2017-03-15 02:01:55 -06:00
|
|
|
'use strict';
|
|
|
|
|
|
2017-05-08 17:01:35 -06:00
|
|
|
const mw = require('../middleware.js'),
|
|
|
|
|
env = require('../env/env.js'),
|
|
|
|
|
mail = require('../mail.js'),
|
2017-04-10 01:00:56 -06:00
|
|
|
router = require('express').Router(),
|
2017-05-08 17:01:35 -06:00
|
|
|
request = require('request'),
|
2017-04-10 01:00:56 -06:00
|
|
|
slug = require('slug'),
|
2017-04-17 22:12:39 -06:00
|
|
|
xss = require('xss'),
|
2017-05-08 17:01:35 -06:00
|
|
|
User = require('../models.js').user;
|
2017-03-14 22:05:03 -06:00
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
module.exports = router
|
|
|
|
|
|
|
|
|
|
// Index
|
|
|
|
|
.get('/', (req,res,next)=>{
|
2017-05-22 20:32:51 -06:00
|
|
|
res.render('index', {active:'home'});
|
2017-04-25 15:22:23 -06:00
|
|
|
})
|
2017-04-10 01:00:56 -06:00
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
// Help
|
2017-04-28 01:21:16 -06:00
|
|
|
.get('/help', (req,res)=>{
|
2017-05-22 20:32:51 -06:00
|
|
|
res.render('help', {active:'help'});
|
2017-04-25 15:22:23 -06:00
|
|
|
})
|
2017-04-16 19:17:20 -06:00
|
|
|
|
2017-05-08 15:12:49 -06:00
|
|
|
// Contact
|
|
|
|
|
.get('/contact', (req,res)=>{
|
2017-05-22 20:34:56 -06:00
|
|
|
res.render('contact', {active:'contact',
|
2017-05-08 17:01:35 -06:00
|
|
|
sitekey: env.recaptchaSitekey
|
2017-05-08 15:27:45 -06:00
|
|
|
});
|
2017-05-08 15:12:49 -06:00
|
|
|
})
|
2017-05-08 17:01:35 -06:00
|
|
|
.post('/contact', (req,res,next)=>{
|
|
|
|
|
|
|
|
|
|
// Confirm captcha
|
|
|
|
|
request.post( 'https://www.google.com/recaptcha/api/siteverify', {form:{
|
|
|
|
|
secret: env.recaptchaSecret,
|
|
|
|
|
response: req.body['g-recaptcha-response'],
|
|
|
|
|
remoteip: req.ip
|
|
|
|
|
}}, (err, response, body)=>{
|
|
|
|
|
|
|
|
|
|
// Check for errors
|
|
|
|
|
if (err){
|
|
|
|
|
mw.throwErr(err,req);
|
|
|
|
|
res.redirect('/contact');
|
|
|
|
|
}
|
|
|
|
|
if (response.statusCode!==200) {
|
|
|
|
|
let err = new Error('Bad response from reCaptcha service');
|
|
|
|
|
mw.throwErr(err,req);
|
|
|
|
|
res.redirect('/contact');
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
|
|
|
|
|
// Captcha succeeded
|
|
|
|
|
if (JSON.parse(body).success){
|
|
|
|
|
mail.send({
|
|
|
|
|
from: `${req.body.name} <${req.body.email}>`,
|
|
|
|
|
to: `Tracman Contact <contact@tracman.org>`,
|
|
|
|
|
subject: req.body.subject||'A message',
|
|
|
|
|
text: req.body.message
|
|
|
|
|
})
|
|
|
|
|
.then(()=>{
|
|
|
|
|
req.flash('success', `Your message has been sent. `);
|
|
|
|
|
res.redirect(req.session.next || '/');
|
|
|
|
|
})
|
|
|
|
|
.catch((err)=>{
|
|
|
|
|
mw.throwErr(err,req);
|
|
|
|
|
res.redirect('/contact');
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Captcha failed
|
|
|
|
|
else {
|
|
|
|
|
let err = new Error('Failed reCaptcha');
|
|
|
|
|
mw.throwErr(err,req);
|
|
|
|
|
res.redirect('/contact');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
//TODO: Check req.body.g-recaptcha-response
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-05-08 15:12:49 -06:00
|
|
|
})
|
|
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
// Terms of Service and Privacy Policy
|
|
|
|
|
.get('/terms', (req,res)=>{
|
2017-05-22 20:32:51 -06:00
|
|
|
res.render('terms', {active:'terms'});
|
2017-04-25 15:22:23 -06:00
|
|
|
})
|
|
|
|
|
.get('/privacy', (req,res)=>{
|
2017-05-22 20:32:51 -06:00
|
|
|
res.render('privacy', {active:'privacy'});
|
2017-04-25 15:22:23 -06:00
|
|
|
})
|
2017-04-16 19:17:20 -06:00
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
// robots.txt
|
|
|
|
|
.get('/robots.txt', (req,res)=>{
|
|
|
|
|
res.type('text/plain');
|
|
|
|
|
res.send("User-agent: *\n"+
|
|
|
|
|
"Disallow: /map/*\n"
|
|
|
|
|
);
|
|
|
|
|
})
|
2017-04-16 19:17:20 -06:00
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
// favicon.ico
|
2017-05-22 20:32:51 -06:00
|
|
|
//TODO: Just serve it
|
2017-04-25 15:22:23 -06:00
|
|
|
.get('/favicon.ico', (req,res)=>{
|
|
|
|
|
res.redirect('/static/img/icon/by/16-32-48.ico');
|
|
|
|
|
})
|
2017-04-17 10:45:48 -06:00
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
// Endpoint to validate forms
|
2017-04-27 14:44:49 -06:00
|
|
|
.get('/validate', (req,res,next)=>{
|
2017-04-25 15:22:23 -06:00
|
|
|
|
|
|
|
|
// Validate unique slug
|
|
|
|
|
if (req.query.slug) {
|
|
|
|
|
User.findOne({ slug: slug(req.query.slug) })
|
|
|
|
|
.then( (existingUser)=>{
|
|
|
|
|
if (existingUser && existingUser.id!==req.user.id) {
|
|
|
|
|
res.sendStatus(400);
|
|
|
|
|
}
|
|
|
|
|
else { res.sendStatus(200); }
|
|
|
|
|
})
|
2017-04-27 14:44:49 -06:00
|
|
|
.catch( (err)=>{
|
|
|
|
|
console.error(err);
|
|
|
|
|
res.sendStatus(500);
|
|
|
|
|
});
|
2017-04-25 15:22:23 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Validate unique email
|
|
|
|
|
else if (req.query.email) {
|
|
|
|
|
User.findOne({ email: req.query.email })
|
|
|
|
|
.then( (existingUser)=>{
|
|
|
|
|
if (existingUser && existingUser.id!==req.user.id) {
|
|
|
|
|
res.sendStatus(400);
|
|
|
|
|
}
|
|
|
|
|
else { res.sendStatus(200); }
|
|
|
|
|
})
|
2017-04-27 14:44:49 -06:00
|
|
|
.catch( (err)=>{
|
|
|
|
|
console.error(err);
|
|
|
|
|
res.sendStatus(500);
|
|
|
|
|
});
|
2017-04-25 15:22:23 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Create slug
|
|
|
|
|
else if (req.query.slugify) {
|
|
|
|
|
res.send(slug(xss(req.query.slugify)));
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-27 14:44:49 -06:00
|
|
|
// Sanitize for XSS
|
2017-04-25 15:22:23 -06:00
|
|
|
else if (req.query.xss) {
|
|
|
|
|
res.send(xss(req.query.xss));
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-27 14:44:49 -06:00
|
|
|
// 404
|
|
|
|
|
else { next(); }
|
|
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
})
|
2017-04-17 22:12:39 -06:00
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
// Link to androidapp in play store
|
|
|
|
|
.get('/android', (req,res)=>{
|
|
|
|
|
res.redirect('https://play.google.com/store/apps/details?id=us.keithirwin.tracman');
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Link to iphone app in the apple store
|
|
|
|
|
// ... maybe someday
|
|
|
|
|
.get('/ios', (req,res)=>{
|
|
|
|
|
res.redirect('/help#why-is-there-no-ios-app');
|
|
|
|
|
})
|
2017-04-10 01:00:56 -06:00
|
|
|
|
2017-04-25 15:22:23 -06:00
|
|
|
;
|
