skrytka-app/app.js

599 lines
14 KiB
JavaScript

const express = require('express');
const pgp = require('pg-promise')();
const session = require('express-session');
const responseTime = require('response-time');
const types = require('pg').types;
const validator = require('validator');
require('dotenv').config();
const app = express();
const db = pgp(`postgres://${process.env.DB_USER}:${process.env.DB_PASS}@${process.env.DB_HOST}:${process.env.DB_PORT}/${process.env.DB_NAME}`);
const port = 3001;
class Point {
x;
y;
constructor(x, y) {
this.x = x;
this.y = y;
}
}
class Rectangle {
leftBottomPoint;
size;
constructor(leftBottomPoint, size) {
this.leftBottomPoint = leftBottomPoint;
this.size = size;
}
}
types.setTypeParser(603, function(rectangleStr) {
rectangleStr = rectangleStr.slice(1, rectangleStr.length - 1);
const pointStrs = rectangleStr.split('),(');
const fp = pointStrs[0].split(',');
const sp = pointStrs[1].split(',');
const lowerBottomPoint = new Point(+sp[0], +sp[1]);
const size = new Point(+fp[0] - (+sp[0]), +fp[1] - (+sp[1]));
return new Rectangle(lowerBottomPoint, size);
});
app.use(session({
store: new (require('connect-pg-simple')(session))({
pgPromise: db,
tableName: 'user_session'
}),
secret: 'tujakistajnysekretnietakijakto',
resave: false,
saveUninitialized: false,
cookie: {
sameSite: 'lax',
// Age of cookie is counted from last access, so here 30 days of *not using* = deletion
maxAge: 30 * 24 * 60 * 60 * 1000
}
}));
console.log(process.env.DB_NAME);
let latencies = [0];
const MAX_LATENCIES = 25;
app.use(responseTime(function(req, res, time) {
if(latencies.length > MAX_LATENCIES) {
latencies.shift();
}
latencies.push(time);
}));
app.use(express.json());
app.get('/ping', (req, res) => {
let latenciesSum = 0;
latencies.forEach(l => latenciesSum += l);
const avgLatency = latenciesSum / latencies.length;
res.status(200);
res.send(`Pong! (average latency: ${avgLatency}ms)`);
});
/* Getting OSP units of provided prefix
* e.g. https://skrytka.app/osp-units?prefix=Gda
* Returns 3 matching results sorted by locality, name.*/
app.get('/osp-units', async (req, res) => {
const locality = req.query['locality'];
if(!locality) {
res.status(400);
res.json({
queryErrors: {
'locality': ['Nie podano parametru!']
},
otherErrors: []
});
return;
}
// DECIDE: Whether to remove some database constraints and add more simple checks here from validator?
// Also are these database constraints reasonable?
try {
const unitsList = await db.any('SELECT id AS "ID", name, locality FROM get_units_list($1)', [locality]);
res.status(200);
res.json(unitsList);
} catch(error) {
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
}
});
/* Users should be taken from session, not from query parameter
* 1. If user is not logged in then his scores are saved in session data. For such user we pass trucks list with appropriate scores calculated from
* that session data and not taken from database. QUESTION: Aren't there solutions that can use already existing database and not create another
* scheme of data? Or maybe that little redundancy is acceptable :]
* 2. If user is logged in then his nickname is in session data. We can use it to call database server function and get needed results. */
// TODO: Add timestamp to results
app.get('/fire-trucks', async (req, res) => {
const ospUnit = req.query['osp-unit'];
if(!ospUnit) {
res.status(400);
res.json({
queryErrors: {
'osp-unit': ['Nie podano parametru!']
},
otherErrors: []
});
return;
}
// Do we need these additional checks before sending to database? Probably not...
// But it is better to know if result is empty because it is just answer to our question
// and without validation before query we can get empty result because of some undetermined error
if(!validator.isNumeric(ospUnit, { no_symbols: true })) {
res.status(400);
res.json({
queryErrors: {
'osp-unit': ['Podane ID musi być liczbą (całkowitą)!']
},
otherErrors: []
});
return;
}
if(ospUnit <= 0) {
res.status(400);
res.json({
queryErrors: {
'osp-unit': ['Podane ID musi być większe od 0!']
},
otherErrors: []
});
return;
}
try {
const unitExists = (await db.any('SELECT id FROM osp_unit WHERE id = $1', [ospUnit])).length != 0;
if(!unitExists) {
res.status(404);
res.json({
queryErrors: {
'osp-unit': ['Jednostka o podanym ID nie istnieje!']
},
otherErrors: []
});
return;
}
} catch(error) {
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
return;
}
let user = req.session['accountNickname'];
const loggedIn = user ?? false;
if(loggedIn) {
try {
const trucksList = await db.func('get_trucks_list_with_scores', [ospUnit, user]);
res.status(200);
res.json(trucksList);
} catch(error) {
console.log(error);
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
}
} else {
try {
const trucksList = await db.any('SELECT id AS "ID", name, image_path AS "imagePath" FROM fire_truck WHERE osp_unit_id = $1', [ospUnit]);
let avgPercents = {};
// We assume that scores in session are pushed in order from oldest to latest
// so we need to:
// 1. Iterate from the end to the beginning
// 2. Push scores to corresponding entries in avgPercents
// 2.1. If there are already 3 scores in entry then stop adding
// 3. Map scores so that each entry becomes average of scores divided by 10 (percents)
const quizResults = req.session.quizResults ?? [];
for(let i = quizResults.length - 1; i >= 0; i--) {
if(!avgPercents[quizResults[i].fireTruckID]) {
avgPercents[quizResults[i].fireTruckID] = [];
}
if(avgPercents[quizResults[i].fireTruckID].length < 3) {
avgPercents[quizResults[i].fireTruckID].push(quizResults[i].points);
}
}
console.log(avgPercents);
Object.keys(avgPercents).forEach(function(fireTruckID, index) {
let sum = 0;
let numberOfResults = 0;
avgPercents[fireTruckID].forEach(points => {
sum += +points;
numberOfResults++;
console.log(sum, numberOfResults);
});
let averagePercent = (sum/numberOfResults)/10;
avgPercents[fireTruckID] = averagePercent;
});
// It is pretty complicated so it may be reasonable to change it in the future
trucksList.map(row => {
const truckID = row['ID'];
row.avgPercent = avgPercents[truckID] ?? 0;
});
res.status(200);
res.json(trucksList);
} catch(error) {
console.log(error);
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
}
}
});
app.get('/quiz-pages', async (req, res) => {
const fireTruck = req.query['fire-truck'];
if(!fireTruck) {
res.status(400);
res.json({
queryErrors: {
'fire-truck': ['Nie podano parametru!']
},
otherErrors: []
});
return;
}
if(!validator.isNumeric(fireTruck, { no_symbols: true })) {
res.status(400);
res.json({
queryErrors: {
'fire-truck': ['Podane ID musi być liczbą (całkowitą)!']
},
otherErrors: []
});
return;
}
if(fireTruck <= 0) {
res.status(400);
res.json({
queryErrors: {
'fire-truck': ['Podane ID musi być większe od 0!']
},
otherErrors: []
});
return;
}
try {
const truckExists = (await db.any('SELECT id FROM fire_truck WHERE id = $1', [fireTruck])).length != 0;
if(!truckExists) {
res.status(404);
res.json({
queryErrors: {
'fire-truck': ['Wóz o podanym ID nie istnieje!']
},
otherErrors: []
});
return;
}
} catch(error) {
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
return;
}
try {
let quizData = await db.any(
'SELECT side_id AS "sideID", side_image_path AS "sideImagePath", \
cache_id AS "cacheID", cache_rectangle as "cacheRectangle", cache_name as "cacheName" FROM get_quiz_data_for_truck($1)', [fireTruck]);
quizData = quizData.reduce((acc, curr) => {
const sideID = curr.sideID;
if(!acc[sideID]) {
acc[sideID] = {
sideImagePath: curr.sideImagePath,
caches: []
};
}
delete curr.sideID;
acc[sideID].caches.push({
cacheID: curr.cacheID,
cacheName: curr.cacheName,
cacheRectangle: curr.cacheRectangle
});
return acc;
}, {});
res.status(200);
res.send(quizData);
} catch(error) {
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
}
});
app.get('/random-question', async (req, res) => {
const fireTruck = req.query['fire-truck'];
if(!fireTruck) {
res.status(400);
res.json({
queryErrors: {
'fire-truck': ['Nie podano parametru!']
},
otherErrors: []
});
return;
}
if(!validator.isNumeric(fireTruck, { no_symbols: true })) {
res.status(400);
res.json({
queryErrors: {
'fire-truck': ['Podane ID musi być liczbą (całkowitą)!']
},
otherErrors: []
});
return;
}
if(fireTruck <= 0) {
res.status(400);
res.json({
queryErrors: {
'fire-truck': ['Podane ID musi być większe od 0!']
},
otherErrors: []
});
return;
}
try {
const truckExists = (await db.any('SELECT id FROM fire_truck WHERE id = $1', [fireTruck])).length != 0;
if(!truckExists) {
res.status(404);
res.json({
queryErrors: {
'fire-truck': ['Wóz o podanym ID nie istnieje!']
},
otherErrors: []
});
return;
}
} catch(error) {
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
return;
}
try {
const randomQuestion = await db.one('SELECT cache_id AS "cacheID", equipment_name AS "equipmentName" FROM get_random_question($1)', [fireTruck]);
res.status(200);
res.send(randomQuestion);
} catch(error) {
res.status(500);
res.json({
queryErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
}
});
app.post('/quiz-results', async (req, res) => {
const fireTruck = req.body.fireTruck.toString();
const seconds = req.body.seconds.toString();
const points = req.body.points.toString();
if(!validator.isNumeric(fireTruck, { no_symbols: true })) {
res.status(400);
res.json({
fieldErrors: {
'fire-truck': ['Podane ID musi być liczbą (całkowitą)!']
},
otherErrors: []
});
return;
}
if(fireTruck <= 0) {
res.status(400);
res.json({
fieldErrors: {
'fire-truck': ['Podane ID musi być większe od 0!']
},
otherErrors: []
});
return;
}
try {
const truckExists = (await db.any('SELECT id FROM fire_truck WHERE id = $1', [fireTruck])).length != 0;
if(!truckExists) {
res.status(404);
res.json({
fieldErrors: {
'fire-truck': ['Wóz o podanym ID nie istnieje!']
},
otherErrors: []
});
return;
}
} catch(error) {
res.status(500);
res.json({
fieldErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
return;
}
/* Walidacje dla seconds */
if(!validator.isNumeric(seconds, { no_symbols: true })) {
res.status(400);
res.json({
fieldErrors: {
'seconds': ['Sekundy muszą być liczbą całkowitą!']
},
otherErrors: []
});
return;
}
if(seconds <= 0) {
res.status(400);
res.json({
fieldErrors: {
'seconds': ['Sekundy muszą być większe od 0!']
},
otherErrors: []
});
return;
}
/* Walidacje dla points */
if(!validator.isNumeric(seconds, { no_symbols: true })) {
res.status(400);
res.json({
fieldErrors: {
'points': ['Punkty muszą być liczbą całkowitą!']
},
otherErrors: []
});
return;
}
if(points <= 0 || points >= 10) {
res.status(400);
res.json({
fieldErrors: {
'points': ['Punkty muszą być w przedziale 0-10!']
},
otherErrors: []
});
return;
}
// TODO: Zapis do sesji lub do bazy
console.log('Zapis', req.body);
if(!req.session.accountNickname) {
// Zapis do sesji
if(!req.session.quizResults) {
req.session.quizResults = [];
}
req.session.quizResults.push({ fireTruckID: fireTruck, seconds, points });
} else {
// Zapis na konto
try {
await db.none('INSERT INTO score (account_nickname, fire_truck_id, points, seconds)\
VALUES ($1, $2, $3, $4)', [req.session.accountNickname, fireTruck, points, seconds]);
} catch(error) {
console.error(error);
res.status(500);
res.json({
fieldErrors: {},
otherErrors: ['Wystąpił błąd serwera!']
});
return;
}
}
res.sendStatus(204);
});
// TESTY CIASTECZEK:
/* app.get('/cookieaddone', (req, res) => {
req.session.counter = (req.session.counter || 0) + 1
res.status(200);
res.send('Added!');
});
app.get('/cookiegetvalue', (req, res) => {
const val = req.session.counter || 0;
res.status(200);
res.send(`Value: ${val}`);
}); */
// TODO: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
// CAUTION: Only for testing purposes! Should be deleted ASAP when not needed anymore.
app.get('/simulate-login', (req, res) => {
const nickToAuth = req.query.nickname;
if(!nickToAuth) {
res.status(400);
res.send('You must pass nickname as query parameter to simulate login');
return;
}
req.session.accountNickname = nickToAuth;
res.status(200);
res.send(`Logged in as ${nickToAuth}`);
});
app.get('/simulate-logout', (req, res) => {
if(!req.session.accountNickname) {
res.status(401);
res.json({
fieldErrors: {},
otherErrors: [
'Użytkownik nie jest zalogowany!'
]
});
return;
}
req.session.destroy();
res.status(200);
res.send(`Logged out!`);
});
app.listen(port, () => {
console.log(`Skrytka.app słucha na porcie ${port}...`);
});