WebFund 2013W Lecture 23: Difference between revisions

From Soma-notes
No edit summary
No edit summary
Line 1: Line 1:
The final exam will be similar to the midterm.  To prepare, make sure you understand the content on the midterm and understand the following code fragments.
The final exam will be similar to the midterm.  To prepare, make sure you understand the content on the midterm and understand the following code fragments.


===demo-auth-hash/app.js===
=Code=
 
==demo-auth-hash/app.js==


<source lang ="javascript">
<source lang ="javascript">
Line 152: Line 154:
});
});


</source>
==demo-auth-hash/views/layout.jade==
<source lang="javascript">
doctype 5
html
  head
    title= title
    script(src='/libs/jquery/jquery.min.js')
    script(src='/src/home.js')
    link(rel='stylesheet', href='/libs/bootstrap/css/bootstrap.min.css')
    link(rel='stylesheet', href='/stylesheets/style.css')
  body
    block content
</source>
==demo-auth-hash/views/index.jade==
<source lang="javascript">
extends layout
block content
  h1= title
  p Welcome to #{title}
  - if(error)
    div.alert-error #{error}
  p Please log in
  div
    form(action="/login", method="post")
        div.control-group.input-append
            input(type="text", name="username")
            label.add-on(for="username") Username
        div.control-group.input-append
            input(type="password", name="password")
            label.add-on(for="password") Password
           
        button(type="submit") Login
        button#register(type="button") Register
</source>
==blog-updated/articleprovider-mongodb.js==
<source lang="javascript">
var Db = require('mongodb').Db;
var Connection = require('mongodb').Connection;
var Server = require('mongodb').Server;
var BSON = require('mongodb').BSON;
var ObjectID = require('mongodb').ObjectID;
ArticleProvider = function(host, port) {
    this.db= new Db('node-mongo-blog', new Server(host, port, {auto_reconnect: true}), {journal: true});
  this.db.open(function(){});
};
//addCommentToArticle
ArticleProvider.prototype.addCommentToArticle = function(articleId, comment, callback) {
  this.getCollection(function(error, article_collection) {
    if( error ) callback( error );
    else {
      article_collection.update(
        {_id: article_collection.db.bson_serializer.ObjectID.createFromHexString(articleId)},
        {"$push": {comments: comment}},
        function(error, article){
          if( error ) callback(error);
          else callback(null, article)
        });
    }
  });
};
//getCollection
ArticleProvider.prototype.getCollection= function(callback) {
  this.db.collection('articles', function(error, article_collection) {
    if( error ) callback(error);
    else callback(null, article_collection);
  });
};
//findAll
ArticleProvider.prototype.findAll = function(callback) {
    this.getCollection(function(error, article_collection) {
      if( error ) callback(error)
      else {
        article_collection.find().toArray(function(error, results) {
          if( error ) callback(error)
          else callback(null, results)
        });
      }
    });
};
//findById
ArticleProvider.prototype.findById = function(id, callback) {
    this.getCollection(function(error, article_collection) {
      if( error ) callback(error)
      else {
        article_collection.findOne({_id: article_collection.db.bson_serializer.ObjectID.createFromHexString(id)}, function(error, result) {
          if( error ) callback(error)
          else callback(null, result)
        });
      }
    });
};
//save
ArticleProvider.prototype.save = function(articles, callback) {
    this.getCollection(function(error, article_collection) {
      if( error ) callback(error)
      else {
        if( typeof(articles.length)=="undefined")
          articles = [articles];
        for( var i =0;i< articles.length;i++ ) {
          article = articles[i];
          article.created_at = new Date();
          if( article.comments === undefined ) article.comments = [];
          for(var j =0;j< article.comments.length; j++) {
            article.comments[j].created_at = new Date();
          }
        }
        article_collection.insert(articles, function() {
          callback(null, articles);
        });
      }
    });
};
exports.ArticleProvider = ArticleProvider;
</source>
</source>

Revision as of 16:12, 9 April 2013

The final exam will be similar to the midterm. To prepare, make sure you understand the content on the midterm and understand the following code fragments.

Code

demo-auth-hash/app.js

/**
 * Module dependencies.
 */

var express = require('express')
  , routes = require('./routes')
  , user = require('./routes/user')
  , http = require('http')
  , path = require('path')
  , bcrypt = require("bcrypt") //hashing algorithm
  , MongoStore = require('connect-mongo')(express) //session datastore using mongodb
  , mongoose = require('mongoose') //blessed mongodb connector
  , User; //User class defined below

//connect to the "users" database
mongoose.connect('mongodb://localhost/users');
var db = mongoose.connection;

db.on('error', console.error.bind(console, 'connection error:'));

//once the DB connection is open...
db.once('open', function callback () {
        //Create a mongoose Schema (document structure)
  var userSchema = mongoose.Schema({
                username: String,
                password: String
        });
        
        //Convert this schema into an instantiable "model" Class 
        User = mongoose.model("User", userSchema);
});


  
var app = express();

app.configure(function(){
  app.set('port', process.env.PORT || 3000);
  app.set('views', __dirname + '/views');
  app.set('view engine', 'jade');
  app.use(express.favicon());
  app.use(express.logger('dev'));
  app.use(express.bodyParser());
  app.use(express.methodOverride());
  
  //enable cookies
  app.use(express.cookieParser());
  
  //setup session management
  app.use(express.session({
                  cookie: {maxAge: 60000 * 20} // 20 minutes
                , secret: "Shh... I'm a secret"
                , store: new MongoStore({ //use a mongo-connect store
      db: "sessions" 
    })
        }));
        
  app.use(app.router);
  app.use(require('less-middleware')({ src: __dirname + '/public' }));
  app.use(express.static(path.join(__dirname, 'public')));
});

app.configure('development', function(){
  app.use(express.errorHandler());
});

app.get('/', function(req, res, next){
    //redirect to user page if logged in
    if(req.session.username){
        res.redirect("/users");
    }else{
        next();
    }
}, routes.index);
app.get('/users', function(req, res, next){
    //redirect home if not logged in
    if(req.session.username){
        next();
    }else{
        res.redirect("/");
    }
}, user.list);

app.post("/register", function(req, res){
        var username = req.body.username;
        var password = req.body.password;
        User.find({username: username}, function(err, users){
          //check if the user already exists
          if(users.length!=0){
                  res.redirect("/?error=user already exists");  
                  return;
          }
          //generate a salt, with 10 rounds (2^10 iterations)
          bcrypt.genSalt(10, function(err, salt) {
                  //hash the given password using the salt we generated
      bcrypt.hash(password, salt, function(err, hash) {
        //create a new instance of the mongoose User model we defined above
        var newUser = new User({
                username: username,
                password: hash
        });     
        
        //save() is a magic function from mongoose that saves this user to our DB
        newUser.save(function(err, newUser){
                res.send("successfully registered user: "+newUser.username);
        });    
      });
          });   
        });     
});

app.post("/login", function(req, res){
        var username = req.body.username;
        var password = req.body.password;
        //Search the Database for a User with the given username
        User.find({username: username}, function(err, users){
                //we couldn't find a user with that name
                if(err || users.length==0){
                        res.redirect("/?error=invalid username or password");   
                        return;
                }
                
                var user = users[0];
                //compare the hash we have for the user with what this password hashes to
                bcrypt.compare(password, user.password, function(err, authenticated){
                        if(authenticated){
                                req.session.username = user.username;
                                res.redirect("/users");
                        }else{
                                res.redirect("/?error=invalid username or password");   
                        }
                });
        });
});

app.post("/logout", function(req, res){
        req.session.destroy(function(err){
      if(err){
          console.log("Error: %s", err);
      }
      res.redirect("/");
  });   
});

http.createServer(app).listen(app.get('port'), function(){
  console.log("Express server listening on port " + app.get('port'));
});

demo-auth-hash/views/layout.jade

doctype 5
html
  head
    title= title
    script(src='/libs/jquery/jquery.min.js')
    script(src='/src/home.js')
    link(rel='stylesheet', href='/libs/bootstrap/css/bootstrap.min.css')
    link(rel='stylesheet', href='/stylesheets/style.css')
  body
    block content

demo-auth-hash/views/index.jade

extends layout

block content
  h1= title
  p Welcome to #{title}
  - if(error)
    div.alert-error #{error}
  p Please log in
  div
    form(action="/login", method="post")
        div.control-group.input-append
            input(type="text", name="username")
            label.add-on(for="username") Username
        div.control-group.input-append
            input(type="password", name="password")
            label.add-on(for="password") Password
            
        button(type="submit") Login
        button#register(type="button") Register

blog-updated/articleprovider-mongodb.js

var Db = require('mongodb').Db;
var Connection = require('mongodb').Connection;
var Server = require('mongodb').Server;
var BSON = require('mongodb').BSON;
var ObjectID = require('mongodb').ObjectID;

ArticleProvider = function(host, port) {
    this.db= new Db('node-mongo-blog', new Server(host, port, {auto_reconnect: true}), {journal: true});
  this.db.open(function(){});
};

//addCommentToArticle

ArticleProvider.prototype.addCommentToArticle = function(articleId, comment, callback) {
  this.getCollection(function(error, article_collection) {
    if( error ) callback( error );
    else {
      article_collection.update(
        {_id: article_collection.db.bson_serializer.ObjectID.createFromHexString(articleId)},
        {"$push": {comments: comment}},
        function(error, article){
          if( error ) callback(error);
          else callback(null, article)
        });
    }
  });
};

//getCollection

ArticleProvider.prototype.getCollection= function(callback) {
  this.db.collection('articles', function(error, article_collection) {
    if( error ) callback(error);
    else callback(null, article_collection);
  });
};

//findAll
ArticleProvider.prototype.findAll = function(callback) {
    this.getCollection(function(error, article_collection) {
      if( error ) callback(error)
      else {
        article_collection.find().toArray(function(error, results) {
          if( error ) callback(error)
          else callback(null, results)
        });
      }
    });
};

//findById

ArticleProvider.prototype.findById = function(id, callback) {
    this.getCollection(function(error, article_collection) {
      if( error ) callback(error)
      else {
        article_collection.findOne({_id: article_collection.db.bson_serializer.ObjectID.createFromHexString(id)}, function(error, result) {
          if( error ) callback(error)
          else callback(null, result)
        });
      }
    });
};

//save
ArticleProvider.prototype.save = function(articles, callback) {
    this.getCollection(function(error, article_collection) {
      if( error ) callback(error)
      else {
        if( typeof(articles.length)=="undefined")
          articles = [articles];

        for( var i =0;i< articles.length;i++ ) {
          article = articles[i];
          article.created_at = new Date();
          if( article.comments === undefined ) article.comments = [];
          for(var j =0;j< article.comments.length; j++) {
            article.comments[j].created_at = new Date();
          }
        }

        article_collection.insert(articles, function() {
          callback(null, articles);
        });
      }
    });
};

exports.ArticleProvider = ArticleProvider;