-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
157 lines (134 loc) · 4.52 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
const express = require("express");
const jwt = require("jsonwebtoken");
const bodyParser = require("body-parser");
const cors = require('cors')
const app = express();
const PORT = process.env.PORT || 8081;
const crypto = require("crypto");
require('dotenv').config();
const config = {
connectionString:
"postgres://gameportal_db_user:TnJdfCS9gNV1j1P19fsGp2H14t6qkf1N@dpg-cjrcte61208c73bkhro0-a.singapore-postgres.render.com/gameportal_db?ssl=true",
};
const { Client } = require('pg');
const { constants } = require("buffer");
const client = new Client(config);
client.connect()
app.use(cors())
app.use(bodyParser.json({limit: '50mb'}));
app.use(bodyParser.urlencoded({ limit: '50mb', extended: false, parameterLimit:50000 }));
app.listen(PORT, () => {
console.log(`listening on ${PORT}`);
});
function GenerateJWT(_userId, _username, _user_type)
{
return jwt.sign(
{ userId: _userId, username: _username, user_type: _user_type},
process.env.TOKEN_KEY,
{ expiresIn: "24h" }
);
}
function verifyToken(req, res, next) {
const authHeader = req.headers["authorization"];
if (authHeader) {
const token = authHeader.split(" ")[1];
jwt.verify(token, process.env.TOKEN_KEY, (err, user) =>
{
if (err)
{
return res.sendStatus(403);
}
req.user = user;
next();
});
}
else
{
res.sendStatus(401);
}
}
app.get('/', async (req, res) => {
res.status(200).send("OK");
})
//USER Login + CRUD
app.post('/user/login', async (req, res) => {
if( typeof(req.body.username) == 'undefined' || typeof(req.body.password) == 'undefined')
{
return res.status(500).send("Error: Please enter your username and password to login.");
}
client.query("SELECT * FROM users WHERE username = '"+req.body.username+"' AND password = crypt('"+req.body.password+"', password)")
.then((result) => {
if(result.rows.length > 0)
{
const token = GenerateJWT(result.rows[0].id, result.rows[0].username, result.rows[0].user_type);
client.query("UPDATE users SET last_login = NOW() WHERE id = "+result.rows[0].id)
res.status(200).json({
success: true,
data: {
userId: result.rows[0].id,
token: token,
},
});
}
else
{
res.status(500).send("Error: Wrong Username or Password");
}
})
.catch((e) => {
console.error(e.stack);
res.status(500).send(e.stack);
})
})
app.post('/user/create', async (req, res) => {
if( typeof(req.body.username) == 'undefined' || typeof(req.body.password) == 'undefined')
{
return res.status(500).send("Error: Please fill in your username and password to complete the registration process.");
}
client.query("SELECT * FROM users WHERE username = '"+req.body.username+"'")
.then((result) => {
if(result.rows.length > 0)
{
if(req.body.username == result.rows[0].username)
return res.status(500).send("Error: username has been taken");
}
else
{
client.query("INSERT INTO users (username, password) VALUES ('"+req.body.username+"', crypt('"+req.body.password+"', gen_salt('bf')))")
.then((result) => {
res.status(201).send("Register Success");
})
.catch((e) => {
console.error(e.stack);
res.status(500).send(e.stack);
})
}
})
.catch((e) => {
console.error(e.stack);
res.status(500).send(e.stack);
})
})
app.get('/user/get/:id', verifyToken, async (req, res) => {
client.query("SELECT username, credit FROM users WHERE id = "+req.params.id)
.then((result) => {
if(result.rowCount <= 0)
res.status(500).send("User doesnt exist");
else
res.send(JSON.stringify(result.rows[0]))
})
.catch((e) => {
console.error(e.stack);
res.status(500).send(e.stack);
})
})
app.get('/colordice/get/', verifyToken, async (req, res) => {
client.query("SELECT * FROM colordice_matches")
.then((result) => {
res.send(JSON.stringify(result.rows))
})
.catch((e) => {
console.error(e.stack);
res.status(500).send(e.stack);
})
})