expires));
// setup email data with unicode symbols
let mail = {
from: '"GCS Vendor Database" <system@timberland.bizdex.cloud>',
to: user.email,
subject: 'Mandatory Password Reset',
text: 'Mandatory Password Reset\r\r\r\r' + user.name.first + ',\r\rA Timberland GCS Vendor Database Administrator has initiated a password reset on your account.\r\rTo complete the action you will need to reset you password <<' + resetLink + '>>.\r\rIf you have any questions, please contact a system administrator.',
html: '<h2>Mandatory Password Reset</h2><p>' + user.name.first + ',</p><p>A Timberland GCS Vendor Database Administrator has initiated a password reset on your account.</p>To complete the action you will need to <a href="' + resetLink + '">reset your password</a>.</p><p><b>If you have any questions, please contact a system administrator.</b></p>'
};
sendMail(mail, (error, info) => {
if (error) {
logger.debug('[reset::forceReset] Message Send Error', { error: error });
forceResetMailResolve({ success: false, message: 'There was an error sending the message', error: error });
}
if (info) {
logger.debug('[reset::forceReset] Message sent', { messageId: info.messageId, response: info.response, resetLink: resetLink });
forceResetMailResolve({ success: true, message: 'Message ' + info.messageId + ' sent: ' + info.response + '.' });
}
});
})
.catch((err) => {
logger.debug('[reset::forceReset] There was an error creating the reset token.', { err: err });
forceResetMailReject(err);
});
});
promise.then((result) => {
if (e) {
e.emit('forceReset', null, result);
} else if (callback) {
callback(result);
} else {
return true;
}
})
.catch((err) => {
if (e) {
e.emit('forceReset', err, null);
} else if (callback) {
callback(err);
} else {
return false;
}
});
},
getResets: (e) => {
const promise = new Promise((resolve, reject) => {
ResetModel.find({}, (err, results) => {
if (err) {
reject(err);
}
if (results) {
resolve(results);
}
});
});
promise.then((results) => {
e.emit('getResets', null, results);
})
.catch((err) => {
e.emit('getResets', err, null);
});
},
markUsed: (e, id) => {
const promise = new Promise((resolve, reject) => {
ResetModel.findByIdAndUpdate(id, { $set: { used: true } }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
if (e) {
e.emit('markUsed', null, result);
} else {
logger.debug('[ResetModel::markUsed] Password reset token used', { token: result });
}
})
.catch((err) => {
if (e) {
e.emit('markUsed', err, null);
} else {
logger.error('[ResetModel::markUsed] Error marking password reset token used', { token: err });
}
});
},
sendNewUser: (e, user) => {
const promise = new Promise((newUserMailResolve, newUserMailReject) => {
const newUserTokenPromise = new Promise((newUserTokenResolve, newUserTokenReject) => {
var tokenInstance = new ResetModel({ user: user._id, expires: (Date.now() + (72 * 60 * 60 * 1000)) });
tokenInstance.save((err, result) => {
if (err) {
newUserTokenReject(err);
}
if (result) {
newUserTokenResolve(result);
}
});
});
newUserTokenPromise.then((result) => {
let setPasswordLink = 'https://timberland.bizdex.cloud/reset/' + encodeURIComponent(result._id) + '/' + encodeURIComponent(generateHmac(result.user, result.expires));
// setup email data with unicode symbols
let mail = {
from: '"GCS Vendor Database" <system@timberland.bizdex.cloud>',
to: user.email,
subject: 'New User Account Setup',
text: 'New User Account Setup\r\r\r\r' + user.name.first + ',\r\rA new user has been created for you on the Timberland GCS Vendor Database.\r\rYour username is: <<' + user.userName + '>>.\r\r To complete the setup you will need to create a password <<' + setPasswordLink + '>>.\r\rIf you have any questions, please contact a system administrator.',
html: '<h2>New User Account Setup</h2><p>' + user.name.first + ',</p><p>A new user has been created for you on the Timberland GCS Vendor Database.</p><p>Your username is: <b>' + user.userName + '</b>.</p>To complete the setup you will need to <a href="' + setPasswordLink + '">create a password</a>.</p><p><b>If you have any questions, please contact a system administrator.</b></p>'
};
sendMail(mail, (error, info) => {
if (error) {
logger.error('[reset::sendNewUser] Message Send Error', { error: error });
newUserMailResolve({ success: false, message: 'There was an error sending the message', error: error });
}
if (info) {
logger.debug('[reset::sendNewUser] Message %s sent: %s', info.messageId, info.response);
newUserMailResolve({ success: true, message: 'Message ' + info.messageId + ' sent: ' + info.response + '.' });
}
});
})
.catch((err) => {
logger.error('[reset::sendNewUser] There was an error creating the reset token.', { err: err });
newUserMailReject(err);
});
});
promise.then((result) => {
if (e) {
e.emit('sendNewUser', null, result);
} else {
return true;
}
})
.catch((err) => {
if (e) {
e.emit('sendNewUser', err, null);
} else {
return false;
}
});
},
sendReset: (e, user) => {
const resetTokenPromise = new Promise((resetTokenResolve, resetTokenReject) => {
var tokenInstance = new ResetModel({ user: user._id, expires: (Date.now() + (30 * 60 * 1000)) });
tokenInstance.save((err, result) => {
if (err) {
resetTokenReject(err);
}
if (result) {
resetTokenResolve(result);
}
});
});
resetTokenPromise.then((data) => {
var token = generateHmac(data.user, data.expires);
var tokenId = data._id;
const sendMailPromise = new Promise((sendMailResolve, sendMailReset) => {
var resetLink = 'https://timberland.bizdex.cloud/reset/' + encodeURIComponent(tokenId) + '/' + encodeURIComponent(token);
// setup email data with unicode symbols
var mail = {
from: '"GCS Vendor Database" <system@timberland.bizdex.cloud>',
to: user.email,
subject: 'Password Reset Request',
text: user.name.first + ',\r\rA request has been received to reset your password. If you initiated please visit <<' + resetLink + '>>.\r\rIf you did not initiate this request, you can safely ignore this email.',
html: '<h2>Password Reset Request</h2><p>' + user.name.first + ',</p><p>A request has been received to reset your password. If you initiated this request, <a href="' + resetLink + '">click here to reset your password</a>.</p><p><b>If you did not initiate this request, you can safely ignore this email.</b></p>'
};
sendMail(mail, (err, info) => {
if (err) {
var error = { msg: '[reset::sendReset] There was an error sending the reset email.', err: err };
logger.error('[reset::sendReset] Message Send Error', { err: err });
sendMailResolve({ success: false, message: 'There was an error requesting the password reset.', error: error });
}
if (info) {
var message = 'Message ' + info.messageId + ' sent: ' + info.response + '.';
logger.debug('[reset::sendReset] ' + message);
sendMailResolve({ success: true, message: 'The password reset request was successfully completed.', response: message });
}
});
});
sendMailPromise.then((result) => {
e.emit('sendReset', null, result);
})
.catch((err) => {
e.emit('sendReset', err, null);
});
})
.catch((err) => {
var error = { msg: '[reset::sendReset] There was an error creating the reset token.', err: err };
logger.debug(error.msg, { err: err });
e.emit('sendReset', null, { success: false, message: 'There was an error requesting the password reset.', error: error });
});
}
};

549
backend/models/user.js Normal file
View File

@@ -0,0 +1,549 @@
const Authentication = require('../modules/authentication');
const Mongoose = require('mongoose');
const Reset = require('./reset');
const UserSchema = new Mongoose.Schema({
username: { type: String, required: true, unique: true },
password: { type: String },
name: { first: { type: String, required: true }, last: { type: String, required: true } },
email: { type: String, required: true, unique: true },
can: [{ type: String, enum: ['add','edit','delete','manage','super','update','view'], default: ['view'] }],
forceReset: { type: Boolean, default: true },
updated_at: { type: Date, default: Date.now }
});
UserSchema.pre('findOneAndUpdate', function (next) {
var self = this;
this.update({}, { $set: { updated_at: Date.now() } });
if (this._update.$set.settings && this._update.$set.settings.length) {
}
if (this._update.$set.password && this._update.$set.confirmPassword && (this._update.$set.password == this._update.$set.confirmPassword)) {
delete this._update.$set.confirmPassword;
if (this._update.$set.currentPassword) {
confirmPassword(this._conditions.userName, this._update.$set.currentPassword, (err, valid) => {
if (err || !valid) {
err = new Error({ success: false, message: 'There was an error validating the current password.', err: (err || null) });
next(err);
}
if (valid) {
delete this._update.$set.currentPassword;
hashPassword(this._update.$set.password, (err, hashedPassword) => {
self.update({}, { $set: { password: hashedPassword } });
self.update({}, { $set: { forceReset: false } });
next();
});
}
});
} else {
hashPassword(this._update.$set.password, (err, hashedPassword) => {
self.update({}, { $set: { password: hashedPassword } });
self.update({}, { $set: { forceReset: false } });
next();
});
}
} else if (this._update.$set.password && this._update.$set.confirmPassword && (this._update.$set.password != this._update.$set.confirmPassword)) {
let err = new Error({ success: false, message: 'There was an error saving the updated password.'});
next(err);
} else if (!this._update.$set.password && !this._update.$set.confirmPassword) {
next();
}
});
UserSchema.post('save', function (err, res, next) {
if (err.name === 'MongoError' && err.code === 11000) {
next(new Error('There was a duplicate key error'));
} else if (err) {
next(err);
} else {
next();
}
});
const UserModel = Mongoose.model('users', UserSchema);
var logger = require('../modules/logger');
function hashPassword (password, callback) {
callback = callback || false;
Authentication.hashPassword(password, (err, password) => {
if (err !== null) {
err = new Error({ success: false, message: 'There was an error hashing the updated password.', err: err });
logger.error('[updateUser:hashPassword] ', err);
if (callback) {
callback(err, null);
} else {
return false;
}
}
if (password) {
var result = password.toString('hex');
if (callback) {
callback(null, result);
} else {
return result;
}
}
});
}
function confirmPassword (username, passwordToValidate, callback) {
callback = callback || false;
UserModel.findById({ userName: username }, (err, user) => {
if (err !== null) {
err = new Error({ success: false, message: 'There was an error locating the user.', err: (err || null) });
logger.error('[updateUser:confirmPassword] ', err);
if (callback) {
callback(err, null);
} else {
return false;
}
}
if (user) {
Authentication.verifyPassword(passwordToValidate, Buffer.from(storedUser.password, 'hex'), (err, valid) => {
if (err !== null || !valid) {
err = new Error({ success: false, message: (!err && !valid ? 'The current password was incorrect.' : 'There was an error attempting to validate the password.'), err: (err || null) });
logger.error('[updateUser:confirmPassword] ', { err: err, valid: valid });
if (callback) {
callback(err, null);
} else {
return false;
}
}
if (valid) {
if (callback) {
callback(null, valid);
} else {
return true;
}
}
});
}
});
}
module.exports = {
adminUpdatePassword: (e, username, password) => {
const promise = new Promise((resolve, reject) => {
UserModel.findOneAndUpdate({ userName: username }, { $set: password }, { new: true }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
if (e) {
e.emit('adminUpdatePassword', null, result);
} else {
return result;
}
})
.catch((err) => {
if (e) {
e.emit('adminUpdatePassword', err, null);
} else {
return err;
}
});
},
authenticateUser: (e, login, headers) => {
const promise = new Promise((resolve, reject) => {
var loginObject, user;
UserModel
.findOne({ userName: login.userName }, 'username name email password can forceReset')
.exec((err, result) => {
if (err) {
loginObject = {
status: 200,
authorized: false,
err: {
id: '005',
code: '[UMAU005]',
string: 'There was an error authenticating the user.'
}
}
logger.debug('[UserModel::authenticateUser] Error finding user', { err: err, username: login.userName });
resolve(loginObject);
}
if (result) {
user = result;
if (user && !user.permission.disabled) {
if (user.forceReset) {
loginObject = {
status: 200,
authorized: false,
err: {
id: '003',
code: '[UMAU003]',
string: 'A password reset has been mandated. Please check your email for a password reset link or request a new one from the login screen.'
}
};
resolve(loginObject);
}
else {
try {
Authentication.verifyPassword(login.password, Buffer.from(user.password, 'hex'), (err, valid) => {
if (err) {
logger.debug('[UserModel::authenticateUser] Error validating password', { err: err, user: user });
reject(err);
}
loginObject = {
status: 200,
authorized: valid
};
if (valid) {
loginObject.user = {
_id: user._id,
username: user.username,
name: user.name,
email: user.email,
can: user.can
};
loginObject.timestamp = Date.now();
logger.debug('[UserModel::authenticateUser] User Validated', { user: user, loginObject: loginObject });
resolve(loginObject);
} else {
loginObject.err = {
id: '002',
code: '[UMAU002]',
string: 'The user id or password you entered was invalid.'
};
logger.debug('[UserModel::authenticateUser] Invalid Password', { user: user, loginObject: loginObject });
resolve(loginObject);
}
});
}
catch (err) {
loginObject = {
status: 200,
authorized: false,
err: {
id: '004',
code: '[UMAU004]',
string: 'There was an error authenticating the user, please contact an administrator.'
}
};
logger.error('[UserModel::authenticateUser] Error verifying password', { err: err, user: user });
resolve(loginObject);
}
}
}
else if (user && user.permission.disabled) {
loginObject = {
status: 200,
authorized: false,
err: {
id: '000',
code: '[UMAU000]',
string: 'The user is not authorized, please contact an administrator.'
}
};
logger.debug('[UserModel::authenticateUser] The user is disabled', { err: err, user: user });
resolve(loginObject);
}
else {
loginObject = {
status: 200,
authorized: false,
err: {
id: '001',
code: '[UMAU001]',
string: 'The user id or password you entered was invalid.'
}
};
logger.debug('[UserModel::authenticateUser] The user does not exist', { err: err, user: user });
resolve(loginObject);
}
}
});
});
promise.then((result) => {
e.emit('authenticateUser', null, result);
})
.catch((err) => {
e.emit('authenticateUser', err, null);
});
},
createUser: (e, user) => {
const promise = new Promise((resolve, reject) => {
var userInstance = new UserModel(user);
userInstance.save((err, result) => {
logger.debug('createUser', { err: err, result: result, user: userInstance });
if (err) {
reject(err);
}
if (result) {
Reset.sendNewUser(null, result);
resolve(result);
}
});
});
promise.then((result) => {
e.emit('createUser', null, result);
})
.catch((err) => {
e.emit('createUser', err, null);
});
},
deleteUser: (e, id) => {
const promise = new Promise((resolve, reject) => {
UserModel.remove({ _id: id }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('deleteUser', null, result);
})
.catch((err) => {
e.emit('deleteUser', err, null);
});
},
findUser: (query, callback) => {
UserModel.findOne(query, (err, result) => {
if (err) {
callback(err, null);
}
if (result) {
callback(null, result);
}
});
},
forcePasswordReset: (e, id) => {
const promise = new Promise((resolve, reject) => {
UserModel.findByIdAndUpdate(id, { $set: { forceReset: true } }, { new: true }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
let resetPromise = new Promise((resetResolve, resetReject) => {
Reset.forceReset(null, result, (result) => {
if (result.success) {
resetResolve({ success: true, message: 'Force password reset initiated on the user.', result: result });
} else {
resetResolve({ success: false, message: 'There was an error initiating the forced password reset.', result: result });
}
});
});
resetPromise.then((result) => {
resolve(result);
})
.catch((err) => {
reject(err);
});
}
});
});
promise.then((result) => {
e.emit('forcePasswordReset', null, result);
})
.catch((err) => {
e.emit('forcePasswordReset', err, null);
});
},
getUsers: (e, query, restricted = true) => {
query = query || { find: {}, options: { sort: { 'name.last': 1, 'name.first': 1 }, limit: 0, skip: 0 }};
const promise = new Promise((resolve, reject) => {
var projection = 'userName name' + (restricted ? '' : ' title email permission avatar settings forceReset');
var query = UserModel.find(query.find, projection, query.options);
if (!restricted) {
query.populate('permission', 'name disabled manageRoles manageUsers manageCategories manageAppPreferences deleteVendor addVendorTag addVendorSample addVendorComment editVendor addNewVendor viewPrivateDetails viewPublicDetails')
}
query.exec((err, results) => {
if (err) {
reject(err);
}
if (results) {
resolve(results);
}
});
});
promise.then((results) => {
if (e) {
e.emit('getUsers', null, results);
} else {
return results;
}
})
.catch((err) => {
if (e) {
e.emit('getUsers', err, null);
} else {
return err;
}
});
},
getUser: (e, id, restricted = true) => {
const promise = new Promise((resolve, reject) => {
var projection = 'userName name' + (restricted ? '' : ' title email permission avatar settings forceReset');
var query = UserModel
.findById(id)
.projection(projection);
if (!restricted) {
query.populate('permission', 'name disabled manageRoles manageUsers manageCategories manageAppPreferences deleteVendor addVendorTag addVendorSample addVendorComment editVendor addNewVendor viewPrivateDetails viewPublicDetails');
}
query.exec((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
if (e) {
e.emit('getUser', null, result);
} else {
return result;
}
})
.catch((err) => {
if (e) {
e.emit('getUser', err, null);
} else {
return err;
}
});
},
isUserNameUnique: (e, username) => {
const promise = new Promise((resolve, reject) => {
UserModel.findOne({ userName: username }, (err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve({ unique: false, length: true });
} else {
resolve({ unique: true, length: true });
}
});
});
promise.then((result) => {
e.emit('isUserNameUnique', null, result);
})
.catch((err) => {
e.emit('isUserNameUnique', err, null);
});
},
updateUser: (e, id, user) => {
const promise = new Promise((resolve, reject) => {
UserModel
.findByIdAndUpdate(id, { $set: user }, { new: true })
.populate('permission', 'name disabled manageRoles manageUsers manageCategories manageAppPreferences deleteVendor addVendorTag addVendorSample addVendorComment editVendor addNewVendor viewPrivateDetails viewPublicDetails')
.exec((err, result) => {
if (err) {
reject(err);
}
if (result) {
resolve(result);
}
});
});
promise.then((result) => {
e.emit('updateUser', null, result);
})
.catch((err) => {
e.emit('updateUser', err, null);
});
},
updatePassword: (e, id, token, data) => {
const promise = new Promise((resolve, reject) => {
Reset.checkReset(null, id, token, (err, validatedId) => {
if (data.userId === validatedId) {
UserModel.findByIdAndUpdate(data.userId, { $set: { password: data.password, confirmPassword: data.confirmPassword, forceReset: false } }, { new: true }, (err, updated) => {
if (err) {
if (err.success === false) {
resolve(err);
} else {
reject(err);
}
}
if (updated) {
Reset.markUsed(null, id);
resolve({ success: true, updated: updated });
}
});
} else {
resolve({ success: false, message: 'The password reset link is not valid. Please request a new link.'});
}
});
});
promise.then((result) => {
e.emit('updatePassword', null, result);
})
.catch((err) => {
e.emit('updatePassword', err, null);
});
}
};

92
backend/modules/authentication.js Normal file
View File

@@ -0,0 +1,92 @@
var crypto = require('crypto');
// larger numbers mean better security, less
var config = {
digest: 'sha512',
// size of the generated hash
hashBytes: 32,
// larger salt means hashed passwords are more resistant to rainbow table, but
// you get diminishing returns pretty fast
saltBytes: 24,
// more iterations means an attacker has to take longer to brute force an
// individual password, so larger is better. however, larger also means longer
// to hash the password. tune so that hashing the password takes about a
// second
iterations: 233335
};
/**
* Hash a password using Node's asynchronous pbkdf2 (key derivation) function.
*
* Returns a self-contained buffer which can be arbitrarily encoded for storage
* that contains all the data needed to verify a password.
*
* @param {!String} password
* @param {!function(?Error, ?Buffer=)} callback
*/
function hashPassword (password, callback) {
// generate a salt for pbkdf2
crypto.randomBytes(config.saltBytes, function (err, salt) {
if (err) {
return callback(err);
}
crypto.pbkdf2(password, salt, config.iterations, config.hashBytes, config.digest,
function (err, hash) {
if (err) {
return callback(err);
}
var combined = Buffer.alloc((hash.length + salt.length + 8));
// include the size of the salt so that we can, during verification,
// figure out how much of the hash is salt
combined.writeUInt32BE(salt.length, 0, true);
// similarly, include the iteration count
combined.writeUInt32BE(config.iterations, 4, true);
salt.copy(combined, 8);
hash.copy(combined, salt.length + 8);
callback(null, combined);
}
);
});
}
/**
* Verify a password using Node's asynchronous pbkdf2 (key derivation) function.
*
* Accepts a hash and salt generated by hashPassword, and returns whether the
* hash matched the password (as a boolean).
*
* @param {!String} password
* @param {!Buffer} combined Buffer containing hash and salt as generated by
* hashPassword.
* @param {!function(?Error, !boolean)}
*/
function verifyPassword (password, combined, callback) {
// extract the salt and hash from the combined buffer
var saltBytes = combined.readUInt32BE(0);
var hashBytes = combined.length - saltBytes - 8;
var iterations = combined.readUInt32BE(4);
var salt = combined.slice(8, saltBytes + 8);
var hash = combined.toString('binary', saltBytes + 8);
// verify the salt and hash against the password
crypto.pbkdf2(password, salt, iterations, hashBytes, config.digest, function(err, verify) {
if (err && typeof callback === 'function') {
return callback(err, false);
} else if (err) {
return false;
}
if (typeof callback === 'function') {
callback(null, verify.toString('binary') === hash);
} else {
return true;
}
});
}
exports.hashPassword = hashPassword;
exports.verifyPassword = verifyPassword;

60
backend/modules/geocoder.js Normal file
View File

@@ -0,0 +1,60 @@
const NodeGeocoder = require('node-geocoder');
function addressToString (address) {
var string = '';
string = address.address1 ? address.street1 + ',' : '';
string = string + (address.locality ? ' ' + address.locality + ',' : '');
string = string + (address.region ? ' ' + address.region : '');
string = string + (address.postal ? ' ' + address.postal : '');
string = string + (address.country ? ' ' + address.country : '');
return string;
}
var options = {
provider: 'google',
// Optional depending on the providers
httpAdapter: 'https', // Default
apiKey: 'AIzaSyCvpBGztvxtRUNigOW9f0GXVRWlukJZsps', // for Mapquest, OpenCage, Google Premier
formatter: null // 'gpx', 'string', ...
};
var geocoder = NodeGeocoder(options);
exports.addressToString = addressToString;
exports.geocoder = geocoder;
// Using callback
// geocoder.geocode('29 champs elysée paris', function(err, res) {
// console.log(res);
// });
//
// // Or using Promise
// geocoder.geocode('29 champs elysée paris')
// .then(function(res) {
// console.log(res);
// })
// .catch(function(err) {
// console.log(err);
// });
// output :
// [{
// latitude: 48.8698679,
// longitude: 2.3072976,
// country: 'France',
// countryCode: 'FR',
// city: 'Paris',
// zipcode: '75008',
// streetName: 'Champs-Élysées',
// streetNumber: '29',
// administrativeLevels: {
// level1long: 'Île-de-France',
// level1short: 'IDF',
// level2long: 'Paris',
// level2short: '75'
// },
// provider: 'google'
// }]

63
backend/modules/images.js Normal file
View File

@@ -0,0 +1,63 @@
const fs = require('fs');
const Logger = require('./logger');
const ShortId = require('shortid');
const ATTACHMENT_STORE = '../images';
const ATTACHMENT_STORE_PROFILE = '/profile';
const ATTACHMENT_STORE_MESSAGE = '/message';
const ATTACHMENT_SUFFIX_DETAIL = '_detail';
const ATTACHMENT_SUFFIX_THUMBNAIL = '_thumbnail';
function generateFilename (filename, type = 'detail') {
var re = /(?:\.([^.]+))?$/;
var ext = re.exec(filename)[1];
return '' + ShortId.generate() + (type === 'thumbnail' ? ATTACHMENT_SUFFIX_THUMBNAIL : ATTACHMENT_SUFFIX_DETAIL) + "." + ext;
}
function processImage (data, context, type, callback) {
var folder = ATTACHMENT_STORE + (context === 'profile' ? ATTACHMENT_STORE_PROFILE : ATTACHMENT_STORE_MESSAGE);
var filename = generateFilename(data.imageFilename, type);
var dataUrl = data.image;
var matches = dataUrl.match(/^data:.+\/(.+);base64,(.*)$/);
var base64Data = matches[2];
var buffer = new Buffer(base64Data, 'base64');
saveImage(folder + '/' + filename, buffer, callback);
}
function saveImage (filename, data, callback = noop) {
fs.writeFile(filename, data, function (err, stat) {
if (err) {
Logger.error('[Images.saveImage] Image save failure.', { err: err, stat: stat, filename: filename });
callback(err, null);
} else {
Logger.debug('[Images.saveImage] Image save successful.', { stat: stat, filename: filename });
callback(null, filename.substring(2));
}
});
}
function noop (err, result) {
Logger.debug('No callback function supplied.', { err: err, result: result });
}
module.exports = {
save: (data, filename, callback = noop) => {
saveImage(filename, data, callback);
},
saveMessageImage: (data, callback) => {
processImage(data, 'message', 'detail', callback);
},
saveProfileDetailImage: (data, callback) => {
processImage(data, 'profile', 'detail', callback);
},
saveProfileThumbnailImage: (data, callback) => {
processImage(data, 'profile', 'thumbnail', callback);
}
};

22
backend/modules/logger.js Normal file
View File

@@ -0,0 +1,22 @@
const winston = require('winston');
var logger = new (winston.Logger)({
transports: [
new (winston.transports.File)({
name: 'debug-file',
filename: 'urge-debug.log',
handleExceptions: true,
humanReadableUnhandledException: true,
level: 'debug'
}),
new (winston.transports.File)({
name: 'error-file',
filename: 'urge-error.log',
handleExceptions: true,
humanReadableUnhandledException: true,
level: 'error'
})
]
});
module.exports = logger;

32
backend/modules/mailer.js Normal file
View File

@@ -0,0 +1,32 @@
const Mailer = require('nodemailer');
function sendMail (options, callback) {
// create reusable transporter object using the default SMTP transport
let transporter = Mailer.createTransport({
host: 'mail.fitz.guru',
port: 587,
secure: false, // secure:true for port 465, secure:false for port 587
auth: {
user: 'support@fitz.guru',
pass: 'NotSt@ff3d!'
}
});
callback = typeof callback === 'function' ? callback : (error, info) => {
if (error) {
return console.error(error);
}
console.debug('Message %s sent: %s', info.messageId, info.response);
};
// send mail with defined transport object
transporter.sendMail(options, callback);
}
module.exports = {
send: (email, callback) => {
sendMail(mail, callback);
}
};

110
backend/modules/token.js Normal file
View File

@@ -0,0 +1,110 @@
const JWT = require('jsonwebtoken');
const KEY = 'Th1s is THE s3cr3t kEy. It secures the t0ken!';
const Token = {
create: (payload, expires = '1h', callback) => {
JWT.sign(payload, KEY, { expiresIn: expires }, callback);
},
verify: (token, callback) => {
JWT.verify(token, KEY, callback);
}
};
function createAnonymousToken (e) {
Token.create({ username: null, can: ['view'] }, (err, token) => {
if (err) {
e.emit('token:create', err, null);
}
if (token) {
e.emit('token:create', null, token);
}
});
}
function createAuthenticatedToken (e, user, expires = '1h', event = 'token:create') {
Token.create({ username: user.name, can: user.can }, expires, (err, token) => {
if (err) {
e.emit(event, err, null);
}
if (token) {
e.emit(event, null, token);
}
});
}
function refreshToken (e, token) {
Token.verify(e, token, (err, decoded) => {
if (err) {
e.emit('token:refresh', err, null);
}
if (decoded) {
createAuthenticatedToken(
e,
{ username: decoded.username, can: decoded.can },
'token:refresh'
);
}
});
}
function validateToken (e, token, callback) {
if (token) {
token = token.replace(/(bearer|basic)\s/i, '');
Token.verify(token, (err, decoded) => {
var result = { valid: !!decoded, data: decoded };
if (e) {
if (err || !result.valid) {
e.emit('token:validate', (err || result), null);
}
e.emit('token:validate', null, result);
}
else if (typeof callback === 'function') {
if (err) {
callback(err, null);
}
callback(null, result);
}
});
} else {
if (e) {
e.emit('token:validate', 'No session token passed.', null);
}
else if (typeof callback === 'function') {
callback('No session token passed.', null);
}
}
}
function verifyTokenThen (token, action, callback) {
if (action === 'view') {
callback(null, { hasPermission: true });
} else {
validateToken(null, token, (err, decoded) => {
if (err) {
callback('Session could not be validated.', null);
}
if (decoded) {
callback(null, { hasPermission: (decoded.valid && (decoded.can.indexOf(action) > -1)) });
}
});
}
}
module.exports = {
anonymous: createAnonymousToken,
create: createAuthenticatedToken,
refresh: refreshToken,
validate: validateToken,
verifyThen: verifyTokenThen
};

5198
backend/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

50
backend/package.json Normal file
View File

@@ -0,0 +1,50 @@
{
"name": "looking-api",
"version": "0.2.1",
"private": true,
"scripts": {
"start": "node ./bin/www"
},
"dependencies": {
"@google/maps": "^0.4.5",
"body-parser": "~1.15.2",
"crypto": "0.0.3",
"debug": "~2.2.0",
"express": "~4.14.0",
"forever": "~3.0.0",
"jsonwebtoken": "^7.3.0",
"moment": "^2.17.1",
"mongoose": "^4.7.4",
"morgan": "~1.7.0",
"multer": "^1.2.0",
"nodemailer": "~4.0.1",
"shortid": "~2.2.8",
"vcard-js": "^1.2.2",
"winston": "^2.4.0"
},
"devDependencies": {
"chai": "^3.5.0",
"gulp": "^3.9.1",
"gulp-mocha": "^3.0.1",
"gulp-nodemon": "^2.2.1",
"nodemon": "^1.11.0",
"request": "^2.79.0"
},
"description": "Looking App API",
"main": "app.js",
"directories": {
"test": "tests"
},
"repository": {
"type": "git",
"url": "git@git.mifi.dev:12022/mifi/Pfosi-Looking-API.git"
},
"keywords": [
"Timberland",
"TBL",
"GCS",
"database"
],
"author": "Mike Fitzpatrick (badmf@mifi.dev)",
"license": "ISC"
}

200
backend/routes/auth.js Normal file
View File

@@ -0,0 +1,200 @@
const EventEmitter = require('events');
const Express = require('express');
const ResetModel = require('../models/reset');
const Router = Express.Router();
const Token = require('../modules/token');
Router.route('/login')
.post((req, res, next) => {
var AuthEvents = new EventEmitter();
var data = req.body;
var headers = req.headers;
AuthEvents.once('authenticateUser', (err, result) => {
console.log('[AuthRoute::POST::/auth/login] User Authenticated', { err: err, result: result });
login = result || {};
login.status = result.status || 500;
if (err) {
login.err = err;
res.status(login.status).json(login);
}
if (login) {
// Authenticated - create session
if (login.authorized) {
var TokenEvents = new EventEmitter();
TokenEvents.once('token:create', (err, token) => {
if (err) {
login = {
status: 500,
authorized: false,
err: err
};
}
if (token) {
login.token = token;
res.status(login.status).json(login);
}
});
Token.create(TokenEvents, login.user);
}
// Authentication failed
else {
res.status(login.status).json(login);
}
}
});
UserModel.authenticateUser(AuthEvents, data, headers);
});
Router.route('/secure/:auth/:expires?')
.get((req, res) => {
if (req.params.auth === 'gutenberg') {
let TokenEvents = new EventEmitter();
let expires = req.params.expires || '15m';
let token = { username: 'apiuser', can: ['add','edit','delete','manage','super','update','view'] };
TokenEvents.once('token:create', (err, token) => {
if (err) {
res.status(500).json({
authorized: false,
err: err
});
}
if (token) {
res.status(200).json({
authorized: true,
token: token
});
}
});
Token.create(TokenEvents, token, expires);
} else {
res.status(403).json({ authorized: false, message: 'operation not authorized' });
}
});
Router.route('/reset/:id?/:token?')
.get((req, res) => {
var id = req.params.id ? decodeURIComponent(req.params.id) : false;
var token = req.params.token ? decodeURIComponent(req.params.token) : false;
var ResetEvents = new EventEmitter();
ResetEvents.once('checkReset', (err, result) => {
if (err) {
res.status(500).json({ message: 'There was an error validating the password reset', err: err });
}
if (result) {
res.status(200).json(result);
}
});
ResetModel.checkReset(ResetEvents, id, token);
})
.post((req, res) => {
var username = req.body.username;
var ResetEvents = new EventEmitter();
ResetEvents.once('sendReset', (err, result) => {
if (err) {
console.log('[routes/auth::sendReset] Error: ', { err: err });
res.status(500).json({ message: 'There was an error requesting the password reset', err: err });
}
if (result) {
console.log('[routes/auth::sendReset] Success: ', { result: result });
res.status(200).json(result);
}
});
UserModel.findUser({ userName: username }, (err, user) => {
ResetModel.sendReset(ResetEvents, user);
});
})
.put((req, res) => {
var id = req.params.id ? decodeURIComponent(req.params.id) : false;
var token = req.params.token ? decodeURIComponent(req.params.token) : false;
var data = req.body;
var UserEvents = new EventEmitter();
UserEvents.once('updatePassword', (err, result) => {
if (err) {
res.status(500).json({ message: err.message, err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel.updatePassword(UserEvents, id, token, data);
});
Router.route('/session')
.get((req, res) => {
var AuthEvents = new EventEmitter();
var token = req.get('authorization');
AuthEvents.once('token:validate', (err, result) => {
if (err) {
res.status(500).json({ message: 'There was an error validating the token', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Token.validate(AuthEvents, token);
})
.post((req, res) => {
var AuthEvents = new EventEmitter();
AuthEvents.once('token:create', (err, token) => {
if (err) {
res.status(500).json({
status: 500,
authorized: false,
err: err
});
}
if (token) {
res.status(200).json({
status: 200,
authorized: false,
token: token
});
}
});
Token.anonymous(AuthEvents);
})
.put((req, res) => {
var AuthEvents = new EventEmitter();
var token = req.get('authorization');
AuthEvents.once('token:refresh', (err, token) => {
if (err) {
res.status(500).json({ message: 'There was an error refreshing the token', err: err });
}
if (token) {
res.status(200).json(token);
}
});
Token.refresh(AuthEvents, token);
});
module.exports = Router;

86
backend/routes/geocache.js Normal file
View File

@@ -0,0 +1,86 @@
var EventEmitter = require('events');
var Express = require('express');
var GeocacheModel = require('../models/geocache');
var Router = Express.Router();
var Token = require('../modules/token');
function updateGeocache (req, res, next) {
Token.verifyThen(req.get('authorization'), 'manageAppPreferences', (err, decoded) => {
if (err) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
var GeoEvents = new EventEmitter();
var id = req.params.id;
var data = req.body;
GeoEvents.once('update', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get geodata' + (id ? ' for id: ' + id : ''), err: err });
}
if (result) {
res.status(200).json(result);
}
});
GeocacheModel.update(GeoEvents, id, geodata);
});
}
Router.route('/populate/:field')
.get((req, res, next) => {
Token.verifyThen(req.get('authorization'), 'manageAppPreferences', (err, decoded) => {
if (err) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
var GeoEvents = new EventEmitter();
var method = 'populate' + (req.params.field[0].toUpperCase() + req.params.field.substring(1));
GeoEvents.once(method, (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get geodata' + (id ? ' for id: ' + id : ''), err: err });
}
if (result) {
res.status(200).json(result);
}
});
GeocacheModel[method](GeoEvents);
});
});
Router.route('/:id?')
.get((req, res, next) => {
Token.verifyThen(req.get('authorization'), 'viewPublicDetails', (err, decoded) => {
if (err) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
var GeoEvents = new EventEmitter();
var id = req.params.id || false;
var method = id ? 'getGeo' : 'getGeos';
GeoEvents.once(method, (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get geodata' + (id ? ' for id: ' + id : ''), err: err });
}
if (result) {
res.status(200).json(result);
}
});
GeocacheModel[method](GeoEvents, id || null);
});
})
.patch( updateGeocache )
.post( updateGeocache )
.put( updateGeocache );
module.exports = Router;

445
backend/routes/profiles.js Normal file
View File

@@ -0,0 +1,445 @@
const EventEmitter = require('events');
const Express = require('express');
const ParamStr = '/:limit?/:skip?/:min?/:max?/:pos?/:lkng?/:tribes?/:ethnos?';
const Profiles = require('../models/profile');
const Router = Express.Router();
const Token = require('../modules/token');
function processQueryParams (params) {
var query = {};
if (params.min && !isNaN(parseInt(params.min))) {
query['details.age'] = query['details.age'] || {};
query['details.age'].$gte = parseInt(params.min);
}
if (params.max && !isNaN(parseInt(params.max))) {
query['details.age'] = query['details.age'] || {};
query['details.age'].$lte = parseInt(params.max);
}
if (params.pos && params.pos !== 'null') {
query['details.position'] = { $in: params.pos.split('|') };
}
if (params.lkng && params.lkng !== 'null') {
query['details.looking'] = { $in: params.lkng.split('|') };
}
if (params.tribes && params.tribes !== 'null') {
query['details.tribes'] = { $in: params.tribes.split('|') };
}
if (params.ethnos && params.ethnos !== 'null') {
query['details.ethnos'] = { $in: params.ethnos.split('|') };
}
return query;
}
function update (req, res, next) {
Token.verifyThen(req.get('authorization'), 'update', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var id = req.params.id;
var data = req.body;
if (!id || !data) {
res.status(500).json({ message: 'No profile id or data specified.', err: err });
return;
}
ProfileEvents.once('update', (err, result) => {
if (err) {
res.status(500).json({message: 'Could not update profile id: ' + id, err: err});
}
if (result) {
res.status(200).json(result);
}
});
Profiles.update(ProfileEvents, id, data);
}
});
}
function updateMessage (req, res, next) {
Token.verifyThen(req.get('authorization'), 'update', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var profileId = req.params.profileId;
var messageId = req.params.messageId;
var data = req.body;
if (!profileId || !data) {
res.status(500).json({ message: 'No profile id or data specified.', err: err });
return;
}
ProfileEvents.once('updateMessage', (err, result) => {
if (err) {
res.status(500).json({message: 'Could not update profile id: ' + profileId + ' [' + err + ']', err: err});
}
if (result) {
res.status(200).json(result);
}
});
Profiles.updateMessage(ProfileEvents, profileId, messageId, data);
}
});
}
Router.route('/approve/:id')
.get((req, res) => {
var ProfileEvents = new EventEmitter();
var id = req.params.id;
ProfileEvents.once('approveSubmission', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not approve user profile submission', err: err, profile: profile });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.approveSubmission(ProfileEvents, id);
});
Router.route('/find' + ParamStr)
.get((req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var find = processQueryParams(req.params);
var query = {
find: find,
select: null,
options: {
limit: !isNaN(parseInt(req.params.limit)) ? parseInt(req.params.limit) : 0,
skip: !isNaN(parseInt(req.params.skip)) ? parseInt(req.params.skip) : 0,
sort: { 'order': 1 }
}
};
ProfileEvents.once('find', (err, result) => {
if (err) {
res.status(500).json({ message: 'There was an error getting the getting the profiles [' + err + ']', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.find(ProfileEvents, query);
}
});
});
Router.route('/list' + ParamStr)
.get((req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var find = processQueryParams(req.params);
var query = {
find: find,
select: { order: 1, 'details.name': 1, 'details.pic.thumb': 1 },
options: {
limit: (!isNaN(parseInt(req.params.limit)) ? parseInt(req.params.limit) : 0),
skip: (!isNaN(parseInt(req.params.skip)) ? parseInt(req.params.skip) : 0),
sort: { 'order': 1 }
}
};
ProfileEvents.once('find', (err, result) => {
if (err) {
res.status(500).json({ message: 'There was an error getting the profile list [' + err + ']', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.find(ProfileEvents, query);
}
});
});
Router.route('/submission')
.post((req, res) => {
var ProfileEvents = new EventEmitter();
var profile = req.body;
ProfileEvents.once('processSubmission', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not process user profile submission', err: err, profile: profile });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.processSubmission(ProfileEvents, profile);
});
Router.route('/submitted')
.get( (req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
ProfileEvents.once('allSubmitted', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get profiles', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.allSubmitted(ProfileEvents);
}
});
});
Router.route('/verified')
.get( (req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
ProfileEvents.once('allVerified', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get profiles', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.allVerified(ProfileEvents);
}
});
});
Router.route('/:profileId/messages/images/:which?')
.get((req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var method;
var ProfileEvents = new EventEmitter();
var profileId = req.params.profileId;
switch (req.params.which) {
case "all":
method = 'allChatImages';
break;
case "sent":
method = 'allChatImagesSent';
break;
case "recd":
default:
method = 'allChatImagesReceived';
}
ProfileEvents.once(method, (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get chat images for profile ' + profileId + '. [' + err + ']', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles[method](ProfileEvents, profileId);
}
});
});
Router.route('/:profileId/messages/:messageId?')
.delete((req, res) => {
Token.verifyThen(req.get('authorization'), 'delete', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var profileId = req.params.profileId || null;
var messageId = req.params.messageId || null;
ProfileEvents.once('deleteMessage', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not delete message id: ' + messageId + ' [' + err + ']', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.deleteMessage(ProfileEvents, profileId, messageId);
}
});
})
.get((req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var profileId = req.params.profileId || null;
var messageId = req.params.messageId || null;
var method = messageId ? 'getMessage' : 'allMessages';
ProfileEvents.once(method, (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get message' + (messageId ? ' ' : 's ') + 'for profile' + (profileId ? '' : 's') + ' [' + err + ']', err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles[method](ProfileEvents, profileId, messageId);
}
});
})
.patch( updateMessage )
.put( updateMessage );
Router.route('/:id?')
.delete( (req, res) => {
Token.verifyThen(req.get('authorization'), 'delete', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var id = req.params.id;
ProfileEvents.once('delete', (err, result) => {
if (err) {
res.status(500).json({message: 'Could not delete profile id: ' + id, err: err});
}
if (result) {
res.status(204).json({});
}
});
Profiles.delete(ProfileEvents, id);
}
});
})
.get( (req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var id = req.params.id || null;
var method = id ? 'get' : 'all';
ProfileEvents.once(method, (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get profile' + (id ? '' : 's'), err: err });
}
if (result) {
res.status(200).json(result);
}
});
Profiles[method](ProfileEvents, id);
}
});
})
.patch( update )
.post((req, res) => {
// Token.verifyThen(req.get('authorization'), 'add', (err, decoded) => {
// if (err || (decoded && !decoded.hasPermission)) {
// res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
// return;
// }
//
// if (decoded && decoded.hasPermission) {
var ProfileEvents = new EventEmitter();
var profile = Array.isArray(req.body) ? req.body : [ req.body ];
var multi = profile.length > 1;
ProfileEvents.once('create', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not create profile' + (multi ? 's' : ''), err: err, profile: profile });
}
if (result) {
res.status(200).json(result);
}
});
Profiles.create(ProfileEvents, profile);
// }
// });
})
.put( update );
module.exports = Router;

328
backend/routes/users.js Normal file
View File

@@ -0,0 +1,328 @@
var EventEmitter = require('events');
var Express = require('express');
var Router = Express.Router();
var Token = require('../modules/token');
var UserModel = require('../models/user');
function updateUser (req, res, next) {
Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
if (err) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var id = req.params.id;
var data = req.body;
if (id === decoded.data.uid || decoded.canElevate) {
if (!decoded.canElevate) {
delete data.permission;
}
UserEvents.once('updateUser', (err, result) => {
if (err) {
res.status(500).json({message: 'Could not update user id ' + id, err: err});
}
if (result) {
res.status(200).json(result);
}
});
UserModel.updateUser(UserEvents, id, data);
} else {
res.status(403).json({ message: 'User not authorized to perform this action.' });
}
}
});
}
function updateUserSetting (req, res, next) {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var userId = req.params.userId;
var settingsId = req.params.settingsId;
var data = req.body;
UserEvents.once('updateUserSetting', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not update setting' + (data.key ? ' key:' + data.key : 's') + ' for user ' + (userId ? userId : ''), err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel.updateUserSetting(UserEvents, userId, settingsId, data);
}
});
}
Router.route('/')
.post((req, res, next) => {
Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var user = req.body;
UserEvents.once('createUser', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not create user', err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel.createUser(UserEvents, user);
}
});
});
Router.route('/search/:find?')
.get((req, res, next) => {
Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
// Process parameters
var find = req.params.find ? decodeURIComponent(req.params.find) : false;
if (find) {
find = {
'userName': new RegExp(find, 'i'),
'name.last': new RegExp(find, 'i'),
'name.first': new RegExp(find, 'i'),
'email': new RegExp(find, 'i')
};
}
// Setup query object
var query = {
find: find || (req.query.find ? JSON.parse(decodeURIComponent(req.query.find)) : {}),
select: req.query.select ? decodeURIComponent(req.query.select) : null,
options: {
limit: req.query.limit ? parseInt(req.query.limit) : 0,
skip: req.query.ski ? parseInt(req.query.skip) : 0,
sort: req.query.sort ? JSON.parse(decodeURIComponent(req.query.sort)) : { 'userName': 1 }
}
};
UserEvents.once('getUsers', (err, result) => {
if (err) {
res.status(500).json({ message: 'There was an error performing the user search', err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel.getUsers(UserEvents, query);
}
});
});
Router.route('/validate/:username?')
.get((req, res) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var username = req.params.username || '';
if (username && username.length >= 4) {
UserEvents.once('isUserNameUnique', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not validate username: ' + username, err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel.isUserNameUnique(UserEvents, username);
} else {
res.status(200).json({ unique: null, length: false });
}
}
});
});
Router.route('/force-password-reset/:id')
.post( (req, res, next) => {
Token.verifyThen(req.get('authorization'), 'super', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var id = req.params.id;
UserEvents.once('forcePasswordReset', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not force password reset for the user', err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel.forcePasswordReset(UserEvents, id);
}
});
});
Router.route('/:id/settings/:key?')
.get( (req, res, next) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var id = req.params.id;
var key = req.params.key || false;
var method = key ? 'getUserSetting' : 'getUserSettings';
UserEvents.once(method, (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get setting' + (key ? ' key:' + key : 's') + ' for user ' + (id ? id : ''), err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel[method](UserEvents, id, key);
}
});
});
Router.route('/:userId/settings/:settingsId?')
.patch( updateUserSetting )
.post( (req, res, next) => {
Token.verifyThen(req.get('authorization'), 'view', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var userId = req.params.userId;
var data = req.body;
UserEvents.once('createUserSetting', (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not create setting' + (data.key ? ' key:' + data.key : 's') + ' for user ' + (userId ? userId : ''), err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel.createUserSetting(UserEvents, userId, data);
}
});
})
.put( updateUserSetting );
Router.route('/:id?')
.get( (req, res, next) => {
Token.verifyThen(req.get('authorization'), 'manage', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action. ' + err, err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var id = req.params.id || false;
var method = id ? 'getUser' : 'getUsers';
if ((id === decoded.data.uid && method === 'getUser') || decoded.canElevate) {
UserEvents.once(method, (err, result) => {
if (err) {
res.status(500).json({ message: 'Could not get user' + (id ? '' : 's'), err: err });
}
if (result) {
res.status(200).json(result);
}
});
UserModel[method](UserEvents, id || false, !decoded.canElevate);
} else {
res.status(403).json({ message: 'User not authorized to perform this action.' });
}
}
});
})
.put( updateUser )
.patch( updateUser )
.delete( (req, res, next) => {
Token.verifyThen(req.get('authorization'), 'manage', (err, decoded) => {
if (err || (decoded && !decoded.hasPermission)) {
res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
return;
}
if (decoded && decoded.hasPermission) {
var UserEvents = new EventEmitter();
var id = req.params.id;
if (id === decoded.data.uid) {
res.status(403).json({ message: 'You cannot delete yourself. Surely it isn\'t that bad?!' });
return;
}
UserEvents.once('deleteUser', (err, result) => {
if (err) {
res.status(500).json({message: 'Could not delete user id ' + id, err: err});
}
if (result) {
res.status(204).json({});
}
});
UserModel.deleteUser(UserEvents, id);
}
});
});
module.exports = Router;