-
Notifications
You must be signed in to change notification settings - Fork 0
API Routes
Romain Francois edited this page Dec 19, 2016
·
2 revisions
First, we need to require some packages and files to make it work properly:
var express = require('express');
var router = express.Router();
var config = require('../config/config');
var moment = require('moment');
var Promise = require('bluebird');
var Info = require('./models/Info');
var User = require('./models/User');
var Controller = require('./controller.js');
var bcrypt = require('bcrypt');
var jwt = require('jsonwebtoken');
var reCAPTCHA = require('recaptcha2');
Then, we need a little configuration:
//Set the hash salt for encrypt
const saltRounds = 10;
We set a salt for the hash passwords library (bcrypt).
var recaptcha = new reCAPTCHA({
siteKey: config.googlePublic,
secretKey: config.googleSecret
});
This is the basic code for the Google reCAPTCHA feature. Here you import your public and secret key from your /config/config.js file.
These are all the routes the API handles:
'api/user/register' (POST) //Register new user
'api/user/login' (POST) //Login user
'api/infos' (GET) //Get all the information
//From here need valid token
'api/infos' (POST) //Add a new information
'api/infos/user/:id' (GET) //Get all the information related to the userID)
'api/infos/id/:id' (GET) //Get an information by its ID
'api/infos/update/:id' (POST) //Update an information by its ID
'api/infos/delete/:id' (DELETE) //Delete an information by its ID
'api/infos/:id/join' (POST) //Join an Event by its ID
'api/info/:id/leave' (POST) //Leave an Event by its ID
'api/infos/:id/:votetype' (POST) //Add a vote on an info by its ID
'api/users' (GET) //Get all users
'api/user/id/:id' (GET) //Get a user by its ID
'api/user/name/:name' (GET) //Get a user by its username
'api/user/myprofile' (GET) //Get the profile of the connected user
'api/user/update' (POST) //Update user information
'api/user/delete' (DELETE) //Delete the connected user
This middleware is defined after the GET route '/api/infos'.
.use(function(req, res, next) {
//check header or url params or post params for token
var token = req.headers['x-access-token'];
//decode token
if(token != undefined) {
//verifies secret and checks expiry
jwt.verify(token, config.secret, function(err, decoded) {
if(err) {
return res.status(403).json({ success: false, message: 'Failed to authenticate token'});
}
else {
//if everything good save to request for use in other Routes
req.decoded = decoded;
next();
}
});
}
else {
//if there is no token : return error
return res.status(403).send({
success: false,
message: 'No token provided.'
});
}
})
If the request is not handled by the defined routes, the following middleware will handle it:
.use(function(req, res, next){
res.status(404).send('Error 404 : Request not found');
});
©Quickshare 2016-2017 | [Contact](mailto:[email protected]?subject=[Contact QuickShare WIKI]) | Written with StackEdit.