Add backend

With jwt authentication.

- POST /toktok {password} -> {token}
- GET /bandz -> {bandz}
- POST /wrap -> {id}

.gitignore

@@ -0,0 +1,4 @@
+node_modules/
+.*.swp
+yarn-error.log
+data/*.db

README.md

@@ -0,0 +1,27 @@
+chikinz
+=======
+
+
+```
+yarn install
+```
+
+Launch:
+```
+node index
+```
+
+
+Service then available at [http://localhost:3000]
+
+Get a token:
+
+```
+curl -H 'Content-Type: application/json' -d '{"password": "..."}' http://localhost:3000/toktok
+```
+
+Use the token:
+
+```
+curl -H 'Content-Type: application/json' -H 'Authorization: Bearer <<token here>>' -d '{data}' http://localhost:3000/wrap
+```

index.js

@@ -0,0 +1,149 @@
+const bodyParser = require('body-parser');
+const express = require('express');
+require('express-async-errors');
+const jwt = require('jsonwebtoken');
+const path = require('path');
+const sqlite3 = require('sqlite3').verbose();
+
+const accessTokenSecret = 'cecinestpasunecledauthentificationjwt';
+
+const db_name = path.join(__dirname, "data", "chikinz.db");
+const db = new sqlite3.Database(db_name, err => {
+    if (err) {
+        return console.error(err.message);
+    }
+    console.log('Connected to the database.');
+});
+
+function makeTable(table) {
+    db.run(table, err => {
+        if (err) {
+            throw err;
+        }
+    });
+}
+
+makeTable(`
+CREATE TABLE IF NOT EXISTS Chikinz (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  bandId INTEGER NOT NULL,
+  weight REAL NOT NULL,
+  killedDate DATE,
+  wrappedDate DATE NOT NULL,
+  soldDate DATE,
+  misc TEXT
+);`);
+
+makeTable(`
+CREATE TABLE IF NOT EXISTS Bandz (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  name TEXT,
+  receivedDate DATE,
+  misc TEXT
+);`);
+
+const app = express();
+
+function addChikin(db, chikin) {
+    const sql_insert = 'INSERT INTO Chikinz (bandId, weight, killedDate, wrappedDate) VALUES (?, ?, ?, ?);';
+    const {bandId, weight, killedDate, wrappedDate} = chikin;
+    return new Promise((resolve, reject) => {
+        db.run(sql_insert, [bandId, weight, killedDate, wrappedDate], function(err) {
+            if (err) {
+                return reject(err);
+            }
+            resolve(this);
+        });
+    });
+}
+
+function getBandz(db) {
+    return new Promise((resolve, reject) => {
+        const bandz = [];
+        db.each('SELECT id, name from Bandz', (err, row) => {
+            if (err) {
+                return reject(err);
+            }
+            bandz.push(row);
+        }, (err, rows) => {
+            if (bandz.length !== rows) {
+                return reject('did not store all rows');
+            }
+            resolve(bandz);
+        }); 
+    });
+}
+
+const authenticateJWT = (req, res, next) => {
+    const authHeader = req.headers.authorization;
+
+    if (authHeader) {
+        const token = authHeader.split(' ')[1];
+
+        jwt.verify(token, accessTokenSecret, (err, payload) => {
+            if (err) {
+                console.log(err);
+                return res.sendStatus(403);
+            }
+            if (new Date().getTime() > payload.expiration) {
+                console.log('expired token');
+                return res.sendStatus(403);
+            }
+
+            req.auth = payload;
+            next();
+        });
+    } else {
+        res.sendStatus(401);
+    }
+};
+
+app.use(bodyParser.json());
+
+app.listen(3000, () => {
+    console.log('Server started (http://localhost:3000/)!');
+});
+
+
+// all access points below
+
+app.get("/", (req, res) => {
+    res.send("This is not the way.");
+});
+
+app.get('/bandz', authenticateJWT, async (req, res) => {
+    const bandz = await getBandz(db);
+    res.json({message: 'This is the way.', bandz});
+});
+
+app.post('/toktok', (req, res) => {
+    const {password} = req.body;
+    console.log(req.body);
+
+    if (password != 'goldchocoboisbestchocobo.goldchocoboisonlychocobo') {
+        return res.json({message: 'This is not the way.'});
+    }
+
+    const expiration = new Date().getTime() + 7200000;
+    const token = jwt.sign({expiration}, accessTokenSecret);
+
+    res.json({message: 'This is the way.', token});
+});
+
+app.post('/wrap', authenticateJWT, async (req, res) => {
+    const chikin = req.body;
+    console.log(chikin);
+    const {lastID} = await addChikin(db, chikin);
+    res.json({message: 'This is the way.', id: lastID});
+});
+
+
+// catch errors
+
+app.use((err, req, res, next) => {
+    console.error(err);
+    res.status(500).json({
+        message: 'This is not the way.',
+        error: err.message,
+    });
+});

package.json

@@ -0,0 +1,17 @@
+{
+  "name": "chikinz",
+  "version": "1.0.0",
+  "description": "a backend for ze chikinz",
+  "main": "index.js",
+  "author": "Paul Mathieu <paul@ponteilla.net>",
+  "license": "MIT",
+  "dependencies": {
+    "express": "^4.18.1",
+    "express-async-errors": "^3.1.1",
+    "jsonwebtoken": "^8.5.1",
+    "sqlite3": "^5.0.11"
+  },
+  "devDependencies": {
+    "nodemon": "^2.0.19"
+  }
+}