Merge pull request #26 from Lavish883/lavishBranch

Added Api stuff

index.js

@@ -7,6 +7,7 @@ const pathFunctions = require('./mainJS/pathFunctions');
 const createFormFuctions = require('./mainJS/creatingForms');
 const saveForm = require('./mainJS/saveForm');
 const downloadPDFisInBulk = require('./mainJS/downloadPDFisInBulk');
+const apiFunctions = require('./mainJS/apiFunctions');
 const rateLimiter = require('./mainJS/rateLimiter.js').databaseAccessLimiter;
 const imageLimiter = require('./mainJS/rateLimiter.js').imageLimiter;
 
@@ -80,6 +81,10 @@ app.post('/formMaker/sendCodeEmail', rateLimiter ,createFormFuctions.sendCodeEma
 app.post('/formMaker/confirmEmailWithCode', rateLimiter, createFormFuctions.confirmEmailWithCode);
 app.post('/formMaker/passwordReset', rateLimiter, createFormFuctions.passwordReset);
 
+// api routes
+app.post('/api/addUsertoFormMaker', [rateLimiter, apiFunctions.checkAPI_KEY], apiFunctions.addUsertoFormMaker);
+app.post('/api/accessUserForms', [rateLimiter, apiFunctions.checkAPI_KEY], apiFunctions.accessUserForms);
+
 // Making the form maker page
 app.get('/formMaker', createFormFuctions.formMakerLogin);
 

mainJS/apiFunctions.js

@@ -0,0 +1,65 @@
+// Description: This file contains all the functions that will be used for api routes
+// Api is for people who want to use the form maker to make forms for their own website
+
+const schemas = require('../schemas/schemas');
+
+async function checkAPI_KEY(req, res, next) {
+    const apiKey = req.body.apiKey;
+    if (apiKey != process.env.API_KEY) return res.status(403).send('Not authorized');
+    next();
+}
+
+// allows to add an user to the form maker, using what the api user provides as the email and password
+async function addUsertoFormMaker(req, res){
+    const email = req.body.email;
+    const password = req.body.password;
+
+    if (email == undefined || password == undefined) return res.status(400).send('Email or password cannot be empty');
+    if (email == '' || password == '') return res.status(400).send('Email or password cannot be empty');
+
+    // check if the email is already in the database
+    var doesItExist = await schemas.formMakerUsers.findOne({
+        'email': { $eq: email }
+    });
+
+    // if it is already in the database, return an error
+    if (doesItExist != null) return res.status(400).send('Account has already been made');
+
+    // make a new user 
+    const newUser = new schemas.formMakerUsers({
+        email: email,
+        password: password,
+        forms: [],
+    });
+
+    newUser.save();
+    return res.status(200).send('Account made');
+}
+
+async function accessUserForms(req, res) {
+    const email = req.body.email;
+    const password = req.body.password;
+
+    if (email == undefined || password == undefined) return res.status(400).send('Email or password cannot be empty');
+    if (email == '' || password == '') return res.status(400).send('Email or password cannot be empty');
+
+    // check if the email is already in the database
+    var doesItExist = await schemas.formMakerUsers.findOne({
+        'email': { $eq: email }
+    });
+
+    // if it is already in the database, return an error
+    if (doesItExist == null) return res.status(400).send('Account does not exist');
+
+    // check if the password is correct
+    if (doesItExist.password != password) return res.status(400).send('Email or password is incorrect');
+
+    // return the forms
+    return res.status(200).send(doesItExist.forms);
+}
+
+module.exports = {
+    addUsertoFormMaker,
+    accessUserForms,
+    checkAPI_KEY
+}

mainJS/creatingForms.js

@@ -204,6 +204,7 @@ async function sendCodeEmail(req, res) {
     var code = crypto.randomBytes(8).toString('hex');
     var expireDate = new Date();
     expireDate.setHours(expireDate.getHours() + 1);
+
     if (doesItExist == undefined || doesItExist == null) {
         // make a new user and send the email
         const newUser = new schemas.formMakerUsers({