Add Angular app and enable CORS

unicodeveloper · unicodeveloper · commit 4092e71ee8ad · 2016-10-05T12:48:03.000+01:00
diff --git a/angular-auth b/angular-auth
@@ -0,0 +1 @@
+Subproject commit cf31abde3bf88827b9ce72e0850ab55cb285e6e4
diff --git a/api/controllers/QuoteController.js b/api/controllers/QuoteController.js
@@ -12,6 +12,6 @@ module.exports = {
 
     getProtectedQuote: function(req, res) {
         return res.json({ quote: quoter.getRandomOne() });
-    },
+    }
 };
 
diff --git a/api/controllers/TaskController.js b/api/controllers/TaskController.js
@@ -0,0 +1,11 @@
+/**
+ * TaskController
+ *
+ * @description :: Server-side logic for managing tasks
+ * @help        :: See http://sailsjs.org/#!/documentation/concepts/Controllers
+ */
+
+module.exports = {
+	
+};
+
diff --git a/api/controllers/UserController.js b/api/controllers/UserController.js
@@ -55,7 +55,7 @@ module.exports = {
             if (!valid) {
               return res.json(401, {err: 'invalid username or password'});
             } else {
-              res.json({success: true, token: token});
+              res.json({success: true, token: token, user: user.username});
             }
           });
         })
diff --git a/api/models/Task.js b/api/models/Task.js
@@ -0,0 +1,14 @@
+/**
+ * Task.js
+ *
+ * @description :: TODO: You might write a short summary of how this model works and what it represents here.
+ * @docs        :: http://sailsjs.org/documentation/concepts/models-and-orm/models
+ */
+
+module.exports = {
+
+  attributes: {
+
+  }
+};
+
diff --git a/api/policies/isAuthenticated.js b/api/policies/isAuthenticated.js
@@ -1,38 +1,12 @@
 /**
- * tokenAuth
- *
+ * isAuthenticated
  *
  */
-var jwt = require('jsonwebtoken');
-
-// Get token from header
-function getToken(req) {
-    if (req.headers.authorization &&
-      req.headers.authorization.split(' ')[0] === 'Bearer') {
-        return req.headers.authorization.split(' ')[1];
-    }
-    return null;
-}
-
-module.exports = function(req, res, next) {
+var jwt = require('express-jwt');
 
-  var token = getToken(req);
+var authCheck = jwt({
+  secret: new Buffer('6ciafzROZr9eWWEKiMCsviPx1_fhp2QfEQqSHa1Cm9wGDthSfkXU7EZHUib6Vw3y', 'base64'),
+  audience: 'mOh81XhUQvqeQ1uVY2yvgERpKKQjSKQr'
+});
 
-  if(token) {
-    // verifies secret and checks exp
-    jwt.verify(token, sails.config.sessionSecret, function(err, decoded) {
-      if(err) {
-        return res.json({ message: 'Unauthorized Access. Mismatched token.' });
-      } else {
-        // if everything is good, save to request for use in other routes
-        req.decoded = decoded;
-        next();
-      }
-    });
-  } else {
-      // if there is no token return an error
-      return res.status(403).json({
-          message: 'Unauthorized Access'
-      });
-    }
-};
+module.exports = authCheck;
diff --git a/config/cors.js b/config/cors.js
@@ -37,7 +37,7 @@ module.exports.cors = {
   *                                                                          *
   ***************************************************************************/
 
-  // allRoutes: false,
+  allRoutes: true,
 
   /***************************************************************************
   *                                                                          *
@@ -47,15 +47,15 @@ module.exports.cors = {
   *                                                                          *
   ***************************************************************************/
 
-  // origin: '*',
+origin: '*',
 
   /***************************************************************************
   *                                                                          *
   * Allow cookies to be shared for CORS requests?                            *
   *                                                                          *
   ***************************************************************************/
 
-  // credentials: true,
+  credentials: true,
 
   /***************************************************************************
   *                                                                          *
@@ -64,7 +64,7 @@ module.exports.cors = {
   *                                                                          *
   ***************************************************************************/
 
-  // methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',
+  methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',
 
   /***************************************************************************
   *                                                                          *
@@ -73,6 +73,6 @@ module.exports.cors = {
   *                                                                          *
   ***************************************************************************/
 
-  // headers: 'content-type'
+  headers: 'content-type, Authorization'
 
 };
diff --git a/config/policies.js b/config/policies.js
@@ -17,18 +17,18 @@
  */
 
 
-module.exports.policies = {
+  module.exports.policies = {
 
-  /***************************************************************************
-  *                                                                          *
-  * Default policy for all controllers and actions (`true` allows public     *
-  * access)                                                                  *
-  *                                                                          *
-  ***************************************************************************/
+    /***************************************************************************
+    *                                                                          *
+    * Default policy for all controllers and actions (`true` allows public     *
+    * access)                                                                  *
+    *                                                                          *
+    ***************************************************************************/
 
-  '*': true,
+    '*': true,
 
-  QuoteController: {
-    getProtectedQuote: 'isAuthenticated'
-  }
-};
+    QuoteController: {
+      getProtectedQuote: 'isAuthenticated'
+    }
+  };
diff --git a/config/routes.js b/config/routes.js
@@ -34,10 +34,8 @@ module.exports.routes = {
 
   '/': { view: 'homepage' },
   '/welcome': 'WelcomeController.welcome',
-  'post /login': 'UserController.login',
-  'post /signup': 'UserController.signup',
-  'get /random-quote': 'QuoteController.getQuote',
-  'get /protected/random-quote': 'QuoteController.getProtectedQuote'
+  'get /api/random-quote': 'QuoteController.getQuote',
+  'get /api/protected/random-quote': 'QuoteController.getProtectedQuote'
 
   /***************************************************************************
   *                                                                          *
diff --git a/package.json b/package.json
@@ -7,6 +7,7 @@
   "dependencies": {
     "bcrypt": "^0.8.7",
     "ejs": "2.3.4",
+    "express-jwt": "^5.1.0",
     "grunt": "1.0.1",
     "grunt-contrib-clean": "1.0.0",
     "grunt-contrib-coffee": "1.0.0",

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Subproject commit cf31abde3bf88827b9ce72e0850ab55cb285e6e4`
Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ module.exports = {`
`55`	`55`	`if (!valid) {`
`56`	`56`	`return res.json(401, {err: 'invalid username or password'});`
`57`	`57`	`} else {`
`58`		`- res.json({success: true, token: token});`
	`58`	`+ res.json({success: true, token: token, user: user.username});`
`59`	`59`	`}`
`60`	`60`	`});`
`61`	`61`	`})`