final nodejs commit

misc/startmongo.sh

@@ -5,4 +5,5 @@ echo "Starting mongod..."
 cd $(dirname $0)
 mkdir -p ../.db/ 2>/dev/null
 
-mongod --dbpath ../.db/
\ No newline at end of file
+mongod --dbpath ../.db/
+

package-lock.json

@@ -61,6 +61,11 @@
       "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
       "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw="
     },
+    "crc": {
+      "version": "3.4.4",
+      "resolved": "https://registry.npmjs.org/crc/-/crc-3.4.4.tgz",
+      "integrity": "sha1-naHpgOO9RPxck79as9ozeNheRms="
+    },
     "debug": {
       "version": "2.6.9",
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -194,6 +199,22 @@
         }
       }
     },
+    "express-session": {
+      "version": "1.15.6",
+      "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.15.6.tgz",
+      "integrity": "sha512-r0nrHTCYtAMrFwZ0kBzZEXa1vtPVrw0dKvGSrKP4dahwBQ1BJpF2/y1Pp4sCD/0kvxV4zZeclyvfmw0B4RMJQA==",
+      "requires": {
+        "cookie": "0.3.1",
+        "cookie-signature": "1.0.6",
+        "crc": "3.4.4",
+        "debug": "2.6.9",
+        "depd": "~1.1.1",
+        "on-headers": "~1.0.1",
+        "parseurl": "~1.3.2",
+        "uid-safe": "~2.1.5",
+        "utils-merge": "1.0.1"
+      }
+    },
     "finalhandler": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz",
@@ -288,32 +309,34 @@
       }
     },
     "mongodb": {
-      "version": "3.0.10",
-      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.0.10.tgz",
-      "integrity": "sha512-jy9s4FgcM4rl8sHNETYHGeWcuRh9AlwQCUuMiTj041t/HD02HwyFgmm2VZdd9/mA9YNHaUJLqj0tzBx2QFivtg==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.0.tgz",
+      "integrity": "sha512-fSDZRq9FomRqeDSM7MpMTLa8sz+STs3nZ7Ib0+xvmaKZ6nquNDN4zGDsVhjto6UozFvHMDYJMAfJwhqUygXs9g==",
       "requires": {
-        "mongodb-core": "3.0.9"
+        "mongodb-core": "3.1.0"
       }
     },
     "mongodb-core": {
-      "version": "3.0.9",
-      "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.0.9.tgz",
-      "integrity": "sha512-buOWjdLLBlEqjHDeHYSXqXx173wHMVp7bafhdHxSjxWdB9V6Ri4myTqxjYZwL/eGFZxvd8oRQSuhwuIDbaaB+g==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.0.tgz",
+      "integrity": "sha512-qRjG62Fu//CZhkgn0jA/k8jh5MhACIq8cOJUryH6sck87pgt+C222MSD02tsCq5zNo/B6ZFHtNodZ2qpf8E86g==",
       "requires": {
         "bson": "~1.0.4",
-        "require_optional": "^1.0.1"
+        "require_optional": "^1.0.1",
+        "saslprep": "^1.0.0"
       }
     },
     "mongoose": {
-      "version": "5.1.7",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.1.7.tgz",
-      "integrity": "sha512-9zus8yEovPqLo3S2iXz2Dg9YJAo8xG7m161abqJbUNIqZYjvpPwjmWAs6ChZnxEUpTYFOve//ljvyA5V5D9sNw==",
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.2.1.tgz",
+      "integrity": "sha512-WB5F/T2B3W7p2+uftd3WkIrNLhg8VzSbxxtFGbTIqsZ4KCOhjhYALN0ltZPLaBlIrLtEoGFKTNwyWEcOtxY+oA==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.0.5",
         "kareem": "2.2.1",
         "lodash.get": "4.4.2",
-        "mongodb": "3.0.10",
+        "mongodb": "3.1.0",
+        "mongodb-core": "3.1.0",
         "mongoose-legacy-pluralize": "1.0.2",
         "mpath": "0.4.1",
         "mquery": "3.0.0",
@@ -368,6 +391,11 @@
         "ee-first": "1.1.1"
       }
     },
+    "on-headers": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.1.tgz",
+      "integrity": "sha1-ko9dD0cNSTQmUepnlLCFfBAGk/c="
+    },
     "parseurl": {
       "version": "1.3.2",
       "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.2.tgz",
@@ -392,6 +420,11 @@
       "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz",
       "integrity": "sha512-eRzhrN1WSINYCDCbrz796z37LOe3m5tmW7RQf6oBntukAG1nmovJvhnwHHRMAfeoItc1m2Hk02WER2aQ/iqs+A=="
     },
+    "random-bytes": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
+      "integrity": "sha1-T2ih3Arli9P7lYSMMDJNt11kNgs="
+    },
     "range-parser": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.0.tgz",
@@ -421,6 +454,12 @@
       "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz",
       "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg=="
     },
+    "saslprep": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/saslprep/-/saslprep-1.0.0.tgz",
+      "integrity": "sha512-5lvKUEQ7lAN5/vPl5d3k8FQeDbEamu9kizfATfLLWV5h6Mkh1xcieR1FSsJkcSRUk49lF2tAW8gzXWVwtwZVhw==",
+      "optional": true
+    },
     "semver": {
       "version": "5.5.0",
       "resolved": "https://registry.npmjs.org/semver/-/semver-5.5.0.tgz",
@@ -481,6 +520,14 @@
         "mime-types": "~2.1.18"
       }
     },
+    "uid-safe": {
+      "version": "2.1.5",
+      "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
+      "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
+      "requires": {
+        "random-bytes": "~1.0.0"
+      }
+    },
     "unpipe": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",

package.json

@@ -14,6 +14,7 @@
   "license": "GPL-3.0",
   "dependencies": {
     "express": "^4.16.3",
-    "mongoose": "^5.1.7"
+    "express-session": "^1.15.6",
+    "mongoose": "^5.2.1"
   }
 }

signup/email-confirm.js

+"use strict";
+var express = require('express');
+var mongoose = require('mongoose');
+var crypto = require('crypto');
+
+/* manage temporary sessions for email confirmations */
+
+function 
+
+module.exports = {
+
+};
\ No newline at end of file

signup/express-sessions.js

+"use strict"
+var express = require('express');
+var mongoose = require('mongoose');
+
+var MongoStore = {
+    client: null,
+    options: {},
+    get: function (sid, cb) {
+        MongoStore.client.findOne({sid: sid}, function (err, doc) {
+            try {
+                if (err) return cb(err, null);
+
+                if (!doc) return cb();
+
+                cb(null, doc.data); // JSON.parse(doc.data)
+            }
+            catch (err) {
+                cb(err);
+            }
+        });
+    },
+    set: function (sid, data, cb) {
+        try {
+            var lastAccess = new Date();
+            var expires = lastAccess.setDate(lastAccess.getDate() + 1);
+
+            if (typeof data.cookie != 'undefined') {
+                expires = data.cookie._expires;
+            }
+
+            if (typeof data.lastAccess != 'undefined') {
+                lastAccess = new Date(data.lastAccess);
+            }
+
+            MongoStore.client.findOneAndUpdate({sid: sid}, {
+                data: JSON.parse(JSON.stringify(data)), //JSON.stringify(data)
+                lastAccess: lastAccess,
+                expires: expires
+            }, { upsert: true }, cb);
+        }
+        catch (err) {
+            console.log('express-sessions', err);
+
+            cb && cb(err);
+        }
+    },
+    destroy: function (sid, cb) {
+        MongoStore.client.remove({ sid: sid }, cb);
+    },
+    all: function (cb) {
+        MongoStore.client.find(function (err, doc) {
+            if (err) {
+                return cb && cb(err);
+            }
+
+            cb && cb(null, doc);
+        });
+    },
+    length: function (cb) {
+        MongoStore.client.count(function (err, count) {
+            if (err) {
+                return cb && cb(err);
+            }
+
+            cb && cb(null, count);
+        });
+    },
+    clear: function (cb) {
+        MongoStore.client.drop(function () {
+            if (err) {
+                return cb && cb(err);
+            }
+
+            cb && cb();
+        });
+    }
+}
+
+var SessionStore = function (options, cb) {
+    var options = {
+        host: options.host || 'localhost',
+        port: options.port || 27017,
+        db: options.db || 'test',
+        collection: options.collection || 'sessions',
+        instance: options.instance || null,
+        expire: options.expire || 86400
+    };
+
+    express.session.Store.call(this, options);
+
+    if (options.instance) {
+        mongoose = options.instance;
+    } else {
+        mongoose.connect('mongodb://' + options.host + ':' + options.port + '/' + options.db);
+    }
+
+    var schema = new mongoose.Schema({
+        sid: { type: String, required: true, unique: true },
+        data: { type: {} },
+        lastAccess: { type: Date, index: { expires: parseInt(options.expire) * 1000} },
+        expires: { type: Date, index: true }
+    });
+
+    MongoStore.options = options;
+    MongoStore.client = mongoose.model(options.collection, schema);
+
+    for (var i in MongoStore) {
+        SessionStore.prototype[i] = MongoStore[i];
+    }
+
+    if (cb) cb.call(null);
+}
+
+SessionStore.prototype = new express.session.Store();
+
+module.exports = SessionStore;

signup/init.js

 var mongoose = require('mongoose');
 var express = require('express');
+var cookieParser = require('cookie-parser');
 var signupRoutes = require('./routes');
+var crypto = require('crypto');
+var SessionStore = require('./express-sessions');
 var app = express();
 
+
 console.log("Connecting to mongodb...");
 mongoose.connect('mongodb://localhost/uccportal-dev'); 
 var db = mongoose.connection;
-db.on('error', console.error.bind(console, 'db connection error:'));
+db.on('error', function (err) {
+    console.error("Failed to connect to mongodb:", err);
+    console.error("Maybe mongodb isn't started?");
+    process.exit(1);
+});
 db.once('open', function() {
   console.log("Connected to mongodb.");
 });
 
 // Start web server or crash
-console.info("Starting web-service on host \"" + config.host + "\" and port " + config.port);
+console.info("Starting web-service on http://localhost:3000/");
 try {
-    app.listen(config.port, config.host);
+    app.listen(3000);
 } catch (e) {
-    throw new Error("Failed to start web-service: " + e.message);
+    console.error("Failed to start web service!");
+    process.exit(1);
 }
 
-app.use('/', signupRoutes);
\ No newline at end of file
+app.use(express.session({
+    secret: crypto.randomBytes(32).toString('base64'), // make new secret for each session, this is to make things easier to debug.
+    cookie: { maxAge: 2628000000 },
+    store: new SessionStore({
+        instance: mongoose,
+        collection: 'Sessions',
+        expire: 86400
+    })
+}));
+
+app.use(cookieParser());
+app.use('/', signupRoutes);
+app.use('/', express.static(__dirname + 'wwwroot/'));
\ No newline at end of file

signup/routes.js

@@ -18,7 +18,7 @@
     2. Unlock account and dispense appropriate membership
 */
 
-
+var crypto = require('crypto');
 var express = require('express');
 var router = express.Router();
 
@@ -28,12 +28,22 @@ router.use('/', express.static('./wwwroot', {
 
 // For entirely new members, does email confirmation etc to create an "uccportal" login (and memberdb entry minus payments)
 router.get('/new', function (req, res, next) {
+    res.send("GET");
+});
+
+// receive email address and produce session token
+router.put('/new', function (req, res) {
     var token = crypto.randomBytes(64).toString('base64');
 
-    res.send(token);
+
 });
 
+// 
+
 // For logging in using an existing account, regardless of login status
-router.use('/login', existingMember);
+router.get('/login', function (req, res, next) {
+
+    res.send(req.cookies.session)
+});
 
 module.exports = router;
\ No newline at end of file

signup/wwwroot/index.html

+<!doctype html>
+<html>
+    <head>
+        <title>Sign Up!</title>
+        <script type="text/javascript" src="js/jquery-3.3.1.js"></script>
+        <script type="text/javascript">
+        $(function() {
+            
+        });
+        </script>
+    </head>
+    <body>
+        <form action="/new" method="post">
+            <h1>Make a new user account by entering your email address:</h1>
+            <p>
+                <p><label>Email:</label><br/><input type="text" name="username"/></p>
+            </p>
+            <p><input type="submit"/></p>
+        </form>
+    </body>
+</html>