Merge pull request #1 from ripples/master

include rotating logger and WIP database with modified login routes

Author: GaryPWhite

.gitignore

@@ -38,3 +38,7 @@ jspm_packages
 
 # Optional REPL history
 .node_repl_history
+
+# Secrets
+config.json
+

Dockerfile

@@ -1,11 +1,14 @@
 FROM molecularplayground/node-js
+RUN apk add --no-cache bash
 
 COPY . /src
 
 WORKDIR /src
 
 RUN npm install
 
-CMD ["npm", "start"]
+RUN npm install -g node-inspector
+
+CMD ["npm", "run", "start-dev"]
 
 EXPOSE 3000

app.js

@@ -1,29 +1,29 @@
+/* jshint node: true */
+"use strict";
 var express = require('express');
 var path = require('path');
-var logger = require('morgan');
 var cookieParser = require('cookie-parser');
 var bodyParser = require('body-parser');
-var auth = require('./lib/auth.js');
 
+var auth = require('./lib/auth.js');
 var routes = require('./routes/index');
 var login = require('./routes/login');
 var lectures = require('./routes/lectures');
+var logger = require("./utils/logger");
 
 var app = express();
 
-app.use(logger('dev'));
 app.use(bodyParser.json());
-app.use(bodyParser.urlencoded({ extended: false }));
+app.use(bodyParser.urlencoded({extended: false}));
 app.use(cookieParser());
-app.use(express.static(path.join(__dirname, 'public')));
 
+app.use(express.static(path.join(__dirname, 'public')));
 // unauthenticated routes
-app.use('/api/auth', login);
-
+app.use('/api/v1/login', login);
 // authenticated routes
-app.use(auth);
-app.use('/', routes);
-app.use('/api/lectures', lectures);
+app.use('/', auth, routes);
+
+app.use('/api/lectures', auth, lectures);
 
 // catch 404 and forward to error handler
 app.use(function(req, res, next) {
@@ -32,13 +32,12 @@ app.use(function(req, res, next) {
   next(err);
 });
 
-// error handlers
-
 // development error handler
 // will print stacktrace
 if (app.get('env') === 'development') {
   app.use(function(err, req, res, next) {
     res.status(err.status || 500);
+
     res.send({
       message: err.message,
       error: err
@@ -48,7 +47,7 @@ if (app.get('env') === 'development') {
 
 // production error handler
 // no stacktraces leaked to user
-app.use(function(err, req, res, next) {
+app.use((err, req, res, next) => {
   res.status(err.status || 500);
   res.send({
     message: err.message,

config.example.json

@@ -0,0 +1,8 @@
+{
+  "db": {
+    "host": "db",
+    "user": "root",
+    "password": "banana",
+    "name": "lecture_viewer"
+  }
+}

lib/auth.js

@@ -1,22 +1,27 @@
+"use strict";
+
 var njwt = require('njwt');
+var db = require('../utils/database');
+
 var SIGNING_KEY = process.env.SIGNING_KEY;
 
-var sendError = function(message, status, next) {
+var sendError = (message, status, next) => {
   var err = new Error(message);
   err.status = status;
   next(err);
-}
+};
 
 // Accepted Header:
 //    Authorization: YOUR_TOKEN_HERE
-module.exports = function(req, res, next) {
+module.exports = (req, res, next) => {
   var token = req.headers.authorization;
-  if(!token) {
+  db.getHashedUserPassword("admin", () => {});
+  if (!token) {
     // token not sent
     sendError("Token was not recieved.\nExpected token in 'Authorization' header.", 401, next);
   } else {
-    njwt.verify(token, SIGNING_KEY, function(err, ver) {
-      if(err) {
+    njwt.verify(token, SIGNING_KEY, (err, ver) => {
+      if (err) {
         // token is expired
         sendError("Token is expired.'", 401, next);
       } else {
@@ -26,4 +31,4 @@ module.exports = function(req, res, next) {
       }
     });
   }
-}
+};