Phase III Task 4

node/app.js

@@ -10,8 +10,9 @@ const fs = require('file-system');
 const marked = require('marked');
 const jwt = require('jsonwebtoken');
 const bodyParser= require('body-parser');
-// const morgan = require('morgan');
+const colors = require('colors');
 
+// const morgan = require('morgan');
 // use morgan to log requests to the console
 // app.use(morgan('dev'));
 
@@ -64,7 +65,22 @@ var testSchema = new Schema({
 });
 
 // new object that will hold the data using model structure made above
-var colors = mongoose.model('colorName', testSchema);
+var thingies = mongoose.model('colorName', testSchema);
+
+// Default message for testing
+app.get('/', (req, res)=>{
+  res.json([{message:'yes, your nodejs app is really running'}]);
+  counter++; // for prometheus invocation_count metric
+  libCounter.inc(); // for prometheus lib_invocation_count metric
+  console.log('Hello, I\'m inside endpoint \'/\''.green);
+});
+
+// Test endpoint for md files rendering
+app.get('/test', function(req, res) {
+  var path = '/app/README.md';
+  var file = fs.readFileSync(path, 'utf8');
+  res.send(marked(file.toString()));
+});
 
 // Prometheus metrics endpoint - Library
 app.get('/metrics', function(req, res){
@@ -89,96 +105,78 @@ app.get('/metrics2', function(req, res){
 })
 
 // JWT generation
-var claims = { scope: 'admin' };
-// app.use(express.json());
 app.use(bodyParser.urlencoded({ extended: false }));
-app.post('/token', function(req, res){
-  console.log(req.body);
-  console.log('username: ' + req.body.username);
-  console.log('password: ' + req.body.password);
-  if (req.body.username === 'user1') {
-    if (req.body.password === 'pass1') {
-      // var token = jwt.sign(req.body, 'wowmuchsecretveryhiddenwow');
-      var token = jwt.sign({ 
-        username: req.body.username,
-        password: req.body.password 
-      }, 'wowmuchsecretveryhiddenwow');
-      console.log(token);
-      console.log(jwt.decode(token));
-      // res.json(token);
-      // res.status(200).json({
-      //   success: 'SUCCESS! You\'re in.',
-      //   token: token
-      // });
-      res.redirect('http://localhost/yay.html');
-    } else {
-      // res.status(500).send('wrong password');
-      res.redirect('http://localhost/nay.html');
-    }
-  } else {
-    if (req.body.username === 'power') {
-      if (req.body.password === 'weak') {
-        var token = jwt.sign({ 
-          subject: 'power#9123741',
-          issuer: 'http://youcantrustme.io',
-          scope: 'admin'
-        }, 'wowmuchsecretveryhiddenwow');
-        console.log('JWT Token: ' + token);
-        console.log(jwt.decode(token));
-        req.headers['access-token'] = token;
-        res.redirect('http://localhost/yay.html');
 
+app.post('/token', function(req, res) {
+
+  const claims_power = { 
+    username: req.body.username,
+    password: req.body.password,
+    subject: 'power#1234',
+    issuer: 'http://youcantrustme.io',
+    scope: 'admin' 
+  };
+  
+  const claims_user = { 
+    username: req.body.username,
+    password: req.body.password,
+    subject: 'normal_user',
+    issuer: 'http://youcantrustme.io',
+    scope: 'user' 
+  };
+
+  let token = '';
+
+  switch(req.body.username) {
+      case 'user1':
+      if (req.body.password === 'pass1') {
+          token = jwt.sign(claims_user, 'wowmuchsecretveryhiddenwow');
+          console.log('JWT Token: ' + token);
+          console.log(jwt.decode(token));
+          req.headers['access-token'] = token;
+          res.redirect('http://localhost/yay.html');
+      } else {
+          res.redirect('http://localhost/nay.html');
+      }
+      break;
+      case 'power':
+      if (req.body.password === 'weak') {
+          token = jwt.sign(claims_power, 'wowmuchsecretveryhiddenwow');
+          console.log('JWT Token: ' + token);
+          console.log(jwt.decode(token));
+          req.headers['access-token'] = token;
+          res.redirect('http://localhost/yay.html');
       } else {
       res.redirect('http://localhost/nay.html');
       }
-    } else {
-        // res.status(500).send('user not found');
-        res.redirect('http://localhost/nay.html');
-    }
-    console.log('\x1b[36m%s\x1b[0m','HEADER (req.headers): ' + req.headers['access-token']);
-  }
+      break;
+      default:
+      res.status(500).send('User not found');
+  } 
+  console.log('HEADER (req.headers): ' + req.headers['access-token']);
 });
 
+
+// Restricted endpoint
 const restrictRoutes = express.Router();
 app.use('/restricted', restrictRoutes);
 
 restrictRoutes.use((req, res, next) => {});
 
-// app.post('/token2', function(req, res){
-//   switch (req.body.username) {
-
-//   }
-// })
-
-// Default message for testing
-app.get('/', (req, res)=>{
-  res.json([{message:'yes, your nodejs app is really running'}]);
-  counter++; // for prometheus invocation_count metric
-  libCounter.inc(); // for prometheus lib_invocation_count metric
-});
-
-// Test endpoint for md files rendering
-app.get('/test', function(req, res) {
-  var path = '/app/README.md';
-  var file = fs.readFileSync(path, 'utf8');
-  res.send(marked(file.toString()));
-});
-
-
 // Mongo query
 app.get('/info', function(req, res){
-  colors.find({}).then(function (colors) {
-    res.json(colors);
+  thingies.find({}).then(function (thingies) {
+    res.json(thingies);
   });
 });
 
 
 // Mongo insert
 app.post('/info/add/:name', function(req, res){
-  var item = {color: req.params.name};
-  var data = new colors(item);
+  var item = {thingies: req.params.name};
+  var data = new thingies(item);
   data.save();
-  res.send('color ' + req.params.name + ' added to database');
+  res.send('thingie ' + req.params.name + ' added to database');
 });
 
 connectWithRetry();

node/package.json

@@ -21,6 +21,7 @@
     "marked": "^0.5.2",
     "body-parser": "^1.18.3",
     "jsonwebtoken": "^8.4.0",
-    "morgan": "^1.9.1"
+    "morgan": "^1.9.1",
+    "colors": "^1.3.3"
   }
 }