This repository was archived by the owner on Aug 28, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsqlite.js
More file actions
125 lines (110 loc) · 3.93 KB
/
sqlite.js
File metadata and controls
125 lines (110 loc) · 3.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
const express = require('express')
const axios = require('axios');
const path = require('path');
const app = express()
const jwt = require("./jwt_service")
const flash = require("connect-flash");
const session = require('express-session');
const cookieParser = require('cookie-parser');
const sqlite3 = require('sqlite3')
const secrets = require("./secrets.js")
//JWT from https://medium.com/@siddharthac6/json-web-token-jwt-the-right-way-of-implementing-with-node-js-65b8915d550e
//Key generator at https://www.csfieldguide.org.nz/en/interactives/rsa-key-generator/
//Using flash to send access token past a redirect: https://gist.github.com/raddeus/11061808
app.use(cookieParser(secrets.cookie_secret));
app.use(session({ cookie: { maxAge: 60000 }, resave: false, saveUninitialized: false, secret: secrets.cookie_secret }));
app.use(flash());
app.use(express.static(path.join(__dirname, "public")));
app.get("/login", (req, res) => {
res.redirect(`https://github.com/login/oauth/authorize?client_id=${secrets.client_id}&redirect_uri=http://localhost:3000/callback&state=${secrets.state}`)
})
app.get("/logout", (req, res) => {
console.log("Logout");
res.redirect('index.html');
})
app.get("/callback", (req, res) => {
console.log(`got a callback with url params ${req.query.code} and ${req.query.state}`);
let access_token;
axios.post("https://github.com/login/oauth/access_token", {
client_id: secrets.client_id,
client_secret: secrets.client_secret,
redirect_uri: "http://localhost:3000/callback",
state: secrets.state,
code: req.query.code
}, { headers: { Accept: "application/json" } })
.then(response => {
access_token = response.data.access_token;
console.log("Github said " + access_token);
return axios.get("https://api.github.com/user?access_token=" + access_token)
})
.then(response => {
// SIGNING OPTIONS
var signOptions = {
issuer: 'CSCI 3550',
subject: response.data.login,
audience: 'http://localhost:3000',
expiresIn: "12h",
algorithm: "RS256"
};
let token = jwt.sign({ access_token }, signOptions);
console.log(token);
req.flash("Bearer", token);
res.redirect("/private.html");
})
.catch(error => {
console.log("There was an error " + error);
})
})
app.use((req, res, next) => {
//let bearer = req.flash('Bearer')[0];
let bearer;
console.log('Cookies: ', req.cookies)
// Cookies that have been signed
console.log('Signed Cookies: ', req.signedCookies)
let flash = req.flash("Bearer");
if(flash && flash.length > 0){
bearer = flash[0];
}
else{
bearer = req.cookies["3550_Bearer"];
console.log("Couldn't find Bearer in flash")
}
console.log(bearer)
var verifyOptions = {
issuer: 'CSCI 3550',
audience: 'http://localhost:3000',
expiresIn: "12h",
algorithm: ["RS256"]
};
var legit = jwt.verify(bearer, verifyOptions);
console.log("\nJWT verification result: " + JSON.stringify(legit));
if (legit) {
res.cookie('3550_Bearer', bearer, { maxAge: 900000 });
next(); //Move to the next route
}
else {
res.redirect("/unauthorized.html")
}
})
//If we get here, the user is authenticated.
app.use(express.static(path.join(__dirname, "private")));
app.use("/query", (req, res)=>{
db.each("SELECT COUNT(logins) as count FROM LOGINS", (err, row) => {
if (err) {
return console.error(err.message);
}
console.log(row.count );
res.send("" + row.count);
db.run("INSERT into LOGINS(logins) VALUES(?)", "0", (err)=>{
if(err){
return console.error("Error creating a new row:" + err);
}
console.log("Added a new row");
})
});
})
let db = new sqlite3.Database('./db/sqlite.db', (err) => {
if (err) return console.error("Error connecting to database: " + err.message + ". Terminating");
console.log('Connected to the database.');
app.listen(3000, () => console.log('Example app listening on port 3000!'))
});