const express = require("express"); const DBUtils = require('../../Utils/DBUtil') const AuthUtil = require('../../Utils/AuthUtil') const bodyParser = require('body-parser'); const FrameLinker = require('../../FrameLinker/FrameLinker') const uuidv4 = require('uuid/v4'); // Logger const Logger = require('../../Utils/Logger'); const TAG = '[AccountRouter]' const router = express.Router(); router.use(bodyParser.raw({ uploadDir: '/tmp/uploads', keepExtensions: true, limit: '5mb', type: 'image/*' })) router.use((req, res, next) => { const token = req.get('token'); Logger.debug(TAG, 'Auth middleware check'); AuthUtil.getAccountByToken(token) .then(account => { req.account = account Logger.debug(TAG, 'Auth middleware check - Success'); next() }) .catch((reason) => { Logger.debug(TAG, 'Auth middleware check - Fail'); res.status(401).json({ message: reason }); }) }); router.get('/:frameId', (req, res) => { // by Frame Id Logger.debug(TAG, 'GET: /:frameId'); const token = req.get('token'); const frameId = req.params.frameId; const account = req.account; if (account.frames.indexOf(frameId) >= 0) { DBUtils.Models.Frame.findOne({ _id: frameId }, (err, doc) => { if (err) { res.status(400).json({ message: err.message }); return; } else if (!doc) { res.status(400).json({ message: 'Unable to find a Frame with id: ' + frameId }); return; } const frame = doc.toObject(); delete frame.viewerKeys /// lets get all images ids... DBUtils.Models.Photo.find({ frame_id: frameId }) .populate('user') .exec((err, docs) => { if (err) { res.status(400).json({ message: err.message }); return; } frame.photos = docs.map((p) => { return { photo_id: p._id, user: p.user, timestamp: p.timestamp }; }) res.json(frame); }) }); } else { res.status(403).json({ message: 'Account has no access to frame with id of: ' + frameId }); } }) router.post('/create', (req, res) => { Logger.debug(TAG, 'GET: /create'); const token = req.get('token'); const body = req.body; if (!body.name) { res.status(400).json({ message: 'Must provide a name for your new frame' }); return; } const account = req.account; // If account valid - create new frame const frame = new DBUtils.Models.Frame({ name: body.name, admin: account._id, members: [account._id] }); // save frame frame.save((err, doc) => { if (err) { res.status(400).json({ message: err.message }); return; } // frame created - now add its id to the account object account.frames.push(doc._id); account.save((err) => { if (err) throw err; res.status(201).json(frame); }) }) }); router.post('/:frameId/upload/photo', (req, res) => { Logger.debug(TAG, 'POST: /:frameId/upload/photo'); const token = req.get('token'); const account = req.account; const frameId = req.params.frameId; if (account.frames.indexOf(frameId) >= 0) { // User can upload image to the frame AuthUtil.getUserByAccountId(account._id) .then((user) => { // Upload Photo... const photo = new DBUtils.Models.Photo({ frame_id: frameId, photo: req.body, timestamp: Date.now(), contentType: req.get('Content-Type'), user: user._id }); // Save photo photo.save((err) => { if (err) { res.status(400).json({ message: err.message }); return; } res.status(201).json(photo) }); }) .catch(reason => { res.status(500).json({ message: 'Unexpected error: ' + reason }); }) } else { res.status(403).json({ message: 'Account has no access to frame with id of: ' + frameId }); } }); router.post('/:frameId/link', (req, res) => { Logger.debug(TAG, 'POST: /:frameId/link'); const token = req.get('token'); const frameId = req.params.frameId; const account = req.account; const frameViewerKey = req.body.key; if(FrameLinker.isKeyValid(frameViewerKey)){ if(account.frames.indexOf(frameId) == -1){ res.status(403).json({ message: 'Account has no access to this frame' }); return; } // lets create an access token; const accessToken = uuidv4(); DBUtils.Models.Frame.findOne({_id: frameId}, (err, frame)=>{ if (err) { res.status(400).json({ message: err.message }); return; } frame.viewerKeys.push(accessToken); FrameLinker.linkFrame(frameId, accessToken ,frameViewerKey) .then(()=>{ frame.save((err)=>{ if(err){ res.status(400).json({ message: 'Something went wrong...' }); return; } res.status(201).json({message: 'Success'}); }) }) .catch((reason)=>{ res.status(400).json({message:reason}); }) }) }else{ res.status(404).json({ message: 'Unable to find a frame viewer with key: ' + frameViewerKey }); } }); router.get('/:frameId/download/photo/:photoId', (req, res) => { Logger.debug(TAG, 'GET: /:frameId/download/photo/:photoId'); const token = req.get('token'); const photoId = req.params.photoId; const frameId = req.params.frameId; const account = req.account; if (account.frames.indexOf(frameId) >= 0) { DBUtils.Models.Photo.findOne({ _id: photoId }, (err, doc) => { if (err) { res.status(400).json({ message: err.message }); return; } if (doc) res.contentType(doc.contentType).send(doc.photo); else res.status(400).json({ message: 'Photo not found' }); }); } else { res.status(403).json({ message: 'Account has no access to frame with id of: ' + photoId }); } }) module.exports = router;