spacedeck-open/routes/root.js

305 lines
8.0 KiB
JavaScript
Raw Normal View History

2017-04-07 01:29:05 +02:00
"use strict";
const config = require('config');
require('../models/schema');
const redis = require('../helpers/redis');
const express = require('express');
const crypto = require('crypto');
const router = express.Router();
const mailer = require('../helpers/mailer');
const _ = require('underscore');
const qr = require('qr-image');
router.get('/', (req, res) => {
res.render('index', { title: 'Spaces' });
});
router.get('/ping', (req, res) => {
res.status(200).json({"status": "ok"})
});
router.get('/spaces', (req, res) => {
res.render('spacedeck', { title: 'Spaces' });
});
router.get('/not_found', (req, res) => {
res.render('not_found', { title: 'Spaces' });
});
router.get('/confirm/:token', (req, res) => {
res.render('spacedeck', { title: 'Space' });
});
router.get('/folders/:id', (req, res) => {
res.render('spacedeck', {});
});
router.get('/signup', (req, res) => {
res.render('spacedeck', {});
});
router.get('/accept/:id', (req, res) => {
res.render('spacedeck', {});
});
router.get('/password-reset', (req, res) => {
res.render('spacedeck', { title: 'Signup' });
});
router.get('/password-confirm/:token', (req, res) => {
res.render('spacedeck', { title: 'Signup' });
});
router.get('/team', (req, res) => {
res.render('spacedeck');
});
router.get('/de/*', (req, res) => {
res.redirect("/t/de");
});
router.get('/de', (req, res) => {
res.redirect("/t/de");
});
router.get('/fr/*', (req, res) => {
res.redirect("/t/fr");
});
router.get('/fr', (req, res) => {
res.redirect("/t/fr");
});
router.get('/en/*', (req, res) => {
res.redirect("/t/en");
});
router.get('/en', (req, res) => {
res.redirect("/t/end");
});
router.get('/it', (req, res) => {
res.redirect("/t/en");
});
router.get('/account', (req, res) => {
res.render('spacedeck');
});
router.get('/login', (req, res) => {
res.render('spacedeck');
});
router.get('/logout', (req, res) => {
res.render('spacedeck');
});
router.get('/users/oauth2callback', (req, res) => {
res.render('spacedeck');
});
router.get('/contact', (req, res) => {
res.render('public/contact');
});
router.get('/about', (req, res) => {
res.render('public/about');
});
router.get('/terms', (req, res) => {
res.render('public/terms');
});
router.get('/privacy', (req, res) => {
res.render('public/privacy');
});
router.get('/t/:id', (req, res) => {
res.cookie('spacedeck_locale', req.params.id, { maxAge: 900000, httpOnly: true });
var path = "/";
if (req.query.r=="login" || req.query.r=="signup") {
path = "/"+req.query.r;
}
res.redirect(path);
});
router.get('/s/:token', (req, res) => {
redis.rateLimit(req.real_ip, "token", function(ok) {
if (ok) {
var token = req.params.token;
if (token.split("-").length > 0) {
token = token.split("-")[0];
}
Space.findOne({"edit_hash": token}).exec(function (err, space) {
if (err) {
res.status(404).render('not_found', { title: 'Page Not Found.' });
} else {
if (space) {
if(req.accepts('text/html')){
res.redirect("/spaces/"+space._id + "?spaceAuth=" + token);
}else{
res.status(200).json(space);
}
} else {
if(req.accepts('text/html')){
res.status(404).render('not_found', { title: 'Page Not Found.' });
} else {
res.status(404).json({});
}
}
}
});
} else {
res.status(429).json({"error": "Too Many Requests"});
}
});
});
router.get('/spaces/:id', (req, res) => {
if (req.headers['user-agent']) {
if (req.headers['user-agent'].match(/facebook/)) {
Space.findOne({"_id": req.params.id }).exec(function (err, space) {
if (err) {
res.status(400).json(err);
} else {
if (space) {
if (space.access_mode == "public") {
Artifact.find({"space_id": req.params.id }).populate("creator").exec(function(err, artifacts) {
space.artifacts = artifacts;
res.render('facebook', { space: space });
});
} else {
res.redirect("/?error=space_not_accessible");
}
} else {
res.render('not_found', { title: 'Spaces' });
}
}
});
} else {
// not facebook, render javascript
res.render('spacedeck', { title: 'Space' });
}
} else res.render('spacedeck', { title: 'Space' });
});
router.get('/users/byteam/:team_id/join', (req, res) => {
if (!req.user) {
const q = {confirmation_token: req.query.confirmation_token, account_type: "email", team: req.params.team_id};
User.findOne(q, (err, user) => {
if (err) {
res.status(400).json({"error":"session.users"});
} else {
if (user) {
crypto.randomBytes(48, function(ex, buf) {
const token = buf.toString('hex');
var session = {
token: token,
ip: req.ip,
device: "web",
created_at: new Date()
};
if (!user.sessions)
user.sessions = [];
user.sessions.push(session);
user.confirmed_at = new Date();
user.confirmation_token = null;
user.save(function(err, result) {
// FIXME
const secure = process.env.NODE_ENV == "production" || process.env.NODE_ENV == "staging";
const domain = (process.env.NODE_ENV == "production") ? ".spacedeck.com" : ".spacedecklocal.de";
res.cookie('sdsession', token, { domain: domain, httpOnly: true, secure: secure});
res.redirect("/spaces");
});
});
} else {
res.status(404).json({"error": "not found"});
}
}
});
} else {
res.redirect("/spaces");
}
});
router.get('/teams/:id/join', function(req, res, next) {
if (req.user) {
if (!req.user.team) {
Team.findOne({"_id": req.params.id}, function(err, team) {
if (team) {
const idx = team.invitation_codes.indexOf(req.query.code);
if (idx >= 0) {
const u = req.user;
u.team = team;
if(!u.confirmed_at) {
u.confirmed_at = new Date();
}
u.payment_plan_key = team.payment_plan_key;
u.save(function(err) {
if (err) res.status(400).json(err);
else {
team.invitation_condes = team.invitation_codes.slice(idx);
team.save(function(err) {
team.invitation_codes = null;
var finish = function(team, users) {
User.find({"_id": {"$in": team.admins}}).exec((err, admins) => {
if(admins) {
admins.forEach((admin) => {
mailer.sendMail(
admin.email,
req.i18n.__("team_new_member_subject", team.name),
req.i18n.__("team_new_member_body", u.email, team.name)
);
});
}
});
}
User.find({team: team}, function(err, users) {
finish(team, users);
res.redirect("/spaces");
});
});
}
});
} else {
res.redirect("/spaces?error=team_code_notfound");
}
} else {
res.redirect("/spaces?error=team_notfound");
}
});
} else {
res.redirect("/spaces?error=team_already");
}
} else res.redirect("/login");
});
router.get('/qrcode/:id', function(req, res) {
Space.findOne({"_id": req.params.id}).exec(function(err, space) {
if (space) {
const url = config.get("endpoint") + "/s/"+space.edit_hash;
const code = qr.image(url, { type: 'svg' });
res.type('svg');
code.pipe(res);
} else {
res.status(404).json({
"error": "not_found"
});
}
});
});
module.exports = router;