-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathserver.js
219 lines (188 loc) · 8.06 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
var express = require('express');
var cors = require('cors');
var compress = require('compression');
var os = require('os');
var path = require('path');
var bodyParser = require('body-parser');
var logger = require('morgan');
var mongoose = require('mongoose');
mongoose.Promise = global.Promise;
var passport = require('passport');
var { expressjwt } = require('express-jwt');
var favicon = require('serve-favicon');
var projects = require('./projects');
var app = express();
app.use(favicon(path.join(__dirname, 'dist/images/favicon.ico')));
/*******************************
ENVIRONMENT VARIABLES
*******************************/
app.set('port', process.env.PORT || 3000);
app.set('env', process.env.NODE_ENV || process.argv[3] || 'prod');
app.set('jwt_secret', process.env.JWT_SECRET || 'secret');
app.set('projects_path_type', process.env.PROJECTS_PATH_TYPE || 'local'); // local/gcs/legacy
app.set('projects_path', process.env.PROJECTS_PATH || __dirname + '/app/projects/'); // path or gcs bucket name
app.set('private_path_type', process.env.PRIVATE_PATH_TYPE || 'local'); // local/gcs/legacy
app.set('private_path', process.env.PRIVATE_PATH || __dirname + '/app/projects/'); // path or gcs bucket name
app.set('captcha_private_key', process.env.RECAPTCHA_PRIVATE_KEY || '');
app.set('editor_user', process.env.EDITOR_USER || '');
app.set('override_upload_dir', false);
app.set('module_limit', 5);
/*******************************
DATABASE CONNECTION
/*******************************/
mongoose.connect(process.env.DB_URI || 'mongodb://127.0.0.1/tatool-web', {
useNewUrlParser: true,
useUnifiedTopology: true,
useFindAndModify: false,
useCreateIndex: true
});
/*******************************
CONTROLLERS
/*******************************/
var userCtrl = require('./controllers/user');
var resourceCtrl = require('./controllers/resourceCtrl');
var mainCtrl = require('./controllers/mainCtrl');
var repositoryCtrl = require('./controllers/repositoryCtrl');
var developerCtrl = require('./controllers/developerCtrl');
var analyticsCtrl = require('./controllers/analyticsCtrl');
var authCtrl = require('./controllers/auth')
var adminCtrl = require('./controllers/admin');
var commonCtrl = require('./controllers/commonCtrl');
var logCtrl = require('./controllers/logCtrl');
/*******************************
EXPRESS SETUP
/*******************************/
if (app.get('env') === 'dev') {
app.use(logger('dev'));
mongoose.set('debug', true);
}
app.use(cors());
app.use(compress());
// parse json and urlencoded body
app.use(bodyParser.json({
limit: 1048576
})); // allow upload of 1MB
app.use(bodyParser.urlencoded({
extended: true
}));
// Use passport package
app.use(passport.initialize());
// API router
var router = express.Router();
// User Modules
router.post('/user/modules/:moduleId/install', mainCtrl.install);
router.post('/user/modules/:moduleId', mainCtrl.save);
router.get('/user/modules', mainCtrl.getAll);
router.get('/user/modules/:moduleId', mainCtrl.get);
router.delete('/user/modules/:moduleId', mainCtrl.remove);
router.post('/user/modules/:moduleId/invite/:response', mainCtrl.processInvite);
router.post('/user/modules/:moduleId/trials/:sessionId', mainCtrl.addTrials);
router.get('/user/modules/:moduleId/resources/token', resourceCtrl.getResourceToken);
router.get('/user/projects', commonCtrl.getProjects);
app.get('/user/resources/:projectAccess/:projectName/:resourceType/:resourceName', resourceCtrl.getResource); // NO JWT CHECK
// Public Modules
router.post('/public/modules/:moduleId/install', mainCtrl.install);
router.post('/public/modules/:moduleId', mainCtrl.save);
router.get('/public/modules/:moduleId', mainCtrl.get);
router.post('/public/modules/:moduleId/trials/:sessionId', mainCtrl.addTrials);
router.get('/public/modules/:moduleId/resources/token', resourceCtrl.getResourceToken);
app.get('/public/resources/:projectAccess/:projectName/:resourceType/:resourceName', resourceCtrl.getResource); // NO JWT CHECK
// Repository Modules
router.get('/user/repository', repositoryCtrl.getAll);
router.get('/user/repository/:moduleId', repositoryCtrl.get);
router.get('/developer/repository/:moduleId', repositoryCtrl.get);
router.post('/developer/repository/:moduleId/invite', repositoryCtrl.invite);
router.post('/developer/repository/:moduleId/invite/remove', repositoryCtrl.removeInvite);
// Developer Modules
router.post('/developer/modules/:moduleId', developerCtrl.add);
router.get('/developer/modules', developerCtrl.getAll);
router.get('/developer/modules/:moduleId', developerCtrl.get);
router.delete('/developer/modules/:moduleId', developerCtrl.remove);
router.post('/developer/modules/:moduleId/publish/:moduleType', developerCtrl.publish);
router.get('/developer/modules/:moduleId/unpublish', developerCtrl.unpublish);
router.post('/developer/modules/:moduleId/trials/:sessionId', developerCtrl.addTrials);
router.get('/developer/modules/:moduleId/resources/token', resourceCtrl.getResourceToken);
router.get('/developer/projects', commonCtrl.getProjects);
app.get('/developer/resources/:projectAccess/:projectName/:resourceType/:resourceName', resourceCtrl.getResource); // NO JWT CHECK
// Analytics Modules
router.get('/analytics/modules', analyticsCtrl.getAll);
router.get('/analytics/modules/:moduleId', analyticsCtrl.get);
router.delete('/analytics/modules/:moduleId', analyticsCtrl.remove);
router.delete('/analytics/modules/:moduleId/:userCode', analyticsCtrl.removeUser);
router.get('/analytics/data/modules/:moduleId', analyticsCtrl.getUserDataDownloadToken);
router.get('/analytics/data/modules/:moduleId/:userCode', analyticsCtrl.getUserDataDownloadToken);
// Admin
router.get('/admin/users', adminCtrl.getUsers);
router.post('/admin/users/:user', adminCtrl.updateUser);
router.post('/admin/users/:user/reset', adminCtrl.updatePassword);
router.delete('/admin/users/:user', adminCtrl.removeUser);
router.get('/admin/projects', adminCtrl.getAllProjects);
router.post('/admin/projects/:access/:project', adminCtrl.addProject);
router.delete('/admin/projects/:access/:project', adminCtrl.deleteProject);
// User
router.get('/user/roles', authCtrl.getRoles);
router.post('/register', userCtrl.register);
router.get('/login', authCtrl.isAuthenticated);
// protect api with JWT
app.use('/api', expressjwt({
secret: app.get('jwt_secret'),
algorithms: ['HS256']
}).unless({
path: ['/api/login', '/api/register']
}), noCache, authCtrl.hasRole, router);
// disable caching for API
function noCache(req, res, next) {
res.header("Cache-Control", "no-cache, no-store, must-revalidate");
res.header("Pragma", "no-cache");
res.header("Expires", 0);
next();
}
// open API
app.get('/mode', function(req, res) {
res.json({
mode: req.app.get('mode')
});
});
app.post('/user/verify/resend', userCtrl.verifyResend);
app.get('/user/verify/:token', userCtrl.verifyUser);
app.post('/user/reset', userCtrl.resetPasswordSend);
app.get('/user/resetverify/:token', userCtrl.verifyResetToken);
app.post('/user/reset/:token', userCtrl.updatePassword);
app.post('/user/captcha', userCtrl.verifyCaptcha);
app.get('/data/user/:token', analyticsCtrl.getUserData);
// open API for public module
app.get('/public/run/:moduleId', mainCtrl.getPublic);
app.get('/public/login/:moduleId', mainCtrl.installPublic);
// Tatool Web Client
app.use(express.static(path.join(__dirname, 'dist')));
// send 404 if no match found
app.use(function(req, res, next) {
res.status(404).send('Page not found');
});
// handle error case
app.use(function(err, req, res, next) {
if (err.name === 'UnauthorizedError') {
res.status(401).json({
message: 'Unauthorized access!'
});
}
});
/*******************************
STARTUP SCRIPT
/*******************************/
// initialize userCode counter at startup
userCtrl.initCounter(setup);
function setup() {
// processing run mode 'lab'
if (process.argv[2] === 'lab') {
console.log('Running tatool in LAB mode.')
app.set('mode', 'lab');
userCtrl.registerAdmin();
}
// setup default project structure
adminCtrl.initProjects(projects);
}
// start server
app.listen(app.get('port'), function() {
console.log('You can now access tatool on ' + os.hostname() + ':' + app.get('port'));
});