Last active
April 7, 2017 21:02
-
-
Save sailsinaction/52e958f7f9effb0902bbbce9d660b218 to your computer and use it in GitHub Desktop.
Chapter 15 - Gists
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.d8888b. 888 888 d888 888888888 .d8888b. d8b 888 | |
d88P Y88b 888 888 d8888 888 d88P Y88b Y8P 888 | |
888 888 888 888 888 888 888 888 888 | |
888 88888b. 8888b. 88888b. 888888 .d88b. 888d888 888 8888888b. 888 888 .d8888b 888888 .d8888b | |
888 888 "88b "88b 888 "88b 888 d8P Y8b 888P" 888 "Y88b 888 88888 888 88K 888 88K | |
888 888 888 888 .d888888 888 888 888 88888888 888 888 888 888888 888 888 888 "Y8888b. 888 "Y8888b. | |
Y88b d88P 888 888 888 888 888 d88P Y88b. Y8b. 888 888 Y88b d88P Y88b d88P 888 X88 Y88b. X88 | |
"Y8888P" 888 888 "Y888888 88888P" "Y888 "Y8888 888 8888888 "Y8888P" "Y8888P88 888 88888P' "Y888 88888P' | |
888 | |
888 | |
888 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports.connections = { | |
/*************************************************************************** | |
* * | |
* Local disk storage for DEVELOPMENT ONLY * | |
* * | |
* Installed by default. * | |
* * | |
***************************************************************************/ | |
localDiskDb: { | |
adapter: 'sails-disk' | |
}, | |
/*************************************************************************** | |
* * | |
* MySQL is the world's most popular relational database. * | |
* http://en.wikipedia.org/wiki/MySQL * | |
* * | |
* Run: npm install sails-mysql * | |
* * | |
***************************************************************************/ | |
someMysqlServer: { | |
adapter: 'sails-mysql', | |
host: 'YOUR_MYSQL_SERVER_HOSTNAME_OR_IP_ADDRESS', | |
user: 'YOUR_MYSQL_USER', | |
password: 'YOUR_MYSQL_PASSWORD', | |
database: 'YOUR_MYSQL_DB' | |
}, | |
/*************************************************************************** | |
* * | |
* MongoDB is the leading NoSQL database. * | |
* http://en.wikipedia.org/wiki/MongoDB * | |
* * | |
* Run: npm install sails-mongo * | |
* * | |
***************************************************************************/ | |
someMongodbServer: { | |
adapter: 'sails-mongo', | |
host: 'localhost', | |
port: 27017, | |
// user: 'username', | |
// password: 'password', | |
// database: 'your_mongo_db_name_here' | |
}, | |
/*************************************************************************** | |
* * | |
* PostgreSQL is another officially supported relational database. * | |
* http://en.wikipedia.org/wiki/PostgreSQL * | |
* * | |
* Run: npm install sails-postgresql * | |
* * | |
* * | |
***************************************************************************/ | |
somePostgresqlServer: { | |
adapter: 'sails-postgresql', | |
host: 'YOUR_POSTGRES_SERVER_HOSTNAME_OR_IP_ADDRESS', | |
user: 'YOUR_POSTGRES_USER', | |
password: 'YOUR_POSTGRES_PASSWORD', | |
database: 'YOUR_POSTGRES_DB' | |
}, | |
productionPostgresqlServer: { | |
adapter: 'sails-postgresql', | |
url: process.env.DATABASE_URL, | |
ssl: true | |
}, | |
/*************************************************************************** | |
* * | |
* More adapters: https://github.com/balderdashy/sails * | |
* * | |
***************************************************************************/ | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Production environment settings | |
* | |
* This file can include shared settings for a production environment, | |
* such as API keys or remote database passwords. If you're using | |
* a version control solution for your Sails app, this file will | |
* be committed to your repository unless you add it to your .gitignore | |
* file. If your repository will be publicly viewable, don't add | |
* any private information to this file! | |
* | |
*/ | |
module.exports = { | |
models: { | |
connection: 'productionPostgresqlServer' | |
}, | |
/*************************************************************************** | |
* Set the default database connection for models in the production * | |
* environment (see config/connections.js and config/models.js ) * | |
***************************************************************************/ | |
// models: { | |
// connection: 'someMysqlServer' | |
// }, | |
/*************************************************************************** | |
* Set the port in the production environment to 80 * | |
***************************************************************************/ | |
// port: 80, | |
/*************************************************************************** | |
* Set the log level in production environment to "silent" * | |
***************************************************************************/ | |
// log: { | |
// level: "silent" | |
// } | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Production environment settings | |
* | |
* This file can include shared settings for a production environment, | |
* such as API keys or remote database passwords. If you're using | |
* a version control solution for your Sails app, this file will | |
* be committed to your repository unless you add it to your .gitignore | |
* file. If your repository will be publicly viewable, don't add | |
* any private information to this file! | |
* | |
*/ | |
module.exports = { | |
models: { | |
connection: 'productionPostgresqlServer' | |
}, | |
connections: { | |
productionPostgresqlServer: { | |
adapter: 'sails-postgresql', | |
url: process.env.DATABASE_URL, | |
ssl: true | |
} | |
}, | |
/*************************************************************************** | |
* Set the default database connection for models in the production * | |
* environment (see config/connections.js and config/models.js ) * | |
***************************************************************************/ | |
// models: { | |
// connection: 'someMysqlServer' | |
// }, | |
/*************************************************************************** | |
* Set the port in the production environment to 80 * | |
***************************************************************************/ | |
// port: 80, | |
/*************************************************************************** | |
* Set the log level in production environment to "silent" * | |
***************************************************************************/ | |
// log: { | |
// level: "silent" | |
// } | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Bootstrap | |
* (sails.config.bootstrap) | |
* | |
* An asynchronous bootstrap function that runs before your Sails app gets lifted. | |
* This gives you an opportunity to set up your data model, run jobs, or perform some special logic. | |
* | |
* For more information on bootstrapping your app, check out: | |
* http://sailsjs.org/#!/documentation/reference/sails.config/sails.config.bootstrap.html | |
*/ | |
module.exports.bootstrap = function(cb) { | |
User.find().limit(1).exec(function(err, user) { | |
if(err) { return cb(err); } | |
if(user.length > 0) { return cb(); } | |
var FixtureBootstrapper = require('../fixtures'); | |
return FixtureBootstrapper(cb); | |
}); | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports.blueprints = { | |
shortcuts: true, | |
prefix: '/bp', | |
}; | |
module.exports.connections = { | |
// myPostgresqlServer: { | |
// adapter: 'sails-postgresql', | |
// host: 'localhost', | |
// database: 'brushfire' | |
// } | |
myPostgresqlServer: { | |
adapter: 'sails-postgresql', | |
url: 'ADD YOUR OWN HEROKU POSTGRESQL URL HERE', | |
ssl: true | |
} | |
}; | |
module.exports.mailgun = { | |
apiKey: 'ADD YOUR OWN MAILGUN API KEY', | |
domain: 'ADD YOUR OWN MAILGUN DOMAIN', | |
baseUrl: 'http://localhost:1337' | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* app.js | |
* | |
* Use `app.js` to run your app without `sails lift`. | |
* To start the server, run: `node app.js`. | |
* | |
* This is handy in situations where the sails CLI is not relevant or useful. | |
* | |
* For example: | |
* => `node app.js` | |
* => `forever start app.js` | |
* => `node debug app.js` | |
* => `modulus deploy` | |
* => `heroku scale` | |
* | |
* | |
* The same command-line arguments are supported, e.g.: | |
* `node app.js --silent --port=80 --prod` | |
*/ | |
// Ensure we're in the project directory, so relative paths work as expected | |
// no matter where we actually lift from. | |
process.chdir(__dirname); | |
// Ensure a "sails" can be located: | |
(function() { | |
var sails; | |
try { | |
sails = require('sails'); | |
} catch (e) { | |
console.error('To run an app using `node app.js`, you usually need to have a version of `sails` installed in the same directory as your app.'); | |
console.error('To do that, run `npm install sails`'); | |
console.error(''); | |
console.error('Alternatively, if you have sails installed globally (i.e. you did `npm install -g sails`), you can use `sails lift`.'); | |
console.error('When you run `sails lift`, your app will still use a local `./node_modules/sails` dependency if it exists,'); | |
console.error('but if it doesn\'t, the app will run with the global sails instead!'); | |
return; | |
} | |
// Try to get `rc` dependency | |
var rc; | |
try { | |
rc = require('rc'); | |
} catch (e0) { | |
try { | |
rc = require('sails/node_modules/rc'); | |
} catch (e1) { | |
console.error('Could not find dependency: `rc`.'); | |
console.error('Your `.sailsrc` file(s) will be ignored.'); | |
console.error('To resolve this, run:'); | |
console.error('npm install rc --save'); | |
rc = function () { return {}; }; | |
} | |
} | |
var config = rc('sails'); | |
if (process.env.NODE_ENV === 'production' || process.env.nogrunt) { //#A | |
config.hooks = config.hooks || {}; | |
config.hooks.grunt = false; //#B | |
} | |
// Start server | |
sails.lift(config); | |
})(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports = function (grunt) { | |
grunt.registerTask('heroku:production', [ | |
'compileAssets', | |
'concat', | |
'uglify', | |
'cssmin', | |
'sails-linker:prodJs', | |
'sails-linker:prodStyles', | |
'sails-linker:devTpl', | |
'sails-linker:prodJsJade', | |
'sails-linker:prodStylesJade', | |
'sails-linker:devTplJade' | |
]); | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Production environment settings | |
* | |
* This file can include shared settings for a production environment, | |
* such as API keys or remote database passwords. If you're using | |
* a version control solution for your Sails app, this file will | |
* be committed to your repository unless you add it to your .gitignore | |
* file. If your repository will be publicly viewable, don't add | |
* any private information to this file! | |
* | |
*/ | |
module.exports = { | |
models: { | |
connection: 'productionPostgresqlServer' | |
}, | |
connections: { | |
productionPostgresqlServer: { | |
adapter: 'sails-postgresql', | |
url: process.env.DATABASE_URL, | |
ssl: true | |
} | |
}, | |
session: { | |
adapter: 'redis', | |
url: process.env.REDISTOGO_URL | |
}, | |
sockets: { | |
adapter: 'socket.io-redis', | |
url: processs.env.REDISTOGO_URL, | |
}, | |
/*************************************************************************** | |
* Set the default database connection for models in the production * | |
* environment (see config/connections.js and config/models.js ) * | |
***************************************************************************/ | |
// models: { | |
// connection: 'someMysqlServer' | |
// }, | |
/*************************************************************************** | |
* Set the port in the production environment to 80 * | |
***************************************************************************/ | |
// port: 80, | |
/*************************************************************************** | |
* Set the log level in production environment to "silent" * | |
***************************************************************************/ | |
// log: { | |
// level: "silent" | |
// } | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Session Configuration | |
* (sails.config.session) | |
* | |
* Sails session integration leans heavily on the great work already done by | |
* Express, but also unifies Socket.io with the Connect session store. It uses | |
* Connect's cookie parser to normalize configuration differences between Express | |
* and Socket.io and hooks into Sails' middleware interpreter to allow you to access | |
* and auto-save to `req.session` with Socket.io the same way you would with Express. | |
* | |
* For more information on configuring the session, check out: | |
* http://sailsjs.org/#!/documentation/reference/sails.config/sails.config.session.html | |
*/ | |
module.exports.session = { | |
/*************************************************************************** | |
* * | |
* Session secret is automatically generated when your new app is created * | |
* Replace at your own risk in production-- you will invalidate the cookies * | |
* of your users, forcing them to log in again. * | |
* * | |
***************************************************************************/ | |
secret: '25679cca11a83d473e10981c49c4fe93', | |
/*************************************************************************** | |
* * | |
* Set the session cookie expire time The maxAge is set by milliseconds, * | |
* the example below is for 24 hours * | |
* * | |
***************************************************************************/ | |
// cookie: { | |
// maxAge: 24 * 60 * 60 * 1000 | |
// }, | |
/*************************************************************************** | |
* * | |
* In production, uncomment the following lines to set up a shared redis * | |
* session store that can be shared across multiple Sails.js servers * | |
***************************************************************************/ | |
adapter: 'redis', | |
/*************************************************************************** | |
* * | |
* The following values are optional, if no options are set a redis * | |
* instance running on localhost is expected. Read more about options at: * | |
* https://github.com/visionmedia/connect-redis * | |
* * | |
* * | |
***************************************************************************/ | |
// host: 'localhost', | |
// port: 6379, | |
// ttl: <redis session TTL in seconds>, | |
// db: 0, | |
// pass: <redis auth password>, | |
// prefix: 'sess:', | |
/*************************************************************************** | |
* * | |
* Uncomment the following lines to use your Mongo adapter as a session * | |
* store * | |
* * | |
***************************************************************************/ | |
// adapter: 'mongo', | |
// host: 'localhost', | |
// port: 27017, | |
// db: 'sails', | |
// collection: 'sessions', | |
/*************************************************************************** | |
* * | |
* Optional Values: * | |
* * | |
* # Note: url will override other connection settings url: * | |
* 'mongodb://user:pass@host:port/database/collection', * | |
* * | |
***************************************************************************/ | |
// username: '', | |
// password: '', | |
// auto_reconnect: false, | |
// ssl: false, | |
// stringify: true | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Production environment settings | |
* | |
* This file can include shared settings for a production environment, | |
* such as API keys or remote database passwords. If you're using | |
* a version control solution for your Sails app, this file will | |
* be committed to your repository unless you add it to your .gitignore | |
* file. If your repository will be publicly viewable, don't add | |
* any private information to this file! | |
* | |
*/ | |
module.exports = { | |
models: { | |
connection: 'productionPostgresqlServer' | |
}, | |
connections: { | |
productionPostgresqlServer: { | |
adapter: 'sails-postgresql', | |
url: process.env.DATABASE_URL, | |
ssl: true | |
} | |
}, | |
session: { | |
adapter: 'redis', | |
url: process.env.REDISTOGO_URL | |
}, | |
sockets: { | |
adapter: 'socket.io-redis', | |
url: process.env.REDISTOGO_URL, | |
}, | |
mailgun: { | |
apiKey: process.env.MAILGUN_API_KEY, | |
domain: process.env.MAILGUN_DOMAIN, | |
baseUrl: process.env.MAILGUN_BASE_URL | |
}, | |
/*************************************************************************** | |
* Set the default database connection for models in the production * | |
* environment (see config/connections.js and config/models.js ) * | |
***************************************************************************/ | |
// models: { | |
// connection: 'someMysqlServer' | |
// }, | |
/*************************************************************************** | |
* Set the port in the production environment to 80 * | |
***************************************************************************/ | |
// port: 80, | |
/*************************************************************************** | |
* Set the log level in production environment to "silent" * | |
***************************************************************************/ | |
// log: { | |
// level: "silent" | |
// } | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var Sails = require('../node_modules/sails'); | |
var sails = require('sails'); | |
before(function(done) { | |
Sails.lift({ | |
log: { | |
level: 'error' | |
}, | |
hooks: { | |
grunt: false | |
} | |
}, done); | |
}); | |
after(function(done) { | |
Sails.lower(done); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
... | |
}, | |
"scripts": { | |
"debug": "node debug app.js", | |
"start": "node app.js", | |
"test": "NODE_ENV=test mocha --recursive -t 5000" | |
}, | |
"main": "app.js", | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports = { | |
models: { //#A | |
connection: 'memory', | |
schema: true, | |
migrations: 'drop' | |
}, | |
connections: { //#B | |
memory: { | |
adapter: 'sails-memory', | |
} | |
}, | |
session: { //#C | |
adapter: 'memory' | |
}, | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var assert = require('assert'); | |
describe('Personal Heros :: ', function(){ | |
describe('Nikola Tesla :: ', function(){ | |
it('everyone should think Nikola Tesla is a genius!', function() { | |
// Since there are no errors, this test will pass! | |
assert.equal(1,1); | |
}); | |
}); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var assert = require('assert'); | |
var request = require('supertest'); | |
describe('User Controller :: ', function() { | |
describe('POST /user/signup :: ', function() { | |
describe('When logged in :: ', function() { | |
var agent; | |
before(function(done) { | |
agent = request.agent(sails.hooks.http.app); | |
Passwords.encryptPassword({ | |
password: 'abc123' | |
}) | |
.exec({ | |
error: done, | |
success: function(password) { | |
User.create({ | |
username: 'testtest', | |
email: 'test@test.com', | |
encryptedPassword: password | |
}) | |
.exec(function(err, user) { | |
if(err) { return done(err); } | |
agent | |
.put('/login') | |
.send({ | |
username: 'testtest', | |
password: 'abc123' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
console.log('res.status', res.status); | |
return done(); | |
}); | |
}); | |
} | |
}); | |
}); | |
}); | |
}); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// POST /user/signup' | |
// UserController.signup | |
var assert = require('assert'); | |
var request = require('supertest'); | |
var Passwords = require('machinepack-passwords'); | |
describe('User Controller :: ', function() { | |
describe('POST /user/signup :: ', function() { | |
// Testing when authenticated | |
describe('When logged in :: ', function() { | |
// A placeholder that will simulate an instance of a browser | |
var agent; | |
// Before we start the test, create a user and then login | |
before(function(done) { | |
// By using request.agent and passing in the app dictionary we can | |
// now simulate persistent cookies in addition to making requests. | |
// request.agent gets properties like the existing `port` and fully | |
// qualified url. | |
agent = request.agent(sails.hooks.http.app); | |
// Encrypt the password | |
Passwords.encryptPassword({ | |
password: 'abc123' | |
}) | |
.exec({ | |
error: done, | |
success: function(password) { | |
// Create the user | |
User.create({ | |
username: 'test', | |
email: 'test@test.com', | |
encryptedPassword: password | |
}) | |
.exec(function(err, user) { | |
if(err) { return done(err); } | |
// Authenticate the newly created user | |
agent | |
.put('/login') | |
.send({ | |
username: 'testtest', | |
password: 'abc123' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
console.log('res.status', res.status); | |
return done(); | |
}); | |
}); | |
} | |
}); | |
}); | |
it('should return a 403 response code', function(done) { | |
// Make a request to signup a new user | |
agent | |
.post('/user/signup') | |
.send({ | |
username: 'foofoo', | |
email: 'foo@foo.com', | |
password: 'barbaz' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
// Check that the status code return is a 403 | |
assert.equal(res.statusCode, 403); | |
return done(); | |
}); | |
}); | |
}); | |
}); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports = { | |
username: 'testtest', | |
password: 'abc123', | |
email: 'test@test.com' | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// POST /user/signup' | |
// UserController.signup | |
var assert = require('assert'); | |
var request = require('supertest'); | |
var Passwords = require('machinepack-passwords'); | |
describe('User Controller :: ', function() { | |
describe('POST /user/signup :: ', function() { | |
// Testing when authenticated | |
describe('When logged in :: ', function() { | |
// A placeholder that will simulate an instance of a browser | |
var agent; | |
// Before we start the test, create a user and then login | |
before(function(done) { | |
var createTestUserAndAuthenticate = require('../utils/create-logged-in-user'); | |
agent = request.agent(sails.hooks.http.app); | |
createTestUserAndAuthenticate(agent, done); | |
}); | |
it('should return a 403 response code', function(done) { | |
// Make a request to signup a new user | |
agent | |
.post('/user/signup') | |
.send({ | |
username: 'foofoo', | |
email: 'foo@foo.com', | |
password: 'barbaz' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
// Check that the status code return is a 403 | |
assert.equal(res.statusCode, 403); | |
return done(); | |
}); | |
}); | |
}); | |
}); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var request = require('supertest'); | |
var Passwords = require('machinepack-passwords'); | |
var USER_FIXTURE = require('../fixtures/user'); //#A | |
module.exports = function(agent, cb) { //#B | |
Passwords.encryptPassword({ | |
password: USER_FIXTURE.password //#C | |
}) | |
.exec({ | |
error: cb, | |
success: function(password) { | |
User.create({ | |
username: USER_FIXTURE.username, | |
email: USER_FIXTURE.email, | |
encryptedPassword: password | |
}) | |
.exec(function(err, user) { | |
if(err) { return cb(err); } | |
agent | |
.put('/login') | |
.send({ | |
username: USER_FIXTURE.username, | |
password: USER_FIXTURE.password | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return cb(err); } | |
return cb(); | |
}); | |
}); | |
} | |
}); | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// From Gist 15.25 | |
// POST /user/signup' | |
// UserController.signup | |
var assert = require('assert'); | |
var request = require('supertest'); | |
var Passwords = require('machinepack-passwords'); | |
describe('User Controller :: ', function() { | |
describe('POST /user/signup :: ', function() { | |
// Testing when authenticated | |
describe('When logged in :: ', function() { | |
// A placeholder that will simulate an instance of a browser | |
var agent; | |
// Before we start the test, create a user and then login | |
before(function(done) { | |
var createTestUserAndAuthenticate = require('../utils/create-logged-in-user'); | |
agent = request.agent(sails.hooks.http.app); | |
createTestUserAndAuthenticate(agent, done); | |
}); | |
it('should return a 403 response code', function(done) { | |
// Make a request to signup a new user | |
agent | |
.post('/user/signup') | |
.send({ | |
username: 'foofoo', | |
email: 'foo@foo.com', | |
password: 'barbaz' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
// Check that the status code return is a 403 | |
assert.equal(res.statusCode, 403); | |
return done(); | |
}); | |
}); | |
}); | |
describe('When logged out ::', function() { | |
describe('With an invalid email address', function() { | |
it('should return a 400 status code when missing', function(done) { | |
request(sails.hooks.http.app) | |
.post('/user/signup') | |
.send({ | |
username: 'foo', | |
password: 'barbaz' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
assert.equal(res.statusCode, 400); | |
return done(); | |
}); | |
}); | |
}); | |
}); | |
}); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// POST /user/signup' | |
// UserController.signup | |
var assert = require('assert'); | |
var request = require('supertest'); | |
var Passwords = require('machinepack-passwords'); | |
describe('User Controller :: ', function() { | |
describe('POST /user/signup :: ', function() { | |
// Testing when authenticated | |
describe('When logged in :: ', function() { | |
// A placeholder that will simulate an instance of a browser | |
var agent; | |
// Before we start the test, create a user and then login | |
before(function(done) { | |
var createTestUserAndAuthenticate = require('../utils/create-logged-in-user'); | |
// By using request.agent and passing in the app dictionary we can | |
// now simulate persistent cookies in addition to making requests. | |
// request.agent gets properties like the existing `port` and fully | |
// qualified url. | |
agent = request.agent(sails.hooks.http.app); | |
// Calling the helper function to create and authenticate a user | |
// passing the agent dictionary that simulates a browser | |
// passing the callback making this an asychronous function | |
createTestUserAndAuthenticate(agent, done); | |
}); | |
it('should return a 403 response code', function(done) { | |
// Make a request to signup a new user | |
agent | |
.post('/user/signup') | |
.send({ | |
username: 'foofoo', | |
email: 'foo@foo.com', | |
password: 'barbaz' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
// Check that the status code return is a 403 | |
assert.equal(res.statusCode, 403); | |
return done(); | |
}); | |
}); | |
}); | |
// Loggedout policy | |
describe('When logged out ::', function() { | |
// Email validation | |
describe('With an invalid email address', function() { | |
// Missing email | |
it('should return a 400 status code when missing', function(done) { | |
// Make the HTTP request | |
request(sails.hooks.http.app) | |
.post('/user/signup') | |
.send({ | |
username: 'foofoo', | |
password: 'barbaz' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
// Check that the status code is 400 | |
assert.equal(res.statusCode, 400); | |
return done(); | |
}); | |
}); | |
}); | |
}); | |
describe('With valid properties', function() { | |
// Holds the response so that we can test it | |
var userResponse; | |
// Create a new user | |
before(function(done) { | |
request(sails.hooks.http.app) | |
.post('/user/signup') | |
.send({ | |
username: 'foofoo', | |
password: 'barbaz', | |
email: 'foo.bar@baz.com' | |
}) | |
.set('Content-Type', 'application/json') | |
.end(function(err, res) { | |
if(err) { return done(err); } | |
userResponse = res; | |
done(); | |
}); | |
}); | |
it('should return a 200 response code', function() { | |
assert.equal(userResponse.statusCode, 200); | |
}); | |
it('should return the username of the user in the body', function() { | |
assert.equal(userResponse.body.username, 'foofoo'); | |
}); | |
it('should set the gravatar on the user record', function(done) { | |
User.findOne({ username: 'foofoo' }).exec(function(err, user) { | |
if(err) { return done(err); } | |
assert(user); | |
assert(user.gravatarURL); | |
assert.notEqual(user.gravatarURL, ''); | |
done(); | |
}); | |
}); | |
}); | |
}); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Cross-Site Request Forgery Protection Settings | |
* (sails.config.csrf) | |
* | |
* CSRF tokens are like a tracking chip. While a session tells the server that a user | |
* "is who they say they are", a csrf token tells the server "you are where you say you are". | |
* | |
* When enabled, all non-GET requests to the Sails server must be accompanied by | |
* a special token, identified as the '_csrf' parameter. | |
* | |
* This option protects your Sails app against cross-site request forgery (or CSRF) attacks. | |
* A would-be attacker needs not only a user's session cookie, but also this timestamped, | |
* secret CSRF token, which is refreshed/granted when the user visits a URL on your app's domain. | |
* | |
* This allows us to have certainty that our users' requests haven't been hijacked, | |
* and that the requests they're making are intentional and legitimate. | |
* | |
* This token has a short-lived expiration timeline, and must be acquired by either: | |
* | |
* (a) For traditional view-driven web apps: | |
* Fetching it from one of your views, where it may be accessed as | |
* a local variable, e.g.: | |
* <form> | |
* <input type="hidden" name="_csrf" value="<%= _csrf %>" /> | |
* </form> | |
* | |
* or (b) For AJAX/Socket-heavy and/or single-page apps: | |
* Sending a GET request to the `/csrfToken` route, where it will be returned | |
* as JSON, e.g.: | |
* { _csrf: 'ajg4JD(JGdajhLJALHDa' } | |
* | |
* | |
* Enabling this option requires managing the token in your front-end app. | |
* For traditional web apps, it's as easy as passing the data from a view into a form action. | |
* In AJAX/Socket-heavy apps, just send a GET request to the /csrfToken route to get a valid token. | |
* | |
* For more information on CSRF, check out: | |
* http://en.wikipedia.org/wiki/Cross-site_request_forgery | |
* | |
* For more information on this configuration file, including info on CSRF + CORS, see: | |
* http://sailsjs.org/#!/documentation/reference/sails.config/sails.config.csrf.html | |
* | |
*/ | |
/**************************************************************************** | |
* * | |
* Enabled CSRF protection for your site? * | |
* * | |
****************************************************************************/ | |
module.exports.csrf = true; | |
/**************************************************************************** | |
* * | |
* You may also specify more fine-grained settings for CSRF, including the * | |
* domains which are allowed to request the CSRF token via AJAX. These * | |
* settings override the general CORS settings in your config/cors.js file. * | |
* * | |
****************************************************************************/ | |
// module.exports.csrf = { | |
// grantTokenViaAjax: true, | |
// origin: '' | |
// } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
angular.module('brushfire', ['toastr', 'compareTo', 'ui.bootstrap', 'ngPatternRestrict']) | |
.config(['$sceDelegateProvider', function($sceDelegateProvider) { | |
$sceDelegateProvider.resourceUrlWhitelist([ | |
'self', | |
'*://www.youtube.com/**' | |
]); | |
}]); | |
angular.module('brushfire').run(['$http', function($http) { | |
if (window.SAILS_LOCALS._csrf) { | |
$http.defaults.headers.common['X-CSRF-Token'] = window.SAILS_LOCALS._csrf; | |
} | |
}]); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Brushfire</title> | |
<!-- Viewport mobile tag for sensible mobile support --> | |
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> | |
<!-- Font --> | |
<link href='https://fonts.googleapis.com/css?family=Lato:300,300italic,700,700italic' rel='stylesheet' type='text/css'> | |
<!--STYLES--> | |
<!--STYLES END--> | |
<!-- Expose sails locals on the window object --> | |
<script type="text/javascript"> //#A | |
window.SAILS_LOCALS = { | |
_csrf: <%- typeof _csrf !== 'undefined' ? JSON.stringify(_csrf) : 'null' %>, | |
me: <%- | |
// Note that by putting these comments inside of the EJS tag, we prevent them from | |
// being sent down to client (i.e. they are boiled away on the server along with the | |
// EJS tags) | |
// | |
// Notice we must check that `me` exists using typeof to keep EJS from throwing | |
// and displaying an ugly error message when rendering certain pages | |
// (i.e. 404 /500 error pages) | |
typeof me !== 'undefined' ? JSON.stringify(me) : 'null' | |
// Note that we deliberately use 'null' (a string) because EJS converts the `null` literal | |
// into empty string (''), which is not what we want (that would be invalid JS and cause a | |
// client-side error in the browser) | |
%> | |
}; | |
</script> | |
</head> | |
<body ng-app="brushfire"> | |
<%- partial('./partials/navigation.ejs') %> | |
<%- body %> | |
<!--TEMPLATES--> | |
<!--TEMPLATES END--> | |
<script src="/js/dependencies/sails.io.js" headers='{"x-csrf-token":<%- typeof _csrf !== 'undefined' ? JSON.stringify(_csrf) : 'null' %>}'></script> | |
<!--SCRIPTS--> | |
<!--SCRIPTS END--> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* grunt/pipeline.js | |
* | |
* The order in which your css, javascript, and template files should be | |
* compiled and linked from your views and static HTML files. | |
* | |
* (Note that you can take advantage of Grunt-style wildcard/glob/splat expressions | |
* for matching multiple files.) | |
*/ | |
// CSS files to inject in order | |
// | |
// (if you're using LESS with the built-in default config, you'll want | |
// to change `assets/styles/importer.less` instead.) | |
var cssFilesToInject = [ | |
'styles/**/*.css' | |
]; | |
// Client-side javascript files to inject in order | |
// (uses Grunt-style wildcard/glob/splat expressions) | |
var jsFilesToInject = [ | |
// Don't load sails.io.js dependency here | |
// (because we use HTML attributes to configure it) | |
// Inject all of the rest of our dependencies one by one here: | |
// 'js/dependencies/sails.io.js', | |
'js/dependencies/angular.js', | |
'js/dependencies/jquery.min.js', | |
'js/dependencies/lodash.js', | |
'js/dependencies/angular-toastr.js', | |
'js/dependencies/bootstrap.js', | |
'js/dependencies/compareTo.module.js', | |
'js/dependencies/ui-bootstrap.js', | |
'js/dependencies/ui-bootstrap-tpls.js', | |
'js/dependencies/angular-toastr.tpls.js', | |
'js/dependencies/ng-pattern-restrict.js', | |
// Inject our angular module definition file here | |
// so that it's available for our UI controller | |
// scripts below. | |
'js/app.js', | |
// All of the rest of our controllers | |
// will be injected here in no particular order. | |
'js/controllers/**/*.js', | |
]; | |
// Client-side HTML templates are injected using the sources below | |
// The ordering of these templates shouldn't matter. | |
// (uses Grunt-style wildcard/glob/splat expressions) | |
// | |
// By default, Sails uses JST templates and precompiles them into | |
// functions for you. If you want to use jade, handlebars, dust, etc., | |
// with the linker, no problem-- you'll just want to make sure the precompiled | |
// templates get spit out to the same file. Be sure and check out `tasks/README.md` | |
// for information on customizing and installing new tasks. | |
var templateFilesToInject = [ | |
'templates/**/*.html' | |
]; | |
// Prefix relative paths to source files so they point to the proper locations | |
// (i.e. where the other Grunt tasks spit them out, or in some cases, where | |
// they reside in the first place) | |
module.exports.cssFilesToInject = cssFilesToInject.map(function(path) { | |
return '.tmp/public/' + path; | |
}); | |
module.exports.jsFilesToInject = jsFilesToInject.map(function(path) { | |
return '.tmp/public/' + path; | |
}); | |
module.exports.templateFilesToInject = templateFilesToInject.map(function(path) { | |
return 'assets/' + path; | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Brushfire</title> | |
<!-- Viewport mobile tag for sensible mobile support --> | |
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> | |
<!-- Font --> | |
<link href='https://fonts.googleapis.com/css?family=Lato:300,300italic,700,700italic' rel='stylesheet' type='text/css'> | |
<!--STYLES--> | |
<!--STYLES END--> | |
<!-- Expose sails locals on the window object --> | |
<script type="text/javascript"> //#A | |
window.SAILS_LOCALS = { | |
_csrf: <%- typeof _csrf !== 'undefined' ? JSON.stringify(_csrf) : 'null' %>, | |
me: <%- | |
// Note that by putting these comments inside of the EJS tag, we prevent them from | |
// being sent down to client (i.e. they are boiled away on the server along with the | |
// EJS tags) | |
// | |
// Notice we must check that `me` exists using typeof to keep EJS from throwing | |
// and displaying an ugly error message when rendering certain pages | |
// (i.e. 404 /500 error pages) | |
typeof me !== 'undefined' ? JSON.stringify(me) : 'null' | |
// Note that we deliberately use 'null' (a string) because EJS converts the `null` literal | |
// into empty string (''), which is not what we want (that would be invalid JS and cause a | |
// client-side error in the browser) | |
%> | |
}; | |
</script> | |
</head> | |
<body ng-app="brushfire"> | |
<%- partial('./partials/navigation.ejs') %> | |
<%- body %> | |
<!--TEMPLATES--> | |
<!--TEMPLATES END--> | |
<script src="/js/dependencies/sails.io.js" headers='{"x-csrf-token":<%- typeof _csrf !== 'undefined' ? JSON.stringify(_csrf) : 'null' %>}'></script> | |
<!--SCRIPTS--> | |
<!--SCRIPTS END--> | |
<script type="text/javascript"> | |
io.sails.headers = { //#A | |
'x-csrf-token': window.SAILS_LOCALS._csrf | |
} | |
</script> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module.exports = { | |
models: { | |
connection: 'memory', | |
schema: true, | |
migrations: 'drop' | |
}, | |
connections: { | |
memory: { | |
adapter: 'sails-memory', | |
} | |
}, | |
session: { | |
adapter: 'memory' | |
}, | |
csrf: false, | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment