533 lines
16 KiB
JavaScript
533 lines
16 KiB
JavaScript
const path = require("path");
|
|
const express = require("express");
|
|
const session = require('express-session');
|
|
const https = require("https");
|
|
require("dotenv").config();
|
|
|
|
// Our self-written module for handling database operations
|
|
let tmdb = require("./tmdb.js");
|
|
|
|
// #region Express setup
|
|
const app = express();
|
|
const port = 3001;
|
|
app.listen(port, () => {
|
|
console.log(`Listening on port ${port}`)
|
|
})
|
|
app.use(express.json());
|
|
app.use(express.urlencoded({ extended: true }));
|
|
app.use(session({
|
|
resave: true,
|
|
saveUninitialized: false,
|
|
secret: process.env.COOKIE_SECRET,
|
|
rolling: true,
|
|
cookie: {
|
|
secure: (process.env.COOKIE_SECRET == "true"), // All env vars are strings, so cast bool manually
|
|
sameSite: 'strict', // Browsers will reject a "secure" cookie without this
|
|
maxAge: 60 * 60 * 1000 // 1 hour (in milliseconds)
|
|
}
|
|
}));
|
|
let api = express.Router();
|
|
app.use("/api", api);
|
|
|
|
api.use(function(req, res, next) {
|
|
res.header("Access-Control-Allow-Origin", "*");
|
|
res.header("Access-Control-Allow-Methods", "GET, POST, DELETE");
|
|
// res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
|
|
next();
|
|
});
|
|
api.use(require('express-log-url'));
|
|
app.use(require('express-log-url'));
|
|
|
|
// #endregion
|
|
|
|
// #region frontend
|
|
|
|
// Serve static files from the React app
|
|
app.use('/', express.static(path.join(__dirname, 'clientbuild')));
|
|
app.use('/login', express.static(path.join(__dirname, 'clientbuild', 'index.html')));
|
|
app.use('/tournament/*', express.static(path.join(__dirname, 'clientbuild', 'index.html')));
|
|
app.use('/static', express.static(path.join(__dirname, 'clientbuild/static')));
|
|
app.use('/static/*', express.static(path.join(__dirname, 'clientbuild/static')));
|
|
// #endregion
|
|
|
|
// #region PASSPORT / OAUTH
|
|
|
|
const passport = require('passport');
|
|
const { getUserByEmail } = require("./tmdb.js");
|
|
var userProfile;
|
|
|
|
app.use(passport.initialize());
|
|
app.use(passport.session());
|
|
|
|
app.get('/success', (req, res) => res.send(userProfile));
|
|
// app.get('/error', (req, res) => res.send("error logging in"));
|
|
|
|
passport.serializeUser(function(user, cb) {
|
|
cb(null, user);
|
|
});
|
|
|
|
passport.deserializeUser(function(obj, cb) {
|
|
cb(null, obj);
|
|
});
|
|
|
|
const GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
|
|
passport.use(new GoogleStrategy({
|
|
clientID: process.env.GOOGLE_CLIENT_ID,
|
|
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
|
|
callbackURL: process.env.GOOGLE_CALLBACK_URL
|
|
},
|
|
function(accessToken, refreshToken, profile, done) {
|
|
userProfile=profile;
|
|
return done(null, userProfile);
|
|
}
|
|
));
|
|
|
|
app.get('/auth/google',
|
|
passport.authenticate('google', { scope : ['profile', 'email']
|
|
}));
|
|
|
|
app.get('/auth/google/callback',
|
|
passport.authenticate('google', { failureRedirect: '/error' }),
|
|
async function(req, res) {
|
|
// Get user profile from passport
|
|
// This is retrieved from the callback url data ?code=...
|
|
let user = {
|
|
googleId: req.user.id,
|
|
name: req.user.displayName,
|
|
email: req.user.emails[0].value,
|
|
imgurl: req.user.photos[0].value,
|
|
asuraId: null,
|
|
}
|
|
|
|
// Check if user exists in database
|
|
tmdb.getUserByEmail(user.email)
|
|
.then(dbUser => {
|
|
user.asuraId = dbUser.id; // asuraId is the database id / primary key
|
|
if (dbUser.googleId) {
|
|
// User is already registered with google, simply log them in
|
|
req.session.user = dbUser;
|
|
} else {
|
|
// User is "preregistered" with email only, so complete the registration
|
|
// This step will register the name, img and googleId
|
|
user.isManager = false;
|
|
tmdb.editUser(user.email, user).catch(err => console.log(err));
|
|
|
|
req.session.user = user;
|
|
}
|
|
|
|
res.json({"status": "OK", "data": user});
|
|
return;
|
|
})
|
|
.catch(err => {
|
|
// User is not in the database at all, do not give them a session.
|
|
res.session.user = null;
|
|
res.json({"status": "error", message: "Email is not in administrator list."});
|
|
return;
|
|
});
|
|
}
|
|
);
|
|
|
|
// #endregion
|
|
|
|
|
|
// #region API
|
|
api.get("/tournament/getTournaments", (req, res) => {
|
|
tmdb.getTournaments()
|
|
.then(tournaments => res.json({"status": "OK", "data": tournaments}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
});
|
|
|
|
// #region tournament/:tournamentId
|
|
api.get("/tournament/:tournamentId", (req, res) => {
|
|
let tournamentId = req.params.tournamentId;
|
|
if (isNaN(tournamentId)) {
|
|
res.json({"status": "error", "data": "Invalid tournament id"});
|
|
return;
|
|
}
|
|
tmdb.getTournament(parseInt(tournamentId))
|
|
.then(tournament => res.json({"status": "OK", "data": tournament}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
|
|
});
|
|
|
|
api.get("/tournament/:tournamentId/getMatches", (req, res) => {
|
|
let tournamentId = req.params.tournamentId;
|
|
if (isNaN(tournamentId)) {
|
|
res.json({"status": "error", "data": "tournamentId must be a number"});
|
|
return
|
|
}
|
|
tournamentId = parseInt(tournamentId);
|
|
tmdb.getMatchesByTournamentId(tournamentId)
|
|
.then(matches => res.send({"status": "OK", "data": matches}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.get("/tournament/:tournamentId/getTeams", (req, res) => {
|
|
let tournamentId = req.params.tournamentId;
|
|
if (!tournamentId || isNaN(tournamentId)) {
|
|
res.json({"status": "error", "data": "tournamentId must be a number"});
|
|
return
|
|
}
|
|
tournamentId = parseInt(tournamentId);
|
|
tmdb.getTeamsByTournamentId(tournamentId)
|
|
.then(teams => res.send({"status": "OK", "data": teams}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.post("/tournament/:tournamentId/edit", (req, res) => {
|
|
let tournamentId = req.params.tournamentId;
|
|
if (isNaN(tournamentId)) {
|
|
res.json({"status": "error", "data": "tournamentId must be a number"});
|
|
return
|
|
}
|
|
tournamentId = parseInt(tournamentId);
|
|
let name = req.body.name;
|
|
let description = req.body.description;
|
|
let startDate = req.body.startDate;
|
|
let endDate = req.body.endDate;
|
|
console.log(startDate);
|
|
if (name == undefined || name == "" || description == undefined || description == "") {
|
|
res.json({"status": "error", "data": "name and description must be provided"});
|
|
return
|
|
}
|
|
if (startDate == undefined || endDate == undefined) {
|
|
res.json({"status": "error", "data": "startDate and endDate must be defined"});
|
|
return
|
|
}
|
|
try {
|
|
startDate = new Date(parseInt(startDate));
|
|
endDate = new Date(parseInt(endDate));
|
|
} catch (err) {
|
|
res.json({"status": "error", "data": "startDate and endDate must be valid dates"});
|
|
return
|
|
}
|
|
// let today = new Date();
|
|
// if (startDate < today) {
|
|
// res.json({"status": "error", "data": "startDate cannot be in the past"});
|
|
// return
|
|
// }
|
|
if (startDate > endDate) {
|
|
res.json({"status": "error", "data": "startDate cannot be after endDate"});
|
|
return
|
|
}
|
|
|
|
tmdb.editTournament(tournamentId, name, description, startDate, endDate)
|
|
.then(msg => res.json({"status": "OK", "data": msg}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
|
|
});
|
|
|
|
api.post("/tournament/:tournamentId/createTeam", (req, res) => {
|
|
let tournamentId = req.params.tournamentId;
|
|
if (isNaN(tournamentId)) {
|
|
res.json({"status": "error", "data": "tournamentId must be a number"});
|
|
return;
|
|
}
|
|
tournamentId = parseInt(tournamentId);
|
|
let teamName = req.body.name;
|
|
if (teamName == undefined || teamName == "") {
|
|
res.json({"status": "error", "data": "teamName must be a non-empty string"});
|
|
return;
|
|
}
|
|
|
|
tmdb.createTeam(tournamentId, teamName)
|
|
.then(msg => res.json({"status": "OK", "data": msg}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.delete("/tournament/:tournamentId", (req, res) => {
|
|
let tournamentId = req.params.tournamentId;
|
|
if (isNaN(tournamentId)) {
|
|
res.json({"status": "error", "data": "tournamentId must be a number"});
|
|
return;
|
|
}
|
|
tournamentId = parseInt(tournamentId);
|
|
tmdb.deleteTournament(tournamentId)
|
|
.then(msg => res.json({"status": "OK", "data": msg}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
});
|
|
|
|
// #endregion
|
|
|
|
// #region match/:matchId
|
|
|
|
|
|
api.get("/match/:matchId", (req, res) => {
|
|
let matchId = req.params.matchId;
|
|
if (isNaN(matchId)) {
|
|
res.json({"status": "error", "data": "matchId must be a number"});
|
|
return
|
|
}
|
|
matchId = parseInt(matchId);
|
|
tmdb.getMatch(matchId)
|
|
.then(match => res.send({"status": "OK", "data": match}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.post("/match/:matchId/setWinner", (req, res) => {
|
|
let matchId = req.params.matchId;
|
|
let winnerId = req.body.winnerId;
|
|
if (isNaN(matchId)) {
|
|
res.json({"status": "error", "data": "matchId must be a number"});
|
|
return
|
|
}
|
|
if (winnerId == undefined || isNaN(winnerId)) {
|
|
res.json({"status": "error", "data": "winnerId must be a number"});
|
|
return
|
|
}
|
|
|
|
matchId = parseInt(matchId);
|
|
winnerId = parseInt(winnerId);
|
|
tmdb.setMatchWinner(matchId, winnerId)
|
|
.then(match => res.send({"status": "OK", "data": match}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.post("/match/:matchId/unsetContestant", (req, res) => {
|
|
let matchId = req.params.matchId;
|
|
let contestantId = req.body.teamId;
|
|
if (isNaN(matchId)) {
|
|
res.json({"status": "error", "data": "matchId must be a number"});
|
|
return
|
|
}
|
|
if (contestantId == undefined || isNaN(contestantId)) {
|
|
res.json({"status": "error", "data": "contestantId must be a number"});
|
|
return
|
|
}
|
|
|
|
matchId = parseInt(matchId);
|
|
contestantId = parseInt(contestantId);
|
|
tmdb.unsetContestantAndWinner(matchId, contestantId)
|
|
.then(match => res.send({"status": "OK", "data": match}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
// #endregion
|
|
|
|
// #region team/:teamId
|
|
api.get("/team/:teamId", (req, res) => {
|
|
let teamId = req.params.teamId;
|
|
if (isNaN(teamId)) {
|
|
res.json({"status": "error", "data": "teamId must be a number"});
|
|
return
|
|
}
|
|
teamId = parseInt(teamId);
|
|
tmdb.getTeam(teamId)
|
|
.then(match => res.send({"status": "OK", "data": match}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.delete("/team/:teamId", (req, res) => {
|
|
let teamId = req.params.teamId;
|
|
if (isNaN(teamId)) {
|
|
res.json({"status": "error", "data": "teamId must be a number"});
|
|
return
|
|
}
|
|
try {
|
|
teamId = parseInt(teamId);
|
|
} catch (err) {
|
|
res.json({"status": "error", "data": "teamId must be a number"});
|
|
return
|
|
}
|
|
tmdb.deleteTeam(teamId)
|
|
.then(match => res.send({"status": "OK", "data": match}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.post("/team/:teamId/edit", (req, res) => {
|
|
let teamId = req.params.teamId;
|
|
let teamName = req.body.name;
|
|
console.log(req.body);
|
|
if (isNaN(teamId)) {
|
|
res.json({"status": "error", "data": "teamId must be a number"});
|
|
return
|
|
}
|
|
if (teamName == undefined || teamName == "") {
|
|
res.json({"status": "error", "data": "teamName must be a non-empty string"});
|
|
return
|
|
}
|
|
teamId = parseInt(teamId);
|
|
tmdb.editTeam(teamId, teamName)
|
|
.then(match => res.send({"status": "OK", "data": match}))
|
|
.catch(err => res.send({"status": "error", "data": err}));
|
|
});
|
|
|
|
|
|
// #endregion
|
|
|
|
//Takes JSON body
|
|
api.post("/tournament/create", async (req, res) => {
|
|
// if (!(await isManager(req.session))) {
|
|
// res.json({"status": "error", "data": "Not authorized"});
|
|
// return
|
|
// }
|
|
//Check that req body is valid
|
|
if (req.body.name == undefined || req.body.name == "") {
|
|
res.json({"status": "error", "data": "No data supplied"});
|
|
return
|
|
}
|
|
//Check that req is json
|
|
// if (req.get("Content-Type") != "application/json") {
|
|
console.log(req.get("Content-Type"));
|
|
let name = req.body.name;
|
|
let description = req.body.description;
|
|
let teamLimit = req.body.teamLimit;
|
|
let startDate = req.body.startDate; //TODO: timezones, 2 hr skips
|
|
let endDate = req.body.endDate;
|
|
console.log(startDate, endDate);
|
|
if (name == undefined || name == "" || description == undefined || description == "") {
|
|
res.json({"status": "error", "data": "name and description must be provided"});
|
|
return
|
|
}
|
|
if (teamLimit == undefined ) {
|
|
res.json({"status": "error", "data": "teamLimit must be provided"});
|
|
return
|
|
}
|
|
try {
|
|
teamLimit = parseInt(teamLimit);
|
|
} catch (err) {
|
|
res.json({"status": "error", "data": "teamLimit must be a number"});
|
|
return
|
|
}
|
|
if (startDate == undefined || endDate == undefined) {
|
|
res.json({"status": "error", "data": "startDate and endDate must be defined"});
|
|
return
|
|
}
|
|
try {
|
|
startDate = new Date(parseInt(startDate));
|
|
endDate = new Date(parseInt(endDate));
|
|
} catch (err) {
|
|
res.json({"status": "error", "data": "startDate and endDate must be valid dates"});
|
|
return
|
|
}
|
|
let today = new Date();
|
|
if (startDate < today) {
|
|
res.json({"status": "error", "data": "startDate cannot be in the past"});
|
|
return
|
|
}
|
|
if (startDate > endDate) {
|
|
res.json({"status": "error", "data": "endDate must be later than startDate"});
|
|
return
|
|
}
|
|
console.log(startDate);
|
|
|
|
tmdb.createTournament(name, description, startDate, endDate, teamLimit)
|
|
.then(msg => res.json({"status": "OK", "data": msg}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
});
|
|
|
|
// #endregion
|
|
|
|
// #region users
|
|
|
|
function isLoggedIn(session) {
|
|
return new Promise((resolve, reject) => {
|
|
if (session.user == undefined || session.user.googleId == undefined) {
|
|
return resolve(false);
|
|
}
|
|
let googleId = session.user.googleId;
|
|
|
|
tmdb.getUserByGoogleId(googleId)
|
|
.then(user => {return resolve(user != undefined) })
|
|
.catch(err => {resolve(false) });
|
|
});
|
|
}
|
|
|
|
|
|
function isManager(session) {
|
|
return new Promise((resolve, reject) => {
|
|
if (session.user == undefined || session.user.googleId == undefined) {
|
|
return resolve(false);
|
|
}
|
|
let googleId = session.user.googleId;
|
|
tmdb.getUserByGoogleId(googleId)
|
|
.then(user => {return resolve(user.isManager) })
|
|
.catch(err => {resolve(false) });
|
|
});
|
|
}
|
|
|
|
|
|
api.get("/users/getSessionUser", (req, res) => {
|
|
if (req.session.user) {
|
|
res.json({"status": "OK", "data": req.session.user});
|
|
} else {
|
|
res.json({"status": "error", "data": "No user logged in"});
|
|
}
|
|
});
|
|
|
|
api.get("/users/getSavedUser", (req, res) => {
|
|
if (!req.session.user) {
|
|
res.json({"status": "error", "data": "No user logged in"});
|
|
return
|
|
}
|
|
let googleId = req.session.user.googleId;
|
|
tmdb.getUserByGoogleId(googleId)
|
|
.then(user => res.json({"status": "OK", "data": user}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.get("/users/getUsers", (req, res) => {
|
|
tmdb.getUsers()
|
|
.then(users => res.json({"status": "OK", "data": users}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
});
|
|
|
|
api.post("/users/createBlank", async (req, res) => {
|
|
if (!(await isManager(req.session))) {
|
|
res.json({"status": "error", "data": "Not authorized"});
|
|
return
|
|
}
|
|
let email = req.body.email;
|
|
// Check if the user already exists
|
|
tmdb.getUserByEmail(email)
|
|
.then(user => {
|
|
res.json({"status": "error", "data": "User already exists", user: user});
|
|
})
|
|
.catch(err => {
|
|
console.log(err);
|
|
if (err == "No such user exists") {
|
|
// Create a new user
|
|
tmdb.createUserBlank(email)
|
|
.then(user => {
|
|
res.json({"status": "OK", "data": user});
|
|
})
|
|
.catch(err => {
|
|
res.json({"status": "error", "data": err});
|
|
});
|
|
} else {
|
|
res.json({"status": "error", "data": err});
|
|
}
|
|
});
|
|
});
|
|
|
|
api.post("/users/changeManagerStatus", async (req, res) => {
|
|
if (!await isManager(req.session)) {
|
|
res.json({"status": "error", "data": "Not authorized"});
|
|
return
|
|
}
|
|
let emailAddress = req.body.emailAddress;
|
|
let isManager = req.body.isManager;
|
|
|
|
|
|
tmdb.getUserByEmail(emailAddress)
|
|
.then(user => {
|
|
tmdb.changeManagerStatus(user.id, isManager)
|
|
.then(msg => res.json({"status": "OK", "data": msg}))
|
|
.catch(err => res.json({"status": "error", "data": err}));
|
|
})
|
|
.catch(err => {
|
|
console.log(err);
|
|
res.json({"status": "error", "data": "Could not update the specified user"});
|
|
});
|
|
});
|
|
|
|
|
|
api.get("/dumpsession", async (req, res) => {
|
|
let out = {};
|
|
out.session = req.session;
|
|
out.header = req.headers;
|
|
out.isLoggedIn = await isLoggedIn(req.session);
|
|
out.isManager = await isManager(req.session);
|
|
console.log(out);
|
|
res.json(out);
|
|
});
|
|
// #endregion
|