Base server logic

8 years ago · 0f96377e30
10 changed files with 404 additions and 3 deletions
--- a/controllers/admin.js
+++ b/controllers/admin.js
@ -0,0 +1,13 @@
+"use strict";
+
+var express = require('express');
+var router = express.Router();
+
+/**
+ * Admin
+ */
+router.get('/', (req, res) => {
+	res.send('OK');
+});
+
+module.exports = router;
--- a/controllers/auth.js
+++ b/controllers/auth.js
@ -0,0 +1,73 @@
+var express = require('express');
+var router = express.Router();
+var passport = require('passport');
+var ExpressBrute = require('express-brute');
+var ExpressBruteRedisStore = require('express-brute-redis');
+var moment = require('moment');
+
+/**
+ * Setup Express-Brute
+ */
+var EBstore = new ExpressBruteRedisStore({
+    prefix: 'bf:',
+    client: red
+});
+var bruteforce = new ExpressBrute(EBstore, {
+	freeRetries: 5,
+	minWait: 60 * 1000,
+	maxWait: 5 * 60 * 1000,
+	refreshTimeoutOnRequest: false,
+	failCallback(req, res, next, nextValidRequestDate) {
+		req.flash('alert', {
+	      class: 'error',
+	      title: 'Too many attempts!',
+	      message:  "You've made too many failed attempts in a short period of time, please try again " + moment(nextValidRequestDate).fromNow() + '.',
+	      iconClass: 'fa-times'
+	    });
+		res.redirect('/login');
+	}
+});
+
+/**
+ * Login form
+ */
+router.get('/login', function(req, res, next) {
+	res.render('auth/login', {
+		usr: res.locals.usr
+	});
+});
+
+router.post('/login', bruteforce.prevent, function(req, res, next) {
+		passport.authenticate('local', function(err, user, info) {
+
+			if (err) { return next(err); }
+
+			if (!user) {
+				req.flash('alert', {
+					class: 'error',
+					title: 'Invalid login',
+					message:  "The email or password is invalid.",
+					iconClass: 'fa-times'
+				});
+				return res.redirect('/login');
+			}
+
+			req.logIn(user, function(err) {
+	      if (err) { return next(err); }
+	      req.brute.reset(function () {
+				return res.redirect('/');
+			});
+	    });
+
+		})(req, res, next);
+});
+
+/**
+ * Logout
+ */
+router.get('/logout', function(req, res) {
+	req.logout();
+	res.redirect('/');
+});
+
+module.exports = router;
--- a/controllers/pages.js
+++ b/controllers/pages.js
@ -0,0 +1,13 @@
+"use strict";
+
+var express = require('express');
+var router = express.Router();
+
+/**
+ * Home
+ */
+router.get('/', (req, res) => {
+	res.send('OK');
+});
+
+module.exports = router;
--- a/middlewares/flash.js
+++ b/middlewares/flash.js
@ -0,0 +1,17 @@
+"use strict";
+
+/**
+ * Flash middleware
+ *
+ * @param      {Express Request}   req     Express Request object
+ * @param      {Express Response}  res     Express Response object
+ * @param      {Function}          next    Next callback function
+ * @return     {any}               void
+ */
+module.exports = (req, res, next) => {
+
+	res.locals.appflash = req.flash('alert');
+
+	next();
+
+};
--- a/models/auth.js
+++ b/models/auth.js
@ -0,0 +1,65 @@
+var LocalStrategy = require('passport-local').Strategy;
+
+module.exports = function(passport, appconfig) {
+
+    // Serialization user methods
+
+    passport.serializeUser(function(user, done) {
+        done(null, user._id);
+    });
+
+    passport.deserializeUser(function(id, done) {
+        db.User.findById(id).then((user) => {
+            done(null, user);
+        }).catch((err) => {
+            done(err, null);
+        });
+    });
+
+    // Setup local user authentication strategy
+
+    passport.use(
+        'local',
+        new LocalStrategy({
+            usernameField : 'email',
+            passwordField : 'password',
+            passReqToCallback : true
+        },
+        function(req, uEmail, uPassword, done) {
+            db.User.findOne({ 'email' :  uEmail }).then((user) => {
+                if (user) {
+                    user.validatePassword(uPassword).then((isValid) => {
+                        return (isValid) ? done(null, user) : done(null, false);
+                    });
+                } else {
+                    return done(null, false);
+                }
+            }).catch((err) => {
+                done(err);
+            });
+        })
+    );
+
+    // Check for admin access
+
+    db.connectPromise.then(() => {
+
+        db.User.count().then((count) => {
+            if(count < 1) {
+                winston.info('No administrator account found. Creating a new one...');
+                db.User.new({
+                    email: appconfig.admin,
+                    firstName: "Admin",
+                    lastName: "Admin",
+                    password: "admin123"
+                }).then(() => {
+                    winston.info('Administrator account created successfully!');
+                }).catch((ex) => {
+                    winston.error('An error occured while creating administrator account: ' + ex);
+                });
+            }
+        });
+
+    });
+
+};
--- a/package.json
+++ b/package.json
@ -31,6 +31,7 @@
  },
  "dependencies": {
    "auto-load": "^2.1.0",
+    "bcryptjs-then": "^1.0.1",
    "bluebird": "^3.4.1",
    "body-parser": "^1.15.2",
    "compression": "^1.6.2",
@ -54,7 +55,7 @@
    "moment-timezone": "^0.5.5",
    "mongoose": "^4.5.9",
    "mongoose-delete": "^0.3.4",
-    "node-bcrypt": "0.0.1",
+    "nodegit": "^0.14.1",
    "passport": "^0.3.2",
    "passport-local": "^1.0.0",
    "pug": "^2.0.0-beta5",
--- a/server.js
+++ b/server.js
@ -14,5 +14,174 @@ winston.info('Requarks Wiki is initializing...');
 global.ROOTPATH = __dirname;

 var appconfig = require('./models/config')('./config.yml');
-global.db = require('./models/db')(appconfig);
-global.red = require('./models/redis')(appconfig);
+global.db = require('./models/mongodb')(appconfig);
+global.red = require('./models/redis')(appconfig);
+
+var _ = require('lodash');
+var express = require('express');
+var path = require('path');
+var favicon = require('serve-favicon');
+var session = require('express-session');
+var redisStore = require('connect-redis')(session);
+var cookieParser = require('cookie-parser');
+var bodyParser = require('body-parser');
+var flash = require('connect-flash');
+var compression = require('compression');
+var passport = require('passport');
+var autoload = require('auto-load');
+var expressValidator = require('express-validator');
+var http = require('http');
+
+global.lang = require('i18next');
+var i18next_backend = require('i18next-node-fs-backend');
+var i18next_mw = require('i18next-express-middleware');
+
+var mw = autoload(path.join(ROOTPATH, '/middlewares'));
+var ctrl = autoload(path.join(ROOTPATH, '/controllers'));
+
+// ----------------------------------------
+// Define Express App
+// ----------------------------------------
+
+global.app = express();
+global.ROOTPATH = __dirname;
+var _isDebug = (app.get('env') === 'development');
+
+// ----------------------------------------
+// Security
+// ----------------------------------------
+
+app.use(mw.security);
+
+// ----------------------------------------
+// Passport Authentication
+// ----------------------------------------
+
+var strategy = require('./models/auth')(passport, appconfig);
+
+app.use(cookieParser());
+app.use(session({
+  name: 'requarkswiki.sid',
+  store: new redisStore({ client: red }),
+  secret: appconfig.sessionSecret,
+  resave: false,
+  saveUninitialized: false
+}));
+app.use(flash());
+app.use(passport.initialize());
+app.use(passport.session());
+
+// ----------------------------------------
+// Localization Engine
+// ----------------------------------------
+
+lang
+  .use(i18next_backend)
+  .use(i18next_mw.LanguageDetector)
+  .init({
+    load: 'languageOnly',
+    ns: ['common'],
+    defaultNS: 'common',
+    saveMissing: false,
+    supportedLngs: ['en', 'fr'],
+    preload: ['en', 'fr'],
+    fallbackLng : 'en',
+    backend: {
+      loadPath: './locales/{{lng}}/{{ns}}.json'
+    }
+  });
+
+// ----------------------------------------
+// View Engine Setup
+// ----------------------------------------
+
+app.use(compression());
+
+app.use(i18next_mw.handle(lang));
+app.set('views', path.join(ROOTPATH, 'views'));
+app.set('view engine', 'pug');
+
+//app.use(favicon(path.join(ROOTPATH, 'assets', 'favicon.ico')));
+app.use(bodyParser.json());
+app.use(bodyParser.urlencoded({ extended: false }));
+app.use(expressValidator());
+
+// ----------------------------------------
+// Public Assets
+// ----------------------------------------
+
+app.use(express.static(path.join(ROOTPATH, 'assets')));
+
+// ----------------------------------------
+// View accessible data
+// ----------------------------------------
+
+app.locals._ = require('lodash');
+app.locals.moment = require('moment');
+app.locals.appconfig = appconfig;
+//app.locals.appdata = require('./data.json');
+app.use(mw.flash);
+
+// ----------------------------------------
+// Controllers
+// ----------------------------------------
+
+app.use('/', ctrl.auth);
+
+app.use('/', ctrl.pages);
+app.use('/admin', mw.auth, ctrl.admin);
+
+// ----------------------------------------
+// Error handling
+// ----------------------------------------
+
+// catch 404 and forward to error handler
+app.use(function(req, res, next) {
+  var err = new Error('Not Found');
+  err.status = 404;
+  next(err);
+});
+
+// error handlers
+app.use(function(err, req, res, next) {
+  res.status(err.status || 500);
+  res.render('error', {
+    message: err.message,
+    error: _isDebug ? err : {}
+  });
+});
+
+// ----------------------------------------
+// Start HTTP server
+// ----------------------------------------
+
+winston.info('Requarks Wiki has initialized successfully.');
+
+winston.info('Starting HTTP server on port ' + appconfig.port + '...');
+
+app.set('port', appconfig.port);
+var server = http.createServer(app);
+server.listen(appconfig.port);
+server.on('error', (error) => {
+  if (error.syscall !== 'listen') {
+    throw error;
+  }
+
+  // handle specific listen errors with friendly messages
+  switch (error.code) {
+    case 'EACCES':
+      console.error('Listening on port ' + appconfig.port + ' requires elevated privileges!');
+      process.exit(1);
+      break;
+    case 'EADDRINUSE':
+      console.error('Port ' + appconfig.port + ' is already in use!');
+      process.exit(1);
+      break;
+    default:
+      throw error;
+  }
+});
+
+server.on('listening', () => {
+  winston.info('HTTP server started successfully! [RUNNING]');
+});
--- a/views/auth/login.pug
+++ b/views/auth/login.pug
@ -0,0 +1 @@
+DUDE
--- a/views/error.pug
+++ b/views/error.pug
@ -0,0 +1,21 @@
+doctype html
+html
+	head
+		meta(http-equiv='X-UA-Compatible', content='IE=edge')
+		meta(charset='UTF-8')
+		title= appconfig.title
+
+		// Favicon
+		each favsize in [32, 96, 16]
+			link(rel='icon', type='image/png', sizes=favsize + 'x' + favsize href='/images/favicon-' + favsize + 'x' + favsize + '.png')
+
+		// CSS
+		link(href='https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700|Inconsolata', rel='stylesheet', type='text/css')
+		link(type='text/css', rel='stylesheet', href='/css/app.css')
+
+	body(class='server-error')
+		#root
+			img(src='/images/logo-text_218x80.png')
+			h1 Oops, something went wrong
+			h4= message
+			pre #{error.stack}
--- a/views/layout.pug
+++ b/views/layout.pug
@ -0,0 +1,28 @@
+doctype html
+html
+	head
+		meta(http-equiv='X-UA-Compatible', content='IE=edge')
+		meta(charset='UTF-8')
+		meta(name='theme-color', content='#009688')
+		meta(name='msapplication-TileColor', content='#009688')
+		title= appconfig.title
+
+		// Favicon
+		each favsize in [32, 96, 16]
+			link(rel='icon', type='image/png', sizes=favsize + 'x' + favsize href='/images/favicon-' + favsize + 'x' + favsize + '.png')
+
+		// CSS
+		link(type='text/css', rel='stylesheet', href='/css/libs.css')
+		link(type='text/css', rel='stylesheet', href='/css/app.css')
+
+		block head
+
+	body
+		#root
+			include ./common/header
+			include ./common/alerts
+			main
+				block content
+			include ./common/footer
+
+		block outside