2014-01-07 00:31:30 +00:00
|
|
|
/**
|
|
|
|
* Module dependencies.
|
|
|
|
*/
|
2014-01-12 03:53:31 +00:00
|
|
|
|
2014-04-18 18:29:30 +00:00
|
|
|
var _ = require('underscore');
|
2013-11-30 05:28:30 +00:00
|
|
|
var express = require('express');
|
2014-04-12 16:43:07 +00:00
|
|
|
var cookieParser = require('cookie-parser');
|
|
|
|
var compress = require('compression');
|
|
|
|
var session = require('express-session');
|
|
|
|
var bodyParser = require('body-parser');
|
|
|
|
var logger = require('morgan');
|
|
|
|
var errorHandler = require('errorhandler');
|
2014-04-18 18:29:30 +00:00
|
|
|
var csrf = require('lusca').csrf();
|
2014-04-12 16:43:07 +00:00
|
|
|
var methodOverride = require('method-override');
|
|
|
|
|
|
|
|
var MongoStore = require('connect-mongo')({ session: session });
|
2014-01-28 19:02:45 +00:00
|
|
|
var flash = require('express-flash');
|
2013-12-20 01:17:15 +00:00
|
|
|
var path = require('path');
|
2013-11-30 05:28:30 +00:00
|
|
|
var mongoose = require('mongoose');
|
|
|
|
var passport = require('passport');
|
2014-01-24 03:18:35 +00:00
|
|
|
var expressValidator = require('express-validator');
|
2014-02-21 22:29:06 +00:00
|
|
|
var connectAssets = require('connect-assets');
|
2014-01-24 03:18:35 +00:00
|
|
|
|
2014-01-07 00:31:30 +00:00
|
|
|
/**
|
2014-01-13 09:24:31 +00:00
|
|
|
* Load controllers.
|
2014-01-07 00:31:30 +00:00
|
|
|
*/
|
2014-01-12 03:53:31 +00:00
|
|
|
|
2014-01-07 00:22:28 +00:00
|
|
|
var homeController = require('./controllers/home');
|
|
|
|
var userController = require('./controllers/user');
|
|
|
|
var apiController = require('./controllers/api');
|
|
|
|
var contactController = require('./controllers/contact');
|
2013-11-14 07:29:55 +00:00
|
|
|
|
2014-01-07 00:31:30 +00:00
|
|
|
/**
|
2014-01-13 09:24:31 +00:00
|
|
|
* API keys + Passport configuration.
|
2014-01-07 00:31:30 +00:00
|
|
|
*/
|
2014-01-12 03:53:31 +00:00
|
|
|
|
2013-12-20 06:31:16 +00:00
|
|
|
var secrets = require('./config/secrets');
|
2013-11-27 04:15:13 +00:00
|
|
|
var passportConf = require('./config/passport');
|
|
|
|
|
2014-02-02 10:38:38 +00:00
|
|
|
/**
|
|
|
|
* Create Express server.
|
|
|
|
*/
|
|
|
|
|
|
|
|
var app = express();
|
|
|
|
|
2014-01-12 03:53:31 +00:00
|
|
|
/**
|
2014-01-13 09:24:31 +00:00
|
|
|
* Mongoose configuration.
|
2014-01-12 03:53:31 +00:00
|
|
|
*/
|
2014-01-13 09:24:31 +00:00
|
|
|
|
2014-02-26 03:39:28 +00:00
|
|
|
mongoose.connect(secrets.db);
|
2014-01-12 03:53:31 +00:00
|
|
|
mongoose.connection.on('error', function() {
|
2014-02-03 12:36:55 +00:00
|
|
|
console.error('✗ MongoDB Connection Error. Please make sure MongoDB is running.');
|
2014-01-12 03:53:31 +00:00
|
|
|
});
|
2013-11-13 17:32:22 +00:00
|
|
|
|
2014-01-12 03:53:31 +00:00
|
|
|
/**
|
|
|
|
* Express configuration.
|
|
|
|
*/
|
2014-01-30 09:18:34 +00:00
|
|
|
|
|
|
|
var hour = 3600000;
|
2014-04-12 18:17:37 +00:00
|
|
|
var day = hour * 24;
|
|
|
|
var week = day * 7;
|
2014-01-30 09:18:34 +00:00
|
|
|
|
2014-04-18 18:29:30 +00:00
|
|
|
var csrfWhitelist = [
|
2014-04-18 18:37:06 +00:00
|
|
|
'/this-url-will-bypass-csrf'
|
2014-04-18 18:29:30 +00:00
|
|
|
];
|
|
|
|
|
2014-01-12 03:53:31 +00:00
|
|
|
app.set('port', process.env.PORT || 3000);
|
|
|
|
app.set('views', path.join(__dirname, 'views'));
|
|
|
|
app.set('view engine', 'jade');
|
2014-02-21 22:29:06 +00:00
|
|
|
app.use(connectAssets({
|
|
|
|
paths: ['public/css', 'public/js'],
|
2014-02-03 13:34:12 +00:00
|
|
|
helperContext: app.locals
|
|
|
|
}));
|
2014-04-12 16:43:07 +00:00
|
|
|
app.use(compress());
|
|
|
|
app.use(logger('dev'));
|
|
|
|
app.use(bodyParser.json());
|
|
|
|
app.use(bodyParser.urlencoded());
|
2014-01-24 03:18:35 +00:00
|
|
|
app.use(expressValidator());
|
2014-04-12 16:43:07 +00:00
|
|
|
app.use(methodOverride());
|
|
|
|
app.use(cookieParser());
|
|
|
|
app.use(session({
|
2014-02-03 17:21:41 +00:00
|
|
|
secret: secrets.sessionSecret,
|
2014-01-29 05:49:09 +00:00
|
|
|
store: new MongoStore({
|
2014-02-26 07:35:57 +00:00
|
|
|
url: secrets.db,
|
2014-01-30 09:22:35 +00:00
|
|
|
auto_reconnect: true
|
2014-01-29 05:49:09 +00:00
|
|
|
})
|
|
|
|
}));
|
2014-01-12 03:53:31 +00:00
|
|
|
app.use(passport.initialize());
|
|
|
|
app.use(passport.session());
|
2014-04-18 18:29:30 +00:00
|
|
|
app.use(function(req, res, next) {
|
|
|
|
// Conditional CSRF.
|
2014-04-21 20:51:43 +00:00
|
|
|
if (_.contains(csrfWhitelist, req.path)) return next();
|
|
|
|
csrf(req, res, next);
|
2014-04-18 18:29:30 +00:00
|
|
|
});
|
2014-01-12 03:53:31 +00:00
|
|
|
app.use(function(req, res, next) {
|
|
|
|
res.locals.user = req.user;
|
|
|
|
next();
|
|
|
|
});
|
|
|
|
app.use(flash());
|
2014-04-12 18:17:37 +00:00
|
|
|
app.use(express.static(path.join(__dirname, 'public'), { maxAge: week }));
|
2014-03-08 19:58:27 +00:00
|
|
|
app.use(function(req, res, next) {
|
2014-04-18 18:29:30 +00:00
|
|
|
// Keep track of previous URL to redirect back to
|
|
|
|
// original destination after a successful login.
|
2014-03-08 19:58:27 +00:00
|
|
|
if (req.method !== 'GET') return next();
|
|
|
|
var path = req.path.split('/')[1];
|
2014-03-27 21:33:04 +00:00
|
|
|
if (/(auth|login|logout|signup)$/i.test(path)) return next();
|
2014-03-08 19:58:27 +00:00
|
|
|
req.session.returnTo = req.path;
|
|
|
|
next();
|
|
|
|
});
|
2014-01-08 06:37:40 +00:00
|
|
|
|
2014-01-12 03:53:31 +00:00
|
|
|
/**
|
2014-01-13 09:24:31 +00:00
|
|
|
* Application routes.
|
2014-01-12 03:53:31 +00:00
|
|
|
*/
|
2013-11-27 04:22:07 +00:00
|
|
|
|
2014-01-12 03:53:31 +00:00
|
|
|
app.get('/', homeController.index);
|
|
|
|
app.get('/login', userController.getLogin);
|
|
|
|
app.post('/login', userController.postLogin);
|
|
|
|
app.get('/logout', userController.logout);
|
2014-03-07 19:08:56 +00:00
|
|
|
app.get('/forgot', userController.getForgot);
|
|
|
|
app.post('/forgot', userController.postForgot);
|
|
|
|
app.get('/reset/:token', userController.getReset);
|
|
|
|
app.post('/reset/:token', userController.postReset);
|
2014-01-12 03:53:31 +00:00
|
|
|
app.get('/signup', userController.getSignup);
|
|
|
|
app.post('/signup', userController.postSignup);
|
|
|
|
app.get('/contact', contactController.getContact);
|
|
|
|
app.post('/contact', contactController.postContact);
|
|
|
|
app.get('/account', passportConf.isAuthenticated, userController.getAccount);
|
|
|
|
app.post('/account/profile', passportConf.isAuthenticated, userController.postUpdateProfile);
|
|
|
|
app.post('/account/password', passportConf.isAuthenticated, userController.postUpdatePassword);
|
|
|
|
app.post('/account/delete', passportConf.isAuthenticated, userController.postDeleteAccount);
|
|
|
|
app.get('/account/unlink/:provider', passportConf.isAuthenticated, userController.getOauthUnlink);
|
|
|
|
app.get('/api', apiController.getApi);
|
|
|
|
app.get('/api/lastfm', apiController.getLastfm);
|
|
|
|
app.get('/api/nyt', apiController.getNewYorkTimes);
|
|
|
|
app.get('/api/aviary', apiController.getAviary);
|
2014-02-05 21:04:02 +00:00
|
|
|
app.get('/api/steam', apiController.getSteam);
|
2014-03-31 20:00:51 +00:00
|
|
|
app.get('/api/stripe', apiController.getStripe);
|
2014-04-14 20:58:08 +00:00
|
|
|
app.post('/api/stripe', apiController.postStripe);
|
2014-02-06 00:57:29 +00:00
|
|
|
app.get('/api/scraping', apiController.getScraping);
|
2014-02-06 12:46:47 +00:00
|
|
|
app.get('/api/twilio', apiController.getTwilio);
|
2014-02-06 13:09:54 +00:00
|
|
|
app.post('/api/twilio', apiController.postTwilio);
|
2014-02-24 11:25:51 +00:00
|
|
|
app.get('/api/clockwork', apiController.getClockwork);
|
|
|
|
app.post('/api/clockwork', apiController.postClockwork);
|
2014-02-06 00:57:29 +00:00
|
|
|
app.get('/api/foursquare', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getFoursquare);
|
|
|
|
app.get('/api/tumblr', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getTumblr);
|
|
|
|
app.get('/api/facebook', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getFacebook);
|
|
|
|
app.get('/api/github', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getGithub);
|
|
|
|
app.get('/api/twitter', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getTwitter);
|
2014-02-11 00:21:54 +00:00
|
|
|
app.get('/api/venmo', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getVenmo);
|
2014-02-11 04:55:32 +00:00
|
|
|
app.post('/api/venmo', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.postVenmo);
|
2014-02-27 22:56:46 +00:00
|
|
|
app.get('/api/linkedin', passportConf.isAuthenticated, passportConf.isAuthorized, apiController.getLinkedin);
|
2014-02-01 08:30:14 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* OAuth routes for sign-in.
|
|
|
|
*/
|
|
|
|
|
2014-02-04 16:23:52 +00:00
|
|
|
app.get('/auth/facebook', passport.authenticate('facebook', { scope: ['email', 'user_location'] }));
|
2014-03-08 19:58:27 +00:00
|
|
|
app.get('/auth/facebook/callback', passport.authenticate('facebook', { failureRedirect: '/login' }), function(req, res) {
|
|
|
|
res.redirect(req.session.returnTo || '/');
|
|
|
|
});
|
2014-01-12 03:53:31 +00:00
|
|
|
app.get('/auth/github', passport.authenticate('github'));
|
2014-03-08 19:58:27 +00:00
|
|
|
app.get('/auth/github/callback', passport.authenticate('github', { failureRedirect: '/login' }), function(req, res) {
|
|
|
|
res.redirect(req.session.returnTo || '/');
|
|
|
|
});
|
2014-01-12 03:53:31 +00:00
|
|
|
app.get('/auth/google', passport.authenticate('google', { scope: 'profile email' }));
|
2014-03-08 19:58:27 +00:00
|
|
|
app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) {
|
|
|
|
res.redirect(req.session.returnTo || '/');
|
|
|
|
});
|
2014-01-12 03:53:31 +00:00
|
|
|
app.get('/auth/twitter', passport.authenticate('twitter'));
|
2014-03-08 19:58:27 +00:00
|
|
|
app.get('/auth/twitter/callback', passport.authenticate('twitter', { failureRedirect: '/login' }), function(req, res) {
|
|
|
|
res.redirect(req.session.returnTo || '/');
|
|
|
|
});
|
2014-02-27 18:14:09 +00:00
|
|
|
app.get('/auth/linkedin', passport.authenticate('linkedin', { state: 'SOME STATE' }));
|
2014-03-08 19:58:27 +00:00
|
|
|
app.get('/auth/linkedin/callback', passport.authenticate('linkedin', { failureRedirect: '/login' }), function(req, res) {
|
|
|
|
res.redirect(req.session.returnTo || '/');
|
|
|
|
});
|
2014-02-01 08:30:14 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* OAuth routes for API examples that require authorization.
|
|
|
|
*/
|
|
|
|
|
2014-01-12 03:53:31 +00:00
|
|
|
app.get('/auth/foursquare', passport.authorize('foursquare'));
|
2014-01-30 09:18:34 +00:00
|
|
|
app.get('/auth/foursquare/callback', passport.authorize('foursquare', { failureRedirect: '/api' }), function(req, res) {
|
|
|
|
res.redirect('/api/foursquare');
|
|
|
|
});
|
2014-01-12 03:53:31 +00:00
|
|
|
app.get('/auth/tumblr', passport.authorize('tumblr'));
|
2014-01-30 09:18:34 +00:00
|
|
|
app.get('/auth/tumblr/callback', passport.authorize('tumblr', { failureRedirect: '/api' }), function(req, res) {
|
|
|
|
res.redirect('/api/tumblr');
|
|
|
|
});
|
2014-02-11 01:59:39 +00:00
|
|
|
app.get('/auth/venmo', passport.authorize('venmo', { scope: 'make_payments access_profile access_balance access_email access_phone' }));
|
2014-02-11 00:21:54 +00:00
|
|
|
app.get('/auth/venmo/callback', passport.authorize('venmo', { failureRedirect: '/api' }), function(req, res) {
|
|
|
|
res.redirect('/api/venmo');
|
|
|
|
});
|
2013-12-07 03:23:05 +00:00
|
|
|
|
2014-04-18 18:37:06 +00:00
|
|
|
/**
|
|
|
|
* 500 Error Handler.
|
2014-04-21 17:57:53 +00:00
|
|
|
* As of Express 4.0 it must be placed at the end of all routes.
|
2014-04-18 18:37:06 +00:00
|
|
|
*/
|
|
|
|
|
2014-04-12 16:43:07 +00:00
|
|
|
app.use(errorHandler());
|
|
|
|
|
2014-02-06 00:57:29 +00:00
|
|
|
/**
|
|
|
|
* Start Express server.
|
|
|
|
*/
|
|
|
|
|
2014-01-12 03:53:31 +00:00
|
|
|
app.listen(app.get('port'), function() {
|
2014-03-27 21:42:57 +00:00
|
|
|
console.log("✔ Express server listening on port %d in %s mode", app.get('port'), app.get('env'));
|
2014-01-12 03:53:31 +00:00
|
|
|
});
|
2014-02-26 03:39:28 +00:00
|
|
|
|
|
|
|
module.exports = app;
|