-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.mjs
232 lines (209 loc) · 6.3 KB
/
server.mjs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
import express from "express";
import session from "express-session";
import fetch from "node-fetch";
import dotenv from "dotenv";
import cookieParser from "cookie-parser";
import axios from "axios";
// load env vars
dotenv.config();
const app = express();
const port = process.env.PORT || 3000;
// get env vars
const thingId = process.env.THING_ID;
const propertyId = process.env.PROPERTY_ID;
const PASSWORD = process.env.PASSWORD;
const SECRET_KEY = process.env.SECRET_KEY;
const AUTH_REQUIRED = process.env.AUTH_REQUIRED === "true";
const CLIENT_ID = process.env.CLIENT_ID;
const CLIENT_SECRET = process.env.CLIENT_SECRET;
// set up middleware
app.use(express.static("public"));
app.use(express.json());
app.use(cookieParser());
// trust first proxy
app.set("trust proxy", 1);
// session middleware config
const sessionMiddleware = session({
secret: SECRET_KEY,
resave: false,
saveUninitialized: false,
cookie: {
secure: process.env.NODE_ENV === "production",
httpOnly: true,
sameSite: "lax",
maxAge: 24 * 60 * 60 * 1000, // 24 hours
},
});
app.use(sessionMiddleware);
// log session info for debugging
app.use((req, res, next) => {
console.log(`Session ID: ${req.sessionID}`);
console.log(`Session: ${JSON.stringify(req.session)}`);
next();
});
console.log("AUTH_REQUIRED:", AUTH_REQUIRED);
// check if auth is required
app.get("/auth-status", (req, res) => {
res.json({ authRequired: AUTH_REQUIRED });
});
// login route
app.post("/login", (req, res) => {
const { password } = req.body;
if (!AUTH_REQUIRED || password === PASSWORD) {
req.session.authenticated = true;
req.session.save((err) => {
if (err) {
console.error("Session save error:", err);
res.status(500).json({ message: "Internal Server Error" });
} else {
console.log("Login successful, session ID:", req.sessionID);
res.status(200).json({
message: "Login successful",
token: req.sessionID,
});
}
});
} else {
res.status(401).json({ message: "Invalid password" });
}
});
// auth middleware
function checkAuth(req, res, next) {
if (!AUTH_REQUIRED) {
return next();
}
const token = req.headers["authorization"];
if (token) {
req.sessionStore.get(token, (err, sessionData) => {
if (err) {
console.error("Session retrieval error:", err);
return res.status(500).json({ message: "Internal Server Error" });
}
if (sessionData && sessionData.authenticated) {
req.session.authenticated = sessionData.authenticated;
req.sessionID = token;
return next();
} else {
return res.status(403).json({ message: "Not authenticated" });
}
});
} else {
res.status(403).json({ message: "No token provided" });
}
}
// get arduino iot cloud access token
async function getAccessToken() {
try {
const response = await axios.post(
"https://api2.arduino.cc/iot/v1/clients/token",
new URLSearchParams({
grant_type: "client_credentials",
client_id: CLIENT_ID,
client_secret: CLIENT_SECRET,
audience: "https://api2.arduino.cc/iot",
}),
{
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
},
);
return response.data.access_token;
} catch (error) {
console.error("Error getting access token:", error);
throw error;
}
}
// send command to arduino iot cloud
async function sendCommand(value) {
const accessToken = await getAccessToken();
const response = await fetch(
`https://api2.arduino.cc/iot/v2/things/${thingId}/properties/${propertyId}/publish`,
{
method: "PUT",
headers: {
Authorization: `Bearer ${accessToken}`,
"Content-Type": "application/json",
},
body: JSON.stringify({ value }),
},
);
if (!response.ok) {
throw new Error("Failed to update property");
}
}
// handle door commands
app.post("/command", checkAuth, async (req, res) => {
const { command } = req.body;
try {
await sendCommand(command === "open");
res.status(200).send("Command sent successfully");
} catch (error) {
console.error("Error sending command:", error);
res.status(500).send("Internal Server Error");
}
});
// all the rest of the commands below are part of the API that allow me to create
// an iphone shortcut/app and use the getURL contents to send commands to the
// cloud; essentially this uses the curl command through terminal
// emergency close route
app.post("/emergency-close", checkAuth, async (req, res) => {
try {
await sendCommand(false);
res.status(200).send("Emergency close command sent successfully");
} catch (error) {
console.error("Error sending emergency close command:", error);
res.status(500).send("Internal Server Error");
}
});
// open door route
app.post("/open", checkAuth, async (req, res) => {
try {
await sendCommand(true);
res.status(200).send("Open command sent successfully");
} catch (error) {
console.error("Error sending open command:", error);
res.status(500).send("Internal Server Error");
}
});
// close door route
app.post("/close", checkAuth, async (req, res) => {
try {
await sendCommand(false);
res.status(200).send("Close command sent successfully");
} catch (error) {
console.error("Error sending close command:", error);
res.status(500).send("Internal Server Error");
}
});
// get door status
app.get("/status", checkAuth, async (req, res) => {
try {
const accessToken = await getAccessToken();
const response = await fetch(
`https://api2.arduino.cc/iot/v2/things/${thingId}/properties/${propertyId}`,
{
method: "GET",
headers: {
Authorization: `Bearer ${accessToken}`,
"Content-Type": "application/json",
},
},
);
if (!response.ok) {
throw new Error("Failed to get property status");
}
const status = await response.json();
res.status(200).json({ doorOpen: status.last_value });
} catch (error) {
console.error("Error fetching status:", error);
res.status(500).send("Internal Server Error");
}
});
// start server
const server = app.listen(port, () => {
console.log(`Server is running on port ${port}`);
});
// increase timeouts to handle slow connections
server.keepAliveTimeout = 61000;
server.headersTimeout = 62000;