vjk2005/node-dropbox.js

## node-dropbox.js
/*

Simple tutorial on talking to the Dropbox API using Node.js and MongoDB.

This is an educational exercise aimed to help you get up and running on localhost, but the production code,
though not that different from what's below, will make an extra effort to handle edge cases like if the user
denies us access to their Dropbox.

Code tested on Windows 8 (32-bit)

Dropbox needs the server we are writing below to run https. Generate your SSL keys (key and cert variables below)
using the advice here: http://www.hacksparrow.com/express-js-https.html
You can use Git-bash on Windows to run the commands in the blog post above.

You need to how OAUTH works to understand this completely. OAUTH is basically a crazy-ass convoluted security
system for user authentication.
You can see how Dropbox implements this here: https://www.dropbox.com/developers/reference/api

To run this code you need to install the latest versions of the Request module, Express framework and the MongoDB
native driver. After installing node.js from nodejs.org, simply do `npm install request mongodb express` at the
command-line and you're good to go once installation is over.


Author: vjk2005/vijay
Website: www.dffrnt.com — we design and build apps.
Email: vijay@dffrnt.com

Comments and suggestions to improve this code are most welcome! You can also request more detailed explainations
of code you didn't understand, I'll try my best to answer them as time allows.

LONG LIVE NODE.JS! Even a designer like me can now write code that makes cool things happen with relatively
little effort!

*/


var
    fs              = require( 'fs' ),
    key             = fs.readFileSync( 'your-ssl-key.pem' ).toString(),
    cert            = fs.readFileSync( 'your-ssl-cert.pem' ).toString(),
    app             = require( 'express' )(),
    https           = require( 'https' ),
    request         = require( 'request' ),
    REQ_URL         = 'https://api.dropbox.com/1/oauth/request_token',
    AUTH_URL        = 'https://www.dropbox.com/1/oauth/authorize',
    ACCESS_URL      = 'https://api.dropbox.com/1/oauth/access_token',
    CB_URL          = 'https://localhost:443/signin/callback', // replace `localhost` with your app's url
    CONSUMER_KEY    = 'your_dropbox_developer_consumer_key',
    CONSUMER_SECRET = 'your_dropbox_developer_consumer_secret',
    OAUTH           = { callback: CB_URL, consumer_key: CONSUMER_KEY, consumer_secret: CONSUMER_SECRET },
    MongoClient     = require( 'mongodb' ).MongoClient,
    DB_URL          = 'mongodb://localhost:27017/tokenDB',
    collection      = ''


MongoClient.connect( DB_URL, function ( err, db ) {

    // connect to MongoDB using the native Node driver so we can save the Dropbox `access` tokens later on.
    // make sure the "tokens" collection used below already exists in the `tokenDB` database.
    !err? collection = db.collection( 'tokens' ) : log( err )
})


function parseTokens( tokenString ) {

    // tokens are in the format: 'oauth_token_secret=x3rrgd1998po4re&oauth_token=tyru67jpp0843xc&uid=12345678'
    // request tokens don't have uid, only access tokens do
    var _ = tokenString.split( '=' )
    return {
        token: _[2],
        secret: _[1].split( '&' )[0],
        uid: _[3]? _[3]:0
    }
}


function saveToDatabase( data ) {

    // Saving to MongoDB here but you can substitute this with code that saves to a DB of your choice
    // Now, whenever you want to do something to a user's Dropbox, simply get their tokens stored in
    // this `tokenDB` database using their `uid` (line 64)
    collection.insert( data, {w:1}, function ( err, result ) {
        console.log( result ) // logs to node.js console where the tokens were saved to the DB or not
    })
}


app.get( '/signin/callback', function ( req, res ) {

    // User has given us access and Dropbox has redirected them to the URL we told them to redirect to,
    // which is CB_URL (line 91) and sent us the final `access` tokens along with it.
    request.post( {url: ACCESS_URL, oauth: OAUTH}, function( err, resp, body ) {
        saveToDatabase( parseTokens(body) ) // we got the tokens! we are signed in!
    })
})


app.get( '/signin', function ( req, res ) {

    // get the `request` token, then redirect user to Dropbox.com so they can confirm that they
    // want to allow us access to their Dropbox files
    request.get( {url: REQ_URL, oauth: OAUTH}, function ( err, resp, body ) {
        var tokenObj = parseTokens( body )
        OAUTH.token = tokenObj.token
        OAUTH.token_secret = tokenObj.secret
        res.redirect( AUTH_URL + '?oauth_token=' + OAUTH.token + '&oauth_callback=' + CB_URL )
    })
})

// start the https server on port 443
https.createServer( {key: key, cert: cert}, app ).listen( 443 )
	/*

	Simple tutorial on talking to the Dropbox API using Node.js and MongoDB.

	This is an educational exercise aimed to help you get up and running on localhost, but the production code,
	though not that different from what's below, will make an extra effort to handle edge cases like if the user
	denies us access to their Dropbox.

	Code tested on Windows 8 (32-bit)

	Dropbox needs the server we are writing below to run https. Generate your SSL keys (key and cert variables below)
	using the advice here: http://www.hacksparrow.com/express-js-https.html
	You can use Git-bash on Windows to run the commands in the blog post above.

	You need to how OAUTH works to understand this completely. OAUTH is basically a crazy-ass convoluted security
	system for user authentication.
	You can see how Dropbox implements this here: https://www.dropbox.com/developers/reference/api

	To run this code you need to install the latest versions of the Request module, Express framework and the MongoDB
	native driver. After installing node.js from nodejs.org, simply do `npm install request mongodb express` at the
	command-line and you're good to go once installation is over.


	Author: vjk2005/vijay
	Website: www.dffrnt.com — we design and build apps.
	Email: vijay@dffrnt.com

	Comments and suggestions to improve this code are most welcome! You can also request more detailed explainations
	of code you didn't understand, I'll try my best to answer them as time allows.

	LONG LIVE NODE.JS! Even a designer like me can now write code that makes cool things happen with relatively
	little effort!

	*/


	var
	fs = require( 'fs' ),
	key = fs.readFileSync( 'your-ssl-key.pem' ).toString(),
	cert = fs.readFileSync( 'your-ssl-cert.pem' ).toString(),
	app = require( 'express' )(),
	https = require( 'https' ),
	request = require( 'request' ),
	REQ_URL = 'https://api.dropbox.com/1/oauth/request_token',
	AUTH_URL = 'https://www.dropbox.com/1/oauth/authorize',
	ACCESS_URL = 'https://api.dropbox.com/1/oauth/access_token',
	CB_URL = 'https://localhost:443/signin/callback', // replace `localhost` with your app's url
	CONSUMER_KEY = 'your_dropbox_developer_consumer_key',
	CONSUMER_SECRET = 'your_dropbox_developer_consumer_secret',
	OAUTH = { callback: CB_URL, consumer_key: CONSUMER_KEY, consumer_secret: CONSUMER_SECRET },
	MongoClient = require( 'mongodb' ).MongoClient,
	DB_URL = 'mongodb://localhost:27017/tokenDB',
	collection = ''


	MongoClient.connect( DB_URL, function ( err, db ) {

	// connect to MongoDB using the native Node driver so we can save the Dropbox `access` tokens later on.
	// make sure the "tokens" collection used below already exists in the `tokenDB` database.
	!err? collection = db.collection( 'tokens' ) : log( err )
	})


	function parseTokens( tokenString ) {

	// tokens are in the format: 'oauth_token_secret=x3rrgd1998po4re&oauth_token=tyru67jpp0843xc&uid=12345678'
	// request tokens don't have uid, only access tokens do
	var _ = tokenString.split( '=' )
	return {
	token: _[2],
	secret: _[1].split( '&' )[0],
	uid: _[3]? _[3]:0
	}
	}


	function saveToDatabase( data ) {

	// Saving to MongoDB here but you can substitute this with code that saves to a DB of your choice
	// Now, whenever you want to do something to a user's Dropbox, simply get their tokens stored in
	// this `tokenDB` database using their `uid` (line 64)
	collection.insert( data, {w:1}, function ( err, result ) {
	console.log( result ) // logs to node.js console where the tokens were saved to the DB or not
	})
	}


	app.get( '/signin/callback', function ( req, res ) {

	// User has given us access and Dropbox has redirected them to the URL we told them to redirect to,
	// which is CB_URL (line 91) and sent us the final `access` tokens along with it.
	request.post( {url: ACCESS_URL, oauth: OAUTH}, function( err, resp, body ) {
	saveToDatabase( parseTokens(body) ) // we got the tokens! we are signed in!
	})
	})


	app.get( '/signin', function ( req, res ) {

	// get the `request` token, then redirect user to Dropbox.com so they can confirm that they
	// want to allow us access to their Dropbox files
	request.get( {url: REQ_URL, oauth: OAUTH}, function ( err, resp, body ) {
	var tokenObj = parseTokens( body )
	OAUTH.token = tokenObj.token
	OAUTH.token_secret = tokenObj.secret
	res.redirect( AUTH_URL + '?oauth_token=' + OAUTH.token + '&oauth_callback=' + CB_URL )
	})
	})

	// start the https server on port 443
	https.createServer( {key: key, cert: cert}, app ).listen( 443 )