source: Dev/trunk/src/server/app.js @ 466

Last change on this file since 466 was 466, checked in by hendrikvanantwerpen, 12 years ago

Added authentication (fixed user now).
File size: 3.2 KB
Line 
1var express = require("express");
2var passport = require("passport"),
3    passportLocal = require("passport-local");
4var fs = require("fs");
5var path = require("path");
6var proxy = require("./util/simple-http-proxy");
7var _ = require("underscore");
8
9function assertSetting(name, settings, validate) {
10    if ( typeof settings[name] === 'undefined' ) {
11        throw new Error("Required setting '"+name+"' undefined.");
12    }
13    if ( _.isFunction(validate) && !validate(settings[name]) ) {
14        throw new Error("Setting '"+name+"' with value '"+settings[name]+"' is invalid.");
15    }
16}
17
18exports.App = function(settings) {
19
20    assertSetting("couchDbURL", settings, _.isString);
21   
22    function clientPath(relativePath) {
23        return path.resolve(__dirname+'/../client/'+relativePath);
24    }
25
26    passport.use(new passportLocal.Strategy(function(username, password, done){
27        if ( username === "igor" && password === "mayer" ) {
28            done(null,{ username: "igor" });
29        } else {
30            done(null,false,{ message: 'Invalid credentials.' });
31        }
32    }));
33    passport.serializeUser(function(user, done) {
34        done(null, user.username);
35    });
36    passport.deserializeUser(function(id, done) {
37        done(null, {username: id});
38    });
39
40    var app = express();
41    app.use(express.logger());
42    app.use(express.compress());
43    app.use(express.favicon());
44
45    app.use(express.cookieParser());
46    app.use(express.bodyParser());
47    app.use(express.session({ secret: "quasi experimental design" }));
48
49    // initialize passport
50    app.use(passport.initialize());
51    app.use(passport.session());
52
53    // static resources
54    app.get('/', function(request, response){
55        response.sendfile(clientPath('index.html'));
56    });
57    app.get('/*.html', function(request, response) {
58        response.sendfile(clientPath(request.path));
59    });
60    _.each(['/dojo', '/dijit', '/dojox', '/qed', '/qed-client'], function(dir){
61        app.use(dir, express.static(clientPath(dir)));
62    });
63
64   
65    // url to login (might work on others as well?)
66    // you should then have a session to work with
67    // should return a user info object
68    function returnUser(req,res) {
69        res.send(200, req.user);
70    }
71    app.post(
72        '/api/login',
73        passport.authenticate('local'),
74        returnUser);
75
76    // ensure we're authenticated on API calls
77    app.use('/api', function(req,res,next){
78        if (!req.user) {
79            return res.send(401,{error:"Login before accessing API."});
80        } else {
81            return next();
82        }
83    });
84   
85    app.get(
86        '/api/login',
87        returnUser);
88
89    app.post(
90        '/api/logout', function(req,res){
91            req.logout();
92            res.send(200,{});
93        });
94
95    app.get('/api/surveyRun/:id/response/csv',
96            function(req, res) {
97                var id = req.params.id;
98                // query CouchDB and build the CSV file
99                res.set({
100                    'Content-Type': 'text/csv',
101                    'Content-Disposition': 'attachment; filename=responses-'+id+'.csv'
102                });
103                res.send(200, "Response for surveyRun "+id);
104            });
105   
106    // forward to couch
107    app.use('/api/data', proxy(settings.couchDbURL));
108
109    return app;
110
111};
Note: See TracBrowser for help on using the repository browser.