import Book from '../../data/Book'; import * as DataEvent from '../../../src/com/events/DataEvent'; const express = require('express'); const router = express.Router(); const multer = require('multer'); const fs = require('fs-extra'); const moment = require('moment'); const jwt = require('jsonwebtoken'); const bCrypt = require('bcrypt-nodejs'); const book = new Book(); const _ = require('lodash'); const uploadPath = './public/assets/images/blog/' + moment().format('YYYY') + '/' + moment().format('MM'); fs.ensureDir(uploadPath, () => { // dir has now been created, including the directory it is to be placed in }); var storage = multer.diskStorage({ destination: function(req, file, cb) { cb(null, uploadPath); }, filename: function(req, file, cb) { var splice = file.originalname.split(':'); cb(null, splice[0]); } }); var feature_upload = multer({ storage: storage }).array('feature_image'); var post_upload = multer({ storage: storage }).array('post_image'); /** * Retrives list of Pages * @public */ router.get('/', (req, res) => { book.getPage().then(result => { res.json(result); }); }); /** * Add/Update Page */ router.post('/write/:task?', feature_upload, (req, res) => { if (req.session.user) { authCheck(req) .then(() => { let body = _.mapValues(req.body); let feature = ''; let task = ''; req.params.task === 'new' ? (task = DataEvent.API_PAGE_CREATE) : (task = DataEvent.API_PAGE_WRITE); if (req.files.length > 0) { var path = req.files[0].path; feature = '/' + path.substring(7, path.length); } else { var url = body.feature_image; url != null || url != undefined || url != '' ? (feature = url.substring(21, url.length)) : (feature = ''); } body.feature = feature; body.deleted = false; book.editPage(body, body.page_uuid, task, req.session.user) .then(result => { if (result.type === DataEvent.PAGE_CREATE) { fs.readJSON('site/settings.json').then(settings => { settings.library_stats.current_index = ++settings.library_stats .current_index; settings.library_stats.total_pages = ++settings.library_stats .total_pages; fs.writeJSON('site/settings.json', settings); }); } res.json(result); }) .catch(err => { res.json(err); }); }) .catch(err => { res.json(err); }); } }); /** * Soft deletes Page */ router.post('/delete', (req, res) => { if (req.session.user) { authCheck(req) .then(() => { book.editPage([], req.body.id, DataEvent.API_PAGE_DELETE, req.session.user) .then(result => { res.json(result); }) .catch(err => { res.json(err); }); }) .catch(err => { res.json(err); }); } }); /** * Uploads image from a Page content */ router.post('/add-post-image', post_upload, function(req, res) { //console.log(req.body); var image = req.files[0].path; return res.json({ type: DataEvent.POST_IMAGE_ADDED, message: 'Added Image', url: '/' + image.substr(7, image.length) }); }); module.exports = router; function isTokenValid(token, hashedToken) { return bCrypt.compareSync(token, hashedToken); } function authCheck(req) { return new Promise((resolve, reject) => { let hash = req.headers['x-access-token']; let response = []; //Checks if token is a proper hash, if not reject if (!isTokenValid(req.session.token, hash)) { response = { status: false, type: DataEvent.API_REQUEST_LAME, message: 'No Token Present. Auth Blocked' }; reject(response); //res.json(); } else { var member = req.session.user; jwt.verify(req.session.token, member.key, function(err, decoded) { if (err) { response = { status: false, type: DataEvent.API_REQUEST_LAME, message: 'Invalid Token. Auth Blocked' }; reject(response); } response = { status: true, type: DataEvent.API_REQUEST_GOOD, message: 'Token Verified', token: decoded }; resolve(response); }); } }); }