kenperkins · December 31, 2015 01:28
diff --git a/app.js b/app.js

 /**
 * Module dependencies.
 */

 var express = require('express'),
    crypto = require('crypto'),
    https = require('https'),
    path = require('path'),
    fs = require('fs'),
    pkgcloud = require('pkgcloud'),
    request = require('request');

 var app = express();

 // SSL Configuration
 var options = {
  key: fs.readFileSync('./server.key'),
  cert: fs.readFileSync('./server.crt')
 };

 // create an in memory object for storing sessions
 var sessions = {};

 // all environments
 app.set('port', process.env.PORT || 443);
 app.use(express.favicon());
 app.use(express.logger('dev'));
 app.use(express.json());
 app.use(express.urlencoded());
 app.use(express.methodOverride());

 // Here's where we crack a special header to ses if we have a session id header
 // and the cooresponding object in the cache
 app.use(function(req, res, next) {
  if ((req.headers['x-session-id']) && (sessions[req.headers['x-session-id']])) {

    // if we find a session, stuff on it on the request object for the duration
    // of the present request
    req.session = sessions[req.headers['x-session-id']];
  }

  // continue to the next middle ware
  next();
 });

 app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "*");

  next();
 });

 app.use(app.router);

 // here's where we handle getting the username/password of the user
 app.post('/authenticate', function(req, res) {
  if (!req.body.username || !req.body.password) {
    res.send(500);
    return;
  }

  // construct a new client, this should be per request, not global, as the client
  // is unique to each authentication request
  pkgcloud.providers.openstack.identity.createIdentity({
    username: req.body.username,
    password: req.body.password,
    url: 'https://identity.api.rackspacecloud.com',
    region: 'DFW'
  }, function(err, identity) {
    // if something went bad, just proxy the error back to the caller
    if (err) {
      res.send(err.statusCode, err);
    }
    else {

      // WARNING TOTALLY CONTRIVED
      // DO NOT USE
      //
      // synthesize a session id from time+token+username

      var stringToHash = new Date().getTime() + '-' + identity.token.id + req.body.username;
      var sessionId = crypto.createHash('md5').update(stringToHash).digest('hex');

      // stuff the new session into the cache
      sessions[sessionId] = identity.token;
      sessions[sessionId].sessionId = sessionId;

      // return the sessionId
      res.json(200, sessions[sessionId]);
    }
  });
 });

 // here's where we delete a current session
 app.get('/logout', function(req, res) {

  // if no session, just redir to root route
  if (!req.session) {
    res.redirect('/');
    return;
  }
  else {
    console.log('logging out session id: ' + req.session.sessionId);
    delete sessions[req.session.sessionId];
    res.send(200);
  }
 });

 // catch all for all routes, if we have a session, lets return the token id
 app.get('*', function(req, res) {
  if (req.session) {
    var options = {
      method: 'get',
      uri: 'http://localhost:12345' + req.path
    };

    request(options, function(err, response, body) {
      if (err) {
        res.json(500, { error: err });
      }
      else {
        res.json(response.statusCode, body);
      }
    });
  }
  else {
    res.send(200);
  }
 });

 https.createServer(options, app).listen(app.get('port'), function(){
  console.log('Express server listening on port ' + app.get('port'));
 });
diff --git a/package.json b/package.json
 {
  "name": "application-name",
  "version": "0.0.1",
  "private": true,
  "scripts": {
    "start": "node app.js"
  },
  "dependencies": {
    "express": "3.4.6",
    "pkgcloud": "0.8.*",
    "request": "*"
  }
 }

	/**
	* Module dependencies.
	*/

	var express = require('express'),
	crypto = require('crypto'),
	https = require('https'),
	path = require('path'),
	fs = require('fs'),
	pkgcloud = require('pkgcloud'),
	request = require('request');

	var app = express();

	// SSL Configuration
	var options = {
	key: fs.readFileSync('./server.key'),
	cert: fs.readFileSync('./server.crt')
	};

	// create an in memory object for storing sessions
	var sessions = {};

	// all environments
	app.set('port', process.env.PORT \|\| 443);
	app.use(express.favicon());
	app.use(express.logger('dev'));
	app.use(express.json());
	app.use(express.urlencoded());
	app.use(express.methodOverride());

	// Here's where we crack a special header to ses if we have a session id header
	// and the cooresponding object in the cache
	app.use(function(req, res, next) {
	if ((req.headers['x-session-id']) && (sessions[req.headers['x-session-id']])) {

	// if we find a session, stuff on it on the request object for the duration
	// of the present request
	req.session = sessions[req.headers['x-session-id']];
	}

	// continue to the next middle ware
	next();
	});

	app.use(function(req, res, next) {
	res.header("Access-Control-Allow-Origin", "*");
	res.header("Access-Control-Allow-Headers", "*");

	next();
	});

	app.use(app.router);

	// here's where we handle getting the username/password of the user
	app.post('/authenticate', function(req, res) {
	if (!req.body.username \|\| !req.body.password) {
	res.send(500);
	return;
	}

	// construct a new client, this should be per request, not global, as the client
	// is unique to each authentication request
	pkgcloud.providers.openstack.identity.createIdentity({
	username: req.body.username,
	password: req.body.password,
	url: 'https://identity.api.rackspacecloud.com',
	region: 'DFW'
	}, function(err, identity) {
	// if something went bad, just proxy the error back to the caller
	if (err) {
	res.send(err.statusCode, err);
	}
	else {

	// WARNING TOTALLY CONTRIVED
	// DO NOT USE
	//
	// synthesize a session id from time+token+username

	var stringToHash = new Date().getTime() + '-' + identity.token.id + req.body.username;
	var sessionId = crypto.createHash('md5').update(stringToHash).digest('hex');

	// stuff the new session into the cache
	sessions[sessionId] = identity.token;
	sessions[sessionId].sessionId = sessionId;

	// return the sessionId
	res.json(200, sessions[sessionId]);
	}
	});
	});

	// here's where we delete a current session
	app.get('/logout', function(req, res) {

	// if no session, just redir to root route
	if (!req.session) {
	res.redirect('/');
	return;
	}
	else {
	console.log('logging out session id: ' + req.session.sessionId);
	delete sessions[req.session.sessionId];
	res.send(200);
	}
	});

	// catch all for all routes, if we have a session, lets return the token id
	app.get('*', function(req, res) {
	if (req.session) {
	var options = {
	method: 'get',
	uri: 'http://localhost:12345' + req.path
	};

	request(options, function(err, response, body) {
	if (err) {
	res.json(500, { error: err });
	}
	else {
	res.json(response.statusCode, body);
	}
	});
	}
	else {
	res.send(200);
	}
	});

	https.createServer(options, app).listen(app.get('port'), function(){
	console.log('Express server listening on port ' + app.get('port'));
	});
	{
	"name": "application-name",
	"version": "0.0.1",
	"private": true,
	"scripts": {
	"start": "node app.js"
	},
	"dependencies": {
	"express": "3.4.6",
	"pkgcloud": "0.8.*",
	"request": "*"
	}
	}