-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.js
255 lines (200 loc) · 8.12 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
const express = require('express');
const jwt = require('jsonwebtoken');
const bodyParser = require('body-parser');
const cors = require('cors');
// Create an instance of Express
const app = express();
// port of server
const port = 3000;
// Use body-parser middleware to parse request bodies
app.use(bodyParser.json());
// for access control alow origin
app.use(cors());
// importing database and jwt functions
const { db } = require('./utility/database')
const { authenticateToken, secretKey } = require('./utility/tokenManager')
app.post('/login', (req, res) => {
// Login route - generates and returns a token
// [POST] http://localhost:3000/login
// in body add username and password as JSON
const { username, password } = req.body;
// checks the validity of the user credential
const sql = 'SELECT * FROM users WHERE username = ? AND password = ?';
db.query(sql, [username, password], (err, results) => {
if (err) {
return res.status(500).json({ message: 'Database error.', error: err });
}
if (results.length === 0) {
return res.status(401).json({ message: 'Invalid credentials.' });
}
// generate jwt token
const user = { username: username, role: 'admin' };
const token = jwt.sign(user, secretKey, { expiresIn: '1h' });
res.json({ token: token });
});
});
app.post('/signup', (req, res) => {
// Signup route - registers a new user
// [POST] http://localhost:3000/signup
// in body add username and password as JSON
const { username, password } = req.body;
if (username.length === 0 || password.length === 0) {
return res.status(400).json({ message: 'Invalid username or password' });
}
// Check if the username already exists in the database
const checkUserSql = 'SELECT * FROM users WHERE username = ?';
db.query(checkUserSql, [username], (err, results) => {
if (err) {
return res.status(500).json({ message: 'Database error.', error: err });
}
if (results.length > 0) {
return res.status(400).json({ message: 'Username already exists.' });
}
// SQL query to insert a new user into the database
const insertUserSql = 'INSERT INTO users (username, password) VALUES (?, ?)';
db.query(insertUserSql, [username, password], (err, result) => {
if (err) {
return res.status(500).json({ message: 'Database error.', error: err });
}
const user = { username: username, role: 'admin' };
const token = jwt.sign(user, secretKey, { expiresIn: '1h' });
res.json({ message: "Account Created Successfully", token: token });
});
});
});
// unneccesary api route ~ for checking purposes no token needed ~ public
app.get('/users', (req, res) => {
// SQL query to fetch all usernames from the database table
// [GET] http://localhost:3000/users
// Empty body
const sql = 'SELECT username FROM users';
db.query(sql, (err, results) => {
if (err) {
return res.status(500).json({ message: 'Database error.' });
}
res.json(results);
});
});
app.post('/newList', authenticateToken, (req, res) => {
const { id, name, username } = req.body;
// SQL query to insert a new user into the database
const sql = 'INSERT INTO notes VALUES (?, ?, ?)';
db.query(sql, [id, name, username], (err, result) => {
if (err) {
return res.status(500).json({ message: 'Database error.', msg: err });
}
const successMsg = { message: "added list", listName: name };
res.status(201).json(successMsg);
});
});
app.post('/newListElement', authenticateToken, (req, res) => {
const { id, nid, name, complete } = req.body;
// SQL query to insert a new list title into the database
const sql = 'INSERT INTO tasks VALUES (?, ?, ?, ?)';
db.query(sql, [id, nid, name, complete], (err, result) => {
if (err) {
return res.status(500).json({ message: 'Database error.', msg: err });
}
const successMsg = { message: "added list item", listItemName: name };
res.status(201).json(successMsg);
});
});
app.post('/updateTaskElement', authenticateToken, (req, res) => {
const { id, nid, name, complete } = req.body;
// SQL query to update a task into the database
const sql = 'UPDATE tasks SET name = ?, complete = ? WHERE id = ?';
db.query(sql, [name, complete, id], (err, result) => {
if (err) {
return res.status(500).json({ message: 'Database error.', msg: err });
}
const successMsg = { message: "updated list item" + result, listItemName: name };
res.status(201).json(successMsg);
});
});
app.post('/deleteCompletedFromList', authenticateToken, (req, res) => {
const { nid } = req.body;
// SQL query to delete completed task elements from the database
const sql = 'DELETE FROM tasks WHERE nid = ? AND complete = 1';
db.query(sql, [nid], (err, result) => {
if (err) {
return res.status(500).json({ message: 'Database error.', msg: err });
}
const successMsg = { message: "deleted completed list item" + result, listId: nid };
res.status(201).json(successMsg);
});
});
app.post('/deleteList', authenticateToken, (req, res) => {
const { id } = req.body;
// SQL query to delete a list and its tasks
const sql = 'DELETE FROM tasks WHERE nid = ?;';
const sql2 = 'DELETE FROM notes WHERE id = ?;';
db.query(sql, [id], (err, result) => {
if (err) {
return res.status(500).json({ message: 'Database error.', msg: err });
}
db.query(sql2, [id], (err, result) => {
if (err) {
return res.status(500).json({ message: 'Database error.', msg: err });
}
})
const successMsg = { message: "deleted the list" + result, listId: id };
res.status(201).json(successMsg);
});
});
// unneccesary api route ~ for checking purposes no token needed ~ public
app.get('/users/:id', (req, res) => {
const id = parseInt(req.params.id);
// SQL query to fetch a username with the specified ID
const sql = 'SELECT username FROM users WHERE id = ?';
db.query(sql, [id], (err, results) => {
if (err) {
return res.status(500).json({ message: 'Database error.' });
}
if (results.length === 0) {
return res.status(404).json({ message: 'User not found.' });
}
res.json(results[0]);
});
});
app.get('/lists/:id', authenticateToken, (req, res) => {
const id = req.params.id;
// first select all lists of the user
const sql = 'SELECT * FROM notes WHERE username = ?';
db.query(sql, [id], (err, results) => {
if (err) {
return res.status(500).json({ message: 'Database error.', id: id });
}
var notesArray = JSON.parse(JSON.stringify(results));
// Create an array to hold all the promises
const promiseArray = [];
notesArray.forEach((element) => {
// then get all the task of the specified list
let sql2 = 'SELECT id, name, complete FROM tasks WHERE nid = ?';
// Create a promise for each query
const promise = new Promise((resolve, reject) => {
db.query(sql2, [element.id], (err, results) => {
if (err) {
reject(err);
} else {
const tmp = JSON.parse(JSON.stringify(results));
element.tasks = tmp;
resolve();
}
});
});
promiseArray.push(promise);
});
// Wait for all the promises to resolve
Promise.all(promiseArray)
.then(() => {
res.json(notesArray);
})
.catch((error) => {
return res.status(500).json({ message: 'Database error.', error: error });
});
});
});
// Start the server
app.listen(port, () => {
console.log(`Server started on port ${port}`);
});