Moved middleware/ & schemas/ into api/.

api/middleware/mustBeAuthenticated.js

@@ -0,0 +1,17 @@
+const mustBeAuthenticated = (req, res, next) => {
+  if (process.env.NODE_ENV == "development") {
+    console.info(`Restricted endpoint ${req.originalUrl}, but running in dev mode.`)
+    return next();
+  }
+
+  if (!req.isAuthenticated()) {
+    return res.status(401).send({
+      success: false,
+      message: "Du må være logget inn."
+    });
+  }
+
+  return next();
+};
+
+module.exports = mustBeAuthenticated;

api/middleware/setAdminHeaderIfAuthenticated.js

@@ -0,0 +1,6 @@
+const setAdminHeaderIfAuthenticated = (req, res, next) => {
+  res.set("Vinlottis-Admin", req.isAuthenticated());
+  return next();
+};
+
+module.exports = setAdminHeaderIfAuthenticated;

api/middleware/setupCORS.js

@@ -0,0 +1,6 @@
+const openCORS = (req, res, next) => {
+  res.set("Access-Control-Allow-Origin", "*")
+  return next();
+};
+
+module.exports = openCORS;

api/middleware/setupHeaders.js

@@ -0,0 +1,37 @@
+const camelToKebabCase = str => str.replace(/[A-Z]/g, letter => `-${letter.toLowerCase()}`);
+
+const mapFeaturePolicyToString = (features) => {
+  return Object.entries(features).map(([key, value]) => {
+    key = camelToKebabCase(key)
+    value = value == "*" ? value : `'${ value }'`
+    return `${key} ${value}`
+  }).join("; ")
+}
+
+const setupHeaders = (req, res, next) => {
+  res.set("Access-Control-Allow-Headers", "Content-Type")
+
+  // Security
+  res.set("X-Content-Type-Options", "nosniff");
+  res.set("X-XSS-Protection", "1; mode=block");
+  res.set("X-Frame-Options", "SAMEORIGIN");
+  res.set("X-DNS-Prefetch-Control", "off");
+  res.set("X-Download-Options", "noopen");
+  res.set("Strict-Transport-Security", "max-age=15552000; includeSubDomains")
+
+  // Feature policy
+  const features = {
+    fullscreen: "*",
+    payment: "none",
+    microphone: "none",
+    camera: "self",
+    speaker: "*",
+    syncXhr: "self"
+  }
+  const featureString = mapFeaturePolicyToString(features);
+  res.set("Feature-Policy", featureString)
+
+  return next();
+}
+
+module.exports = setupHeaders;

api/schemas/Attendee.js

@@ -0,0 +1,14 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const Attendee = new Schema({
+  name: String,
+  phoneNumber: String,
+  green: Number,
+  blue: Number,
+  red: Number,
+  yellow: Number,
+  winner: Boolean
+});
+
+module.exports = mongoose.model("Attendee", Attendee);

api/schemas/Highscore.js

@@ -0,0 +1,18 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const Highscore = new Schema({
+  name: String,
+  wins: [
+    {
+      color: String,
+      date: Date,
+      wine: {
+        type: Schema.Types.ObjectId,
+        ref: "Wine"
+      }
+    }
+  ]
+});
+
+module.exports = mongoose.model("Highscore", Highscore);

api/schemas/PreLotteryWine.js

@@ -0,0 +1,14 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const PreLotteryWine = new Schema({
+  name: String,
+  vivinoLink: String,
+  rating: Number,
+  id: String,
+  image: String,
+  price: String,
+  country: String
+});
+
+module.exports = mongoose.model("PreLotteryWine", PreLotteryWine);

api/schemas/Purchase.js

@@ -0,0 +1,20 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const Purchase = new Schema({
+  date: Date,
+  blue: Number,
+  red: Number,
+  yellow: Number,
+  green: Number,
+  bought: Number,
+  stolen: Number,
+  wines: [
+    {
+      type: Schema.Types.ObjectId,
+      ref: "Wine"
+    }
+  ]
+});
+
+module.exports = mongoose.model("Purchase", Purchase);

api/schemas/RequestedWine.js

@@ -0,0 +1,13 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const RequestedWine = new Schema({
+  count: Number,
+  wineId: String,
+  wine: {
+    type: Schema.Types.ObjectId,
+    ref: "Wine"
+  }
+});
+
+module.exports = mongoose.model("RequestedWine", RequestedWine);

api/schemas/Subscription.js

@@ -0,0 +1,13 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const Subscription = new Schema({
+  endpoint: String,
+  expirationTime: Number,
+  keys: {
+    p256dh: String,
+    auth: String
+  }
+});
+
+module.exports = mongoose.model("Subscription", Subscription);

api/schemas/User.js

@@ -0,0 +1,9 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+const passportLocalMongoose = require("passport-local-mongoose");
+
+const User = new Schema({});
+
+User.plugin(passportLocalMongoose);
+
+module.exports = mongoose.model("User", User);

api/schemas/VirtualWinner.js

@@ -0,0 +1,18 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const VirtualWinner = new Schema({
+  name: String,
+  phoneNumber: String,
+  color: String,
+  green: Number,
+  blue: Number,
+  red: Number,
+  yellow: Number,
+  id: String,
+  timestamp_drawn: Number,
+  timestamp_sent: Number,
+  timestamp_limit: Number
+});
+
+module.exports = mongoose.model("VirtualWinner", VirtualWinner);

api/schemas/Wine.js

@@ -0,0 +1,15 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const Wine = new Schema({
+  name: String,
+  vivinoLink: String,
+  rating: Number,
+  occurences: Number,
+  id: String,
+  image: String,
+  price: String,
+  country: String
+});
+
+module.exports = mongoose.model("Wine", Wine);