got api to work
This commit is contained in:
parent
5ed340a43e
commit
704a5474d1
|
@ -11,7 +11,9 @@ var _ = require('lodash'),
|
||||||
config = require('../../../config/config'),
|
config = require('../../../config/config'),
|
||||||
nodemailer = require('nodemailer'),
|
nodemailer = require('nodemailer'),
|
||||||
crypto = require('crypto'),
|
crypto = require('crypto'),
|
||||||
User = mongoose.model('User');
|
User = mongoose.model('User'),
|
||||||
|
tokgen = require("../../libs/tokenGenerator");
|
||||||
|
|
||||||
|
|
||||||
var nev = require('email-verification')(mongoose);
|
var nev = require('email-verification')(mongoose);
|
||||||
|
|
||||||
|
@ -304,3 +306,43 @@ exports.removeOAuthProvider = function(req, res, next) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/* Generate API Key for User */
|
||||||
|
exports.generateAPIKey = function(req, res) {
|
||||||
|
if (!req.isAuthenticated()){
|
||||||
|
return res.status(400).send({
|
||||||
|
message: 'User is not Authorized'
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
User.findById(req.user.id)
|
||||||
|
.exec( function(err, user) {
|
||||||
|
if (err) return res.status(400).send(err);
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
return res.status(400).send({
|
||||||
|
message: 'User does not Exist'
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
user.apiKey = tokgen();
|
||||||
|
|
||||||
|
user.save(function(err, _user) {
|
||||||
|
if (err) {
|
||||||
|
return res.status(400).send({
|
||||||
|
message: errorHandler.getErrorMessage(err)
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
var newUser = _user.toObject();
|
||||||
|
delete newUser.salt;
|
||||||
|
delete newUser.__v;
|
||||||
|
delete newUser.passwordHash;
|
||||||
|
delete newUser.provider;
|
||||||
|
|
||||||
|
console.log(newUser);
|
||||||
|
return res.json(newUser);
|
||||||
|
});
|
||||||
|
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
8
app/libs/tokenGenerator.js
Normal file
8
app/libs/tokenGenerator.js
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
"use strict";
|
||||||
|
|
||||||
|
let TokenGenerator = require("uuid-token-generator");
|
||||||
|
let tokgen = new TokenGenerator(256, TokenGenerator.BASE62);
|
||||||
|
|
||||||
|
module.exports = function() {
|
||||||
|
return tokgen.generate();
|
||||||
|
};
|
|
@ -119,7 +119,13 @@ var UserSchema = new Schema({
|
||||||
resetPasswordExpires: {
|
resetPasswordExpires: {
|
||||||
type: Date
|
type: Date
|
||||||
},
|
},
|
||||||
token: String
|
token: String,
|
||||||
|
apiKey: {
|
||||||
|
type: String,
|
||||||
|
unique: true,
|
||||||
|
index: true,
|
||||||
|
sparse: true
|
||||||
|
},
|
||||||
});
|
});
|
||||||
|
|
||||||
UserSchema.virtual('displayName').get(function () {
|
UserSchema.virtual('displayName').get(function () {
|
||||||
|
|
|
@ -6,7 +6,8 @@
|
||||||
var users = require('../../app/controllers/users.server.controller'),
|
var users = require('../../app/controllers/users.server.controller'),
|
||||||
forms = require('../../app/controllers/forms.server.controller'),
|
forms = require('../../app/controllers/forms.server.controller'),
|
||||||
multer = require('multer'),
|
multer = require('multer'),
|
||||||
config = require('../../config/config');
|
config = require('../../config/config'),
|
||||||
|
auth = require('../../config/passport_helpers');
|
||||||
|
|
||||||
// Setting the pdf upload route and folder
|
// Setting the pdf upload route and folder
|
||||||
var storage = multer.diskStorage({
|
var storage = multer.diskStorage({
|
||||||
|
@ -27,21 +28,21 @@ var upload = multer({
|
||||||
module.exports = function(app) {
|
module.exports = function(app) {
|
||||||
// Form Routes
|
// Form Routes
|
||||||
app.route('/upload/pdf')
|
app.route('/upload/pdf')
|
||||||
.post(users.requiresLogin, upload.single('file'), forms.uploadPDF);
|
.post(auth.isAuthenticatedOrApiKey, upload.single('file'), forms.uploadPDF);
|
||||||
|
|
||||||
app.route('/forms')
|
app.route('/forms')
|
||||||
.get(users.requiresLogin, forms.list)
|
.get(auth.isAuthenticatedOrApiKey, forms.list)
|
||||||
.post(users.requiresLogin, forms.create);
|
.post(auth.isAuthenticatedOrApiKey, forms.create);
|
||||||
|
|
||||||
app.route('/forms/:formId([a-zA-Z0-9]+)')
|
app.route('/forms/:formId([a-zA-Z0-9]+)')
|
||||||
.get(forms.read)
|
.get(forms.read)
|
||||||
.post(forms.createSubmission)
|
.post(forms.createSubmission)
|
||||||
.put(users.requiresLogin, forms.hasAuthorization, forms.update)
|
.put(auth.isAuthenticatedOrApiKey, forms.hasAuthorization, forms.update)
|
||||||
.delete(users.requiresLogin, forms.hasAuthorization, forms.delete);
|
.delete(auth.isAuthenticatedOrApiKey, forms.hasAuthorization, forms.delete);
|
||||||
|
|
||||||
app.route('/forms/:formId([a-zA-Z0-9]+)/submissions')
|
app.route('/forms/:formId([a-zA-Z0-9]+)/submissions')
|
||||||
.get(users.requiresLogin, forms.hasAuthorization, forms.listSubmissions)
|
.get(auth.isAuthenticatedOrApiKey, forms.hasAuthorization, forms.listSubmissions)
|
||||||
.delete(users.requiresLogin, forms.hasAuthorization, forms.deleteSubmissions);
|
.delete(auth.isAuthenticatedOrApiKey, forms.hasAuthorization, forms.deleteSubmissions);
|
||||||
|
|
||||||
// Finish by binding the form middleware
|
// Finish by binding the form middleware
|
||||||
app.param('formId', forms.formByID);
|
app.param('formId', forms.formByID);
|
||||||
|
|
|
@ -3,24 +3,25 @@
|
||||||
/**
|
/**
|
||||||
* Module dependencies.
|
* Module dependencies.
|
||||||
*/
|
*/
|
||||||
var passport = require('passport');
|
var passport = require('passport'),
|
||||||
var config = require('../../config/config');
|
config = require('../../config/config'),
|
||||||
|
auth = require('../../config/passport_helpers');
|
||||||
|
|
||||||
module.exports = function(app) {
|
module.exports = function(app) {
|
||||||
// User Routes
|
// User Routes
|
||||||
var users = require('../../app/controllers/users.server.controller');
|
var users = require('../../app/controllers/users.server.controller');
|
||||||
|
|
||||||
// Setting up the users profile api
|
// Setting up the users profile api
|
||||||
app.route('/users/me').get(users.requiresLogin, users.getUser);
|
app.route('/users/me').get(auth.isAuthenticatedOrApiKey, users.getUser);
|
||||||
app.route('/users').put(users.requiresLogin, users.update);
|
app.route('/users').put(auth.isAuthenticatedOrApiKey, users.update);
|
||||||
app.route('/users/accounts').delete(users.requiresLogin, users.removeOAuthProvider);
|
app.route('/users/accounts').delete(auth.isAuthenticatedOrApiKey, users.removeOAuthProvider);
|
||||||
|
|
||||||
// Setting up the users account verification api
|
// Setting up the users account verification api
|
||||||
app.route('/auth/verify/:token').get(users.validateVerificationToken);
|
app.route('/auth/verify/:token').get(users.validateVerificationToken);
|
||||||
app.route('/auth/verify').post(users.resendVerificationEmail);
|
app.route('/auth/verify').post(users.resendVerificationEmail);
|
||||||
|
|
||||||
// Setting up the users password api
|
// Setting up the users password api
|
||||||
app.route('/users/password').post(users.requiresLogin, users.changePassword);
|
app.route('/users/password').post(auth.isAuthenticatedOrApiKey, users.changePassword);
|
||||||
app.route('/auth/forgot').post(users.forgot);
|
app.route('/auth/forgot').post(users.forgot);
|
||||||
app.route('/auth/reset/:token').get(users.validateResetToken);
|
app.route('/auth/reset/:token').get(users.validateResetToken);
|
||||||
app.route('/auth/reset/:token').post(users.reset);
|
app.route('/auth/reset/:token').post(users.reset);
|
||||||
|
@ -32,6 +33,8 @@ module.exports = function(app) {
|
||||||
app.route('/auth/signin').post(users.signin);
|
app.route('/auth/signin').post(users.signin);
|
||||||
app.route('/auth/signout').get(users.signout);
|
app.route('/auth/signout').get(users.signout);
|
||||||
|
|
||||||
|
app.route('/auth/genkey').get(users.requiresLogin, users.generateAPIKey);
|
||||||
|
|
||||||
// // Setting the facebook oauth routes
|
// // Setting the facebook oauth routes
|
||||||
// app.route('/auth/facebook').get(passport.authenticate('facebook', {
|
// app.route('/auth/facebook').get(passport.authenticate('facebook', {
|
||||||
// scope: ['email']
|
// scope: ['email']
|
||||||
|
|
54
config/passport_helpers.js
Normal file
54
config/passport_helpers.js
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
"use strict";
|
||||||
|
|
||||||
|
var config = require("./config");
|
||||||
|
var passport = require("passport");
|
||||||
|
|
||||||
|
var User = require('mongoose').model('User');
|
||||||
|
|
||||||
|
module.exports.isAuthenticatedOrApiKey = function isAuthenticated(req, res, next) {
|
||||||
|
debugger;
|
||||||
|
if (req.isAuthenticated()) {
|
||||||
|
return next();
|
||||||
|
} else {
|
||||||
|
// Try authenticate with API KEY
|
||||||
|
if (req.headers.apikey || req.query.apikey || req.body.apikey) {
|
||||||
|
passport.authenticate("localapikey", function (err, user, info) {
|
||||||
|
if (err)
|
||||||
|
return res.sendStatus(500);
|
||||||
|
|
||||||
|
if (!user)
|
||||||
|
return res.status(401).send(info.message || "");
|
||||||
|
|
||||||
|
req.login(user, function(err) {
|
||||||
|
if (err) return res.sendStatus(500);
|
||||||
|
|
||||||
|
req.user = user;
|
||||||
|
return next();
|
||||||
|
});
|
||||||
|
|
||||||
|
})(req, res, next);
|
||||||
|
} else {
|
||||||
|
return res.sendStatus(401);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
module.exports.hasRole = function hasRole(roleRequired) {
|
||||||
|
if (!roleRequired)
|
||||||
|
throw new Error("Required role needs to be set");
|
||||||
|
|
||||||
|
return function(req, res, next) {
|
||||||
|
return module.exports.isAuthenticated(req, res, function() {
|
||||||
|
if (req.user && req.user.roles && req.user.roles.indexOf(roleRequired) !== -1)
|
||||||
|
next();
|
||||||
|
else
|
||||||
|
res.sendStatus(403);
|
||||||
|
});
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
module.exports.hasAdminRole = function hasAdminRole() {
|
||||||
|
return module.exports.hasRole("admin");
|
||||||
|
};
|
||||||
|
|
25
config/strategies/apikey.js
Normal file
25
config/strategies/apikey.js
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
"use strict";
|
||||||
|
|
||||||
|
var passport = require("passport");
|
||||||
|
var LocalAPIKeyStrategy = require("passport-localapikey-update").Strategy;
|
||||||
|
var User = require('mongoose').model('User');
|
||||||
|
|
||||||
|
module.exports = function() {
|
||||||
|
passport.use(new LocalAPIKeyStrategy({
|
||||||
|
passReqToCallback : true
|
||||||
|
}, function(req, apiKey, done) {
|
||||||
|
return User.findOne({
|
||||||
|
"apiKey": apiKey
|
||||||
|
}, function(err, user) {
|
||||||
|
if (err)
|
||||||
|
return done(err);
|
||||||
|
|
||||||
|
if (!user)
|
||||||
|
return done(null, false, {
|
||||||
|
message: "Unknown API Key"
|
||||||
|
});
|
||||||
|
|
||||||
|
return done(null, user);
|
||||||
|
});
|
||||||
|
}));
|
||||||
|
};
|
|
@ -80,6 +80,7 @@
|
||||||
"passport-google-oauth": "~0.2.0",
|
"passport-google-oauth": "~0.2.0",
|
||||||
"passport-linkedin": "~1.0.0",
|
"passport-linkedin": "~1.0.0",
|
||||||
"passport-local": "~1.0.0",
|
"passport-local": "~1.0.0",
|
||||||
|
"passport-localapikey-update": "^0.5.0",
|
||||||
"passport-twitter": "~1.0.2",
|
"passport-twitter": "~1.0.2",
|
||||||
"path-exists": "^2.1.0",
|
"path-exists": "^2.1.0",
|
||||||
"pdffiller": "~0.1.1",
|
"pdffiller": "~0.1.1",
|
||||||
|
@ -90,6 +91,7 @@
|
||||||
"socket.io": "^1.4.6",
|
"socket.io": "^1.4.6",
|
||||||
"socket.io-redis": "^1.0.0",
|
"socket.io-redis": "^1.0.0",
|
||||||
"swig": "~1.4.1",
|
"swig": "~1.4.1",
|
||||||
|
"uuid-token-generator": "^0.5.0",
|
||||||
"wildcard-subdomains": "github:whitef0x0/wildcard-subdomains"
|
"wildcard-subdomains": "github:whitef0x0/wildcard-subdomains"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
|
|
Loading…
Reference in a new issue