diff options
| -rw-r--r-- | public/js/protocols_site.js | 160 | ||||
| -rw-r--r-- | server/api/party.js | 15 | ||||
| -rw-r--r-- | server/api/user.js | 14 | ||||
| -rw-r--r-- | server/auth/index.js | 17 | ||||
| -rw-r--r-- | server/index.js | 8 | ||||
| -rw-r--r-- | server/middleware.js | 32 |
6 files changed, 119 insertions, 127 deletions
diff --git a/public/js/protocols_site.js b/public/js/protocols_site.js index 3a38ab9..41123bd 100644 --- a/public/js/protocols_site.js +++ b/public/js/protocols_site.js @@ -3,7 +3,7 @@ var URLregexp = /^(https?:\/\/)(www.)?([-A-Z0-9.]+)(\/)?([-A-Z0-9+&@#\/%?=~_|!:, var months = { Jan: 0, Feb: 1, Mar: 2, Apr: 3, May: 4, Jun: 5, Jul: 6, Aug: 7, Sep: 8, Oct: 9, Nov: 10, Dec: 11 } function isScrolledIntoView (elem) { - return true; + return true; var docViewTop = $(window).scrollTop(); var docViewBottom = docViewTop + $(window).height(); var elemTop = $(elem).offset().top; @@ -31,7 +31,7 @@ function is_image(s) } return false } -var domain_extensions = [".com",".net",".org",".uk",".fr",".de",".ch",".info",".nu",".mu","facebook.com","twitter.com"] +var domain_extensions = [".com",".net",".org",".uk",".fr",".de",".ch",".info",".nu",".mu",".io","facebook.com","twitter.com"] function has_domain(s) { for (var i in domain_extensions) @@ -75,9 +75,9 @@ function linkify(s) { var link = ''; var punctuation = ''; - var end = s.length-1; + var end = s.length-1; - // strip the terminal punctuation mark if it's a period or comma + // strip the terminal punctuation mark if it's a period or comma if (s.indexOf(".", end) === end || s.indexOf(",", end) === end) { punctuation = s.substr(end, 1); @@ -91,26 +91,26 @@ function linkify(s) uname = partz[partz.length-1]; else if (parts[-2].length) uname = partz[partz.length-2]; - link = '<a href="' + s + '" target="_blank">@' + uname + '</a>'; + link = '<a href="https://twitter.com/' + uname + '" target="_blank">@' + uname + '</a>'; } else { // link = s.replace(URLregexp,"<a href='$1$2$3$4$5' target='_blank'>[$3]</a>"); - var match = URLregexp.exec(s); - if (match && match.length == 6) - { - var url = match[0] || ""; - var http = match[1] || ""; - var www = match[2] || ""; - var domain = match[3] || ""; - var slash = match[4] || ""; - var uri = match[5] ? match[5].replace(/\/?index.html$/, "") : ""; - link = '<a href="' + url + '" target="_blank">[' + domain + ']</a>'; - } - else - { - link = s.replace(URLregexp,"<a href='$1$2$3$4$5' target='_blank'>[$3]</a>"); - } + var match = URLregexp.exec(s); + if (match && match.length == 6) + { + var url = match[0] || ""; + var http = match[1] || ""; + var www = match[2] || ""; + var domain = match[3] || ""; + var slash = match[4] || ""; + var uri = match[5] ? match[5].replace(/\/?index.html$/, "") : ""; + link = '<a href="' + url + '" target="_blank">[' + domain + ']</a>'; + } + else + { + link = s.replace(URLregexp,"<a href='$1$2$3$4$5' target='_blank'>[$3]</a>"); + } } return link + punctuation; } @@ -118,21 +118,21 @@ var URL = { auth: { - login: "/cgi-bin/auth/login.cgi", - logout: "/cgi-bin/auth/logout.cgi", + login: "/login", + logout: "/logout", }, party: { - list: "/cgi-bin/party/list.cgi", - view: "/cgi-bin/party/view.cgi", - edit: "/cgi-bin/party/edit.cgi", + list: "/api/party/list", + view: "/api/party/view", + edit: "/api/party/edit", }, user: { - all: "/cgi-bin/user/all.cgi", - view: "/cgi-bin/user/view.cgi", - edit: "/cgi-bin/user/edit.cgi", - deleter: "/cgi-bin/user/delete.cgi", + all: "/api/user/all", + view: "/api/user/view", + edit: "/api/user/edit", + destroy: "/api/user/destroy", }, }; var Party = @@ -194,7 +194,7 @@ var Party = $('#userEditContainer').hide() $('#partyEditContainer').hide() $('#userListContainer').fadeOut(200) - $.get(URL.party.view,{'id':id},Party.viewCallback) + $.get(URL.party.view, {'id':id}, Party.viewCallback) }, viewCallback: function (raw) { @@ -352,7 +352,7 @@ var Users = userlist: {}, hovering: true, current: false, - allCount: 0, + allCount: 0, userListIndex: [], currentIdx: -1, all: function () @@ -373,7 +373,7 @@ var Users = return } var partyUserList = []; - var guestHosts = []; + var guestHosts = []; var editable = []; var firstletter = "A"; Users.allCount = 0; @@ -392,9 +392,9 @@ var Users = var a = fields[2].substr(0,1) var li = "li id='r-"+Users.allCount+"'" - var userRow = ""; - var editSpan = ""; - + var userRow = ""; + var editSpan = ""; + if (firstletter !== a) { firstletter = a @@ -407,34 +407,34 @@ var Users = editable.push(fields[0]); } - switch (fields[1]) { - case '2': // host - userRow = "<"+li+"><span class='view' id='user-"+fields[0]+"'>"+fields[2]+" *</span>" + editSpan + "</li>"; - break; - case '1': // guest host - userRow = "<"+li+"><span class='view' id='user-"+fields[0]+"'>"+fields[2]+" *</span>" + editSpan + "</li>"; - guestHosts.push(userRow); - Users.userListIndex.unshift('user-'+fields[0]); - Users.allCount += 1; + switch (fields[1]) { + case '2': // host + userRow = "<"+li+"><span class='view' id='user-"+fields[0]+"'>"+fields[2]+" *</span>" + editSpan + "</li>"; + break; + case '1': // guest host + userRow = "<"+li+"><span class='view' id='user-"+fields[0]+"'>"+fields[2]+" *</span>" + editSpan + "</li>"; + guestHosts.push(userRow); + Users.userListIndex.unshift('user-'+fields[0]); + Users.allCount += 1; - break; - default: // guest - userRow = "<"+li+"><span class='view' id='user-"+fields[0]+"'>"+fields[2]+"</span>" + editSpan + "</li>"; - } + break; + default: // guest + userRow = "<"+li+"><span class='view' id='user-"+fields[0]+"'>"+fields[2]+"</span>" + editSpan + "</li>"; + } - partyUserList.push(userRow); + partyUserList.push(userRow); Users.userlist['user-'+fields[0]] = fields; Users.userListIndex.push('user-'+fields[0]); Users.allCount += 1; } $('#partyLocation').html(""); - var guestHostHeader = "<li class='hostlist'>Guest Hosts</li>"; - var guestListHeader = "<li class='br'></li><li class='hostlist'>Guest List</li>"; - for (var i in guestHosts) - guestHosts[i] = guestHosts[i].replace("class='br'","").replace("*",""); - // console.log(guestHosts); - // guestHosts[guestHosts.length-1] = guestHosts[guestHosts.length-1].replace("<li", "<li class='br'"); + var guestHostHeader = "<li class='hostlist'>Guest Hosts</li>"; + var guestListHeader = "<li class='br'></li><li class='hostlist'>Guest List</li>"; + for (var i in guestHosts) + guestHosts[i] = guestHosts[i].replace("class='br'","").replace("*",""); + // console.log(guestHosts); + // guestHosts[guestHosts.length-1] = guestHosts[guestHosts.length-1].replace("<li", "<li class='br'"); $('#userList').html(guestHostHeader + guestHosts.join("") + guestListHeader + partyUserList.join("")); $('#user-add').hide(); @@ -678,7 +678,7 @@ var Users = var name = $('#user-name').val() var r = confirm("ARE YOU SURE YOU WANT TO DELETE " + name + "?") if (r) - $.post(URL.user.deleter, {'id':id}, Users.deleteClickCallback) + $.post(URL.user.destroy, {'id':id}, Users.deleteClickCallback) }, deleteClickCallback: function () { @@ -802,7 +802,7 @@ var Auth = hosts: {}, init: function () { - if (document.cookie.indexOf("_protocols") !== -1) + if (document.cookie.indexOf("sid.protocols") !== -1) { warn('got cookie') $.post(URL.auth.login, {}, Auth.loginCallback) @@ -845,19 +845,11 @@ var Auth = $('#login-password').val(''), $.post(URL.auth.login, data, Auth.loginCallback) }, - loginCallback: function (raw) + loginCallback: function (json) { Main.saving = false - var lines = raw.split("\n") - if (lines.shift() !== API_MAGIC) - { - if (! Auth.loginPrompt) - Auth.load() - warn("bad api: login") - return - } - var result = lines.shift().split("\t") - if (result[0] === '0') + + if (json.error) { if (! Auth.loginPrompt) Auth.load() @@ -867,28 +859,28 @@ var Auth = } // 0 id 1 name 2 firstname 3 email 4 access - var name = result[1].split(' ')[0] || result[1].split('@')[0] + var user = Auth.user = json.user + + var name = user.name.split(' ')[0] || user.email.split('@')[0] warn( "Logged in! Hello "+name ) - Auth.userID = result[0] - Auth.isHost = result[4] == 2 ? true : false; - Auth.name = result[1] - Auth.firstName = result[2] + Auth.userID = user.id + Auth.isHost = user.access == 2 ? true : false; + Auth.name = user.name + Auth.firstName = name $('#profile-edit').html(Auth.firstName + "!") $('#logout').click( Auth.logout ) var hostSelect = "" - for (i in lines) - { - if (! lines[i]) - continue - var host = lines[i].split("\t") - if (host[0] === Auth.userID) - hostSelect += "<option value='"+host[0]+"' selected='1'>"+host[1]+"</option>" + Auth.hosts = {} + json.hosts.forEach(function(host){ + if (host.id === Auth.userID) + hostSelect += "<option value='"+host.id+"' selected='1'>"+host.name+"</option>" else - hostSelect += "<option value='"+host[0]+"'>"+host[1]+"</option>" - Auth.hosts[host[0]] = host[1] - } + hostSelect += "<option value='"+host.id+"'>"+host.name+"</option>" + Auth.hosts[ host.id ] = host.name + }) + $("#user-host").html(hostSelect) Auth.unload() @@ -896,7 +888,7 @@ var Auth = logout: function () { warn("logging out") - document.cookie = '_protocols=LOGGEDOUT; expires=Mon, 1 Jan 2001 12:00:00 UTC; path=/' + document.cookie = 'sid.protocols=LOGGEDOUT; expires=Mon, 1 Jan 2001 12:00:00 UTC; path=/' Main.unload() }, }; diff --git a/server/api/party.js b/server/api/party.js index e0a9a22..53a0d32 100644 --- a/server/api/party.js +++ b/server/api/party.js @@ -1,8 +1,23 @@ +var _ = require('lodash'), + User = require('../models/User'), + Party = require('../models/Party'), + UserParty = require('../models/UserParty'); + module.exports = { list: function (req, res) { + Party.all().success(function(parties){ + res.json(parties) + }) }, view: function (req, res) { + var party_id = res.body.party_id + UserParty.findAll({ where: { party_id: party_id } }).success(function(parties){ + var user_ids = _.pluck(parties, user_id) + User.findAll({ where: { id: user_ids } }).success(function(users){ + res.json(users) + }) + }) }, edit: function (req, res) { diff --git a/server/api/user.js b/server/api/user.js index b47d31a..49f70ff 100644 --- a/server/api/user.js +++ b/server/api/user.js @@ -1,5 +1,13 @@ +var _ = require('lodash'), + User = require('../models/User'), + Party = require('../models/Party'), + UserParty = require('../models/UserParty'); + module.exports = { all: function (req, res) { + User.all().success(function(users){ + res.json(users) + }) }, view: function (req, res) { @@ -9,5 +17,11 @@ module.exports = { }, destroy: function (req, res) { + var id = req.body.id + if (! id) return res.status(500) + + User.destroy({id: id}).success(function(affectedRows) { + res.json({ status: 'ok' }) + }) } } diff --git a/server/auth/index.js b/server/auth/index.js index 37b023f..b15094d 100644 --- a/server/auth/index.js +++ b/server/auth/index.js @@ -12,27 +12,31 @@ var auth = { guestUser: { id: "guest", username: "guest", + access: 0, }, init: function () { passport.serializeUser(auth.serializeUser); passport.deserializeUser(auth.deserializeUser); - passport.use(new LocalStrategy(auth.verifyLocalUser)) }, login: function (req, res, next) { passport.authenticate("local", function(err, user, info){ - if (err) { + if (err || ! user) { return res.json({ error: err }); } - if (! user) { - return info ? res.json(info) : res.redirect("/login"); - } req.logIn(user, function(err) { if (err) { return next(err); } - return res.json({ status: "OK", user: user, returnTo: returnTo || "/profile" }) + User.findAll({ where: { access: 2 }, attributes: ['id','name'] }).success(function(hosts){ + return res.json({ + status: "OK", + user: user, + hosts: hosts, + returnTo: returnTo || "/profile" + }) + }) }); })(req, res, next); }, @@ -58,7 +62,6 @@ var auth = { verifyLocalUser: function (username, password, done) { if (username == "protocolsnyc" && password == "madhousenyc") { return done(null, auth.guestUser) - return } User.findByUsername(username, function(err, user){ if (err) { return done(err); } diff --git a/server/index.js b/server/index.js index 42092f6..105e4ee 100644 --- a/server/index.js +++ b/server/index.js @@ -61,16 +61,16 @@ site.setup = function(){ app.use(bodyParser()); app.use(multer()); app.use(express.query()); - app.use(csurf); +// app.use(csurf); app.use(methodOverride()); -// app.use(passport.initialize()); -// app.use(passport.session()); + app.use(passport.initialize()); + app.use(passport.session()); app.enable('trust proxy') app.get('env') === 'development' && app.use(errorHandler()); // Essential middleware // app.all('*', middleware.enableCORS); - app.all('*', middleware.ensureLocals); + // app.all('*', middleware.ensureLocals); server = http.createServer(app) server.listen(app.get('port'), function () { diff --git a/server/middleware.js b/server/middleware.js index a834822..67fb732 100644 --- a/server/middleware.js +++ b/server/middleware.js @@ -1,21 +1,7 @@ /* jshint node: true */ -var passport = require('passport'), - _ = require('lodash'), - config = require('../config.json'); - - var middleware = { - - enableCORS: function (req, res, next) { - res.header('Access-Control-Allow-Credentials', true); - // TODO Check https vs. http - res.header('Access-Control-Allow-Origin', '*'); - res.header('Access-Control-Allow-Headers', 'X-Requested-With'); - next(); - }, - ensureAuthenticated: function (req, res, next) { if (! req.isAuthenticated()) { req.session.returnTo = req.path; @@ -23,24 +9,6 @@ var middleware = { } next(); }, - - ensureIsStaff: function (req, res, next) { - if (! req.user.isStaff) { - return res.redirect('http://' + config.host + '/'); - } - next(); - }, - - ensureLocals: function (req, res, next) { - res.locals.token = req.csrfToken(); - res.locals.logged_in = req.isAuthenticated() - res.locals.user = req.user || {} - res.locals.config = config - res.locals.profile = null - res.locals.opt = {} - next() - }, - } module.exports = middleware |