(if enabled)
124 | if (show_value) {
125 | this.val = absolute(id + "_value",
126 | 0,
127 | 0,
128 | this.value_width,
129 | this.height,
130 | 13,
131 | -this.value_width); // align to right side
132 | this.val.style.background = "black";
133 | this.val.style.border = "0";
134 | this.val.style.color = "#888";
135 | this.val.style.fontFamily = "Arial";
136 | this.val.style.fontSize = "12px";
137 | this.val.style.paddingLeft = "10px";
138 | this.val.style.paddingTop = "2px";
139 | this.val.innerHTML = "0";
140 | this.val.value = this.now;
141 | }
142 |
143 | if (this.val) {
144 | // //console.log("Nest value inside Slider container")
145 | this.div.appendChild( this.val );
146 | }
147 |
148 | // Nest the knob inside the container
149 | this.div.appendChild( this.knob );
150 |
151 | // console.log("this.div = ", this.div);
152 |
153 | // Add the slider to target in the DOM
154 | this.container.appendChild( this.div );
155 |
156 | // Add mouse drag events
157 | this.events();
158 | }
159 |
160 | events() {
161 |
162 | ////console.log("Slider().events() for id = " + this.id);
163 |
164 | // knob
165 | this.knob.addEventListener("mousedown", e => {
166 | if (this.isDragging == false)
167 | {
168 | this.isDragging = true;
169 | this.memory.x = parseInt(this.knob.style.left);
170 | this.memory.y = parseInt(this.knob.style.top);
171 | // //console.log(this.memory);
172 | }
173 | // e.stopPropagation();
174 | e.preventDefault();
175 | });
176 | this.knob.addEventListener("mouseup", e => {
177 | this.isDragging = false;
178 | });
179 |
180 | // main events
181 | document.body.addEventListener("mousemove", e => {
182 |
183 | if (this.isDragging == true) {
184 |
185 | // Current value of this slider
186 | let val, bound;
187 |
188 | // Horizontal
189 | if (this.direction == HORIZONTAL) {
190 | val = this.memory.x + this.mouse.difference.x;
191 | bound = this.width - this.scrubber.width;
192 | if (val < 0) val = 0;
193 | if (val > bound) val = bound;
194 | this.knob.style.left = val + "px";
195 |
196 | // Must be vertical
197 | } else {
198 | val = this.memory.y + this.mouse.difference.y;
199 | bound = this.height - this.scrubber.height;
200 | if (val < 0) val = 0;
201 | if (val > bound) val = bound;
202 | this.knob.style.top = val + "px";
203 | }
204 |
205 | // Keep lime color if mouse is outside of the knob but still dragging
206 | this.knob.style.background = "lime";
207 |
208 | // Update new slider value in slider value display
209 | // if (this.val) this.val.innerHTML = val;
210 |
211 | // Do something with target:
212 | // ...
213 | }
214 | });
215 | document.body.addEventListener("mouseup", e => {
216 | this.isDragging = false;
217 | this.knob.style.background = this.scrubber.color;
218 | });
219 | }
220 | }
--------------------------------------------------------------------------------
/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
Primary
4 |
5 |
6 |
199 |
205 |
206 |
207 |
208 |
313 |
314 |
315 |
316 |
317 |
--------------------------------------------------------------------------------
/module/api/api.js:
--------------------------------------------------------------------------------
1 | const ip = require('ip');
2 | const mysql = require('mysql');
3 | const db_config = require('./../config/db_config.json');
4 | // Standard MD5 hashing algorithm
5 | const md5 = require('./../md5/md5.js');
6 | // Standard FIPS 202 SHA-3 implementation
7 | const { SHA3 } = require('sha3');
8 | // The Keccak hash function is also available
9 | const { Keccak } = require('sha3');
10 |
11 | // Generate timestamp: if full argument is false/undefined,
12 | // timestamp is divided by 1000 to generate linux-length timestamp
13 | function timestamp(full) {
14 | let date = new Date();
15 | let timestamp = date.getTime();
16 | return full ? Math.floor(timestamp) : Math.floor(timestamp / 1000);
17 | }
18 |
19 | // Generate string "1s", "2h", etc between now and "time" argument
20 | function elapsed(time) {
21 | const $SECONDS = Math.abs(timestamp() - time);
22 | const $iv_table = ["s", "min", "h", "d", "mo", "y", "s", "min", "h", "d", "mo", "y"];
23 | const $iv = [$SECONDS,
24 | ($SECONDS - ($SECONDS % 60)) / 60,
25 | ($SECONDS - ($SECONDS % 3600)) / 3600,
26 | ($SECONDS - ($SECONDS % (3600 * 24))) / (3600 * 24),
27 | ($SECONDS - ($SECONDS % (3600 * 24 * 30))) / (3600 * 24 * 30),
28 | ($SECONDS - ($SECONDS % (3600 * 24 * 30 * 12))) / (3600 * 24 * 30 * 12)];
29 | for (let $i = 5; $i >= 0; $i--) {
30 | $r = $iv[$i];
31 | if ($r > 0) {
32 | if (($r > 1 || $r == 0))
33 | $i += 6;
34 | return $r + "" + $iv_table[$i];
35 | }
36 | }
37 | }
38 |
39 | // Check if property with value exists on an object
40 | Object.prototype.exists = function (property_name, value) {
41 | for (let i = 0; i < this.length; i++) {
42 | let o = this[i];
43 | if (o[property_name] != undefined)
44 | if (o[property_name] == value)
45 | return true;
46 | }
47 | return false;
48 | }
49 |
50 | // Check if value exists in array
51 | Array.prototype.exists = function (value) {
52 |
53 | for (let i = 0; i < this.length; i++)
54 | if (this[i] == value)
55 | return true;
56 | return false;
57 |
58 | }
59 |
60 | class database {
61 | constructor() { }
62 | static create() {
63 | let message = "Creating MySQL connection...";
64 | this.connection = mysql.createConnection(db_config);
65 | this.connection.connect();
66 | console.log(message + "Ok.");
67 | }
68 | }
69 |
70 | // Requires payload.email_address =
71 | function action_register_user(request, payload) {
72 | return new Promise((resolve, reject) => {
73 | if (!request || !request.headers || !payload)
74 | reject("Error: Wrong request, missing request headers, or missing payload");
75 | let q = `SELECT email_address FROM user WHERE email_address = '${payload.email_address}' LIMIT 1`;
76 | database.connection.query(q,
77 | (error, results) => { // Check if user already exists in database
78 | if (error)
79 | throw (error);
80 | let result = results[0];
81 | if (results && results.length != 0 && result.email_address == payload.email_address)
82 | resolve(`{"success": false, "message": "user already exists"}`);
83 | else {
84 | let avatar = JSON.stringify({ "head": 1, "eyes": 1 });
85 | // Encrypt payload.password with md5 algorithm
86 | let password_md5 = md5(payload.password);
87 | let fields = "( `username`, `email_address`, `password_md5`, `first_name`, `last_name`, `avatar` )";
88 | let values = `VALUES( '${payload.username}', '${payload.email_address}', '${password_md5}', 'first', 'last', '${avatar}')`;
89 | database.connection.query("INSERT INTO user " + fields + " " + values,
90 | (error, results) => { // Create new user in database
91 | if (error)
92 | throw (error);
93 | resolve(`{"success": true, "message": "user registered"}`);
94 | });
95 | }
96 | });
97 | }).catch((error) => { console.log(error) });
98 | }
99 |
100 | // Requires payload.id =
101 | function action_get_user(request, payload) {
102 | return new Promise((resolve, reject) => {
103 | if (!request || !request.headers || !payload)
104 | reject("Error: Wrong request, missing request headers, or missing payload");
105 | database.connection.query("SELECT * FROM user WHERE id = '" + payload.id + "' LIMIT 1",
106 | (error, results) => { // Check if user already exists in database
107 | if (error) throw (error);
108 | let result = results[0];
109 | if (results && results.length != 0 && result.id == payload.id) {
110 | result.found = true;
111 | resolve(`{"found": true, "user": ${JSON.stringify(result)}, "message": "user found"}`);
112 | } else
113 | resolve(`{"found": false, "user": null, "message": "user with this id doesn't exist"}`);
114 | });
115 | }).catch(error => console.log(error));
116 | }
117 |
118 | function action_get_user_promiseless(request, payload) {
119 | return new Promise((resolve, reject) => {
120 | if (!request || !request.headers || !payload)
121 | reject("Error: Wrong request, missing request headers, or missing payload");
122 | database.connection.query("SELECT * FROM user WHERE id = '" + payload.id + "' LIMIT 1",
123 | (error, results) => { // Check if user already exists in database
124 | if (error) throw (error);
125 | let result = results[0];
126 | if (results && results.length != 0 && result.id == payload.id) {
127 | resolve(`{"found": true, "user": ${JSON.stringify(result)}, "message": "user found"}`);
128 | } else
129 | resolve(`{"found": false, "user": null, "message": "user with this id doesn't exist"}`);
130 | });
131 | }).catch(error => console.log(error));
132 | }
133 |
134 | function action_delete_user(request, payload) {
135 | return new Promise((resolve, reject) => {
136 | // Header or payload are missing
137 | if (!request || !request.headers || !payload)
138 | reject("Error: Wrong request, missing request headers, or missing payload");
139 | // Payload must specify user id
140 | if (!payload.id)
141 | reject("User id not specified!");
142 | let query = "DELETE from `user` WHERE `id` = " + payload.id;
143 | database.connection.query(query, (error, results) => {
144 | if (error)
145 | throw (error);
146 | let result = results[0];
147 | console.log("results[0] = ", results[0]);
148 | console.log("result = ", result);
149 | resolve(`{"success": true, "message": "user updated!"}`);
150 | });
151 | }).catch(error => console.log(error));
152 | }
153 |
154 | function action_update_user(request, payload) {
155 | return new Promise((resolve, reject) => {
156 | // Header or payload are missing
157 | if (!request || !request.headers || !payload)
158 | reject("Error: Wrong request, missing request headers, or missing payload");
159 | // Payload must specify user id
160 | if (!payload.id)
161 | reject("User id not specified!");
162 | // Columns allowed to be changed:
163 | let allowed = ["id", "email_address", "password_md5"];
164 | // Exclude not-allowed fields from payload
165 | Object.entries(payload).map((value, index, obj) => {
166 | let name = value[0];
167 | if (!allowed.exists(name)) delete payload[name];
168 | });
169 | // Start MySQL query
170 | let query = "UPDATE user SET ";
171 | // Build the rest of MySQL query from payload
172 | Object.entries(payload).map((item, index, object) => {
173 | let name = item[0];
174 | let value = payload[name];
175 | index != 0 ? query += ", " : null;
176 | query += "`" + name + "` = '" + value + "'";
177 | });
178 | // End query
179 | query += " WHERE `id` = '" + payload.id + "'";
180 | // Execute MySQL query we just created
181 | database.connection.query(query, (error, results) => {
182 | if (error)
183 | throw (error);
184 | let result = results[0];
185 | console.log("results[0] = ", results[0]);
186 | console.log("result = ", result);
187 | resolve(`{"success": true, "message": "user updated!"}`);
188 | });
189 |
190 | }).catch(error => null);
191 | }
192 |
193 | function action_login(request, payload) {
194 | return new Promise((resolve, reject) => {
195 | // First, get the user from database by payload.id
196 | let query = `SELECT * FROM \`user\` WHERE \`username\` = '${payload.username}'`;
197 | console.log(query);
198 | database.connection.query(query,
199 | (error, results) => { // Check if user already exists in database
200 | if (error)
201 | throw (error);
202 | let result = results[0];
203 | /* console.log("result = ", result);
204 | console.log("payload.username = ", payload.username);
205 | console.log("payload.password = ", payload.password);
206 | console.log("password 1 = ", md5(payload.password));
207 | console.log("password 2 = ", result.password_md5); */
208 | if (results && results.length != 0 && result.username == payload.username) {
209 | // result.found = true;
210 | // Check if submitted password is correct
211 | if (md5(payload.password) == result.password_md5) {
212 | delete result.email_address; // don't send email to front-end
213 | delete result.password_md5; // don't send md5 password to front-end
214 | resolve(`{"success": true, "user": ${JSON.stringify(result)}, "message": "user successfully logged in!"}`);
215 | } else
216 | resolve(`{"success": false, "user": null, "message": "incorrect username or password"}`);
217 | }
218 | // User not found
219 | resolve(`{"success": false, "user": null, "message": "user with this username(${payload.username}) doesn't exist"}`);
220 | });
221 | }).catch(error => console.log(error));
222 | }
223 |
224 | function action_logout(request, payload) {
225 | return new Promise((resolve, reject) => {
226 | /* implement */
227 | }).catch(error => console.log(error));;
228 | }
229 |
230 | function action_create_session(request, payload) {
231 | // Create unique authentication token
232 | function create_auth_token() {
233 | let token = md5(timestamp(true) + "");
234 | return token;
235 | }
236 | return new Promise((resolve, reject) => {
237 | if (!request || !request.headers || !payload)
238 | reject("Error: Wrong request, missing request headers, or missing payload");
239 | database.connection.query("SELECT * FROM session WHERE user_id = '" + payload.id + "' LIMIT 1",
240 | (error, results) => { // Check if session already exists
241 | if (error) throw (error);
242 | let result = results[0];
243 | if (results && results.length != 0 && result.user_id == payload.id) {
244 | result.found = true;
245 | resolve(`{"found": true,
246 | "token": token,
247 | "session": ${JSON.stringify(result)},
248 | "message": "session already exists"}`);
249 | } else { // This session doesn't exist, create it
250 | // Create auth token
251 | let token = create_auth_token();
252 | database.connection.query("INSERT INTO session ( `user_id`, `timestamp`, `token`) VALUES( '" + payload.id + "', '" + timestamp() + "', '" + token + "')",
253 | (error, results) => {
254 | if (error) throw (error);
255 | resolve(`{"found" : false,
256 | "token" : token,
257 | "user_id": ${payload.user_id},
258 | "message": "session was created"}`);
259 | });
260 | }
261 | });
262 | }).catch(error => { console.log(error) });
263 | }
264 |
265 | // Requirements:
266 | // - payload.user_id_to =
267 | // - payload.user_id_from =
268 | // - payload.dm_conversation_id =
269 | // - payload.message_body =
270 | function send_direct_message(request, payload) {
271 | return new Promise((resolve, reject) => {
272 | if (!request || !request.headers || !payload)
273 | reject("Error: Wrong request, missing request headers, or missing payload");
274 | let values = "VALUES( '" + payload.dm_conversation_id + "', '" + payload.user_id_from + "', '" + payload.user_id_to + "', '" + payload.message_body + "', '" + timestamp() + "' )";
275 | let q = "INSERT INTO direct_messages ( `dm_conversation_id`, `user_id_from`, `user_id_to`, `message_body`, `timestamp`) " + values + "";
276 | database.connection.query(q,
277 | (error, results) => {
278 | if (error) throw (error);
279 | resolve('{"message": "direct message was sent"}');
280 | }
281 | )
282 | }).catch((error) => { console.log(error) })
283 | }
284 |
285 | // Requirements:
286 | // - payload.user_id_to =
287 | // - payload.user_id_from =
288 | function create_dm_conversation(request, payload) {
289 | return new Promise((resolve, reject) => {
290 | if (!request || !request.headers || !payload)
291 | reject("Error: Wrong request, missing request headers, or missing payload");
292 | let values = "VALUES( '" + payload.user_id_from + "', '" + payload.user_id_to + "' )";
293 | database.connection.query("INSERT INTO dm_conversations ( `user_id_from`, `user_id_to` ) " + values + "",
294 | (error, results) => {
295 | if (error) throw (error);
296 | resolve('{"message": "direct message conversation was created"}');
297 | }
298 | )
299 | }).catch((error) => { console.log(error) })
300 | }
301 |
302 | function action_get_session(request, payload) {
303 | return new Promise((resolve, reject) => {
304 | if (!request || !request.headers || !payload)
305 | reject("Error: Wrong request, missing request headers, or missing payload");
306 | database.connection.query("SELECT * FROM session WHERE user_id = '" + payload.id + "' LIMIT 1",
307 | (error, results) => { // Return session
308 | if (error)
309 | throw (error);
310 | let result = results[0];
311 | if (results && results.length != 0 && result.user_id == payload.id) {
312 | result.found = true;
313 | resolve(`{"found": true,
314 | "session": ${JSON.stringify(result)},
315 | "message": "session found"}`);
316 | } else
317 | resolve(`{"found": false, "session": null, "message": "session found"}`);
318 | });
319 | }).catch((error) => { console.log(error) });
320 | }
321 |
322 | function action_authenticate_user(request, payload) {
323 | return new Promise((resolve, reject) => {
324 | if (!request || !request.headers || !payload)
325 | reject("Error: Wrong request, missing request headers, or missing payload");
326 | database.connection.query("SELECT * FROM session WHERE token = '" + payload.token + "' LIMIT 1",
327 | (error, results) => { // Return session
328 | if (error)
329 | throw (error);
330 | if (results.length == 0) {
331 | console.log("API.authenticate, results.length == 0 (session with token not found)");
332 | reject(`{"success": false, "message": "token not found in session"}`);
333 | } else {
334 | //console.log( results );
335 | //console.log( results[0] );
336 | let token = JSON.stringify({ token: results[0].token, type: "admin" });
337 | resolve(`{"success": true, "message": "user (id=${results[0].user_id}) was successfully authenticated", "token" : ${token}}`);
338 | }
339 | });
340 | }).catch((error) => { console.log(error) });
341 | }
342 |
343 | function action_update_user_profile(request, payload) {
344 | return new Promise((resolve, reject) => {
345 | // Header or payload are missing
346 | if (!request || !request.headers || !payload)
347 | reject("Error: Wrong request, missing request headers, or missing payload");
348 | // Payload must specify user id
349 | if (!payload.id)
350 | reject("User id not specified!");
351 | // Columns allowed to be changed:
352 | let allowed = ["id", "location", "website_url", "dob", "bio"];
353 | // Exclude not-allowed fields from payload
354 | Object.entries(payload).map((value, index, obj) => {
355 | let name = value[0];
356 | if (!allowed.exists(name)) delete payload[name];
357 | });
358 | // Start MySQL query
359 | let query = "UPDATE user SET ";
360 | // Build the rest of MySQL query from payload
361 | Object.entries(payload).map((item, index, object) => {
362 | let name = item[0];
363 | let value = payload[name];
364 | index != 0 ? query += ", " : null;
365 | query += "`" + name + "` = '" + value + "'";
366 | });
367 | // End query
368 | query += " WHERE `id` = '" + payload.id + "'";
369 | // Execute MySQL query we just created
370 | database.connection.query(query, (error, results) => {
371 | if (error)
372 | throw (error);
373 | let result = results[0];
374 | console.log("results[0] = ", results[0]);
375 | console.log("result = ", result);
376 | resolve(`{"success": true, "message": "user profile updated successfully!"}`);
377 | });
378 |
379 | }).catch(error => null);
380 | }
381 |
382 |
383 | // Check if API.parts match a URL pattern, example: "api/user/get"
384 | function identify(a, b) {
385 | return API.parts[0] == "api" && API.parts[1] == a && API.parts[2] == b;
386 | }
387 |
388 | // General use respond function -- send json object back to the browser in response to a request
389 | function respond(response, content) {
390 | console.log("responding = ", [content]);
391 | const jsontype = "{ 'Content-Type': 'application/json' }";
392 | response.writeHead(200, jsontype);
393 | response.end(content, 'utf-8');
394 | }
395 |
396 | // Convert buffer to JSON object
397 | function json(chunks) {
398 | return JSON.parse(Buffer.concat(chunks).toString());
399 | }
400 |
401 | class Action { }
402 |
403 | Action.register_user = action_register_user;
404 | Action.login = action_login;
405 | Action.logout = action_logout;
406 | Action.get_user = action_get_user;
407 | Action.delete_user = action_delete_user;
408 | Action.update_user = action_update_user;
409 | Action.authenticate_user = action_authenticate_user;
410 | Action.create_session = action_create_session;
411 | Action.get_session = action_get_session;
412 | Action.create_dm_conversation = create_dm_conversation;
413 | Action.send_direct_message = send_direct_message;
414 | Action.update_profile= action_update_user_profile;
415 |
416 | const resp = response => content => respond(response, content);
417 |
418 | class API {
419 |
420 | constructor() { }
421 |
422 | static exec(request, response) {
423 |
424 | console.log("API.exec(), parts = ", API.parts);
425 |
426 | if (request.method == 'POST') {
427 |
428 | request.url[0] == "/" ? request.url = request.url.substring(1, request.url.length) : null;
429 | request.parts = request.url.split("/");
430 | request.chunks = [];
431 |
432 | // Start reading POST data chunks
433 | request.on('data', segment => {
434 | if (segment.length > 1e6) // 413 = "Request Entity Too Large"
435 | response.writeHead(413, { 'Content-Type': 'text/plain' }).end();
436 | else
437 | request.chunks.push(segment);
438 | });
439 |
440 | // Finish reading POST data chunks
441 | request.on('end', () => { // POST data fully received
442 |
443 | API.parts = request.parts;
444 |
445 | if (identify("user", "register")) // Register (create) user
446 | Action.register_user(request, json(request.chunks))
447 | .then(content => respond(response, content));
448 |
449 | if (identify("user", "login")) // Log in
450 | Action.login(request, json(request.chunks))
451 | .then(content => respond(response, content));
452 |
453 | if (identify("user", "logout")) // Log out
454 | Action.logout(request, json(request.chunks))
455 | .then(content => respond(response, content));
456 |
457 | if (identify("user", "delete")) // Delete user
458 | Action.delete_user(request, json(request.chunks))
459 | .then(content => respond(response, content));
460 |
461 | if (identify("user", "get")) // Get user data
462 | Action.get_user(request, json(request.chunks))
463 | .then(content => respond(response, content));
464 |
465 | if (identify("user", "update")) // Update user
466 | Action.update_user(request, json(request.chunks))
467 | .then(content => respond(response, content));
468 |
469 | if (identify("session", "create")) // Create session
470 | Action.create_session(request, json(request.chunks))
471 | .then(content => respond(response, content));
472 |
473 | if (identify("user", "authenticate")) // Authenticate user
474 | Action.authenticate_user(request, json(request.chunks))
475 | .then(content => respond(response, content));
476 |
477 | if (identify("password", "email")) // Send password reset link
478 | Action.send_reset_link(request, json(request.chunks))
479 | .then(content => respond(response, content));
480 |
481 | if (identify("password", "reset")) // Reset password
482 | Action.reset_password(request, json(request.chunks))
483 | .then(content => respond(response, content));
484 |
485 | if (identify("tweet", "post")) // Post a "tweet"
486 | Action.post_tweet(request, json(request.chunks))
487 | .then(content => respond(response, content));
488 |
489 | if (identify("user", "profile")) // Update user profile
490 | Action.update_profile(request, json(request.chunks))
491 | .then(content => respond(response, content));
492 | });
493 | }
494 |
495 | if (request.method == 'GET') {
496 | /* GET placeholder */
497 | }
498 | }
499 |
500 | static catchAPIrequest(request) {
501 | request[0] == "/" ? request = request.substring(1, request.length) : null;
502 | if (request.constructor === String)
503 | if (request.split("/")[0] == "api") {
504 | API.parts = request.split("/");
505 | return true;
506 | }
507 | return false;
508 | }
509 | }
510 |
511 | API.parts = null;
512 |
513 | module.exports = { API, database };
--------------------------------------------------------------------------------