Merge pull request #15 from andrewjcho84/projectManagement

Github Oauth and project management

Author: andrewjcho84

.gitignore

@@ -486,4 +486,14 @@ ASALocalRun/
 reactype.dmg
 installers/
 
+# for server key and ssl certificate generation
+server/domains.ext
+server/localhost.crt
+server/localhost.csr
+server/localhost.key
+server/RootCA.crt
+server/rootCA.key
+server/rootCA.pem
+server/RootCA.srl
+
 # End of https://www.gitignore.io/api/node,linux,macos,windows,visualstudio,yarn

main.js

@@ -11,8 +11,7 @@ const {
   shell,
   dialog,
   ipcMain,
-  globalShortcut,
-  session
+  globalShortcut
 } = require('electron');
 
 // Uncomment below for hot reloading during development
@@ -92,8 +91,11 @@ const createWindow = () => {
     width: 1920,
     height: 1080,
     webPreferences: {
-      zoomFactor: 0.7,
-      'node-Integration': false
+      zoomFactor: 0.7
+      // for proper security measures, nodeIntegration should be set to false, but this results in a blank page when serving app
+      // nodeIntegration: false,
+      // preload: 'preload.js',
+      // enableRemoteModule: false
     },
     show: false,
     icon: path.join(__dirname, '/src/public/icons/png/256x256.png'),
@@ -118,9 +120,11 @@ const createWindow = () => {
     text: 'Initializing ...'
   });
 
-  // and load the index.html of the app.
-  // now loading what the server serves, this url will need to change when/if we decide to put reactype on the web
-  mainWindow.loadURL(`http://localhost:8080`);
+  // code below loads app locally
+  // mainWindow.loadURL(`file://${__dirname}/build/index.html`);
+
+  // code below loads app from a server, this url will need to change when/if we decide to put reactype on the web
+  mainWindow.loadURL(`https://localhost:8080`);
   // load page once window is loaded
   mainWindow.once('ready-to-show', () => {
     mainWindow.show();
@@ -311,3 +315,6 @@ app.on('activate', () => {
     createWindow();
   }
 });
+
+// bypass ssl certification validation error
+// app.commandLine.appendSwitch('ignore-certificate-errors', 'true');

package.json

@@ -76,7 +76,7 @@
     "test:clear": "cross-env NODE_ENV=test jest --clearCache",
     "linter": "eslint src",
     "develop": "concurrently \"npm run dev\" \"npm run electron\"",
-    "server": "cross-env NODE_ENV=development nodemon server/server.js"
+    "server": "nodemon server/server.js"
   },
   "bin": {
     "reactype": "./index.js"
@@ -143,6 +143,8 @@
     "localforage": "^1.7.2",
     "lodash.throttle": "^4.1.1",
     "material-table": "^1.57.2",
+    "passport": "^0.4.1",
+    "passport-github2": "^0.1.12",
     "prettier": "^1.19.1",
     "prismjs": "^1.19.0",
     "prop-types": "^15.6.2",
@@ -163,7 +165,8 @@
     "redux-devtools-extension": "^2.13.5",
     "redux-logger": "^3.0.6",
     "redux-thunk": "^2.3.0",
-    "redux-undo": "^1.0.1"
+    "redux-undo": "^1.0.1",
+    "source-map-support": "^0.5.19"
   },
   "devDependencies": {
     "@babel/core": "^7.9.0",

server/controllers/cookieController.js

@@ -3,8 +3,11 @@ const cookieController = {};
 // setSSIDCookie - store the user id from database in cookie
 cookieController.setSSIDCookie = (req, res, next) => {
   // set cookie with key 'ssid' and value to user's id, also set http only
+  console.log('Inside setSSIDCookie');
+
   res.cookie('ssid', res.locals.id, { maxAge: 3600000 });
-  console.log('Successful setSSIDCookie');
+
+  console.log('Successful setSSIDCookie, ssid:', res.locals.id);
   return next();
 };
 

server/controllers/projectController.js

@@ -0,0 +1,58 @@
+const { Projects } = require('../models/reactypeModels');
+const projectController = {};
+
+// saveProject saves current workspace to database
+
+projectController.saveProject = (req, res, next) => {
+  console.log('Inside projectController.saveProject...');
+  // pull project name and project itself from body
+  const { name, project } = req.body;
+  // pull ssid from cookies for user id
+  const userId = req.cookies.ssid;
+  Projects.findOneAndUpdate(
+    // looks in projects collection for project by user and name
+    { name, userId },
+    // update or insert the project
+    { project },
+    // Options: upsert: true - if none found, inserts new project, if found, updates project
+    // new: true - returns updated document not the original one
+    { upsert: true, new: true },
+    (err, result) => {
+      if (err) {
+        return next({
+          log: `Error in projectController.saveProject: ${err}`,
+          message: {
+            err: `Error in projectController.saveProject, check server logs for details`
+          }
+        });
+      } else {
+        res.locals.savedProject = result;
+        console.log('Successful saveProject');
+        return next();
+      }
+    }
+  );
+};
+
+// gets all of current project's projects
+
+projectController.getProjects = (req, res, next) => {
+  console.log('Inside projectController.getProjects...');
+  const userId = req.cookies.ssid;
+  Projects.find({ userId }, (err, projects) => {
+    if (err) {
+      return next({
+        log: `Error in projectController.getProjects: ${err}`,
+        message: {
+          err: `Error in projectController.getProjects, check server logs for details`
+        }
+      });
+    } else {
+      console.log('Successful getProjects');
+      res.locals.projects = projects;
+      return next();
+    }
+  });
+};
+
+module.exports = projectController;

server/controllers/sessionController.js

@@ -1,10 +1,12 @@
-const Session = require('../models/sessionModel');
+const { Sessions } = require('../models/reactypeModels');
 const sessionController = {};
 
 // isLoggedIn finds appropriate session for this request in database, then verifies whether or not the session is still valid
 sessionController.isLoggedIn = (req, res, next) => {
+  console.log('Inside isLoggedIn');
+  console.log('req.cookies is', req.cookies);
   // find session from request session ID in mongodb
-  Session.findOne({ cookieId: req.cookies.ssid }, (err, session) => {
+  Sessions.findOne({ cookieId: req.cookies.ssid }, (err, session) => {
     if (err) {
       return next({
         log: `Error in sessionController.isLoggedIn: ${err}`,
@@ -14,9 +16,11 @@ sessionController.isLoggedIn = (req, res, next) => {
       });
       // no session found, redirect to signup page
     } else if (!session) {
+      console.log('No session found, redirecting to signup page');
       return res.redirect('/signup');
     } else {
       // session found, move onto next middleware
+      console.log('Session found, moving onto next middleware');
       return next();
     }
   });
@@ -26,7 +30,7 @@ sessionController.isLoggedIn = (req, res, next) => {
 sessionController.startSession = (req, res, next) => {
   console.log('Inside startSession');
   // first check if user is logged in already
-  Session.findOne({ cookieId: res.locals.id }, (err, session) => {
+  Sessions.findOne({ cookieId: res.locals.id }, (err, session) => {
     if (err) {
       return next({
         log: `Error in sessionController.startSession find session: ${err}`,
@@ -37,7 +41,7 @@ sessionController.startSession = (req, res, next) => {
       // if session doesn't exist, create a session
       // if valid user logged in/signed up, res.locals.id should be user's id generated from mongodb, which we will set as this session's cookieId
     } else if (!session) {
-      Session.create({ cookieId: res.locals.id }, (err, session) => {
+      Sessions.create({ cookieId: res.locals.id }, (err, session) => {
         if (err) {
           return next({
             log: `Error in sessionController.startSession create session: ${err}`,
@@ -59,4 +63,41 @@ sessionController.startSession = (req, res, next) => {
     }
   });
 };
+
+// creates a session when logging in with github
+sessionController.githubSession = (req, res, next) => {
+  // req.user is passed in from passport js -> serializeuser/deserializeuser
+  console.log('github session req.user is', req.user);
+  const cookieId = req.user._id;
+  Sessions.findOne({ cookieId }, (err, session) => {
+    if (err) {
+      return next({
+        log: `Error in sessionController.githubSession find session: ${err}`,
+        message: {
+          err: `Error in sessionController.githubSession find session, check server logs for details`
+        }
+      });
+    } else if (!session) {
+      Sessions.create({ cookieId }, (err, session) => {
+        if (err) {
+          return next({
+            log: `Error in sessionController.githubSession create session: ${err}`,
+            message: {
+              err: `Error in sessionController.githubSession create session, check server logs for details`
+            }
+          });
+        } else {
+          console.log('Successful start githubSession');
+          res.locals.id = session.cookieId;
+          return next();
+        }
+      });
+    } else {
+      console.log('Github session exists, moving on');
+      res.locals.id = session.cookieId;
+      return next();
+    }
+  });
+};
+
 module.exports = sessionController;

server/controllers/userController.js

@@ -1,6 +1,6 @@
 // middleware functions create a new user and verify users
 
-const Users = require('../models/userModel');
+const { Users } = require('../models/reactypeModels');
 
 const userController = {};
 const bcrypt = require('bcryptjs');
@@ -9,6 +9,7 @@ userController.createUser = (req, res, next) => {
   console.log('Creating user...');
   const { email, username, password } = req.body;
   // error handling if username or password is missing
+  // TODO make this more vague for security purposes
   if (!username) {
     return res.status(400).json('No username input');
   }
@@ -20,7 +21,7 @@ userController.createUser = (req, res, next) => {
   }
 
   // create user using username and password
-  Users.create({ email, username, password, projects: [] }, (err, newUser) => {
+  Users.create({ username, password, email }, (err, newUser) => {
     if (err) {
       return next({
         log: `Error in userController.createUser: ${err}`,
@@ -41,7 +42,7 @@ userController.createUser = (req, res, next) => {
 // the appropriate user in the database, and then authenticate the submitted password against the password stored in the database.
 
 userController.verifyUser = (req, res, next) => {
-  console.log('Verifying user...');
+  console.log('Inside userController.verifyUser...');
   const { username, password } = req.body;
   if (!username) {
     return res.status(400).json('No username input');

server/models/reactypeModels.js

@@ -0,0 +1,68 @@
+const mongoose = require('mongoose');
+require('dotenv').config();
+
+// connect to mongo db
+mongoose
+  .connect(process.env.MONGO_URI, {
+    // options for the connect method to parse the URI
+    useNewUrlParser: true,
+    useUnifiedTopology: true,
+    useCreateIndex: true,
+    // stop deprecation warning for findOneAndUpdate and findOneAndDelete queries
+    useFindAndModify: false,
+    // sets the name of the DB that our collections are part of
+    dbName: 'ReacType'
+  })
+  .then(() => console.log('Connected to Mongo DB.'))
+  .catch(err => console.log(err));
+
+const Schema = mongoose.Schema;
+
+const userSchema = new Schema({
+  username: { type: String, required: true, unique: true },
+  email: { type: String, required: false, unique: true },
+  password: { type: String, required: true }
+});
+
+// salt will go through 10 rounds of hashing
+const SALT_WORK_FACTOR = 10;
+const bcrypt = require('bcryptjs');
+
+// mongoose middleware that will run before the save to collection happens (user gets put into database)
+// cannot use arrow function here as context of 'this' is important
+userSchema.pre('save', function(next) {
+  // within this context, 'this' refers to the document (new user) about to be saved, in our case, it should have properties username, password, and projects array
+  bcrypt.hash(this.password, SALT_WORK_FACTOR, (err, hash) => {
+    if (err) {
+      return next({
+        log: `bcrypt password hashing error: ${err}`,
+        message: {
+          err: `bcrypt hash error: check server logs for details`
+        }
+      });
+    }
+    this.password = hash;
+    return next();
+  });
+});
+
+const sessionSchema = new Schema({
+  cookieId: { type: String, required: true, unique: true },
+  createdAt: { type: Date, expires: 3600, default: Date.now }
+});
+
+const projectSchema = new Schema({
+  name: { type: String, required: true },
+  project: Object,
+  userId: {
+    type: Schema.Types.ObjectId,
+    ref: 'Users'
+  },
+  createdAt: { type: Date, default: Date.now }
+});
+
+const Users = mongoose.model('Users', userSchema);
+const Sessions = mongoose.model('Sessions', sessionSchema);
+const Projects = mongoose.model('Projects', projectSchema);
+
+module.exports = { Users, Sessions, Projects };