diff --git a/app/models/Invite.js b/app/models/Invite.js index cb6e126..2a6dfee 100644 --- a/app/models/Invite.js +++ b/app/models/Invite.js @@ -6,7 +6,7 @@ var InviteSchema = mongoose.Schema({ unique: true, required: true }, - level: Number, + scope: [String], issuer: String, recipient: String, issued: Date, diff --git a/app/models/Token.js b/app/models/Token.js new file mode 100644 index 0000000..c691535 --- /dev/null +++ b/app/models/Token.js @@ -0,0 +1,30 @@ +var fs = require('fs'); +var path = require('path'); +var mongoose = require('mongoose'); +var jwt = require('jsonwebtoken'); +var jwtsign = require('jwt-sign'); + +var TokenSchema = mongoose.Schema({ + scope: [String], + issuer: String, + issued: Date, + exp: Date +}); + +TokenSchema.methods.genJwt = function(expiry) { + var exp = new Date(); + exp.setDate(exp.getDate() + expiry); + + var payload = { + _id: this._id, + username: this.username, + scope: this.scope, + exp: parseInt(exp.getTime() / 1000) + }; + + var key = fs.readFilySync(path.join(__dirname, '../../jwt.pem'), 'utf8'); + + return jwt.sign(payload, key); +}; + +module.exports = mongoose.model('Token', TokenSchema); \ No newline at end of file diff --git a/app/models/User.js b/app/models/User.js index 9378109..bdfcd37 100644 --- a/app/models/User.js +++ b/app/models/User.js @@ -11,12 +11,7 @@ var UserSchema = mongoose.Schema({ unique: true, required: true }, - apikey: { - type: String, - unique: true, - required: true - }, - level: Number, + scope: [String], hash: String, salt: String, date: Date @@ -32,10 +27,6 @@ UserSchema.methods.validatePassword = function(password) { return this.hash === hash; }; -UserSchema.methods.genApiKey = function() { - this.apikey = crypto.randomBytes(16).toString('hex'); -}; - UserSchema.methods.genJwt = function() { var expiry = new Date(); expiry.setDate(expiry.getDate() + 7); @@ -43,7 +34,8 @@ UserSchema.methods.genJwt = function() { var payload = { _id: this._id, username: this.username, - level: this.level + scope: this.scope, + exp: parseInt(expiry.getTime() / 1000) }; var key = fs.readFileSync(path.join(__dirname, '../../jwt.pem'), 'utf8'); diff --git a/app/routes.js b/app/routes.js index 576305e..8992ec6 100644 --- a/app/routes.js +++ b/app/routes.js @@ -4,6 +4,7 @@ var view = require('./routes/view.js'); var auth = require('./routes/auth.js'); var register = require('./routes/register.js'); var login = require('./routes/login.js'); +var panel = require('./routes/panel'); var fs = require('fs'); var path = require('path'); @@ -16,10 +17,12 @@ var jwtauth = jwt({ module.exports = function(app) { app.use('/', index); app.use('/v', view); - app.use('/upload', upload); + app.use('/api/upload', jwtauth, upload); app.use('/api/auth', auth); app.use('/register', register); app.use('/login', login); + app.use('/panel', panel); + app.use('/panel*', panel); app.use(function(err, req, res, next) { if (err.name === 'UnauthorizedError') { diff --git a/app/routes/auth.js b/app/routes/auth.js index 083aaf7..802f7df 100644 --- a/app/routes/auth.js +++ b/app/routes/auth.js @@ -48,9 +48,8 @@ router.post('/register', function(req, res) { var user = new User(); user.username = req.body.username; - user.level = invite.level; + user.scope = invite.scope; user.date = Date.now(); - user.genApiKey(); user.setPassword(req.body.password); user.save(function(err) { diff --git a/app/routes/panel.js b/app/routes/panel.js new file mode 100644 index 0000000..a62517b --- /dev/null +++ b/app/routes/panel.js @@ -0,0 +1,9 @@ +var express = require('express'); +var router = express.Router(); +var path = require('path'); + +router.get('/', function(req, res, next) { + res.sendFile(path.join(__dirname, '../../public/views', 'panel.html')); +}); + +module.exports = router; \ No newline at end of file diff --git a/app/routes/view.js b/app/routes/view.js index f7adf1b..b988282 100644 --- a/app/routes/view.js +++ b/app/routes/view.js @@ -5,7 +5,6 @@ var mongoose = require('mongoose'); var Upload = mongoose.model('Upload'); router.get('/:name', function(req, res, next) { - console.log('GET: ', req.params); Upload.findOne({ 'name': req.params.name }, function(err, upload) { diff --git a/bower.json b/bower.json index 42d6f34..a7b51ad 100644 --- a/bower.json +++ b/bower.json @@ -6,7 +6,7 @@ "font-awesome": "latest", "animate.css": "latest", "angular": "latest", - "angular-route": "latest", + "angular-ui-router": "latest", "ng-file-upload": "latest", "ngclipboard": "^1.1.1" } diff --git a/package.json b/package.json index 6efd675..404641d 100644 --- a/package.json +++ b/package.json @@ -3,6 +3,7 @@ "version": "1.0.0", "dependencies": { "angular-messages": "^1.6.6", + "angular-ui-router": "^0.4.3", "body-parser": "^1.18.2", "express": "latest", "express-jwt": "^5.3.0", diff --git a/public/css/panel.css b/public/css/panel.css new file mode 100644 index 0000000..e69de29 diff --git a/public/js/PanelRoutes.js b/public/js/PanelRoutes.js new file mode 100644 index 0000000..7072aa6 --- /dev/null +++ b/public/js/PanelRoutes.js @@ -0,0 +1,14 @@ +angular.module('PanelRoutes', ['ui.router']).config(['$stateProvider', '$urlRouterProvider', '$locationProvider', function($stateProvider, $urlRouterProvider, $locationProvider) { + $locationProvider.html5Mode(true); + + $urlRouterProvider.otherwise('/panel'); + + $stateProvider + .state('/panel', { + url: '/panel', + templateUrl: '/views/panel-home.html' + }).state('/panel/api', { + url: '/panel/api', + templateUrl: '/views/panel-api.html' + }); +}]); \ No newline at end of file diff --git a/public/js/app.js b/public/js/app.js deleted file mode 100644 index 5ec4a87..0000000 --- a/public/js/app.js +++ /dev/null @@ -1 +0,0 @@ -angular.module('shimapan', ['ngFileUpload', 'ngclipboard', 'UploadComp', 'RegisterComp', 'LoginComp']); \ No newline at end of file diff --git a/public/js/components/UploadComp.js b/public/js/components/UploadComp.js index 2481002..0e0388e 100644 --- a/public/js/components/UploadComp.js +++ b/public/js/components/UploadComp.js @@ -12,7 +12,7 @@ function UploadController($scope, Upload, $timeout, AuthService) { angular.forEach(files, function (file) { file.upload = Upload.upload({ - url: '/upload', + url: '/api/upload', method: 'POST', headers: { 'Authorization': AuthService.getAuthHeader() @@ -27,8 +27,16 @@ function UploadController($scope, Upload, $timeout, AuthService) { }); }, function (response) { - if (response.status > 0) - $scope.errorMsg = response.status + ': ' + response.data; + if (response.status > 0) { + if (response.status === 401) { + file.$error = "Invalid authorization token."; + } else { + file.$error = "Internal server error."; + } + var index = $scope.files.indexOf(file); + $scope.errorFiles.push(file); + $scope.files.splice(index, 1); + } }, function (evt) { file.progress = Math.floor(Math.min(100.0, 100 * evt.loaded / evt.total)); diff --git a/public/js/shimapan-panel.js b/public/js/shimapan-panel.js new file mode 100644 index 0000000..f866415 --- /dev/null +++ b/public/js/shimapan-panel.js @@ -0,0 +1 @@ +var app = angular.module('shimapan-panel', ['ui.router', 'PanelRoutes']); \ No newline at end of file diff --git a/public/js/shimapan.js b/public/js/shimapan.js new file mode 100644 index 0000000..ef8e3e2 --- /dev/null +++ b/public/js/shimapan.js @@ -0,0 +1 @@ +var app = angular.module('shimapan', ['ngFileUpload', 'ngclipboard', 'UploadComp', 'RegisterComp', 'LoginComp']); diff --git a/public/views/index.html b/public/views/index.html index df30560..bb81942 100644 --- a/public/views/index.html +++ b/public/views/index.html @@ -18,7 +18,7 @@ - +
@@ -27,7 +27,7 @@