1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
const express = require('express');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
//const request = require('request');
const crypto = require('crypto');
const path = require('path');
const fs = require('fs');
const config = JSON.parse(fs.readFileSync(path.join(__dirname, 'config.json')));
const server = express();
server.use(cookieParser())
server.use(bodyParser.json());
//server.use(bodyParser.urlencoded({ extended: true }));
function listen(port) {
server.listen(port, () => console.info(`Listening on port ${port}!`));
}
function hashWithSalt(password, salt){
var hash = crypto.createHmac('sha512', salt);
hash.update(password);
return hash.digest("base64");
};
function setUpRoutes(models, jwtFunctions, database) {
// Authentication routine
server.use(function (req, res, next) {
if (!req.path.toLowerCase().startsWith("/login")) {
let cookie = req.cookies.authorization
if (!cookie) {
console.debug("Redirecting to login - no cookie")
res.redirect('/login');
return;
}
try {
const decryptedUserId = jwtFunctions.verify(cookie);
models.users.findOne({ where: { username: decryptedUserId } }).then((user, error) => {
if (user) {
res.locals.user = user.get({ plain: true });
} else {
console.debug("Redirecting to login - invalid cookie")
res.redirect('/login');
return;
}
});
} catch (e) {
res.status(400).send(e.message);
}
}
next();
})
// Route logging
server.use(function (req, res, next) {
console.debug(new Date(), req.method, req.originalUrl);
next()
})
server.get('/', (req, res) => res.sendFile(__dirname + "/index.html"))
server.get('/login', (req, res) => res.sendFile(__dirname + "/login.html"))
server.get('/styles.css', (req, res) => res.sendFile(__dirname + "/styles.css"))
server.get('/main.js', (req, res) => res.sendFile(__dirname + "/main.js"))
server.post('/login', async (req, res, next) => {
const user = await models.users.findOne({ where: { username: req.body.username} })
const hash = hashWithSalt(req.body.password, user.salt)
if (user.password == hash) {
const token = jwtFunctions.sign(user.username);
res.cookie('authorization', token, { expires: new Date(Date.now() + (1000 * 60 * 60 * 24 * 30)) });
console.debug("Redirecting to page - logged in")
res.redirect('/');
} else {
console.debug("Redirecting to login - invalid login")
res.redirect('/login');
}
})
server.get(`/transaction`, async (req, res, next) => {
try {
var result = await database.query("SELECT * FROM transactions ORDER BY `when` DESC", { type: database.QueryTypes.SELECT })
res.status(200).send(result);
next();
} catch (e) {
console.log(e)
res.status(400).send(e.message);
}
})
server.post(`/transaction`, async (req, res, next) => {
try {
let item = req.body;
console.log(item);
await models.transaction.create(item);
var result = await database.query("SELECT * FROM transactions ORDER BY `when` DESC", { type: database.QueryTypes.SELECT })
res.status(200).send(result);
} catch (e) {
console.log(e);
res.status(400).send(e.message);
}
})
server.delete(`/transaction`, async (req, res, next) => {
try {
let id = req.body.id;
console.log(`Deleting ${id}`);
await models.transaction.destroy({ where: { id: id } });
var result = await database.query("SELECT * FROM transactions ORDER BY `when` DESC", { type: database.QueryTypes.SELECT })
res.status(200).send(result);
} catch (e) {
console.log(e);
res.status(400).send(e.message);
}
})
server.put(`/transaction`, async (req, res, next) => {
try {
let id = req.body.id;
let update = req.body.update;
console.log(`Updating ${id}`);
var toUpdate = await models.transaction.findOne({ where: { id: id } });
console.log(toUpdate)
console.log(update)
await toUpdate.update(update);
var result = await database.query("SELECT * FROM transactions ORDER BY `when` DESC", { type: database.QueryTypes.SELECT })
res.status(200).send(result);
} catch (e) {
console.log(e);
res.status(400).send(e.message);
}
})
server.get(`/summary`, async (req, res, next) => {
try {
res.status(200).send({
week: {
out: await database.query("SELECT year(`when`) as y, week(`when`) as w, sum(amount) as s FROM transactions where amount > 0 group by year(`when`), WEEK(`when`);", { type: database.QueryTypes.SELECT }),
in: await database.query("SELECT year(`when`)as y, week(`when`) as w, sum(amount) as s FROM transactions where amount < 0 group by year(`when`), WEEK(`when`);", { type: database.QueryTypes.SELECT }),
net: await database.query("SELECT year(`when`) as y, week(`when`) as w, sum(amount) as s FROM transactions group by year(`when`), WEEK(`when`);", { type: database.QueryTypes.SELECT }),
},
month: {
out: await database.query("SELECT year(`when`) as y, month(`when`) as m, sum(amount) as s FROM transactions where amount > 0 group by year(`when`), month(`when`);", { type: database.QueryTypes.SELECT }),
in: await database.query("SELECT year(`when`) as y, month(`when`) as m, sum(amount) as s FROM transactions where amount < 0 group by year(`when`), month(`when`);", { type: database.QueryTypes.SELECT }),
net: await database.query("SELECT year(`when`) as y, month(`when`) as m, sum(amount) as s FROM transactions group by year(`when`), month(`when`);", { type: database.QueryTypes.SELECT }),
},
year: {
out: await database.query("SELECT year(`when`) as y, sum(amount) as s FROM transactions where amount > 0 group by year(`when`);", { type: database.QueryTypes.SELECT }),
in: await database.query("SELECT year(`when`) as y, sum(amount) as s FROM transactions where amount < 0 group by year(`when`);", { type: database.QueryTypes.SELECT }),
net: await database.query("SELECT year(`when`) as y, sum(amount) as s FROM transactions group by year(`when`);", { type: database.QueryTypes.SELECT }),
},
});
next();
} catch (e) {
console.log(e)
res.status(400).send(e.message);
}
})
}
module.exports = {
listen,
setUpRoutes
};
|
