Merge branch 'master' of https://github.com/spacedeck/spacedeck-open

routes/api/sessions.js

@@ -25,7 +25,10 @@ router.post('/', function(req, res) {
       res.sendStatus(404);
     })
     .then(user => {
-      if (bcrypt.compareSync(password, user.password_hash)) {
+      if (!user) {
+        res.sendStatus(404);
+      }
+      else if (bcrypt.compareSync(password, user.password_hash)) {
         crypto.randomBytes(48, function(ex, buf) {
           var token = buf.toString('hex');
 

routes/api/space_artifacts.js

@@ -53,15 +53,8 @@ router.get('/', (req, res) => {
     space_id: req.space._id
   }}).then(artifacts => {
     async.map(artifacts, (a, cb) => {
-      //a = a.toObject(); TODO
+      db.unpackArtifact(a);
 
-      if (a.control_points) {
-        a.control_points = JSON.parse(a.control_points);
-      }
-      if (a.payload_alternatives) {
-        a.payload_alternatives = JSON.parse(a.payload_alternatives);
-      }
-      
       if (a.user_id) {
         // FIXME JOIN
         /*User.findOne({where: {
@@ -131,7 +124,8 @@ router.post('/:artifact_id/payload', function(req, res, next) {
     var stream = req.pipe(writeStream);
 
     var progress_callback = function(progress_msg) {
-      a.description = progress_msg;
+      a.description = progress_msg.toString();
+      db.packArtifact(a);
       a.save();
       redis.sendMessage("update", a, JSON.stringify(a), req.channelId);
     };

routes/api/users.js

@@ -3,6 +3,7 @@
 var config = require('config');
 const db = require('../../models/db');
 const uuidv4 = require('uuid/v4');
+const os = require('os');
 
 var mailer = require('../../helpers/mailer');
 var uploader = require('../../helpers/uploader');
@@ -222,8 +223,8 @@ router.post('/:user_id/avatar', (req, res, next) => {
   const user = req.user;
   const filename = "u"+req.user._id+"_"+(new Date().getTime())+".jpeg"
 
-  const localFilePath = "/tmp/"+filename;
-  const localResizedFilePath = "/tmp/resized_"+filename;
+  const localFilePath = os.tmpdir()+"/"+filename;
+  const localResizedFilePath = os.tmpdir()+"/resized_"+filename;
   const writeStream = fs.createWriteStream(localFilePath);
   const stream = req.pipe(writeStream);
 

routes/root.js

@@ -1,7 +1,6 @@
 "use strict";
 
 const config = require('config');
-require('../models/db');
 
 const redis = require('../helpers/redis');
 const express = require('express');
@@ -10,6 +9,11 @@ const router = express.Router();
 const mailer = require('../helpers/mailer');
 const _ = require('underscore');
 
+const db = require('../models/db');
+const Sequelize = require('sequelize');
+const Op = Sequelize.Op;
+const uuidv4 = require('uuid/v4');
+
 router.get('/', (req, res) => {
   res.render('index', { title: 'Spaces' });
 });
@@ -120,79 +124,30 @@ router.get('/t/:id', (req, res) => {
 });
 
 router.get('/s/:token', (req, res) => {
-  redis.rateLimit(req.real_ip, "token", function(ok) {
-    if (ok) {
-      var token = req.params.token; 
-      if (token.split("-").length > 0) {
-        token = token.split("-")[0];
-      }
+  var token = req.params.token; 
+  if (token.split("-").length > 0) {
+    token = token.split("-")[0];
+  }
 
-      Space.findOne({"edit_hash": token}).exec(function (err, space) {
-        if (err) {
-          res.status(404).render('not_found', { title: 'Page Not Found.' });
-        } else {
-          if (space) {
-            if(req.accepts('text/html')){
-              res.redirect("/spaces/"+space._id + "?spaceAuth=" + token);
-            }else{
-              res.status(200).json(space);
-            }
-          } else {
-            if(req.accepts('text/html')){
-              res.status(404).render('not_found', { title: 'Page Not Found.' });
-            } else {
-              res.status(404).json({});
-            }
-          }
-        }
-      });
+  db.Space.findOne({where: {"edit_hash": token}}).then(function (space) {
+    if (space) {
+      if (req.accepts('text/html')){
+	res.redirect("/spaces/"+space._id + "?spaceAuth=" + token);
+      } else {
+	res.status(200).json(space);
+      }
     } else {
-      res.status(429).json({"error": "Too Many Requests"});
+      if (req.accepts('text/html')) {
+	res.status(404).render('not_found', { title: 'Page Not Found.' });
+      } else {
+	res.status(404).json({});
+      }
     }
   });
 });
 
 router.get('/spaces/:id', (req, res) => {
-  if (req.headers['user-agent']) {
-    if (req.headers['user-agent'].match(/facebook/)) {
-      Space.findOne({"_id": req.params.id }).exec(function (err, space) {
-        if (err) {
-          res.status(400).json(err);
-        } else {
-          if (space) {
-            if (space.access_mode == "public") {
-              Artifact.find({"space_id": req.params.id }).populate("creator").exec(function(err, artifacts) {
-                space.artifacts = artifacts;
-                res.render('facebook', { space: space });
-              });
-            } else {
-              res.redirect("/?error=space_not_accessible");
-            }
-          } else {
-            res.render('not_found', { title: 'Spaces' });
-          }
-        }
-      });
-    } else {
-      // not facebook, render javascript
-      res.render('spacedeck', { title: 'Space' });
-    }
-  } else res.render('spacedeck', { title: 'Space' });
-});
-
-router.get('/qrcode/:id', function(req, res) {
-  Space.findOne({"_id": req.params.id}).exec(function(err, space) {
-    if (space) {
-      const url = config.get("endpoint") + "/s/"+space.edit_hash;
-      const code = qr.image(url, { type: 'svg' });
-      res.type('svg');
-      code.pipe(res);
-    } else {
-      res.status(404).json({
-        "error": "not_found"
-      });
-    }
-  });
+  res.render('spacedeck', { title: 'Space' });
 });
 
 module.exports = router;