src/webserver.js

var express = require('express'),
	WebServer = express(),
	server = require('http').createServer(WebServer),
	RedisStore = require('connect-redis')(express),
	path = require('path'),
    config = require('../config.js'),
    redis = require('redis'),
	redisServer = redis.createClient(config.redis.port, config.redis.host, config.redis.options),
	passport = require('passport'),
	passportLocal = require('passport-local').Strategy,
	passportTwitter = require('passport-twitter').Strategy,
	login_strategies = [];

passport.use(new passportLocal(function(user, password, next) {
	global.modules.user.loginViaLocal(user, password, function(login) {
		if (login.status === 'ok') next(null, login.user);
		else next(null, false, login);
	});
}));

if (config.twitter.key.length > 0 && config.twitter.secret.length > 0) {
	passport.use(new passportTwitter({
		consumerKey: config.twitter.key,
		consumerSecret: config.twitter.secret,
		callbackURL: config.url + "auth/twitter/callback"
	}, function(token, tokenSecret, profile, done) {
		global.modules.user.loginViaTwitter(profile.id, profile.username, function(err, user) {
			if (err) { return done(err); }
			done(null, user);
		});
	}));

	login_strategies.push('twitter');
}

passport.serializeUser(function(user, done) {
	done(null, user.uid);
});

passport.deserializeUser(function(uid, done) {
	done(null, {
		uid: uid
	});
});

(function(app) {
	var templates = global.templates;

	function refreshTemplates() {
		//need a better solution than copying this code on every call. is there an "onconnect" event?
		if (DEVELOPMENT === true) {
			// refreshing templates
			modules.templates.init();
		}
	}

	// Middlewares
	app.use(express.favicon());	// 2 args: string path and object options (i.e. expire time etc)
	app.use(require('less-middleware')({ src: path.join(__dirname, '../', '/public') }));
	app.use(express.static(path.join(__dirname, '../', 'public')));
	app.use(express.bodyParser());	// Puts POST vars in request.body
	app.use(express.cookieParser());	// If you want to parse cookies (res.cookies)
	app.use(express.compress());
	app.use(express.session({
		store: new RedisStore({
			client: redisServer,
			ttl: 60*60*24*14
		}),
		secret: config.secret,
		key: 'express.sid'
	}));
	app.use(passport.initialize());
	app.use(passport.session());
	app.use(function(req, res, next) {
		// Don't bother with session handling for API requests
		if (/^\/api\//.test(req.url)) return next();

		if (req.user && req.user.uid) {
			global.modules.user.session_ping(req.sessionID, req.user.uid);
		}

		// (Re-)register the session as active
		global.modules.user.active.register(req.sessionID);

		next();
	});
	// Dunno wtf this does
	//	app.use(express.logger({ format: '\x1b[1m:method\x1b[0m \x1b[33m:url\x1b[0m :response-time ms' }));
	// Useful if you want to use app.put and app.delete (instead of app.post all the time)
	//	app.use(express.methodOverride());


	app.get('/403', function(req, res) {
		res.send(templates['header'] + templates['403'] + templates['footer']);
	});

	// Basic Routes (entirely client-side parsed, goal is to move the rest of the crap in this file into this one section)
	(function() {
		var routes = ['', 'login', 'register'];

		for (var i=0, ii=routes.length; i<ii; i++) {
			(function(route) {
				app.get('/' + route, function(req, res) {
					res.send(templates['header'] + '<script>templates.ready(function(){ajaxify.go("' + route + '");});</script>' + templates['footer']);
				});
			}(routes[i]));
		}
	}());
	

	function generate_topic_body(req, res) {
		global.modules.topics.generate_topic_body(function(topic_body) {
			res.send(templates['header'] + topic_body + templates['footer']);
		}, req.params.topic_id);
	}
	app.get('/topic/:topic_id', generate_topic_body);
	app.get('/topic/:topic_id*', generate_topic_body);


	function api_method(req, res) {
		switch(req.params.method) {
			case 'home' :
					global.modules.topics.get(function(data) {
						res.send(JSON.stringify(data));
					});
				break;
			case 'topic' :
					global.modules.posts.get(function(data) {
						res.send(JSON.stringify(data));
					}, req.params.id);
				break;
			default :
				res.send('{}');
			break;
		}
	}
	app.get('/api/:method', api_method);
	app.get('/api/:method/:id', api_method);
	app.get('/api/:method/:id*', api_method);

	app.post('/login', passport.authenticate('local', {
		successRedirect: '/',
		failureRedirect: '/login'
	}));

	app.get('/logout', function(req, res) {
		console.log('info: [Auth] Session ' + res.sessionID + ' logout (uid: ' + global.uid + ')');
		global.modules.user.logout(req.sessionID, function(logout) {
			req.logout();
			res.send(templates['header'] + templates['logout'] + templates['footer']);
		});
	});

	if (login_strategies.indexOf('twitter') !== -1) {
		app.get('/auth/twitter', passport.authenticate('twitter'));

		app.get('/auth/twitter/callback', passport.authenticate('twitter', {
			successRedirect: '/',
			failureRedirect: '/login'
		}));
	}

	app.get('/reset/:code', function(req, res) {
		res.send(templates['header'] + templates['reset_code'].parse({ reset_code: req.params.code }) + templates['footer']);
	});

	app.get('/reset', function(req, res) {
		res.send(templates['header'] + templates['reset'] + templates['footer']);
	});

	app.get('/register', function(req, res) {
		res.send(templates['header'] + templates['register'] + templates['footer']);
	});

	app.post('/register', function(req, res) {
		global.modules.user.create(req.body.username, req.body.password, req.body.email, function(err, uid) {
			if (err === null) {
				req.login({
					uid: uid
				}, function() {
					res.redirect('/');
				});
			} else {
				res.redirect('/register');
			}
		});
	});

	app.get('/account', function(req, res) {
		refreshTemplates();
		res.send(templates['header'] + templates['account_settings'] + templates['footer']);
	});

	app.get('/users', function(req, res) {
		// Render user list
		res.send('User list');
	});

	app.get('/users/:username', function(req, res) {
		global.modules.user.get_uid_by_username(req.params.username, function(uid) {
			res.send(templates['header'] + templates['user_profile'].parse({ uid: uid }) + templates['footer']);
		});
	});
}(WebServer));

server.listen(config.port);
global.server = server;
init, just some testing 2013-04-22 16:51:32 +00:00			`var express = require('express'),`
changing the way the express app is instantiated 2013-04-22 15:17:41 -04:00			`WebServer = express(),`
			`server = require('http').createServer(WebServer),`
some more fixes to the session handling to ignore the /api folder, and refactoring how the public directory is set up in webserver.js. THIS COMMIT ALTERS NODEBB'S DEPENDENCIES! Please run npm install after pulling. 2013-04-28 13:58:19 -04:00			`RedisStore = require('connect-redis')(express),`
			`path = require('path'),`
updated configuration file with redis params, and updated all redis wrapper to read configs from config file instead of defaulting to localhost -- same for express.session store 2013-05-01 12:54:04 -04:00			`config = require('../config.js'),`
			`redis = require('redis'),`
refactored user authentication (passport-local, instead of my own half-baked implementation) 2013-05-01 21:03:37 -04:00			`redisServer = redis.createClient(config.redis.port, config.redis.host, config.redis.options),`
			`passport = require('passport'),`
skeleton for twitter integration via passport 2013-05-02 11:11:10 -04:00			`passportLocal = require('passport-local').Strategy,`
tweaking twitter login so that if the config is blank, trying to log in via twitter won't crash the server 2013-05-02 12:13:06 -04:00			`passportTwitter = require('passport-twitter').Strategy,`
			`login_strategies = [];`
refactored user authentication (passport-local, instead of my own half-baked implementation) 2013-05-01 21:03:37 -04:00
			`passport.use(new passportLocal(function(user, password, next) {`
			`global.modules.user.loginViaLocal(user, password, function(login) {`
			`if (login.status === 'ok') next(null, login.user);`
			`else next(null, false, login);`
			`});`
			`}));`

tweaking twitter login so that if the config is blank, trying to log in via twitter won't crash the server 2013-05-02 12:13:06 -04:00			`if (config.twitter.key.length > 0 && config.twitter.secret.length > 0) {`
			`passport.use(new passportTwitter({`
			`consumerKey: config.twitter.key,`
			`consumerSecret: config.twitter.secret,`
			`callbackURL: config.url + "auth/twitter/callback"`
			`}, function(token, tokenSecret, profile, done) {`
			`global.modules.user.loginViaTwitter(profile.id, profile.username, function(err, user) {`
			`if (err) { return done(err); }`
			`done(null, user);`
			`});`
			`}));`

			`login_strategies.push('twitter');`
			`}`
skeleton for twitter integration via passport 2013-05-02 11:11:10 -04:00
refactored user authentication (passport-local, instead of my own half-baked implementation) 2013-05-01 21:03:37 -04:00			`passport.serializeUser(function(user, done) {`
			`done(null, user.uid);`
			`});`

			`passport.deserializeUser(function(uid, done) {`
			`done(null, {`
			`uid: uid`
			`});`
			`});`
init, just some testing 2013-04-22 16:51:32 +00:00
			`(function(app) {`
			`var templates = global.templates;`

updated ajaxify to do a callback after page change, added toaster style notifications (app.alert), changes to webserver to update automatically 2013-04-23 19:38:48 +00:00			`function refreshTemplates() {`
			`//need a better solution than copying this code on every call. is there an "onconnect" event?`
			`if (DEVELOPMENT === true) {`
			`// refreshing templates`
			`modules.templates.init();`
			`}`
			`}`
some work on session login etc 2013-04-24 16:42:12 -04:00
			`// Middlewares`
			`app.use(express.favicon()); // 2 args: string path and object options (i.e. expire time etc)`
integrated LESS middleware to static served CSS/less files 2013-05-02 09:40:44 -04:00			`app.use(require('less-middleware')({ src: path.join(__dirname, '../', '/public') }));`
some more fixes to the session handling to ignore the /api folder, and refactoring how the public directory is set up in webserver.js. THIS COMMIT ALTERS NODEBB'S DEPENDENCIES! Please run npm install after pulling. 2013-04-28 13:58:19 -04:00			`app.use(express.static(path.join(__dirname, '../', 'public')));`
some work on session login etc 2013-04-24 16:42:12 -04:00			`app.use(express.bodyParser()); // Puts POST vars in request.body`
			`app.use(express.cookieParser()); // If you want to parse cookies (res.cookies)`
some more fixes to the session handling to ignore the /api folder, and refactoring how the public directory is set up in webserver.js. THIS COMMIT ALTERS NODEBB'S DEPENDENCIES! Please run npm install after pulling. 2013-04-28 13:58:19 -04:00			`app.use(express.compress());`
NEW DEPENDENCY: connect-redis Persistent sessions with connect-redis. 2013-04-25 11:15:03 -04:00			`app.use(express.session({`
logout functionality 2013-04-25 12:59:31 -04:00			`store: new RedisStore({`
updated configuration file with redis params, and updated all redis wrapper to read configs from config file instead of defaulting to localhost -- same for express.session store 2013-05-01 12:54:04 -04:00			`client: redisServer,`
logout functionality 2013-04-25 12:59:31 -04:00			`ttl: 606024*14`
			`}),`
configuring express session to use a secret defined in the config file, not a hard coded one 2013-05-01 16:27:57 -04:00			`secret: config.secret,`
NEW DEPENDENCY: connect-redis Persistent sessions with connect-redis. 2013-04-25 11:15:03 -04:00			`key: 'express.sid'`
			`}));`
refactored user authentication (passport-local, instead of my own half-baked implementation) 2013-05-01 21:03:37 -04:00			`app.use(passport.initialize());`
			`app.use(passport.session());`
logout functionality 2013-04-25 12:59:31 -04:00			`app.use(function(req, res, next) {`
some more fixes to the session handling to ignore the /api folder, and refactoring how the public directory is set up in webserver.js. THIS COMMIT ALTERS NODEBB'S DEPENDENCIES! Please run npm install after pulling. 2013-04-28 13:58:19 -04:00			`// Don't bother with session handling for API requests`
fixed the crash when going between pages, return next() in webserver.js 2013-04-28 22:26:27 -04:00			`if (/^\/api\//.test(req.url)) return next();`
removed requireAuth middleware 2013-04-28 21:15:47 -04:00
refactored user authentication (passport-local, instead of my own half-baked implementation) 2013-05-01 21:03:37 -04:00			`if (req.user && req.user.uid) {`
			`global.modules.user.session_ping(req.sessionID, req.user.uid);`
logout functionality 2013-04-25 12:59:31 -04:00			`}`

some more fixes to the session handling to ignore the /api folder, and refactoring how the public directory is set up in webserver.js. THIS COMMIT ALTERS NODEBB'S DEPENDENCIES! Please run npm install after pulling. 2013-04-28 13:58:19 -04:00			`// (Re-)register the session as active`
			`global.modules.user.active.register(req.sessionID);`

logout functionality 2013-04-25 12:59:31 -04:00			`next();`
			`});`
some work on session login etc 2013-04-24 16:42:12 -04:00			`// Dunno wtf this does`
			`// app.use(express.logger({ format: '\x1b[1m:method\x1b[0m \x1b[33m:url\x1b[0m :response-time ms' }));`
			`// Useful if you want to use app.put and app.delete (instead of app.post all the time)`
			`// app.use(express.methodOverride());`

client side templates in, fixed home page to parse templates on ajaxify, added footer to the page transition animation for smoothness 2013-04-25 19:13:23 +00:00
interim commit 2013-05-02 09:13:09 -04:00			`app.get('/403', function(req, res) {`
			`res.send(templates['header'] + templates['403'] + templates['footer']);`
			`});`

small refactor of routing, cleanup, templates are now parsed entirely on client side for /, /register, /login for now 2013-05-01 22:19:54 +00:00			`// Basic Routes (entirely client-side parsed, goal is to move the rest of the crap in this file into this one section)`
			`(function() {`
			`var routes = ['', 'login', 'register'];`
started working on threadss, implemented slug url, fixed crashing bug during post creation 2013-04-25 21:55:11 +00:00
small refactor of routing, cleanup, templates are now parsed entirely on client side for /, /register, /login for now 2013-05-01 22:19:54 +00:00			`for (var i=0, ii=routes.length; i<ii; i++) {`
			`(function(route) {`
			`app.get('/' + route, function(req, res) {`
			`res.send(templates['header'] + '<script>templates.ready(function(){ajaxify.go("' + route + '");});</script>' + templates['footer']);`
			`});`
			`}(routes[i]));`
			`}`
			`}());`

started working on threadss, implemented slug url, fixed crashing bug during post creation 2013-04-25 21:55:11 +00:00
got ajaxify working with threads, some cleanup, fixed anon posting, got rid of a few more global.sockets calls 2013-05-01 21:26:47 +00:00			`function generate_topic_body(req, res) {`
started working on threadss, implemented slug url, fixed crashing bug during post creation 2013-04-25 21:55:11 +00:00			`global.modules.topics.generate_topic_body(function(topic_body) {`
			`res.send(templates['header'] + topic_body + templates['footer']);`
got ajaxify working with threads, some cleanup, fixed anon posting, got rid of a few more global.sockets calls 2013-05-01 21:26:47 +00:00			`}, req.params.topic_id);`
			`}`
			`app.get('/topic/:topic_id', generate_topic_body);`
			`app.get('/topic/:topic_id*', generate_topic_body);`
started working on threadss, implemented slug url, fixed crashing bug during post creation 2013-04-25 21:55:11 +00:00
updates to posts 2013-04-28 20:07:42 +00:00

got ajaxify working with threads, some cleanup, fixed anon posting, got rid of a few more global.sockets calls 2013-05-01 21:26:47 +00:00			`function api_method(req, res) {`
client side templates in, fixed home page to parse templates on ajaxify, added footer to the page transition animation for smoothness 2013-04-25 19:13:23 +00:00			`switch(req.params.method) {`
			`case 'home' :`
			`global.modules.topics.get(function(data) {`
			`res.send(JSON.stringify(data));`
			`});`
			`break;`
got ajaxify working with threads, some cleanup, fixed anon posting, got rid of a few more global.sockets calls 2013-05-01 21:26:47 +00:00			`case 'topic' :`
			`global.modules.posts.get(function(data) {`
			`res.send(JSON.stringify(data));`
			`}, req.params.id);`
			`break;`
client side templates in, fixed home page to parse templates on ajaxify, added footer to the page transition animation for smoothness 2013-04-25 19:13:23 +00:00			`default :`
			`res.send('{}');`
fixing login and logout sessions 2013-04-28 13:28:20 -04:00			`break;`
client side templates in, fixed home page to parse templates on ajaxify, added footer to the page transition animation for smoothness 2013-04-25 19:13:23 +00:00			`}`
got ajaxify working with threads, some cleanup, fixed anon posting, got rid of a few more global.sockets calls 2013-05-01 21:26:47 +00:00			`}`
			`app.get('/api/:method', api_method);`
			`app.get('/api/:method/:id', api_method);`
			`app.get('/api/:method/:id*', api_method);`
init, just some testing 2013-04-22 16:51:32 +00:00
refactored user authentication (passport-local, instead of my own half-baked implementation) 2013-05-01 21:03:37 -04:00			`app.post('/login', passport.authenticate('local', {`
			`successRedirect: '/',`
			`failureRedirect: '/login'`
			`}));`
logout functionality 2013-04-25 12:59:31 -04:00
			`app.get('/logout', function(req, res) {`
			`console.log('info: [Auth] Session ' + res.sessionID + ' logout (uid: ' + global.uid + ')');`
fixing login and logout sessions 2013-04-28 13:28:20 -04:00			`global.modules.user.logout(req.sessionID, function(logout) {`
refactored user authentication (passport-local, instead of my own half-baked implementation) 2013-05-01 21:03:37 -04:00			`req.logout();`
			`res.send(templates['header'] + templates['logout'] + templates['footer']);`
logout functionality 2013-04-25 12:59:31 -04:00			`});`
added login, fixed gitignore 2013-04-22 19:01:45 +00:00			`});`

tweaking twitter login so that if the config is blank, trying to log in via twitter won't crash the server 2013-05-02 12:13:06 -04:00			`if (login_strategies.indexOf('twitter') !== -1) {`
			`app.get('/auth/twitter', passport.authenticate('twitter'));`
skeleton for twitter integration via passport 2013-05-02 11:11:10 -04:00
tweaking twitter login so that if the config is blank, trying to log in via twitter won't crash the server 2013-05-02 12:13:06 -04:00			`app.get('/auth/twitter/callback', passport.authenticate('twitter', {`
			`successRedirect: '/',`
			`failureRedirect: '/login'`
			`}));`
			`}`
skeleton for twitter integration via passport 2013-05-02 11:11:10 -04:00
more stuff on pw reset 2013-04-23 16:18:43 -04:00			`app.get('/reset/:code', function(req, res) {`
interim commit for password reset 2013-04-23 20:25:01 -04:00			`res.send(templates['header'] + templates['reset_code'].parse({ reset_code: req.params.code }) + templates['footer']);`
more stuff on pw reset 2013-04-23 16:18:43 -04:00			`});`

added email to registration fields, email existence check 2013-04-22 17:31:51 -04:00			`app.get('/reset', function(req, res) {`
			`res.send(templates['header'] + templates['reset'] + templates['footer']);`
			`});`
init, just some testing 2013-04-22 16:51:32 +00:00
			`app.get('/register', function(req, res) {`
optimizing for express, tweaks to config file 2013-04-22 14:37:13 -04:00			`res.send(templates['header'] + templates['register'] + templates['footer']);`
init, just some testing 2013-04-22 16:51:32 +00:00			`});`

refactoring register to use form post instead of socket (for passport integration) 2013-05-02 10:15:55 -04:00			`app.post('/register', function(req, res) {`
			`global.modules.user.create(req.body.username, req.body.password, req.body.email, function(err, uid) {`
			`if (err === null) {`
			`req.login({`
			`uid: uid`
			`}, function() {`
			`res.redirect('/');`
			`});`
			`} else {`
			`res.redirect('/register');`
			`}`
			`});`
			`});`

removed requireAuth middleware 2013-04-28 21:15:47 -04:00			`app.get('/account', function(req, res) {`
some work on session login etc 2013-04-24 16:42:12 -04:00			`refreshTemplates();`
			`res.send(templates['header'] + templates['account_settings'] + templates['footer']);`
			`});`

interim commit 2013-05-02 09:13:09 -04:00			`app.get('/users', function(req, res) {`
			`// Render user list`
			`res.send('User list');`
			`});`

			`app.get('/users/:username', function(req, res) {`
			`global.modules.user.get_uid_by_username(req.params.username, function(uid) {`
			`res.send(templates['header'] + templates['user_profile'].parse({ uid: uid }) + templates['footer']);`
			`});`
fixed broken mget implementation if no topics are present 2013-04-24 22:20:05 -04:00			`});`
init, just some testing 2013-04-22 16:51:32 +00:00			`}(WebServer));`
changing the way the express app is instantiated 2013-04-22 15:17:41 -04:00
			`server.listen(config.port);`
changing socket.io to exist on the same port as the server, made config file template (removed config file from repo) 2013-04-22 15:23:02 -04:00			`global.server = server;`