From 03ccf7e33cc4fbb81e876bc2dba5002824fe5e44 Mon Sep 17 00:00:00 2001
From: konstantinakatmada <konstantinakatmada@gmail.com>
Date: Thu, 9 Feb 2023 12:12:49 +0000
Subject: [PATCH] add secret client

---
 .github/workflows/fly.yml | 16 +++++++++++---
 package-lock.json         | 45 +++++++++++++++++++++++++++++++++++++++
 package.json              |  1 +
 src/index.js              |  2 +-
 src/routes/userEvents.js  | 19 +++++++++++++----
 src/server.js             | 43 +++++++++++++++++++++++++++++++------
 src/templates/forms.js    |  2 +-
 7 files changed, 113 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/fly.yml b/.github/workflows/fly.yml
index 0a99ad1..f1dc535 100644
--- a/.github/workflows/fly.yml
+++ b/.github/workflows/fly.yml
@@ -3,13 +3,23 @@ on:
   push:
     branches:
       - main
+      
 env:
   FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
+
 jobs:
   deploy:
     name: Deploy app
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: superfly/flyctl-actions/setup-flyctl@master
-      - run: flyctl deploy --remote-only
\ No newline at end of file
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Upload environment file
+        uses: actions/upload-env-file@v1
+        with:
+          ENV_FILE: ${{ secrets.ENV_FILE }}
+      - name: Deploy app
+        uses: superfly/flyctl-actions/setup-flyctl@master
+        env:
+          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
+        run: flyctl deploy --remote-only
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index bc13ea6..4505f36 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -15,6 +15,7 @@
         "cookie-parser": "^1.4.6",
         "dotenv": "^16.0.3",
         "express": "^4.18.2",
+        "express-validator": "^6.14.3",
         "node-fetch": "^2.6.9"
       },
       "devDependencies": {
@@ -999,6 +1000,18 @@
         "node": ">= 0.10.0"
       }
     },
+    "node_modules/express-validator": {
+      "version": "6.14.3",
+      "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.14.3.tgz",
+      "integrity": "sha512-c4b9NMdhskfcLbH/FchsSfCt4Vb14gKzcotG9zLS+VoOJDox57aGhCL+kmAu7cl+ytaSed+HD5jdJhel8DQsdg==",
+      "dependencies": {
+        "lodash": "^4.17.21",
+        "validator": "^13.7.0"
+      },
+      "engines": {
+        "node": ">= 8.0.0"
+      }
+    },
     "node_modules/express/node_modules/debug": {
       "version": "2.6.9",
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -1513,6 +1526,11 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/lodash": {
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
+    },
     "node_modules/lodash.merge": {
       "version": "4.6.2",
       "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
@@ -2510,6 +2528,14 @@
         "node": ">= 0.4.0"
       }
     },
+    "node_modules/validator": {
+      "version": "13.9.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.9.0.tgz",
+      "integrity": "sha512-B+dGG8U3fdtM0/aNK4/X8CXq/EcxU2WPrPEkJGslb47qyHsxmbggTWK0yEA4qnYVNF+nxNlN88o14hIcPmSIEA==",
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
     "node_modules/vary": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
@@ -3314,6 +3340,15 @@
         }
       }
     },
+    "express-validator": {
+      "version": "6.14.3",
+      "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.14.3.tgz",
+      "integrity": "sha512-c4b9NMdhskfcLbH/FchsSfCt4Vb14gKzcotG9zLS+VoOJDox57aGhCL+kmAu7cl+ytaSed+HD5jdJhel8DQsdg==",
+      "requires": {
+        "lodash": "^4.17.21",
+        "validator": "^13.7.0"
+      }
+    },
     "fast-deep-equal": {
       "version": "3.1.3",
       "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
@@ -3690,6 +3725,11 @@
         "p-locate": "^5.0.0"
       }
     },
+    "lodash": {
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
+    },
     "lodash.merge": {
       "version": "4.6.2",
       "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
@@ -4375,6 +4415,11 @@
       "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
       "integrity": "sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA=="
     },
+    "validator": {
+      "version": "13.9.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.9.0.tgz",
+      "integrity": "sha512-B+dGG8U3fdtM0/aNK4/X8CXq/EcxU2WPrPEkJGslb47qyHsxmbggTWK0yEA4qnYVNF+nxNlN88o14hIcPmSIEA=="
+    },
     "vary": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
diff --git a/package.json b/package.json
index 950279f..5bb2e52 100644
--- a/package.json
+++ b/package.json
@@ -30,6 +30,7 @@
     "cookie-parser": "^1.4.6",
     "dotenv": "^16.0.3",
     "express": "^4.18.2",
+    "express-validator": "^6.14.3",
     "node-fetch": "^2.6.9"
   }
 }
diff --git a/src/index.js b/src/index.js
index fc38f5e..920d153 100644
--- a/src/index.js
+++ b/src/index.js
@@ -1,4 +1,4 @@
-const server = require('./server');
+const {server} = require('./server');
 
 const PORT = process.env.PORT || 8080;
 server.listen(PORT, () => {
diff --git a/src/routes/userEvents.js b/src/routes/userEvents.js
index 5ee0819..d475a3b 100644
--- a/src/routes/userEvents.js
+++ b/src/routes/userEvents.js
@@ -1,6 +1,7 @@
 const { addEventForm } = require('../templates/forms');
 const { html } = require('../templates/html');
 const { navbar } = require('../templates/nav');
+const { validationResult } = require('express-validator');
 
 const dbEventsHandler = require('../model/event');
 
@@ -12,13 +13,23 @@ function addEvent(req, res) {
   res.send(html(title, navBar, content));
 }
 
-function postEvent(req, res) {
+function postEvent(req, res, next) {
   console.log(req.session);
+  const errors = validationResult(req);
+  
+  if (!errors.isEmpty()) {
+    //return an error response with the validation errors
+  return res.status(400).json({ errors: errors.array() });
+  }
   const { title, content, date, address } = req.body;
-  const userId = req.session.user_id;
-  dbEventsHandler.createEvent(title, content, date, address, userId); //1 will be session user id
+  dbEventsHandler.addEvent(title, content, date, address)
+    .then((event) => {
+      res.status(200).json({ message: 'Event added successfully', event });
+    })
+    .catch((err) => {
+      next(err);
+    });
 
-  res.redirect('/');
 }
 
 module.exports = { addEvent, postEvent };
diff --git a/src/server.js b/src/server.js
index 61c9b7a..3d8f361 100644
--- a/src/server.js
+++ b/src/server.js
@@ -2,6 +2,7 @@ const express = require('express');
 const path = require('path');
 const server = express();
 
+
 const cookieParser = require('cookie-parser');
 const bodyParser = require('body-parser');
 
@@ -14,6 +15,10 @@ const logOut = require('./routes/log-out');
 
 const { getSession, removeSession } = require('./model/session');
 const { socialAuth } = require('./routes/social-auth');
+const { check, validationResult } = require('express-validator');
+
+
+
 
 server.use(bodyParser.urlencoded({ extended: false }));
 server.use(express.static(path.join(__dirname, 'public')));
@@ -24,13 +29,32 @@ server.get('/', home.get);
 server.get('/log-in', logIn.get);
 server.post('/log-in', logIn.post);
 server.get('/sign-up', signUp.get);
-server.post('/sign-up', signUp.post);
+server.post(
+  '/sign-up',
+  [
+    check('email', 'Please enter a VValid email address').isEmail(),
+    check('password', 'Password must be AAat least 8 characters long').isLength({ min: 8 })
+  ],
+  signUp.post
+);
+
 server.post('/log-out', logOut.post);
 
-server.get('/add-event', addEvent); //add middleware
-server.post('/add-event', postEvent); //add middleware
+//
+server.get('/add-event', addEvent); // middleware 
+server.post(
+  '/add-event',
+  [
+    check('title', 'Title is required').not().isEmpty(),
+    check('content', 'Content is required').not().isEmpty(),
+    check('date', 'Date is required').not().isEmpty(),
+    check('address', 'Address is required').not().isEmpty()
+  ],
+  postEvent
+);
 
-server.get('/auth', socialAuth);
+server.get('/auth', socialAuth); 
+server.post('/auth', socialAuth);
 
 function sessions(req, res, next) {
   const sid = req.signedCookies.sid; //undefined if there is not a sid
@@ -40,7 +64,7 @@ function sessions(req, res, next) {
     const today = new Date();
     if (expiry < today) {
       removeSession(sid);
-      res.clearCookie(sid);
+      res.clearCookie('sid');
     } else {
       req.session = session;
     }
@@ -48,4 +72,11 @@ function sessions(req, res, next) {
   next();
 }
 
-module.exports = server;
+function confirmLogin(req, res, next) {
+  const isLoggedIn = req.session;
+  if (isLoggedIn) {
+    return res.redirect('/');
+  }
+  next();
+} 
+module.exports = {server, validationResult, sessions, confirmLogin};
diff --git a/src/templates/forms.js b/src/templates/forms.js
index c4fca22..86d2b67 100644
--- a/src/templates/forms.js
+++ b/src/templates/forms.js
@@ -3,7 +3,7 @@ function userForm(path, errors = {}, values = {}) {
         <form method="POST" action="${path}">
           <div class="form-item">
             <label for="email">email</label>
-            <input type="email" id="email" name="email" required>
+            <input type="text" id="email" name="email" required>
           </div>
           <div class="form-item">
             <label for="password">password</label>