Bug-fixes and refactoring

- deleted config.js and replaced it with an .env-file, following the dotenv-guidline - Code-cleaning - bug-fixes in email-templates and notifications
A-Spork · May 23, 2017 · a52e964 · a52e964
1 parent ce9f89c
commit a52e964
Show file tree

Hide file tree

Showing 73 changed files with 198 additions and 359 deletions.
diff --git a/.env.sample b/.env.sample
@@ -0,0 +1,21 @@
+NODE_ENV='development'
+SERVER_URL='http://localhost'
+SERVER_PORT=5000
+HTTP_PORT=5000
+HTTPS_PORT=5443
+POSTGRES_HOST='localhost'
+POSTGRES_PORT=5432
+POSTGRES_DB_NAME='ethics-app'
+POSTGRES_USERNAME='username'
+POSTGRES_PASSWORD='password'
+POSTGRES_SSL=false
+DEFAULTS=true
+EXAMPLES=false
+SENDER_NAME='Ethics-App'
+SENDER_EMAIL_ADDRESS='[email protected]'
+SMTP_HOST='smtp.gmail.com'
+SMTP_PORT=465
+SMTP_SSL=true
+SMTP_EMAIL_ADDRESS='[email protected]'
+SMTP_PASSWORD='password'
+JWTSECRET='secret'
diff --git a/.gitignore b/.gitignore
@@ -2,7 +2,7 @@ node_modules/*
 ssl/*
 public/bower_components/*
 public/files/temp/*
-.DS_Store
-/config.js
 sql/schema/examples.sql
 sql/schema/defaults.sql
+.env
+.DS_Store
diff --git a/README.md b/README.md
@@ -116,7 +116,7 @@ CREATE DATABASE ethics-app;
 node setup.js
 ```
 
-* Before you execute the `setup.js`, please make sure, that you have already created the  `/sql/schema/defaults.sql` file or follow the instructions of [1.4.](#default-values) first. Check also if you have already created the `config.js` file or provide the following **NODE ENVIRONMENT VARIABLES** before you run the script:
+* Before you execute the `setup.js`, please make sure, that you have already created the  `/sql/schema/defaults.sql` file or follow the instructions of [1.4.](#default-values) first. Check also if you have already created the `.env` file or provide the following **NODE ENVIRONMENT VARIABLES** before you run the script:
     * `POSTGRES_HOST`: Postgres host address (default: `localhost`)
     * `POSTGRES_PORT`: Postgres port number (default: `5432`)
     * `POSTGRES_DB_NAME`: Postgres database name (default: `ethics-app`)
@@ -126,14 +126,14 @@ node setup.js
     * `DEFAULTS`: Load default entries for the database with the file `sql/schema/defaults.sql` (see [1.4.](#default-values) for reference) (default: `false`)
     * `EXAMPLES`: Load example entries for the database with the file`sql/schema/examples.sql` (see [1.5.](#example-values) for reference) (default: `false`)
 
-* If you are using NODE ENVIRONMENT VARIABLES, instead of the `config.js`, then start the script with the following command:
+* If you are using NODE ENVIRONMENT VARIABLES, instead of the `.env`, then start the script with the following command:
 
 ```
 # Linux & macOS
-node setup.js
+DEFAULTS=true node setup.js
 
 # Windows
-set node setup.js
+set DEFAULTS=true node setup.js
 ```
 
 ##### 1.4. Default values (administrator account)
@@ -145,7 +145,7 @@ cp defaults.sql.sample defaults.sql
 ```
 
 * Next create inside the `/sql/schema/defaults.sql` file an overall administrator account. This account needs to be `secret`, which will be hidden from the view of the users. The secret administrator is NOT a part of the Ethics committee and only there for hosting and administrating the app. There can be more administrators, if it is required, but it is recommended to split administrators from committee members. Administrators have full access to all data inside the application, which is critical, when entries, like universities, institutes, working groups, members and users would be deleted. Please checkout the upper database schema to get a full overview about all required attributes and dependencies.
-* Don't forget to update the settings `defaults: true` inside the `config.js`.
+* Don't forget to update the settings `DEFAULTS=true` inside the `.env`.
 
 ##### 1.5. Example values
 
@@ -155,7 +155,7 @@ cp defaults.sql.sample defaults.sql
 cp examples.sql.sample examples.sql
 ```
 
-* Don't forget to update the settings `examples: true` inside the `config.js`!
+* Don't forget to update the settings `EXAMPLES=true` inside the `.env`!
 
 ### 2. Ethics-app
 
@@ -204,15 +204,15 @@ bower install
 sudo bower install --allow-root
 ```
 
-##### 2.3. Node-server configuration
+##### 2.3. Server configuration
 
 Execute the following command inside our local repository-folder:
 
 ```
-cp config.js.sample config.js
+cp .env.sample .env
 ```
 
-Open the `config.js` with your preferred text editor and configure the app appropriately for your host-server.
+Open the `.env` with your preferred text editor and configure the app appropriately for your host-server.
 
 
 ##### 2.4 Host-server configuration
@@ -251,7 +251,7 @@ Open the `config.js` with your preferred text editor and configure the app appro
 node server.js
 ```
 
-* Before you start the server, please create a `config.js` file or start the websever with the following **NODE ENVIRONMENT VARIABLES**:
+* Before you start the server, please create a `.env` file or start the websever with the following **NODE ENVIRONMENT VARIABLES**:
     * `NODE_ENV`: server environment (default: `development`, option: `production`, which uses https with a certificate)
     * `SERVER_URL`: url/domain of the host-server (default: `http://ethics-app.uni-muenster.de`)
     * `SERVER_PORT`: port number of the host-server (default: `80`)
@@ -263,7 +263,8 @@ node server.js
     * `POSTGRES_USERNAME`: Postgres username (default: `admin `)
     * `POSTGRES_PASSWORD`: Postgres password (default: `admin`)
     * `POSTGRES_SSL`: Postgres ssl connection (default: `false`)
-    * `FROM`: Email-address for users to reply, if they have question (default: `[email protected]`)
+    * `SENDER_NAME`: Name of the sender for Emails (default: `Ethics-App`)
+    * `SENDER_EMAIL_ADDRESS`: Email-address of the sender, so users can reply to it, if they have question (default: `[email protected]`)
     * `SMTP_HOST`: SMTP host address (default: `smtp.gmail.com`)
     * `SMTP_PORT`: SMTP port number (default: `465`)
     * `SMTP_SSL`: SMTP ssl connection (default: `true`)
@@ -273,7 +274,7 @@ node server.js
 
 * If you want to run the application, you need to specify the `SMTP_EMAIL_ADDRESS` and `SMTP_PASSWORD`, otherwise no Emails with the document-IDs can be sent.
 
-* If you are using NODE ENVIRONMENT VARIABLES instead of the `config.js`, then start the script with the following command:
+* If you are using NODE ENVIRONMENT VARIABLES instead of the `.env`, then start the script with the following command:
 
 ```
 # Linux & macOS

diff --git a/config.js.sample b/config.js.sample
diff --git a/controllers/comments/put.js b/controllers/comments/put.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir = "/../../sql/queries/comments/";
@@ -35,7 +33,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/concerns/put.js b/controllers/concerns/put.js
@@ -26,10 +26,6 @@ exports.request = function(req, res) {
                 }
             });
         },
-        function(client, done, callback) {
-            // TODO: Authentication
-            callback(null, client, done);
-        },
         function(client, done, callback) {
             // Database query
             client.query(query_get_concern, [

diff --git a/controllers/courses/delete.js b/controllers/courses/delete.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir = "/../../sql/queries/courses/";
@@ -35,7 +33,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/courses/get_by_document.js b/controllers/courses/get_by_document.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/documents/";
@@ -36,7 +34,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/courses/list.js b/controllers/courses/list.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/members/";
@@ -37,7 +35,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/courses/list_by_institute.js b/controllers/courses/list_by_institute.js
@@ -4,10 +4,7 @@ var pg = require('pg');
 var types = require('pg').types;
 types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
-var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/institutes/";

diff --git a/controllers/courses/post.js b/controllers/courses/post.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/courses/";
@@ -39,7 +37,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/courses/put.js b/controllers/courses/put.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/courses/";
@@ -41,7 +39,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/courses/search.js b/controllers/courses/search.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/members/";
@@ -37,7 +35,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/courses/search_by_institute.js b/controllers/courses/search_by_institute.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/institutes/";

diff --git a/controllers/descriptions/put.js b/controllers/descriptions/put.js
@@ -26,10 +26,6 @@ exports.request = function(req, res) {
                 }
             });
         },
-        function(client, done, callback) {
-            // TODO: Authentication
-            callback(null, client, done);
-        },
         function(client, done, callback) {
             // Database query
             client.query(query_get_description, [

diff --git a/controllers/documents/change_status.js b/controllers/documents/change_status.js
@@ -8,13 +8,9 @@ var jwt = require('jsonwebtoken');
 var jwtSecret = require('../../server.js').jwtSecret;
 var mustache = require('mustache');
 var moment = require('moment');
-var httpPort = require('../../server.js').httpPort;
-var server_url = require('../../server.js').server_url;
-var server_port = require('../../server.js').server_port;
-var domain = server_url + ":" + server_port;
+var domain = process.env.SERVER_URL + ":" + process.env.SERVER_PORT;
 var pool = require('../../server.js').pool;
 var transporter = require('../../server.js').transporter;
-var mail_options = require('../../server.js').mail_options;
 
 var fs = require("fs");
 var dir_1 = "/../../templates/emails/";
@@ -59,7 +55,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {
@@ -392,7 +388,10 @@ exports.request = function(req, res) {
 
                 // Send email
                 transporter.sendMail({
-                    from: mail_options,
+                    from: {
+                        name: process.env.SENDER_NAME,
+                        address: process.env.SENDER_EMAIL_ADDRESS
+                    },
                     to: user.email_address,
                     subject: "[Ethics-App] The status of your document has been changed",
                     text: text,

diff --git a/controllers/documents/delete.js b/controllers/documents/delete.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir = "/../../sql/queries/documents/";
@@ -53,7 +51,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {

diff --git a/controllers/documents/get.js b/controllers/documents/get.js
@@ -6,8 +6,6 @@ types.setTypeParser(1700, 'text', parseFloat);
 var _ = require('underscore');
 var jwt = require('jsonwebtoken');
 var pool = require('../../server.js').pool;
-var server_url = require('../../server.js').server_url;
-var jwtSecret = require('../../server.js').jwtSecret;
 
 var fs = require("fs");
 var dir_1 = "/../../sql/queries/documents/";
@@ -36,7 +34,7 @@ exports.request = function(req, res) {
                 var token = req.headers.authorization.substring(7);
 
                 // Verify token
-                jwt.verify(token, jwtSecret, function(err, decoded) {
+                jwt.verify(token, process.env.JWTSECRET, function(err, decoded) {
                     if(err){
                         callback(new Error("Authorization failed"), 401);
                     } else {