wmantly/mp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

round2

Browse Source
This commit is contained in:
William Mantly 2024-01-23 19:00:57 -05:00
parent 173277cc8b
commit c136b20112
38 changed files with 257 additions and 964 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
consumerWebsite/app.js
View File

@ -1,4 +1,5 @@
const express = require("express");
const { rateLimit } = require("express-rate-limit");
const path = require("path");
const app = express();
const port = 3000;
@ -8,6 +9,20 @@ const ejs = require("ejs");
app.use(express.json());
app.set("json spaces", 2);
//express-rate-limit stolen from docs
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
limit: 600, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
});
// Apply the rate limiting middleware to all requests.
app.use(limiter);
//disable x-powered-by header for security reasons
app.disable("x-powered-by");
// Set up the templating engine to build HTML for the front end.
app.set("views", path.join(__dirname, "./views"));
app.set("view engine", "ejs");
@ -15,11 +30,9 @@ app.set("view engine", "ejs");
// Have express server static content( images, CSS, browser JS) from the public
app.use(express.static(path.join(__dirname, "./public")));
//middleware logic ( called by next() )
const auth = require("./middleware/authChecker");
//route logic
app.use("/api/seed/v0" ,require("./routes/seed_route.js"));
app.use("/api/v0", require("./routes/api_routes"));
//render logic

2
consumerWebsite/database/model/apiKeyModel.js
View File

@ -2,8 +2,6 @@
const { Sequelize, DataTypes, Op } = require("sequelize");
const { sequelize } = require("../mySql");
const { userModel } = require("./userModel");
const { generateUUID } = require("../../functions/generateUUID.js");
const { hash, compareHash } = require("../../functions/bcrypt.js");
//sequelize.sync();
const apikeyModel = sequelize.define(

4
consumerWebsite/database/model/apiLogModel.js
View File

@ -1,6 +1,6 @@
"use strict";
const { Sequelize, DataTypes } = require("sequelize");
const { sequelize } = require("../mySQL");
const { sequelize } = require("../mySql");
//sequelize.sync();
const api_log_Model = sequelize.define(
@ -68,4 +68,6 @@ const api_log_Model = sequelize.define(
}
);
api_log_Model.sync()
module.exports = { api_log_Model };

59
consumerWebsite/database/model/locationModel.js
View File

@ -1,6 +1,6 @@
"use strict";
const { Sequelize, DataTypes } = require("sequelize");
const { sequelize } = require("../mySQL");
const { sequelize } = require("../mySql");
const { isAlphaNumericwithSpaces } = require('../../functions/validateData')
//sequelize.sync();
@ -72,59 +72,6 @@ const locationModel = sequelize.define(
}
);
async function getLocation() {
const location = await locationModel.findAll();
return location;
}
locationModel.sync();
async function addLocation(name, added_by, description) {
const location = await locationModel.create({
name: name,
added_by: added_by,
description: description,
});
}
async function updateLocation(id, name, added_by, description) {
const location = await locationModel.update(
{
name: name,
added_by: added_by,
description: description,
},
{
where: {
id: id,
},
}
);
}
async function deleteLocation(id) {
//delete by id
const location = await locationModel.destroy({
where: {
id: id,
},
});
}
async function getLocationById(id) {
const location = await locationModel.findAll({
where: {
id: id,
},
});
return location;
}
module.exports = {
locationModel,
getLocation,
addLocation,
updateLocation,
deleteLocation,
getLocationById,
};
module.exports = { locationModel };

4
consumerWebsite/database/model/sensorDataModel.js
View File

@ -1,6 +1,6 @@
"use strict";
const { Sequelize, DataTypes } = require("sequelize");
const { sequelize } = require("../mySQL");
const { sequelize } = require("../mySql");
const { locationModel } = require("./locationModel");
const { sensorModel } = require("./sensorModel");
const { isJson } = require('../../functions/validateData');
@ -74,4 +74,6 @@ const sensorDataModel = sequelize.define(
}
);
sensorDataModel.sync()
module.exports = { sensorDataModel };

4
consumerWebsite/database/model/sensorModel.js
View File

@ -1,6 +1,6 @@
"use strict";
const { Sequelize, DataTypes } = require("sequelize");
const { sequelize } = require("../mySQL");
const { sequelize } = require("../mySql");
const { locationModel } = require("./locationModel");
const {
isAlphaNumericwithSpaces,
@ -107,4 +107,6 @@ const sensorModel = sequelize.define(
}
);
sensorModel.sync()
module.exports = { sensorModel };

2
consumerWebsite/database/model/userModel.js
View File

@ -112,4 +112,6 @@ const userModel = sequelize.define(
}
);
userModel.sync()
module.exports = { userModel };

55
consumerWebsite/functions/location.js Normal file
View File

@ -0,0 +1,55 @@
const {locationModel} = require("../database/model/locationModel");
async function getLocation() {
const location = await locationModel.findAll();
return location;
}
async function addLocation(name, added_by, description) {
const location = await locationModel.create({
name: name,
added_by: added_by,
description: description,
});
}
async function updateLocation(id, name, added_by, description) {
const location = await locationModel.update(
{
name: name,
added_by: added_by,
description: description,
},
{
where: {
id: id,
},
}
);
}
async function deleteLocation(id) {
//delete by id
const location = await locationModel.destroy({
where: {
id: id,
},
});
}
async function getLocationById(id) {
const location = await locationModel.findAll({
where: {
id: id,
},
});
return location;
}
module.exports = {
getLocation,
addLocation,
updateLocation,
deleteLocation,
getLocationById,
};

23
consumerWebsite/functions/logger.js Normal file
View File

@ -0,0 +1,23 @@
const { api_log_Model } = require("../database/model/apiLogModel.js");
async function insertLogData(log) {
try {
api_log_Model.create({
ip: log.ip,
time: log.time,
method: log.method,
host: log.host,
statusCode: log.statusCode,
Responsesize: log.Responsesize,
referrer: log.referrer,
userAgent: log.userAgent,
});
} catch (error) {
console.error(error);
}
}
module.exports = {
insertLogData,
};

75
consumerWebsite/functions/sensor.js Normal file
View File

@ -0,0 +1,75 @@
const {sensorModel} = require("../database/model/sensorModel");
async function getSensor() {
const sensor = await sensorModel.findAll();
return sensor;
console.error(error);
}
async function addSensor(
sensorname,
added_by,
mac_address,
description,
location
) {
const sensor = await sensorModel.create({
name: sensorname,
added_by: added_by,
mac_address: mac_address,
description: description,
location: location,
});
}
async function updateSensor(
id,
sensorname,
added_by,
mac_address,
description,
location
) {
const sensor = await sensorModel.update(
{
name: sensorname,
added_by: added_by,
mac_address: mac_address,
description: description,
location: location,
},
{
where: {
id: id,
},
}
);
}
async function deleteSensor(id) {
//delete by id
const sensor = await sensorModel.destroy({
where: {
id: id,
},
});
console.error(error);
}
async function getSensorById(id) {
const sensor = await sensorModel.findAll({
where: {
id: id,
},
});
return sensor;
}
module.exports = {
getSensor,
addSensor,
updateSensor,
deleteSensor,
};

130
webserver/functions/APIDatabase.js → consumerWebsite/functions/sensorData.js
View File

@ -1,7 +1,5 @@
const { sequelize } = require("../Database/mySql.js");
const { locationModel } = require("../Database/model/locationModel.js");
const { sensorModel } = require("../Database/model/sensorModel.js");
const { sensorDataModel } = require("../Database/model/sensorDataModel.js");
const { sequelize } = require("../database/mySql.js");
const { sensorDataModel } = require("../database/model/sensorDataModel.js");
const { Op, Sequelize } = require("sequelize");
//helper function to convert month name to month number
@ -13,126 +11,15 @@ function getMonthFromString(mon) {
}
return -1;
}
async function getLocation() {
const location = await locationModel.findAll();
return location;
}
async function addLocation(name, added_by, description) {
const location = await locationModel.create({
name: name,
added_by: added_by,
description: description,
});
}
async function updateLocation(id, name, added_by, description) {
const location = await locationModel.update(
{
name: name,
added_by: added_by,
description: description,
},
{
where: {
id: id,
},
}
);
}
async function deleteLocation(id) {
//delete by id
const location = await locationModel.destroy({
where: {
id: id,
},
});
}
async function getLocationById(id) {
const location = await locationModel.findAll({
where: {
id: id,
},
});
return location;
}
async function getSensor() {
const sensor = await sensorModel.findAll();
return sensor;
console.error(error);
}
async function addSensor(
sensorname,
added_by,
mac_address,
description,
location
) {
const sensor = await sensorModel.create({
name: sensorname,
added_by: added_by,
mac_address: mac_address,
description: description,
location: location,
});
}
async function updateSensor(
id,
sensorname,
added_by,
mac_address,
description,
location
) {
const sensor = await sensorModel.update(
{
name: sensorname,
added_by: added_by,
mac_address: mac_address,
description: description,
location: location,
},
{
where: {
id: id,
},
}
);
}
async function deleteSensor(id) {
//delete by id
const sensor = await sensorModel.destroy({
where: {
id: id,
},
});
console.error(error);
}
async function getSensorById(id) {
const sensor = await sensorModel.findAll({
where: {
id: id,
},
});
return sensor;
}
async function getSensorData() {
const sensorData = await sensorDataModel.findAll();
return sensorData;
}
async function addSensorData(id, id_sensor, id_location, sensordata) {
async function addSensorData(id_sensor, id_location, sensordata) {
const sensorData = await sensorDataModel.create({
id: id,
sensorid: id_sensor,
locationid: id_location,
measurement: sensordata,
@ -826,16 +713,6 @@ async function getDatabyRange(queryString) {
}
module.exports = {
getLocation,
addLocation,
updateLocation,
deleteLocation,
getLocationById,
getSensor,
addSensor,
updateSensor,
deleteSensor,
getSensorById,
getSensorData,
addSensorData,
updateSensorData,
@ -843,4 +720,5 @@ module.exports = {
getSensorDataById,
getData,
getDatabyRange,
};

28
consumerWebsite/functions/validateData.js
View File

@ -1,5 +1,27 @@
var validator = require("validator");
const dateRegex = /^[A-Za-z]{3}, \d{2} [A-Za-z]{3} \d{4} \d{2}:\d{2}:\d{2} GMT$/;
function isValidDateString(value) {
return dateRegex.test(value);
}
function isMacAddress(value) {
// Joi.string().regex(/^([0-9a-f]{2}-){5}([0-9a-f]{2})$/i).lowercase()
//return validator.isMACAddress(value, { no_separators: true, eui: 48 });
const macAddress = /^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/;
const valid = macAddress.test(value);
return valid;
}
function isNumber(value) {
if (typeof value === "number") {
return true;
}
}
function isAlphaNumericwithSpaces(value) {
return validator.isAlphanumeric(value, ["en-US"], { ignore: " " });
}
@ -44,6 +66,8 @@ module.exports = {
isAlphaNumericwithSpaces,
isAlphaNumericWithSpacesAndDash,
isJson,
isAddress
isAddress,
isValidDateString,
isMacAddress,
isNumber,
};

3
webserver/middleware/apiLogger.js → consumerWebsite/middleware/apiLogger.js
View File

@ -1,4 +1,5 @@
const { insertLogData } = require("../functions/database.js");
const { insertLogData } = require("../functions/logger.js");
const APIlogger = (req, res, next) => {
try {
const log = {

4
webserver/index.js → consumerWebsite/mqttApp.js
View File

@ -1,6 +1,6 @@
const client = require("./modules/mqtt");
const { isJson, isNumber } = require("./functions/validateData.js");
const { insertDatatoDB } = require("./functions/database.js");
const { addSensorData } = require("./functions/sensors.js");
// Event handlers
client.on("connect", () => {
@ -37,7 +37,7 @@ client.on("message", (topic, message) => {
if (isNumber(data)) {
{
//pass datas to database
insertDatatoDB(datas[key]);
insertDatatoDB(datas[key].sensorid, datas[key].locationid, datas[key]);
}
} else {

13
consumerWebsite/routes/api_routes.js
View File

@ -1,13 +1,22 @@
'use strict';
const router = require('express').Router();
const { auth } = require("../middleware/authChecker")
const { APIlogger } = require('../middleware/apiLogger.js');
router.use('/auth', require('./auth'));
router.use('/apikey', require('./apikey'));
router.use('/user', auth ,require('./user'));
router.use('/user', [auth, APIlogger], require('./user'));
//location route
router.use('/location', [auth, APIlogger], require('./location'));
//location route
router.use('/sensor', [auth, APIlogger], require('./sensor'));
//location route
router.use('/sensor-data', [auth, APIlogger], require('./sensorData'));
module.exports = router;

2
webserver/routes/Location.js → consumerWebsite/routes/location.js
View File

@ -4,7 +4,7 @@ const {
getLocationById,
updateLocation,
deleteLocation,
} = require("../functions/apiDatabase.js");
} = require("../functions/location");
const express = require("express");
const router = express.Router();

6
webserver/routes/SeedLocationAndSensor.js → consumerWebsite/routes/seedLocationAndSensor.js
View File

@ -1,6 +1,6 @@
const { sequelize } = require("../Database/mySql.js");
const { locationModel } = require("../Database/model/locationModel.js");
const { sensorModel } = require("../Database/model/sensorModel.js");
const { sequelize } = require("../database/mySql.js");
const { locationModel } = require("../database/model/locationModel.js");
const { sensorModel } = require("../database/model/sensorModel.js");
const express = require("express");
const router = express.Router();

8
webserver/routes/SeedsensorData.js → consumerWebsite/routes/seedSensorData.js
View File

@ -1,7 +1,7 @@
const { sequelize } = require("../Database/mySql.js");
const { locationModel } = require("../Database/model/locationModel.js");
const { sensorModel } = require("../Database/model/sensorModel.js");
const { sensorDataModel } = require("../Database/model/sensorDataModel.js");
const { sequelize } = require("../database/mySql.js");
const { locationModel } = require("../database/model/locationModel.js");
const { sensorModel } = require("../database/model/sensorModel.js");
const { sensorDataModel } = require("../database/model/sensorDataModel.js");
const express = require("express");
const router = express.Router();

2
webserver/routes/seed_route.js → consumerWebsite/routes/seed_route.js
View File

@ -2,7 +2,7 @@
const router = require('express').Router();
//location route
router.use('/seedSensorData', require('./seedSensorData.js'));
router.use('/sensor-data', require('./seedSensorData.js'));
router.use('/seed', require('./seedLocationAndSensor'));

2
webserver/routes/Sensor.js → consumerWebsite/routes/sensor.js
View File

@ -4,7 +4,7 @@ const {
updateSensor,
deleteSensor,
getSensorById
} = require("../functions/apiDatabase.js");
} = require("../functions/sensor.js");
const express = require("express");
const router = express.Router();

6
webserver/routes/SensorData.js → consumerWebsite/routes/sensorData.js
View File

@ -6,7 +6,7 @@ const {
getSensorDataById,
getData,
getDatabyRange,
} = require("../functions/apiDatabase.js");
} = require("../functions/sensorData");
const express = require("express");
const { json } = require("body-parser");
@ -24,8 +24,8 @@ router.get("/", async (req, res, next) => {
router.post("/new", async (req, res, next) => {
try {
const { id, id_sensor, id_location, sensordata } = req.body;
await addSensorData(id, id_sensor, id_location, sensordata);
const { id_sensor, id_location, sensordata } = req.body;
await addSensorData(id_sensor, id_location, sensordata);
res.sendStatus(200).json({ message: "SensorData " + id + " added" });
} catch (error) {
console.error(error);

2
consumerWebsite/views/401.ejs
View File

@ -24,7 +24,7 @@
<div class="error-contents">
<h3>Unauthorized Access!</h3>
<div class="error-img">
<img class="img-fluid" src="images/401.png" alt="" />
<img class="img-fluid" src="/images/401.png" alt="" />
</div>
<p>Sorry, you don't have permission to access this resource. Please log in or provide valid credentials.</p>
<a class="btn btn-primary" href="/"> Back To Homepage </a>

2
consumerWebsite/views/404.ejs
View File

@ -24,7 +24,7 @@
<div class="error-contents">
<h3>Oops! That page cant be found.</h3>
<div class="error-img">
<img class="img-fluid" src="images/404.png" alt="" />
<img class="img-fluid" src="/images/404.png" alt="" />
</div>
<p>We cant find the page your are looking for. You can check out our <a href="/">Homepage</a>.</p>
<a class="btn btn-primary" href="/"> Back To Homepage </a>

8
consumerWebsite/views/bot.ejs
View File

@ -45,7 +45,7 @@
<ul class="footer_ul_amrc">
<li class="media">
<div class="media-left">
<img class="img-fluid" src="images/post-img-01.jpg" alt="" />
<img class="img-fluid" src="/images/post-img-01.jpg" alt="" />
</div>
<div class="media-body">
<p>Singapore's air quality ...</p>
@ -55,7 +55,7 @@
<ul class="footer_ul_amrc">
<li class="media">
<div class="media-left">
<img class="img-fluid" src="images/post-img-01.jpg" alt="" />
<img class="img-fluid" src="/images/post-img-01.jpg" alt="" />
</div>
<div class="media-body">
<p>Singapore Government ...</p>
@ -65,7 +65,7 @@
<ul class="footer_ul_amrc">
<li class="media">
<div class="media-left">
<img class="img-fluid" src="images/post-img-01.jpg" alt="" />
<img class="img-fluid" src="/images/post-img-01.jpg" alt="" />
</div>
<div class="media-body">
<p>High risk of severe ...</p>
@ -81,7 +81,7 @@
</p>
</div>
</footer>
<script src="js/search.js"></script>
<script src="/js/search.js"></script>
</body>
</html>

2
consumerWebsite/views/logintop.ejs
View File

@ -6,7 +6,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<link rel="shortcut icon" type="images/logo.ico" href="images/logo.ico" />
<link rel="shortcut icon" type="images/logo.ico" href="/images/logo.ico" />
<!-- Bootstrap core CSS -->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet"
integrity="sha384-T3c6CoIi6uLrA9TneNEoa7RxnatzjcDSCmG1MXxSR1GAsXEV/Dwwykc2MPK8M2HN" crossorigin="anonymous">

12
consumerWebsite/views/top.ejs
View File

@ -9,7 +9,7 @@
<meta http-equiv="cleartype" content="on" />
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="shortcut icon" type="images/logo.ico" href="images/logo.ico" />
<link rel="shortcut icon" type="/images/logo.ico" href="/images/logo.ico" />
<!-- Bootstrap core CSS -->
@ -17,8 +17,8 @@
integrity="sha384-T3c6CoIi6uLrA9TneNEoa7RxnatzjcDSCmG1MXxSR1GAsXEV/Dwwykc2MPK8M2HN" crossorigin="anonymous" />
<!-- Custom styles for this template -->
<link href="css/all.css" rel="stylesheet" />
<link href="css/style.css" rel="stylesheet" />
<link href="/css/all.css" rel="stylesheet" />
<link href="/css/style.css" rel="stylesheet" />
<!-- weird api page cdn -->
<link rel="preconnect" href="https://fonts.googleapis.com" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
@ -45,10 +45,10 @@
<!-- jq-repeat -->
<script src="js/jq-repeat.js"></script>
<script src="/js/jq-repeat.js"></script>
<!-- jquery app.js -->
<script src="js/app.js"></script>
<script src="/js/app.js"></script>
</head>
<!-- javascript function to check if user is auth -->
<script>
@ -74,7 +74,7 @@
<nav class="navbar fixed-top navbar-expand-lg navbar-dark bg-light top-nav fixed-top">
<div class="container">
<a class="navbar-brand" href="/">
<img src="images/logo.png" alt="logo" />
<img src="/images/logo.png" alt="logo" />
</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarResponsive"
aria-controls="navbarResponsive" aria-expanded="false" aria-label="Toggle navigation">

109
webserver/bin/www
View File

@ -1,109 +0,0 @@
#!/usr/bin/env node
/**
* Module dependencies.
*/
var app = require('../../webserver/modules/express.js');
const index = require("../index.js")
var debug = require('debug')('proxy-api:server');
var http = require('http');
/**
* Get port from environment and store in Express.
*/
const port = normalizePort(process.env.PORT || '80');
app.set('port', port);
/**
* Create HTTP server.
*/
var server = http.createServer(app);
const io = require('socket.io')(server
, {
cors: {
//replace with domain name when deployed
origin: 'http://localhost:3000', // client!
methods: ["GET"],
allowedHeaders: ["my-custom-header"],
credentials: true
}
});
app.io = io;
/**
* Listen on provided port, on all network interfaces.
*/
server.listen(port);
server.on('error', onError);
server.on('listening', onListening);
/**
* Normalize a port into a number, string, or false.
*/
function normalizePort(val) {
var port = parseInt(val, 10);
if (isNaN(port)) {
// named pipe
return val;
}
if (port >= 0) {
// port number
return port;
}
return false;
}
/**
* Event listener for HTTP server "error" event.
*/
function onError(error) {
if (error.syscall !== 'listen') {
throw error;
}
var bind = typeof port === 'string'
? 'Pipe ' + port
: 'Port ' + port;
// handle specific listen errors with friendly messages
switch (error.code) {
case 'EACCES':
console.error(bind + ' requires elevated privileges');
process.exit(1);
break;
case 'EADDRINUSE':
console.error(bind + ' is already in use');
process.exit(1);
break;
default:
throw error;
}
}
/**
* Event listener for HTTP server "listening" event.
*/
function onListening() {
var addr = server.address();
var bind = typeof addr === 'string'
? 'pipe ' + addr
: 'port ' + addr.port;
console.log('Listening on ' + bind);
for(let listener of app.onListen){
listener()
}
}

65
webserver/database/model/apiKeyModel.js
View File

@ -1,65 +0,0 @@
"use strict";
const { Sequelize, DataTypes } = require("sequelize");
const { sequelize } = require("../mySQL");
const { userModel } = require("./userModel");
//sequelize.sync();
const apikeyModel = sequelize.define(
"apikey",
{
id: {
type: DataTypes.INTEGER,
allowNull: true,
primaryKey: true,
autoIncrement: true,
validate: {
isNumeric: true,
},
},
userid: {
type: DataTypes.INTEGER,
allowNull: false,
validate: {
isNumeric: true,
},
//fk
references: {
model: userModel,
key: "id",
},
},
apikey: {
type: DataTypes.STRING,
allowNull: false,
length: 255,
unique: true,
validate: {
notEmpty: true,
len: [1, 255],
},
},
permission: {
type: DataTypes.STRING,
allowNull: false,
length: 255,
validate: {
notEmpty: true,
len: [1, 255],
isIn: [["canRead", "canWrite" , "auto-generated"]],
},
},
createdAt: {
type: DataTypes.DATE,
allowNull: true,
},
updatedAt: {
type: DataTypes.DATE,
allowNull: true,
},
},
{
timestamps: true,
}
);
module.exports = { apikeyModel };

94
webserver/database/model/userModel.js
View File

@ -1,94 +0,0 @@
"use strict";
const { Sequelize, DataTypes } = require("sequelize");
const { sequelize } = require("../mySQL");
const {
isAlphaNumericWithSpacesAndDash,
isAddress,
} = require("../../functions/validateData");
//sequelize.sync();
const userModel = sequelize.define(
"user",
{
id: {
type: DataTypes.INTEGER,
allowNull: true,
primaryKey: true,
autoIncrement: true,
validate: {
isNumeric: true,
},
},
username: {
type: DataTypes.STRING,
allowNull: false,
length: 60,
validate: {
notEmpty: true,
len: [1, 60],
isAlphaNumericWithSpacesAndDash(value) {
if (!isAlphaNumericWithSpacesAndDash(value)) {
throw new Error("Invalid characters in username");
}
},
},
},
password: {
type: DataTypes.STRING,
allowNull: false,
length: 255,
validate: {
notEmpty: true,
len: [1, 255],
},
},
email: {
type: DataTypes.STRING,
allowNull: false,
length: 60,
unique: true,
validate: {
notEmpty: true,
len: [1, 60],
isEmail: true,
},
},
address: {
type: DataTypes.STRING,
allowNull: true,
length: 255,
validate: {
notEmpty: true,
len: [1, 255],
isAddress(value) {
if (!isAddress(value)) {
throw new Error("Invalid address");
}
},
},
},
phone: {
type: DataTypes.STRING,
allowNull: true,
length: 20,
validate: {
notEmpty: true,
len: [1, 20],
isNumeric: true,
},
},
//utc time
createdAt: {
type: DataTypes.DATE,
allowNull: true,
},
updatedAt: {
type: DataTypes.DATE,
allowNull: true,
},
},
{
timestamps: true,
}
);
module.exports = { userModel };

35
webserver/database/mySQL.js
View File

@ -1,35 +0,0 @@
const dotenv = require("dotenv");
const path = require('path')
require('dotenv').config({ path: path.resolve(__dirname, '../../.env') })
const Sequelize = require("sequelize");
const fs = require('fs');
const { escape } = require("querystring");
const sequelize = new Sequelize(
"eco_saver",
process.env.DB_USER,
process.env.DB_PASS,
{
host: "mpsqldatabase.mysql.database.azure.com",
dialect: 'mysql',
// attributeBehavior?: 'escape' | 'throw' | 'unsafe-legacy';
attributeBehavior: 'escape',
dialectOptions: {
ssl: {
ca: fs.readFileSync(path.resolve(__dirname, '../cert/DigiCertGlobalRootCA.crt.pem')),
},
},
},
);
sequelize.authenticate().then(() => {
console.log('Connection has been established successfully.');
}).catch((error) => {
console.error('Unable to connect to the database: ', error);
});
module.exports = { sequelize };

59
webserver/functions/Database.js
View File

@ -1,59 +0,0 @@
const { sequelize } = require("../Database/mySql.js");
const { api_log_Model } = require("../Database/model/apiLogModel.js");
const { sensorDataModel } = require("../Database/model/sensorDataModel.js");
const { apikeyModel } = require("../Database/model/apiKeyModel.js");
const { compareAPIKey } = require("./bcrypt.js");
async function insertLogData(log) {
try {
api_log_Model.create({
ip: log.ip,
time: log.time,
method: log.method,
host: log.host,
statusCode: log.statusCode,
Responsesize: log.Responsesize,
referrer: log.referrer,
userAgent: log.userAgent,
});
} catch (error) {
console.error(error);
}
}
async function insertDatatoDB(data) {
try {
const app = require("../modules/express.js");
sensorDataModel.create({
sensorid: data.sensorid,
locationid: data.locationid,
measurement: data.measurement,
});
//ws broadcast event except to the sender.
app.io.emit("sensorData:new", data);
} catch (error) {
console.error(error);
}
}
async function checkAPikey(SuppliedKey, rowid) {
try {
const retrivedKey = await apikeyModel.findOne({
raw: true,
attributes: ["apikey", "permission"],
where: {
id: rowid,
},
});
//console.log(retrivedKey.apikey);
if (compareAPIKey(SuppliedKey, retrivedKey.apikey)) {
//return true;
return retrivedKey.permission;
}
} catch (error) {
console.error(error);
}
}
module.exports = { insertLogData, insertDatatoDB, checkAPikey };

38
webserver/functions/bcrypt.js
View File

@ -1,38 +0,0 @@
const bcrypt = require('bcrypt');
const saltRounds = 10;
//https://github.com/kelektiv/node.bcrypt.js#readme
/*
// Load hash from your password DB.
bcrypt.compare(myPlaintextPassword, hash, function(err, result) {
// result == true
});
bcrypt.compare(someOtherPlaintextPassword, hash, function(err, result) {
// result == false
});
*/
/*
//hash with salt
bcrypt.hash(myPlaintextPassword, saltRounds, function(err, hash) {
// Store hash in your password DB.
});
*/
async function hashAPIKey(apikey) {
return await bcrypt.hash(apikey, saltRounds);
}
async function compareAPIKey(apikey, hash) {
return await bcrypt.compare(apikey, hash);
}
module.exports = {
hashAPIKey,
compareAPIKey
};

17
webserver/functions/getAPIKey.js
View File

@ -1,17 +0,0 @@
//model for getting API key from database
async function getAPIKey() {
}
module.exports = { getAPIKey }

51
webserver/functions/validateData.js
View File

@ -1,51 +0,0 @@
var validator = require("validator");
const dateRegex = /^[A-Za-z]{3}, \d{2} [A-Za-z]{3} \d{4} \d{2}:\d{2}:\d{2} GMT$/;
function isValidDateString(value) {
return dateRegex.test(value);
}
function isAlphaNumericwithSpaces(value) {
return validator.isAlphanumeric(value, ["en-US"], { ignore: " " });
}
//allow alphanumeric and spaces and -
function isAlphaNumericWithSpacesAndDash(value) {
const alphanumeric = /^[a-zA-Z0-9]+$/;
const valid = value
.split("")
.every((char) => alphanumeric.test(char) || char === " " || char === "-");
return valid;
}
function isMacAddress(value) {
// Joi.string().regex(/^([0-9a-f]{2}-){5}([0-9a-f]{2})$/i).lowercase()
//return validator.isMACAddress(value, { no_separators: true, eui: 48 });
const macAddress = /^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/;
const valid = macAddress.test(value);
return valid;
}
function isJson(value) {
//check if its object
if(typeof value === "object"){
return true
}
}
function isNumber(value) {
if (typeof value === "number") {
return true;
}
}
module.exports = {
isValidDateString,
isAlphaNumericwithSpaces,
isAlphaNumericWithSpacesAndDash,
isMacAddress,
isJson,
isNumber,
};

65
webserver/middleware/apiKey.js
View File

@ -1,65 +0,0 @@
const { checkAPikey } = require("../functions/database.js");
async function apikeyCheck(req, res, next) {
//const authHeader = req.headers.authorization
try {
let apikey = req.headers.authorization;
if (!apikey) {
res.status(401).json({
message: "No API key was supplied. Invalid request",
});
//throw new Error("No API key was supplied. Invalid request");
} else {
//split the string by the -
let splitAPIkey = apikey.split("-");
let rowid = splitAPIkey[0];
//rejoin withouth the rowid
let SuppliedKey = splitAPIkey.slice(1).join("-");
if (checkAPikey(SuppliedKey, rowid)) {
//get permission
let permission = await checkAPikey(SuppliedKey, rowid);
console.log(permission);
if (req.method === "GET" && permission === "canRead") {
return next();
}
//['POST', 'PUT', 'PATCH', 'DELETE'].includes(req.method)
if (
["GET", "POST", "PUT", "DELETE"].includes(req.method) &&
permission === "canWrite"
) {
console.log("write");
return next();
}
//throw status 403
res.status(403).json({
message:
"Your API key does not have the correct permissions to access this resource",
});
}
}
} catch (error) {
next(error);
}
}
module.exports = { apikeyCheck };
/*
//web server microservice
1) take user supplied rowid-apikey
2) split the string by -
3) get the rowid or table id
4) get the apikey
5) compare the apikey with the one in database
6) if match, return true
*/
/*
I plan to seed some data in user and api
Than use the system info and my API middleware will somehow check the supplied API key and check
If it's correct API key and has canWrite perms
I allow it to access put and post
*/

91
webserver/modules/express.js
View File

@ -1,91 +0,0 @@
const express = require("express");
//const helmet = require("helmet");
var cors = require('cors');
const { rateLimit } = require("express-rate-limit");
const { APIlogger } = require('../middleware/apiLogger.js');
const { apikeyCheck } = require('../middleware/apiKey.js');
const app = express();
//app.use(cors());
//allow cors from localhost:3000
//app.use(helmet({ crossOriginResourcePolicy: { policy: "cross-origin" } }));
const port = 80;
// Hold list of functions to run when the server is ready
app.onListen = [function(){console.log('hello')}];
module.exports = app;
//handle cors
//express-rate-limit stolen from docs
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
limit: 600, // Limit each IP to 100 requests per `window` (here, per 15 minutes).
standardHeaders: 'draft-7', // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
legacyHeaders: false, // Disable the `X-RateLimit-*` headers.
})
// Apply the rate limiting middleware to all requests.
app.use(limiter)
//disable x-powered-by header for security reasons
app.disable("x-powered-by");
//parse json body format
app.use(express.json());
app.set("json spaces", 2);
/*
middleware logic ( called by next() )
*/
app.use("/api/seed/v0", [ apikeyCheck , APIlogger] ,require("../routes/seed_route.js"));
app.use('/api/v0', [apikeyCheck, APIlogger] ,require("../routes/api_route.js"));
// Catch 404 and forward to error handler. If none of the above routes are
// used, this is what will be called.
app.use(function (req, res, next) {
var err = new Error("Not Found");
err.message = "Page not found";
err.status = 404;
next(err);
});
// Error handler. This is where `next()` will go on error
app.use(function(err, req, res, next) {
console.error(err.status || res.status, err.name, req.method, req.url);
if(![ 404].includes(err.status || res.status)){
console.error(err.message);
console.error(err.stack);
console.error('=========================================');
}
console.log(err.name + " validation error");
// Parse key error for Sequilzw
let keyErrors = {}
if(['SequelizeValidationError'].includes(err.name) && err.errors){
for(let item of err.errors){
if(item.path){
keyErrors[item.path] = item.message
}
}
}
res.status(err.status || 500);
console.log(keyErrors);
res.json({
name: err.name,
message: err.message,
keyErrors,
});
});
/*
app.listen(port, () => {
console.log(`app listening on port ${port}`);
});
*/

77
webserver/routes/apiLog.js
View File

@ -1,77 +0,0 @@
const {
} = require("../functions/apiDatabase.js");
const express = require("express");
const router = express.Router();
module.exports = router;
/*
//get location
router.get("/", async (req, res, next) => {
try {
const location = await getLocation();
//res send json and status code
res.status(200).json(location);
} catch (error) {
console.error(error);
next(error);
}
});
//add location
router.post("/new", async (req, res, next) => {
try {
const { name, added_by, description } = req.body;
await addLocation(name, added_by, description);
res.sendStatus(200)
} catch (error) {
console.error(error);
next(error);
}
});
//update location
router.put("/update", async (req, res, next) => {
try {
const { id, name, added_by, description } = req.body;
await updateLocation(id, name, added_by, description);
res.status(200).json({ message: "Location " + id + " updated" });
} catch (error) {
console.error(error);
next(error);
}
});
//delete location
router.delete("/delete", async (req, res, next) => {
try {
const { id } = req.body;
await deleteLocation(id);
res.status(200).json({ message: "Location " + id + " deleted" });
} catch (error) {
console.error(error);
next(error);
}
});
//get location by id
router.get("/:id", async (req, res, next) => {
try {
//get params
const { id } = req.params;
const location = await getLocationById(id);
res.status(200).json(location);
} catch (error) {
console.error(error);
next(error);
}
});
*/

37
webserver/routes/api_route.js
View File

@ -1,37 +0,0 @@
/*
'use strict';
const router = require('express').Router();
const middleware = require('../middleware/auth');
router.use('/runner', require('./runner'));
router.use('/worker', require('./worker'));
router.use('/auth', require('./auth'));
router.use('/user', middleware.auth, require('./user'));
router.use('/token',middleware.auth, require('./token'));
module.exports = router;
*/
'use strict';
const router = require('express').Router();
//location route
router.use('/location', require('./location'));
//sensor route
router.use('/sensor', require('./sensor'))
//sensor data route
router.use('/sensor-data', require('./sensorData'));
//log route
//router.use('/log', require('./logLog'));
module.exports = router;