From 14c77090ad9f81e4e7be10fb28726d93f81db270 Mon Sep 17 00:00:00 2001
From: Levi Olson <olson.levi@gmail.com>
Date: Tue, 22 Dec 2015 17:46:44 -0600
Subject: [PATCH] Initial Commit

---
 .env.json.example |  8 ++++++
 .gitignore        |  3 +++
 app.js            | 64 +++++++++++++++++++++++++++++++++++++++++++++++
 database.js       | 41 ++++++++++++++++++++++++++++++
 index.php         |  1 +
 package.json      | 29 +++++++++++++++++++++
 6 files changed, 146 insertions(+)
 create mode 100644 .env.json.example
 create mode 100644 .gitignore
 create mode 100644 app.js
 create mode 100644 database.js
 create mode 100644 index.php
 create mode 100644 package.json

diff --git a/.env.json.example b/.env.json.example
new file mode 100644
index 0000000..d9cd47e
--- /dev/null
+++ b/.env.json.example
@@ -0,0 +1,8 @@
+{
+    "PORT":"1337",
+    "DB_SOCKET":"/var/run/mysqld/mysqld.sock",
+    "DB_USER":"username",
+    "DB_PASSWORD":"password",
+    "DB_DATABASE":"database"
+}
+
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..afd6994
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+node_modules
+*.swp
+.env.json
diff --git a/app.js b/app.js
new file mode 100644
index 0000000..e8f2180
--- /dev/null
+++ b/app.js
@@ -0,0 +1,64 @@
+var bodyParser   = require('body-parser');
+var express      = require('express');
+var passport     = require('passport');
+var Strategy     = require('passport-custom').Strategy;
+var request      = require('request');
+var dotEnv       = require('dot-env');
+var db           = require('./database.js');
+
+var app          = express();
+
+
+app.use(bodyParser.json());
+app.use(bodyParser.urlencoded({extended:false}));
+app.use(passport.initialize());
+
+// Custom Strategy
+passport.use(new Strategy(db.verify));
+
+// Use Custom Strategy
+app.use('*', passport.authenticate('custom', { session: false }));
+
+// Main Route /
+app.all('*', function(req, res, next) {
+    // TODO: lookup base url based on client_id in request body
+    var baseUrl = clientLookup(req.body.client_id);
+
+    // Perform the actual request to the requested API
+    request(
+        {
+            method    : req.body._method || req.method,
+            uri       : baseUrl + req.path,
+            multipart : [{
+                'content-type' : 'application/json',
+                'body'         : JSON.stringify(req.body.params) || ''
+            }]
+        },
+        function(error, response, body) {
+            if (!error && response.statusCode == 200) {
+                var request = {
+                    "baseUrl"       : baseUrl,
+                    "body"          : req.body,
+                    "method"        : req.method,
+                    "requestParams" : req.body.params,
+                    "originalUrl"   : req.originalUrl,
+                    "path"          : req.path,
+                    "protocol"      : req.protocol,
+                    "query"         : req.query,
+                    "secure"        : req.secure,
+                    "signedCookies" : req.signedCookies,
+                    "response"      : JSON.parse(body),
+                }
+                res.json(request);
+            } else {
+                console.log('Error code    : ' + response.statusCode);
+                console.log('Error message : ' + error);
+            }
+        });
+});
+
+var port = process.env.PORT;
+
+app.listen(port, '127.0.0.1', function () {
+    console.log('Example app listening at http://%s:%s', '127.0.0.1', port);
+});
diff --git a/database.js b/database.js
new file mode 100644
index 0000000..feba58d
--- /dev/null
+++ b/database.js
@@ -0,0 +1,41 @@
+var bcrypt       = require('bcrypt');
+var mysql        = require('mysql');
+var dotEnv       = require('dot-env');
+
+module.exports   = {
+    verify: function(req, done) {
+        var connection = mysql.createConnection({
+            socket   : process.env.DB_SOCKET,
+            user     : process.env.DB_USER,
+            password : process.env.DB_PASSWORD,
+            database : process.env.DB_DATABASE
+        });
+        connection.connect(function(err) {
+            if (err) done(err);
+        });
+        connection.query('SELECT password FROM users WHERE email = \''+req.body.email+'\'', function(err, result, fields) {
+            if (err) done(err);
+            if (!result || !result[0] || !result[0].password) return done(null, false);
+
+            var password = result[0].password.replace('$2y$', '$2a$');
+            var salt = password.slice(0,29);
+            bcrypt.hash(req.body.password, salt, function(err, enc) {
+                if (err) {
+                    console.log(err);
+                    return done(err, null);
+                } else if (enc == password) {
+                    // console.log('Authorized');
+                    return done(null, true);
+                } else {
+                    // console.log('Not Authorized');
+                    return done(null, null);
+                }
+            });
+        });
+
+        connection.end();
+    },
+    clientLookup(client_id): function(client_id) {
+        return 'http://xkcd.leviolson.com';
+    }
+};
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..c4837a3
--- /dev/null
+++ b/index.php
@@ -0,0 +1 @@
+<?php phpinfo();
diff --git a/package.json b/package.json
new file mode 100644
index 0000000..f08f437
--- /dev/null
+++ b/package.json
@@ -0,0 +1,29 @@
+{
+  "name": "Guardian",
+  "version": "0.0.1",
+  "description": "Proof-of-concept for the guardian service.",
+  "main": "app.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+ssh://git@bitbucket.org/leothelocust/guardian-proof-of-concept.git"
+  },
+  "author": "Levi Olson <olson.levi@gmail.com>",
+  "license": "UNLICENSED",
+  "homepage": "https://bitbucket.org/leothelocust/guardian-proof-of-concept#readme",
+  "dependencies": {
+    "bcrypt": "^0.8.5",
+    "body-parser": "^1.14.2",
+    "dot-env": "0.0.1",
+    "express": "^4.13.3",
+    "mysql": "^2.10.0",
+    "passport": "^0.3.2",
+    "passport-custom": "^1.0.5",
+    "passport-http": "^0.3.0",
+    "passport-local": "^1.0.0",
+    "querystring": "^0.2.0",
+    "request": "^2.67.0"
+  }
+}