starwars-nodejs/app.js at master · wapegomes/starwars-nodejs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');

var routes = require('./routes/index');
var users = require('./routes/users');
var droids = require('./routes/droids');
var films = require('./routes/films');
var locations = require('./routes/locations');
var devices = require('./routes/devices');

var jwt = require('jwt-simple');
var secret = "m'RN}GSFS%Hg7S2o1D;6Y|1@:DnPwRkrN^m{Nc1l]9yFeQ4<}3tU[st21M(AU";

var app = express();

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');

// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json({limit: '50mb'}));
app.use(bodyParser.urlencoded({limit: '50mb', extended: true}));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));

app.use('/', routes);
app.use('/users', users);
app.use('/droids', droids);
app.use('/films', films);
app.use('/locations', locations);
app.use('/devices', devices);

// catch 404 and forward to error handler
app.use(function(req, res, next) {
  var err = new Error('Not Found');
  err.status = 404;
  next(err);
});

// error handlers

// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
  app.use(function(err, req, res, next) {
    res.status(err.status || 500);
    res.render('error', {
      message: err.message,
      error: err
    });
  });
}

// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
  res.status(err.status || 500);
  res.render('error', {
    message: err.message,
    error: {}
  });
});

function isLoggedIn(req, res, next) {

  var token = (req.body && req.body.access_token) || (req.query && req.query.access_token) || req.headers['x-access-token'];

  if(token) {
    try {
      var decoded = jwt.decode(token, secret);

      if(decoded.exp <= Date.now()) {
        return res.status(401).send({message:"Acesso expirado!"});
      }

      req.user = decoded.iss;
      return next();

    }catch(err) {
      return res.status(401).send({message:"Token invalido!"});
    }

  }
  else {
    return res.status(401).send({message:"Token invalido!"});
  }
}


module.exports = app;