-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.js
156 lines (135 loc) · 5.55 KB
/
main.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
// npm install express
// npm install jade
// npm install mongolian
// npm install coffee-script
// checking trello
var express = require('express');
require('jade');
var DbMgr = require('./db2');
var vroutes = require('./vroutes');
var passport = require('passport');
var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
var AppBaseUrl = 'http://vlcb.netrc.c9.io/';
if (process.env.NODE_ENV === 'production') {
// set: heroku config:add NODE_ENV=production --app vlcb
// set: heroku config:add VLCB_HEROKU_URL=http://vlcb.herokuapp.com --app vlcb
AppBaseUrl = process.env.VLCB_HEROKU_URL;
}
// see example at https://github.com/jaredhanson/passport-google-oauth/blob/master/examples/oauth2/app.js
// see https://code.google.com/apis/console
var GOOGLE_CLIENT_ID = '813523971348-c4umm4e0vsqpqfs6m5m87h9h1ap24l4b.apps.googleusercontent.com';
var GOOGLE_CLIENT_SECRET = 'Vj3T18kyITMIWUE6DBDtMhFH';
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
var PassportReturnUrl = AppBaseUrl + 'auth/google/return';
passport.use(new GoogleStrategy({
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: PassportReturnUrl
}, function(accessToken, refreshToken, profile, done) {
// User.findOrCreate({ openId: identifier }, function(err, user) {
// done(err, user);
// });
console.log("google has returned:");
console.log("profile: dn:" + profile.displayName+" email:"+ profile.emails[0].value);
// maybe this is where I figure out the authorization role? reader / editor
//profile.identifier = identifier;
// everyone is readonly, except for me
profile.role = "readonly";
if (profile.emails[0].value == "[email protected]") {
profile.role = "vlcbEditor";
}
console.log("profile role: " + profile.role);
return done(null, profile);
}
));
var vlcbAuthorization = function( req, res, next ) {
// every page gets our role cookie
res.cookie('vlcbRole', ((req.user) && (req.user.role == "vlcbEditor")) ? 'vlcbEditor' : 'readonly');
if (req.method != "POST") {
return next(); // not a POST, go ahead
}
if ( (req.user) && (req.user.role == "vlcbEditor")) {
return next(); // POST and an editor, go ahead
}
// POST but not an editor !!
//console.log("vlcba:", req.method, ":not permitted");
// set a res.flashUnauthPost
res.redirect('back');
};
var vlcbLogout = function(req, res){
req.logout();
res.redirect('back');
};
var app = express();
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.cookieParser('foobar'));
app.use(express.bodyParser());
app.use(express.session({ secret: 'vlcb!083c4n#M.vAs' }));
app.use(passport.initialize());
app.use(passport.session());
app.use(vlcbAuthorization);
app.use(app.router);
app.use(express.static('views')); // will check this dir for undefined pages...
app.set('views', __dirname + '/views'); // sets render dir
// html views
app.get('/', vroutes.vindex);
app.get('/rubbing/:rname?', vroutes.rubbing);
app.get('/brass/:bname?', vroutes.brass);
app.get('/church/:cname?', vroutes.church);
app.get('/map/:cname?', vroutes.map);
app.get('/blog', vroutes.blog);
app.get('/rss', vroutes.rss);
app.get('/note/:nname', vroutes.note);
app.get('/pic', vroutes.pic);
app.get('/software', vroutes.software);
app.get('/log', vroutes.log);
app.get('/dobatch', vroutes.doBatch);
// Authorization / Passport
var Gapip = 'https://www.googleapis.com/auth/userinfo.profile';
var Gapie = 'https://www.googleapis.com/auth/userinfo.email';
app.get('/auth/google', passport.authenticate('google', { scope: [ Gapip, Gapie ] } ),
function(req,res) {
});
app.get('/auth/google/return', passport.authenticate('google', { successRedirect: '/', failureRedirect: '/auth/login' } ),
function(req,res) {
});
app.get('/auth/logout', vlcbLogout);
// rest interfaces
// ... get all of category
app.get('/rest/Church', vroutes.restGetChurch);
app.get('/rest/Pic', vroutes.restGetPic);
app.get('/rest/Brass', vroutes.restGetBrass);
app.get('/rest/Rubbing', vroutes.restGetRubbing);
app.get('/rest/Blog', vroutes.restGetBlog);
app.get('/rest/Log', vroutes.restGetLog);
// ... post one new item
app.post('/rest/Rubbing', vroutes.restPostRubbing);
app.post('/rest/Brass', vroutes.restPostBrass);
app.post('/rest/Pic', vroutes.restPostPic);
app.post('/rest/Blog', vroutes.restPostBlog);
// ...
app.get('/rest/Note/:cat/:title?', vroutes.restGetNoteMD);
app.post('/rest/Note/:cat/:title?', vroutes.restPostNoteMD);
app.get('/rest/Church/:cname', vroutes.restGetChurchShow); // TODO no more Church show
app.get('/rest/Church/:cname/Brass', vroutes.restGetBrassByChurch);
app.get('/rest/Brass/:bname/Rubbing', vroutes.restGetRubbingByBrass);
// ... generic get Pics
app.get('/rest/:cat/:name/Pics', vroutes.restGetPicsByCategory);
app.get('/rest/:cat/:name/:field', vroutes.restGetGenericField);
app.post('/rest/:cat/:name/:field', vroutes.restPostGenericField);
// ... other helpers
app.get('/rest/qa/:testname', vroutes.restQAtest);
app.get('/rest/dumpData', vroutes.restDumpData);
// ... special data collections for x-edit selection buttons
app.get('/rest/xeditSelect/Church', vroutes.restXeditSelectChurch);
app.get('/rest/xeditSelect/Brass', vroutes.restXeditSelectBrass);
DbMgr.initConn( 'vlc', 'vlcmdb!', 'ds033307.mongolab.com', '33307', 'vlcbtest');
console.log('initConn - done');
app.listen(process.env.PORT);
console.log('listening on ' + process.env.PORT);