colouring-montreal/app/src/api/api.ts

import express from 'express';
import bodyParser from 'body-parser';

import { authUser, createUser, getUserById, getNewUserAPIKey, deleteUser } from './services/user';
import { queryLocation } from './services/search';

import buildingsRouter from './routes/buildingsRouter';


const server = express.Router()

// parse POSTed json body
server.use(bodyParser.json());

server.use('/buildings', buildingsRouter);

// POST new user
server.post('/users', function (req, res) {
    const user = req.body;
    if (req.session.user_id) {
        res.send({ error: 'Already signed in' });
        return
    }

    if (user.email) {
        if (user.email != user.confirm_email) {
            res.send({ error: 'Email did not match confirmation.' });
            return
        }
    } else {
        user.email = null;
    }

    createUser(user).then(function (result) {
        if (result.user_id) {
            req.session.user_id = result.user_id;
            res.send({ user_id: result.user_id });
        } else {
            req.session.user_id = undefined;
            res.send({ error: result.error });
        }
    }).catch(function (err) {
        console.error(err);
        res.send(err)
    });
});

// GET own user info
server.route('/users/me')
    .get(function (req, res) {
        if (!req.session.user_id) {
            res.send({ error: 'Must be logged in' });
            return
        }

        getUserById(req.session.user_id).then(function (user) {
            res.send(user);
        }).catch(function (error) {
            res.send(error);
        });
    })
    .delete((req, res) => {
        if (!req.session.user_id) {
            return res.send({ error: 'Must be logged in' });
        }
        console.log(`Deleting user ${req.session.user_id}`);

        deleteUser(req.session.user_id).then(
            () => logout(req.session)
        ).then(() => {
            res.send({ success: true });
        }).catch(err => {
            res.send({ error: err });
        });
    })

// POST user auth
server.post('/login', function (req, res) {
    authUser(req.body.username, req.body.password).then(function (user: any) { // TODO: remove any
        if (user.user_id) {
            req.session.user_id = user.user_id;
        } else {
            req.session.user_id = undefined;
        }
        res.send(user);
    }).catch(function (error) {
        res.send(error);
    })
});

// POST user logout
server.post('/logout', function (req, res) {
    logout(req.session).then(() => {
        res.send({ success: true });
    }).catch(err => {
        console.error(err);
        res.send({ error: 'Failed to end session'});
    });
});

function logout(session) {
    return new Promise((resolve, reject) => {
        session.user_id = undefined;
        session.destroy(err => {
            if (err) return reject(err);
            return resolve();
        });
    });
}

// POST generate API key
server.post('/api/key', function (req, res) {
    if (!req.session.user_id) {
        res.send({ error: 'Must be logged in' });
        return
    }

    getNewUserAPIKey(req.session.user_id).then(function (apiKey) {
        res.send(apiKey);
    }).catch(function (error) {
        res.send(error);
    });
})

// GET search
server.get('/search', function (req, res) {
    const searchTerm = req.query.q;
    if (!searchTerm) {
        res.send({
            error: 'Please provide a search term'
        })
        return
    }
    queryLocation(searchTerm).then((results) => {
        if (typeof (results) === 'undefined') {
            res.send({
                error: 'Database error'
            })
            return
        }
        res.send({
            results: results.map(item => {
                // map from DB results to GeoJSON Feature objects
                const geom = JSON.parse(item.st_asgeojson)
                return {
                    type: 'Feature',
                    attributes: {
                        label: item.search_str,
                        zoom: item.zoom || 9
                    },
                    geometry: geom
                }
            })
        })
    }).catch(function (error) {
        res.send(error);
    });
})

server.use((req, res) => {
    res.status(404).json({ error: 'Resource not found'});
})

export default server;
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00			`import express from 'express';`
Modify routes, refactor API structure 2019-08-14 09:05:49 -04:00			`import bodyParser from 'body-parser';`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00
Add user delete API endpoint The deleted user username will be changed to 'deleted_' plus the 13 initial characters of the standard format user_id. Email, hashed password and API key are all cleared for the user. The endpoint is currently only available through /api/users/me and only allows a logged-in user to delete their own account. 2019-08-15 11:12:01 -04:00			`import { authUser, createUser, getUserById, getNewUserAPIKey, deleteUser } from './services/user';`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00			`import { queryLocation } from './services/search';`

Modify routes, refactor API structure 2019-08-14 09:05:49 -04:00			`import buildingsRouter from './routes/buildingsRouter';`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00

Switch from express app to router in API Co-Authored-By: Tom Russell <tomalrussell@gmail.com> 2019-08-16 05:57:15 -04:00			`const server = express.Router()`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00
Modify routes, refactor API structure 2019-08-14 09:05:49 -04:00			`// parse POSTed json body`
			`server.use(bodyParser.json());`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00
Modify routes, refactor API structure 2019-08-14 09:05:49 -04:00			`server.use('/buildings', buildingsRouter);`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00
			`// POST new user`
			`server.post('/users', function (req, res) {`
			`const user = req.body;`
			`if (req.session.user_id) {`
			`res.send({ error: 'Already signed in' });`
			`return`
			`}`

			`if (user.email) {`
			`if (user.email != user.confirm_email) {`
			`res.send({ error: 'Email did not match confirmation.' });`
			`return`
			`}`
			`} else {`
			`user.email = null;`
			`}`

			`createUser(user).then(function (result) {`
			`if (result.user_id) {`
			`req.session.user_id = result.user_id;`
			`res.send({ user_id: result.user_id });`
			`} else {`
			`req.session.user_id = undefined;`
			`res.send({ error: result.error });`
			`}`
			`}).catch(function (err) {`
			`console.error(err);`
			`res.send(err)`
			`});`
			`});`

Add user delete API endpoint The deleted user username will be changed to 'deleted_' plus the 13 initial characters of the standard format user_id. Email, hashed password and API key are all cleared for the user. The endpoint is currently only available through /api/users/me and only allows a logged-in user to delete their own account. 2019-08-15 11:12:01 -04:00			`// GET own user info`
			`server.route('/users/me')`
			`.get(function (req, res) {`
			`if (!req.session.user_id) {`
			`res.send({ error: 'Must be logged in' });`
			`return`
			`}`

			`getUserById(req.session.user_id).then(function (user) {`
			`res.send(user);`
			`}).catch(function (error) {`
			`res.send(error);`
			`});`
			`})`
			`.delete((req, res) => {`
			`if (!req.session.user_id) {`
			`return res.send({ error: 'Must be logged in' });`
			`}`
			console.log(`Deleting user ${req.session.user_id}`);

			`deleteUser(req.session.user_id).then(`
			`() => logout(req.session)`
			`).then(() => {`
			`res.send({ success: true });`
			`}).catch(err => {`
			`res.send({ error: err });`
			`});`
			`})`

Move JSON API into its own directory 2019-08-14 05:54:13 -04:00			`// POST user auth`
			`server.post('/login', function (req, res) {`
			`authUser(req.body.username, req.body.password).then(function (user: any) { // TODO: remove any`
			`if (user.user_id) {`
			`req.session.user_id = user.user_id;`
			`} else {`
			`req.session.user_id = undefined;`
			`}`
			`res.send(user);`
			`}).catch(function (error) {`
			`res.send(error);`
			`})`
			`});`

			`// POST user logout`
			`server.post('/logout', function (req, res) {`
Add user delete API endpoint The deleted user username will be changed to 'deleted_' plus the 13 initial characters of the standard format user_id. Email, hashed password and API key are all cleared for the user. The endpoint is currently only available through /api/users/me and only allows a logged-in user to delete their own account. 2019-08-15 11:12:01 -04:00			`logout(req.session).then(() => {`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00			`res.send({ success: true });`
Add user delete API endpoint The deleted user username will be changed to 'deleted_' plus the 13 initial characters of the standard format user_id. Email, hashed password and API key are all cleared for the user. The endpoint is currently only available through /api/users/me and only allows a logged-in user to delete their own account. 2019-08-15 11:12:01 -04:00			`}).catch(err => {`
			`console.error(err);`
			`res.send({ error: 'Failed to end session'});`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00			`});`
			`});`

Add user delete API endpoint The deleted user username will be changed to 'deleted_' plus the 13 initial characters of the standard format user_id. Email, hashed password and API key are all cleared for the user. The endpoint is currently only available through /api/users/me and only allows a logged-in user to delete their own account. 2019-08-15 11:12:01 -04:00			`function logout(session) {`
			`return new Promise((resolve, reject) => {`
			`session.user_id = undefined;`
			`session.destroy(err => {`
			`if (err) return reject(err);`
			`return resolve();`
			`});`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00			`});`
Add user delete API endpoint The deleted user username will be changed to 'deleted_' plus the 13 initial characters of the standard format user_id. Email, hashed password and API key are all cleared for the user. The endpoint is currently only available through /api/users/me and only allows a logged-in user to delete their own account. 2019-08-15 11:12:01 -04:00			`}`
Move JSON API into its own directory 2019-08-14 05:54:13 -04:00
			`// POST generate API key`
			`server.post('/api/key', function (req, res) {`
			`if (!req.session.user_id) {`
			`res.send({ error: 'Must be logged in' });`
			`return`
			`}`

			`getNewUserAPIKey(req.session.user_id).then(function (apiKey) {`
			`res.send(apiKey);`
			`}).catch(function (error) {`
			`res.send(error);`
			`});`
			`})`

			`// GET search`
			`server.get('/search', function (req, res) {`
			`const searchTerm = req.query.q;`
			`if (!searchTerm) {`
			`res.send({`
			`error: 'Please provide a search term'`
			`})`
			`return`
			`}`
			`queryLocation(searchTerm).then((results) => {`
			`if (typeof (results) === 'undefined') {`
			`res.send({`
			`error: 'Database error'`
			`})`
			`return`
			`}`
			`res.send({`
			`results: results.map(item => {`
			`// map from DB results to GeoJSON Feature objects`
			`const geom = JSON.parse(item.st_asgeojson)`
			`return {`
			`type: 'Feature',`
			`attributes: {`
			`label: item.search_str,`
			`zoom: item.zoom \|\| 9`
			`},`
			`geometry: geom`
			`}`
			`})`
			`})`
			`}).catch(function (error) {`
			`res.send(error);`
			`});`
			`})`

Add JSON API 404 handler 2019-08-14 09:13:14 -04:00			`server.use((req, res) => {`
			`res.status(404).json({ error: 'Resource not found'});`
			`})`

Switch from express app to router in API Co-Authored-By: Tom Russell <tomalrussell@gmail.com> 2019-08-16 05:57:15 -04:00			`export default server;`