IntersogLABs · bodqhrohro · Aug 20, 2015 · Aug 20, 2015 · Aug 22, 2015 · Aug 22, 2015
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 node_modules
-.idea
+.idea
+.*.sw*
diff --git a/app.js b/app.js
@@ -1,17 +1,21 @@
 var express = require('express');
 var bodyParser = require('body-parser');
 GLOBAL._ = require('underscore');
-var fs= require('fs')
 var app = express();
+var router = express.Router();
 var MongoClient = require('mongodb').MongoClient
 var url = 'mongodb://localhost:27017/socialNetwork';
 MongoClient.connect(url, function(err, db) {
-    console.log("Connected correctly to server");
+    console.log(err ? err : "Connected correctly to server");
     GLOBAL.DB  =  db;
-    app.listen(80)
+    app.listen(100)
 });
 
-app.use(function(req, res, next) {
+app.use(express.static('public'))
+
+var auth = require('./auth')
+
+router.use(function(req, res, next) {
     res.header('Access-Control-Allow-Origin', '*');
     res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
     res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization, Content-Length, X-Requested-With');
@@ -24,10 +28,10 @@ app.use(function(req, res, next) {
       next();
     }
 });
-app.use(bodyParser.json())
-app.use(function (req, res, next) {
+router.use(bodyParser.json())
+router.use(function (req, res, next) {
     console.log(req.originalUrl)
-    if(req.originalUrl =='/register'){
+    if(req.originalUrl =='/api/register'){
         next(null);
         return;
     }
@@ -37,7 +41,7 @@ app.use(function (req, res, next) {
     }
     var parts = req.headers['authorization'].split(":")
     var nick = parts[0];
-    var pwd = parts[1];
+    var pwd = auth.encodePassword(parts[1]);
     DB.collection('users').find({nick:nick,pwd:pwd}).toArray(function(err,data){
 
         if (data.length>0) {
@@ -51,5 +55,7 @@ app.use(function (req, res, next) {
 
 
 })
-require('./controllers/user')(app)
-require('./controllers/post')(app)
+require('./controllers/user')(router)
+require('./controllers/post')(router)
+require('./controllers/following')(router)
+app.use('/api',router);
diff --git a/auth.js b/auth.js
@@ -0,0 +1,12 @@
+var crypto = require('crypto')
+module.exports = {
+    encodePassword: function(password) {
+        return crypto.createHash('md5').update(
+            crypto.createHash('sha1').update(
+                crypto.createHash('md5').update(
+                    password
+                ).digest('hex')
+            ).digest('hex')
+        ).digest('hex')
+    }
+}
diff --git a/controllers/following.js b/controllers/following.js
@@ -0,0 +1,56 @@
+var ObjectId = require('mongodb').ObjectID
+var async = require('async')
+module.exports=function(app){
+    app.get('/user/:id/following',function(req,res){
+        var UsersCollection = DB.collection('users')
+        DB.collection('follow')
+            .find({"fanId._id": new ObjectId(req.params.id)})
+            .toArray(function (err, conns) {
+                async.mapLimit(conns, 5, function (conn, next) {
+                    UsersCollection.findOne({_id: new ObjectId(conn.idolId._id)},
+                        function (err, data) {
+                            conn.idol = data;
+                            next(null,conn);
+                        })
+                }, function (err,data) {
+                    res.send(data);
+                })
+            })
+    })
+
+    app.get('/user/:id/folowers',function(req,res){
+        var UsersCollection = DB.collection('users')
+        DB.collection('follow')
+            .find({"idolId._id": new ObjectId(req.params.id)})
+            .toArray(function (err, conns) {
+                async.mapLimit(conns, 5, function (conn, next) {
+                    UsersCollection.findOne({_id: new ObjectId(conn.fanId._id)},
+                        function (err, data) {
+                            conn.fan = data;
+                            next(null,conn);
+                        })
+                }, function (err,data) {
+                    res.send(data);
+                })
+            })
+    })
+
+    app.post('/user/:id/follow',function(req,res){
+        var conn = {
+            fanId:{$ref:"users",_id:req.currentUser._id},
+            idolId:{$ref:"users",_id:new ObjectId(req.params.id)}
+        };
+        DB.collection('follow').insert(conn,function(err,data){
+            res.send(data);
+        })
+    })
+
+    app.delete('/user/:id/follow',function(req,res){
+        DB.collection('follow').deleteOne({
+            'fanId._id':req.currentUser._id,
+            'idolId._id':new ObjectId(req.params.id)
+        }, function (err,result){
+            res.send(result);
+        })
+    })
+}
diff --git a/controllers/post.js b/controllers/post.js
@@ -6,16 +6,84 @@ module.exports=function(app){
             res.status(400).send({message:'content required'})
             return;
         }
-        var post = {
-            content:req.body.content,
-            authorId:{$ref:"users",_id:req.currentUser._id},
-            ownerId:{$ref:"users",_id:req.params.id}
-        };
-        DB.collection('posts').insert(post,function(err,data){
-            res.send(data);
-        })
 
+        DB.collection('users').findOne({_id: new ObjectId(req.params.id)},
+            function (err, user) {
+                if (!user) {
+                    res.status(404).send({message: "not found"})
+                    return;
+                }
+                var post = {
+                    content:req.body.content,
+                    authorId:{$ref:"users",_id:req.currentUser._id},
+                    ownerId:{$ref:"users",_id:new ObjectId(req.params.id)}
+                };
+                DB.collection('posts').insert(post,function(err,data){
+                    res.send(data);
+                })
+            })
 
     })
 
-}
+    app.get('/post',function(req,res){
+        DB.collection('posts').find({}).toArray(function (err, data) {
+		res.send(data);
+	})
+    })
+
+    app.get('/posts/:id', function (req, res) {
+        DB.collection('posts').findOne({_id: new ObjectId(req.params.id)},
+            function (err, post) {
+                if (!post) {
+                    res.status(404).send({message: "not found"})
+                    return;
+                }
+                res.send(post);
+            })
+    })
+
+    app.put('/posts/:id', function (req, res) {
+        var PostsCollection = DB.collection('posts');
+        if(!req.body.content){
+            res.status(400).send({message:'content required'})
+            return;
+        }
+
+        PostsCollection.findOne({_id: new ObjectId(req.params.id)},
+            function (err, post) {
+                if (!post) {
+                    res.status(404).send({message: "not found"})
+                    return;
+                } else if (!post.authorId._id.equals(req.currentUser._id)) {
+		    res.status(403).send({message: "not allowed"})
+		    return;
+		}
+
+		PostsCollection.updateOne({_id: post._id},
+		    {$set: {content: req.body.content}},
+		    function(err, result) {
+			res.send(result);
+		    })
+	    })
+    })
+
+    app.delete('/posts/:id', function (req, res) {
+        var PostsCollection = DB.collection('posts');
+        PostsCollection.findOne({_id: new ObjectId(req.params.id)},
+            function (err, post) {
+		var _id = req.currentUser._id;
+                if (!post) {
+                    res.status(404).send({message: "not found"})
+                    return;
+                } else if (!post.authorId._id.equals(_id) && !post.ownerId._id.equals(_id)) {
+		    res.status(403).send({message: "not allowed"})
+		    return;
+                }
+
+		PostsCollection.deleteOne({'_id': post._id},
+		    function(err, result) {
+			res.send(result);
+		    })
+            })
+    })
+}
diff --git a/controllers/user.js b/controllers/user.js
@@ -1,8 +1,12 @@
 var ObjectId = require('mongodb').ObjectID
 var async = require('async')
+var auth = require('../auth')
 module.exports = function (app) {
     app.get('/me', function (req, res) {
-        res.send(req.currentUser);
+	var me = _.clone(req.currentUser);
+
+	delete me.pwd;
+	res.send(me);
     })
     app.get('/user', function (req, res) {
         DB.collection('users').find({}).toArray(function (err, data) {
@@ -30,7 +34,7 @@ module.exports = function (app) {
     app.get('/user/:id/wall', function (req, res) {
         var UsersCollection = DB.collection('users')
         DB.collection('posts')
-            .find({"ownerId._id": req.params.id})
+            .find({"ownerId._id": new ObjectId(req.params.id)})
             .toArray(function (err, posts) {
                 async.mapLimit(posts, 5, function (post, next) {
                     UsersCollection.findOne({_id: new ObjectId(post.authorId._id)},
@@ -54,7 +58,7 @@ module.exports = function (app) {
 
 
     app.post('/register', function (req, res) {
-        //проверить свободен ли ник и имейл
+        var UsersCollection = DB.collection('users')
         if (!req.body.email) {
             res.status(400).send({message: "Email is required"})
             return;
@@ -65,16 +69,85 @@ module.exports = function (app) {
             res.status(400).send({message: "Passwords do not match"})
             return;
         }
-        var user = {
-            email: req.body.email,
-            nick: req.body.nick,
-            pwd: req.body.pwd
-        };
-
-        DB.collection('users').insert(user, function (err, data) {
-            delete user.pwd;
-            res.send(user)
-        })
+
+        UsersCollection
+            .find({"email": req.body.email})
+            .hasNext(function(err, data){
+                if (!data) {
+                    UsersCollection
+                        .find({"nick": req.body.nick})
+                        .hasNext(function(err, data){
+                            if (!data) {
+                                var user = {
+                                    email: req.body.email,
+                                    nick: req.body.nick,
+                                    pwd: auth.encodePassword(req.body.pwd)
+                                };
+
+                                UsersCollection.insert(user, function (err, data) {
+                                    delete user.pwd;
+                                    res.send(user)
+                                })
+                            } else {
+	                        res.status(400).send({message: "Nick is already registered"})
+                            }
+                        })
+                } else {
+	                res.status(400).send({message: "Email is already registered"})
+                }
+            })
+    })
+
+    app.put('/me', function (req, res) {
+        var UsersCollection = DB.collection('users')
+        var userInfo = {}
+        if (req.body.email) {userInfo.email = req.body.email}
+        if (req.body.nick) {userInfo.nick = req.body.nick}
+        if (req.body.pwd) {userInfo.pwd = auth.encodePassword(req.body.pwd)}
+
+        var checkEmail = function() {
+            UsersCollection
+                .find({"email": req.body.email})
+                .hasNext(function(err, data){
+                    if (!data) {
+                        if (userInfo.nick) {
+                            checkNick()
+                        } else {
+                            updateUser()
+                        }
+                    } else {
+	                    res.status(400).send({message: "Email is already registered"})
+                    }
+                })
+        }
+
+        var checkNick = function() {
+            UsersCollection
+                .find({"nick": req.body.nick})
+                .hasNext(function(err, data){
+                    if (!data) {
+                        updateUser()
+                    } else {
+	                    res.status(400).send({message: "Nick is already registered"})
+                    }
+                })
+        }
+
+        var updateUser = function() {
+		    UsersCollection.updateOne({_id: req.currentUser._id},
+	            {$set: userInfo},
+	            function(err, result) {
+		            res.send(result)
+	            })
+        }
+
+        if (userInfo.email) {
+            checkEmail()
+        } else if (userInfo.nick) {
+            checkNick()
+        } else {
+            updateUser()
+        }
 
     })
-}
+}
diff --git a/package.json b/package.json
@@ -5,7 +5,7 @@
     "async": "^1.4.2",
     "body-parser": "^1.13.3",
     "express": "^4.13.3",
-    "mongodb": "^2.0.41",
+    "mongodb": "^2.0.42",
     "underscore": "^1.8.3"
   }
 }
diff --git a/public/.gitignore b/public/.gitignore
@@ -0,0 +1 @@
+bower_components
diff --git a/public/README.md b/public/README.md
@@ -0,0 +1,3 @@
+# SocialChaplin
+Social network using Chaplin.js
+Don't forget to make `bower install` firstly
diff --git a/public/bower.json b/public/bower.json
@@ -0,0 +1,20 @@
+{
+  "name": "chaplin-boilerplate",
+  "version": "0.1.0",
+  "main": "index.js",
+  "ignore": [
+    "**/.*",
+    "node_modules",
+    "bower_components",
+    "test",
+    "tests"
+  ],
+  "dependencies": {
+    "chaplin": "~1.0.0",
+    "handlebars": "~1.0.0",
+    "jquery": "~2.0.3",
+    "lodash": "~2.4.1",
+    "requirejs": "~2.1.9",
+    "requirejs-text": "~2.0.9"
+  }
+}