bigbluebutton-Github/client/bbb-html5-client/routes/main_router.coffee

fs = require("fs")
sanitizer = require("sanitizer")
util = require("util")

config = require("../config")
RedisKeys = require("../lib/redis_keys")

moduleDeps = ["App", "RedisAction", "RedisStore"]

# The main router that registers the routes that can be accessed by the client.
module.exports = class MainRouter

  constructor: () ->
    config.modules.wait moduleDeps, =>
      @app = config.modules.get("App")
      @redisAction = config.modules.get("RedisAction")
      @redisStore = config.modules.get("RedisStore")
      @_registerRoutes()

  _registerRoutes: () ->
    @app.get "/", @_index
    @app.get "/auth", @_getAuth
    @app.post "/auth", @_postAuth
    @app.post "/logout", @_requiresLogin, @_logout
    @app.get "/meetings", @_meetings

  # When  requesting the homepage a potential meetingID and sessionID are extracted
  # from the user's cookie. If they match with a user that is in the database under
  # the same data, they are instantly redirected to join into the meeting.
  # If they are not, they will be redirected to the index page where they can enter
  # their login details.
  #
  # This method is registered as a route on express.
  #
  # @internal
  _index: (req, res) =>
    @redisAction.getMeetings (err, meetings) ->
      res.render "index",
        title: config.appName
        meetings: meetings

  # Upon submitting their login details from the index page via a POST request, a meeting
  # will be created and joined. If an error occurs, which usually results in using an
  # invalid username or meetingID, the user receives an error response. Both success and
  # error responses are in json only.
  #
  # This method is registered as a route on express.
  #
  # @internal
  _postAuth: (req, res) =>
    user = req.body
    username = user.username = sanitizer.escape(user.username)
    meetingID = user.meetingID = sanitizer.escape(user.meetingID)
    sessionID = req.sessionID

    validParameters = @_validateLoginParameters username, meetingID

    if validParameters
      @redisAction.makeMeeting meetingID, sessionID, username, (result) ->
        user.loginAccepted = result
        # save the ids so socketio can get the username and meeting
        if result
          res.cookie "sessionid", sessionID
          res.cookie "meetingid", meetingID
        res.contentType "json"
        res.send(user)
    else
      user.loginAccepted = false
      res.send(user)

  # Returns a json informing if there's an authenticated user or not. The meetingID and
  # sessionID are extracted from the user's cookie. If they match with a user that is
  # in the database, the user is accepted and his information is included in the response.
  # If they don't match, the user is not accepted.
  #
  # This method is registered as a route on express.
  #
  # @internal
  _getAuth: (req, res) =>
    @redisAction.isValidSession req.cookies["meetingid"], req.cookies["sessionid"], (err, valid) ->
      res.contentType "json"
      user = {}
      unless valid
        user.loginAccepted = false
        res.send user
      else
        user.loginAccepted = true
        user.meetingID = req.cookies.meetingid
        # user.username = ?? // TODO
        res.send user

  # When a user logs out, their session is destroyed and their cookies are cleared.
  # @param  {Object} req Request object from the client
  # @param  {Object} res Response object to the client
  #
  # This method is registered as a route on express.
  #
  # @internal
  _logout: (req, res) =>
    req.session.destroy() # end the session
    res.cookie "sessionid", null # clear the cookie from the client
    res.cookie "meetingid", null
    res.redirect "/"

  # @param  {Object} req Request object from the client
  # @param  {Object} res Response object to the client
  #
  # This method is registered as a route on express.
  #
  # @internal
  _meetings: (req, res) =>
    @redisAction.getMeetings (err, results) ->
      res.contentType "json"
      res.send JSON.stringify(results)

  # If a page requires authentication to view, this function is used to verify that there
  # is a user logged in.
  # @param  {Object}   req   Request object from client
  # @param  {Object}   res   Response object to client
  # @param  {Function} next  To be run as a callback if valid
  #
  # This method is registered as a route on express.
  #
  # @internal
  _requiresLogin: (req, res, next) =>
    # check that they have a cookie with valid session id
    @redisAction.isValidSession req.cookies["meetingid"], req.cookies["sessionid"], (err, isValid) ->
      if isValid
        next()
      else
        res.redirect "/"

  # Checks whether the parameters passed by the user to login are correct
  # @param username [string] the username passed by the user
  # @param meetingID [string] the meetingID passed by the user
  # @return [boolean] whether the parameters are correct or not
  # @internal
  _validateLoginParameters: (username, meetingID) ->
    username? and meetingID? and
      username.length <= config.maxUsernameLength and
      meetingID.split(" ").length is 1
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`fs = require("fs")`
			`sanitizer = require("sanitizer")`
			`util = require("util")`

			`config = require("../config")`
HTML5: Add class RedisKeys Contains methods to get the keys used on redis. Reduced RedisAction a lot by having this new class. 2013-08-30 10:14:55 +08:00			`RedisKeys = require("../lib/redis_keys")`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`moduleDeps = ["App", "RedisAction", "RedisStore"]`

Refactor routes/socketio as a class WebsocketConnection Most of its methods are used only internally, so now the class is more isolated than before. But still with some methods that should be refactored. 2013-08-20 10:51:26 +08:00			`# The main router that registers the routes that can be accessed by the client.`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`module.exports = class MainRouter`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00
			`constructor: () ->`
			`config.modules.wait moduleDeps, =>`
			`@app = config.modules.get("App")`
			`@redisAction = config.modules.get("RedisAction")`
			`@redisStore = config.modules.get("RedisStore")`
			`@_registerRoutes()`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00
			`_registerRoutes: () ->`
			`@app.get "/", @_index`
			`@app.get "/auth", @_getAuth`
			`@app.post "/auth", @_postAuth`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`@app.post "/logout", @_requiresLogin, @_logout`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`@app.get "/meetings", @_meetings`

			`# When requesting the homepage a potential meetingID and sessionID are extracted`
			`# from the user's cookie. If they match with a user that is in the database under`
			`# the same data, they are instantly redirected to join into the meeting.`
			`# If they are not, they will be redirected to the index page where they can enter`
			`# their login details.`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`#`
			`# This method is registered as a route on express.`
			`#`
			`# @internal`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`_index: (req, res) =>`
HTML5: removing lots of unused or unnecessary code from the server Cleanup the node.js server removing things that were not used or were related to making the HTML5 client a presenter, which will not be necessary at this first iteration. The node.js server should also not change anything that's in redis, just read it. Removed some of the code that changes redis. Also updating the comments to match codo's format. 2013-10-30 04:53:00 +08:00			`@redisAction.getMeetings (err, meetings) ->`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`res.render "index",`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`title: config.appName`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`meetings: meetings`

HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`# Upon submitting their login details from the index page via a POST request, a meeting`
			`# will be created and joined. If an error occurs, which usually results in using an`
			`# invalid username or meetingID, the user receives an error response. Both success and`
			`# error responses are in json only.`
			`#`
			`# This method is registered as a route on express.`
			`#`
			`# @internal`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`_postAuth: (req, res) =>`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`user = req.body`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`username = user.username = sanitizer.escape(user.username)`
			`meetingID = user.meetingID = sanitizer.escape(user.meetingID)`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`sessionID = req.sessionID`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00
			`validParameters = @_validateLoginParameters username, meetingID`

			`if validParameters`
			`@redisAction.makeMeeting meetingID, sessionID, username, (result) ->`
			`user.loginAccepted = result`
			`# save the ids so socketio can get the username and meeting`
			`if result`
			`res.cookie "sessionid", sessionID`
			`res.cookie "meetingid", meetingID`
			`res.contentType "json"`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`res.send(user)`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`else`
			`user.loginAccepted = false`
			`res.send(user)`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00
			`# Returns a json informing if there's an authenticated user or not. The meetingID and`
			`# sessionID are extracted from the user's cookie. If they match with a user that is`
			`# in the database, the user is accepted and his information is included in the response.`
			`# If they don't match, the user is not accepted.`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`#`
			`# This method is registered as a route on express.`
			`#`
			`# @internal`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`_getAuth: (req, res) =>`
HTML5: removing lots of unused or unnecessary code from the server Cleanup the node.js server removing things that were not used or were related to making the HTML5 client a presenter, which will not be necessary at this first iteration. The node.js server should also not change anything that's in redis, just read it. Removed some of the code that changes redis. Also updating the comments to match codo's format. 2013-10-30 04:53:00 +08:00			`@redisAction.isValidSession req.cookies["meetingid"], req.cookies["sessionid"], (err, valid) ->`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`res.contentType "json"`
			`user = {}`
			`unless valid`
			`user.loginAccepted = false`
			`res.send user`
			`else`
			`user.loginAccepted = true`
			`user.meetingID = req.cookies.meetingid`
			`# user.username = ?? // TODO`
			`res.send user`

			`# When a user logs out, their session is destroyed and their cookies are cleared.`
			`# @param {Object} req Request object from the client`
			`# @param {Object} res Response object to the client`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`#`
			`# This method is registered as a route on express.`
			`#`
			`# @internal`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`_logout: (req, res) =>`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`req.session.destroy() # end the session`
			`res.cookie "sessionid", null # clear the cookie from the client`
			`res.cookie "meetingid", null`
			`res.redirect "/"`

			`# @param {Object} req Request object from the client`
			`# @param {Object} res Response object to the client`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`#`
			`# This method is registered as a route on express.`
			`#`
			`# @internal`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`_meetings: (req, res) =>`
HTML5: removing lots of unused or unnecessary code from the server Cleanup the node.js server removing things that were not used or were related to making the HTML5 client a presenter, which will not be necessary at this first iteration. The node.js server should also not change anything that's in redis, just read it. Removed some of the code that changes redis. Also updating the comments to match codo's format. 2013-10-30 04:53:00 +08:00			`@redisAction.getMeetings (err, results) ->`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00			`res.contentType "json"`
			`res.send JSON.stringify(results)`

HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`# If a page requires authentication to view, this function is used to verify that there`
			`# is a user logged in.`
			`# @param {Object} req Request object from client`
			`# @param {Object} res Response object to client`
			`# @param {Function} next To be run as a callback if valid`
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`#`
			`# This method is registered as a route on express.`
			`#`
			`# @internal`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`_requiresLogin: (req, res, next) =>`
			`# check that they have a cookie with valid session id`
HTML5: removing lots of unused or unnecessary code from the server Cleanup the node.js server removing things that were not used or were related to making the HTML5 client a presenter, which will not be necessary at this first iteration. The node.js server should also not change anything that's in redis, just read it. Removed some of the code that changes redis. Also updating the comments to match codo's format. 2013-10-30 04:53:00 +08:00			`@redisAction.isValidSession req.cookies["meetingid"], req.cookies["sessionid"], (err, isValid) ->`
HTML5: moving global objects into modules There's a new class Module to organize modules in the application. Prevents errors from cyclic require's. The number of modules can still be reduced by organizing them better. 2013-09-16 07:10:19 +08:00			`if isValid`
			`next()`
			`else`
			`res.redirect "/"`
Refactor routes/index as a class MainRouter Also removed some methods/routes that were not being used and will have to be refactored anyway if they are needed in the future. They are: get_join, to join the session getting the username and password from the url, and post_upload, to upload presentations from the html5 client (this was a specially big method). 2013-08-20 09:43:18 +08:00
HTML5: Cleaned and refactored some code used to join the session 2013-10-29 01:23:15 +08:00			`# Checks whether the parameters passed by the user to login are correct`
			`# @param username [string] the username passed by the user`
			`# @param meetingID [string] the meetingID passed by the user`
			`# @return [boolean] whether the parameters are correct or not`
			`# @internal`
			`_validateLoginParameters: (username, meetingID) ->`
			`username? and meetingID? and`
			`username.length <= config.maxUsernameLength and`
			`meetingID.split(" ").length is 1`