Commit 1214b5156327031fe5616188cec6ec6d1bd98ec3

Authored by Ali B
1 parent cca91439

Login completed. Now encryption and decryption of token is working. User can be …

…fetched by using the token that is created. Password is hashed in the database and verified by the server when trying to login
Risiko/.idea/misc.xml
... ... @@ -25,7 +25,7 @@
25 25 </value>
26 26 </option>
27 27 </component>
28   - <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8" project-jdk-type="JavaSDK">
  28 + <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8 (1)" project-jdk-type="JavaSDK">
29 29 <output url="file://$PROJECT_DIR$/build/classes" />
30 30 </component>
31 31 <component name="ProjectType">
... ...
Risiko/app/src/main/java/activity/Activities.java
... ... @@ -34,7 +34,7 @@ public class Activities extends AppCompatActivity {
34 34  
35 35 token = TokenEncrypter.getToken(this);
36 36  
37   - Api.get().getAllActivities(token)
  37 + Api.getInstance().getAllActivities()
38 38 .enqueue(new Callback<List<Activity>>() {
39 39 @Override
40 40 public void onResponse(Call<List<Activity>> call, Response<List<Activity>> response) {
... ...
Risiko/app/src/main/java/activity/EditIncident.java
... ... @@ -67,7 +67,7 @@ public class EditIncident extends AppCompatActivity {
67 67  
68 68 spinnerAssociatedRisk = findViewById(R.id.spinner_associated_risk);
69 69  
70   - Api.get().getAllEvaluations(token)
  70 + Api.getInstance().getAllEvaluations()
71 71 .enqueue(new Callback<List<Evaluation>>() {
72 72  
73 73 @Override
... ... @@ -90,7 +90,7 @@ public class EditIncident extends AppCompatActivity {
90 90 String newlocation = etLocation.getText().toString();
91 91 String newdescription = etDescription.getText().toString();
92 92  
93   - Api.get().editIncident(id, newdate, newlocation, newtitle, newdescription, associatedRisk, token).enqueue(new Callback<dataclasses.Incident>() {
  93 + Api.getInstance().editIncident(id, newdate, newlocation, newtitle, newdescription, associatedRisk).enqueue(new Callback<dataclasses.Incident>() {
94 94 @Override
95 95 public void onResponse(Call<Incident> call, Response<Incident> response) {
96 96 System.out.println(response);
... ...
Risiko/app/src/main/java/activity/Evaluations.java
1 1 package activity;
2 2  
3   -import android.content.DialogInterface;
4 3 import android.content.Intent;
5 4 import android.graphics.Typeface;
6 5 import android.support.v7.app.AlertDialog;
... ... @@ -57,7 +56,7 @@ public class Evaluations extends AppCompatActivity {
57 56 System.out.println(activityId);
58 57  
59 58  
60   - Api.get().getAllEvaluations(token)
  59 + Api.getInstance().getAllEvaluations()
61 60 .enqueue(new Callback<List<Evaluation>>() {
62 61 @Override
63 62 public void onResponse(Call<List<Evaluation>> call, Response<List<Evaluation>> response) {
... ... @@ -186,7 +185,7 @@ public class Evaluations extends AppCompatActivity {
186 185 public void onClick(DialogInterface dialogInterface, int i) {
187 186 finish();
188 187  
189   - Api.get().deleteEvaluation(id).enqueue(new Callback<String>() {
  188 + Api.getInstance().deleteEvaluation(id).enqueue(new Callback<String>() {
190 189 @Override
191 190 public void onResponse(Call<String> call, Response<String> response) {
192 191 finish();
... ...
Risiko/app/src/main/java/activity/Incident.java
... ... @@ -12,7 +12,6 @@ import android.view.Menu;
12 12 import android.view.MenuItem;
13 13 import android.view.View;
14 14 import android.widget.Button;
15   -import android.widget.EditText;
16 15 import android.widget.ListView;
17 16 import android.widget.TextView;
18 17 import android.widget.Toast;
... ... @@ -21,7 +20,6 @@ import com.risiko.risiko.R;
21 20  
22 21 import java.security.MessageDigest;
23 22 import java.security.NoSuchAlgorithmException;
24   -import java.util.ArrayList;
25 23 import java.util.List;
26 24  
27 25 import adapters.ListAdapterIncidents;
... ... @@ -57,7 +55,7 @@ public class Incident extends AppCompatActivity {
57 55 // insertEvents(incidentList);
58 56  
59 57  
60   - Api.get().getAllIncidents(token)
  58 + Api.getInstance().getAllIncidents()
61 59 .enqueue(new Callback<List<dataclasses.Incident>>() {
62 60  
63 61 @Override
... ... @@ -126,7 +124,7 @@ public class Incident extends AppCompatActivity {
126 124  
127 125  
128 126 System.out.println("EVALID" + chosenItem.getAssociatedeval());
129   - Api.get().getEvaluation(chosenItem.getAssociatedeval(), token).enqueue(new Callback<Evaluation>() {
  127 + Api.getInstance().getEvaluation(chosenItem.getAssociatedeval()).enqueue(new Callback<Evaluation>() {
130 128 @Override
131 129 public void onResponse(Call<Evaluation> call, Response<Evaluation> response) {
132 130 Evaluation evaluation = response.body();
... ... @@ -141,10 +139,6 @@ public class Incident extends AppCompatActivity {
141 139 }
142 140 });
143 141  
144   -
145   -
146   -
147   -
148 142 tvTitle.setText(chosenItem.getTitle());
149 143 tvDate.setText(chosenItem.getDate());
150 144 tvLocation.setText(chosenItem.getLocation());
... ... @@ -182,7 +176,7 @@ public class Incident extends AppCompatActivity {
182 176 @Override
183 177 public void onClick(DialogInterface dialogInterface, int i) {
184 178  
185   - Api.get().deleteIncident(chosenEventId, token).enqueue(new Callback<String>() {
  179 + Api.getInstance().deleteIncident(chosenEventId).enqueue(new Callback<String>() {
186 180 @Override
187 181 public void onResponse(Call<String> call, Response<String> response) {
188 182 finish();
... ...
Risiko/app/src/main/java/activity/MainPage.java
... ... @@ -3,6 +3,8 @@ package activity;
3 3 import android.content.BroadcastReceiver;
4 4 import android.content.Context;
5 5 import android.content.Intent;
  6 +import android.content.IntentFilter;
  7 +import android.support.v4.content.LocalBroadcastManager;
6 8 import android.support.v7.app.AppCompatActivity;
7 9 import android.os.Bundle;
8 10 import android.text.TextUtils;
... ... @@ -15,11 +17,18 @@ import android.widget.Toast;
15 17 import com.risiko.risiko.R;
16 18  
17 19 import api.APILoginService;
  20 +import api.Api;
  21 +import api.TokenEncrypter;
  22 +import dataclasses.User;
  23 +import retrofit2.Call;
  24 +import retrofit2.Callback;
  25 +import retrofit2.Response;
18 26  
19 27 public class MainPage extends AppCompatActivity {
20 28 Button toMainMenu;
21 29 private EditText etUsernameView;
22 30 private EditText etPasswordView;
  31 + private BroadCastReceiverLogin broadCastReceiverLogin;
23 32  
24 33 @Override
25 34 protected void onCreate(Bundle savedInstanceState) {
... ... @@ -29,6 +38,7 @@ public class MainPage extends AppCompatActivity {
29 38 toMainMenu.setOnClickListener(view -> attemptLogin());
30 39 etUsernameView = findViewById(R.id.et_username);
31 40 etPasswordView = findViewById(R.id.et_password);
  41 + setBroadCastReceiver();
32 42 }
33 43  
34 44 public void toMainMenuEvent(){
... ... @@ -85,14 +95,24 @@ public class MainPage extends AppCompatActivity {
85 95 }
86 96  
87 97 /**
  98 + * Set the broadcast receiver for login.
  99 + */
  100 + private void setBroadCastReceiver() {
  101 + broadCastReceiverLogin = new BroadCastReceiverLogin();
  102 + IntentFilter filter = new IntentFilter(BroadCastReceiverLogin.USER_LOGIN);
  103 + LocalBroadcastManager.getInstance(this).registerReceiver(broadCastReceiverLogin, filter);
  104 + }
  105 +
  106 + /**
88 107 * This is the Broadcast receiver for login. The LoginService will send a broadcast when the login credentials has been checked.'
89 108 * The onReceive will check the response and act accordingly.
90 109 */
91 110 public class BroadCastReceiverLogin extends BroadcastReceiver {
92   - public static final String USER_LOGIN = "risiko.USER_LOGIN";
  111 + public static final String USER_LOGIN = "com.risiko.risiko.USER_LOGIN";
93 112  
94 113 @Override
95 114 public void onReceive(Context context, Intent intent) {
  115 + System.out.println("broadcast received");
96 116 onResponse(intent.getIntExtra("responseCode", 400));
97 117 }
98 118  
... ... @@ -109,9 +129,7 @@ public class MainPage extends AppCompatActivity {
109 129  
110 130 // Code for success
111 131 case 202:
112   - //TODO: Success, go to main menu
113   - System.out.println("LOGIN");
114   - Toast.makeText(getBaseContext(), "Halla brusjan success", Toast.LENGTH_LONG).show();
  132 + toMainMenuEvent();
115 133 break;
116 134  
117 135 // Error from php server.
... ...
Risiko/app/src/main/java/activity/NewEvaluation.java
... ... @@ -14,13 +14,11 @@ import android.widget.Toast;
14 14  
15 15 import com.risiko.risiko.R;
16 16  
17   -import java.util.HashMap;
18 17 import java.util.UUID;
19 18  
20 19 import api.Api;
21 20 import api.TokenEncrypter;
22 21 import database.DatabaseSource;
23   -import dataclasses.Evaluation;
24 22 import retrofit2.Call;
25 23 import retrofit2.Callback;
26 24 import retrofit2.Response;
... ... @@ -64,7 +62,7 @@ public class NewEvaluation extends AppCompatActivity {
64 62 int consequenceValue = getConsequenceValue(consequence);
65 63 int probabilityValue = getProbabilityValue(probability);
66 64  
67   - Api.get().newEvaluation(title, UUID.randomUUID().toString() ,activityId,consequenceValue,action,outcome,probabilityValue, token).enqueue(new Callback<String>() {
  65 + Api.getInstance().newEvaluation(title, UUID.randomUUID().toString() ,activityId,consequenceValue,action,outcome,probabilityValue).enqueue(new Callback<String>() {
68 66 @Override
69 67 public void onResponse(Call<String> call, Response<String> response) {
70 68 System.out.println(response);
... ...
Risiko/app/src/main/java/activity/NewIncident.java
... ... @@ -70,7 +70,7 @@ public class NewIncident extends AppCompatActivity {
70 70  
71 71 // dbs.getAllEvaluation(evaluations);
72 72  
73   - Api.get().getAllEvaluations(token)
  73 + Api.getInstance().getAllEvaluations()
74 74 .enqueue(new Callback<List<Evaluation>>() {
75 75  
76 76 @Override
... ... @@ -97,7 +97,7 @@ public class NewIncident extends AppCompatActivity {
97 97 dataclasses.Incident newIncident = new Incident(id, date, location, title, description, associatedRisk);
98 98  
99 99  
100   - Api.get().newIncident(date, title, id, associatedRisk, description, location, token).enqueue(new Callback<String>() {
  100 + Api.getInstance().newIncident(date, title, id, associatedRisk, description, location).enqueue(new Callback<String>() {
101 101 @Override
102 102 public void onResponse(Call<String> call, Response<String> response) {
103 103 System.out.println(response);
... ...
Risiko/app/src/main/java/api/APILoginService.java
... ... @@ -5,7 +5,6 @@ import android.content.Context;
5 5 import android.content.Intent;
6 6 import android.content.SharedPreferences;
7 7 import android.support.v4.content.LocalBroadcastManager;
8   -import android.widget.Toast;
9 8  
10 9 import com.risiko.risiko.R;
11 10  
... ... @@ -62,7 +61,7 @@ public class APILoginService extends IntentService {
62 61 private void handleActionLogin(String password, String username) throws NullPointerException {
63 62  
64 63  
65   - Api.get().login(username, password).enqueue(new Callback<String>() {
  64 + Api.getInstance().login(username, password).enqueue(new Callback<String>() {
66 65 @Override
67 66 public void onResponse(Call<String> call, Response<String> response) {
68 67 if (response.code() == 202) {
... ...
Risiko/app/src/main/java/api/Api.java
1 1 package api;
2 2  
  3 +import com.google.gson.Gson;
  4 +import com.google.gson.GsonBuilder;
  5 +
3 6 import retrofit2.Retrofit;
4 7 import retrofit2.converter.gson.GsonConverterFactory;
5 8  
... ... @@ -11,11 +14,15 @@ public class Api {
11 14  
12 15 private static Endpoints instance;
13 16  
14   - public static Endpoints get(){
  17 + public static Endpoints getInstance(){
15 18 if (instance == null){
  19 + Gson gson = new GsonBuilder()
  20 + .setLenient()
  21 + .create();
  22 +
16 23 Retrofit retrofit = new Retrofit.Builder()
17 24 .baseUrl(Endpoints.BASEURL)
18   - .addConverterFactory(GsonConverterFactory.create())
  25 + .addConverterFactory(GsonConverterFactory.create(gson))
19 26 .build();
20 27 instance = retrofit.create(Endpoints.class);
21 28 }
... ...
Risiko/app/src/main/java/api/Endpoints.java
... ... @@ -8,6 +8,7 @@ import java.util.UUID;
8 8 import dataclasses.Activity;
9 9 import dataclasses.Evaluation;
10 10 import dataclasses.Incident;
  11 +import dataclasses.User;
11 12 import retrofit2.Call;
12 13 import retrofit2.http.Body;
13 14 import retrofit2.http.DELETE;
... ... @@ -27,7 +28,9 @@ public interface Endpoints {
27 28 // THE BASEURL HAS TO BE CHANGE TO THE IP-ADDRESS YOU ARE CONNECTED TO AT LOCALHOST
28 29  
29 30 //HOS ALI
30   - String BASEURL = "http://172.20.10.4:3000/";
  31 +// String BASEURL = "http://172.20.10.4:3000/";
  32 + String BASEURL = "http://172.20.10.2:3000/";
  33 +// String BASEURL = "http://192.168.38.200:3000/";
31 34  
32 35 //HOS KRISTIN
33 36 // String BASEURL = "http://192.168.84.67:3000/";
... ... @@ -39,49 +42,50 @@ public interface Endpoints {
39 42 @POST("login")
40 43 Call<String> login(@Field("username") String username, @Field("password") String password);
41 44  
42   - @FormUrlEncoded
  45 + @GET("user/{apitoken}")
  46 + Call<User> getUser(@Path("apitoken") String apiToken);
  47 +
  48 +
43 49 @GET("evaluation")
44   - Call<List<Evaluation>> getAllEvaluations(@Field("token") String token);
  50 + Call<List<Evaluation>> getAllEvaluations();
  51 +
45 52  
46   - @FormUrlEncoded
47 53 @GET("evaluation/{id}")
48   - Call<Evaluation> getEvaluation(@Path("id") String id, @Field("token") String token);
  54 + Call<Evaluation> getEvaluation(@Path("id") String id);
  55 +
49 56  
50   - @FormUrlEncoded
51 57 @GET("activity")
52   - Call<List<Activity>> getAllActivities(@Field("token") String token);
  58 + Call<List<Activity>> getAllActivities();
  59 +
53 60  
54   - @FormUrlEncoded
55 61 @GET("incident")
56   - Call<List<Incident>> getAllIncidents(@Field("token") String token);
  62 + Call<List<Incident>> getAllIncidents();
  63 +
57 64  
58   - @FormUrlEncoded
59 65 @GET("incident/{id}")
60   - Call<List<Incident>> getIncident(@Path("id") String id, @Field("token") String token);
  66 + Call<List<Incident>> getIncident(@Path("id") String id);
61 67  
62 68 @FormUrlEncoded
63 69 @POST("incident")
64 70 Call<String> newIncident(@Field("date") String date, @Field("title") String title, @Field("id") String id, @Field("associatedEval") String associatedEval,
65   - @Field("description") String description, @Field("location") String location, @Field("token") String token);
  71 + @Field("description") String description, @Field("location") String location);
66 72  
67 73 @FormUrlEncoded
68 74 @POST("evaluation")
69 75 Call<String> newEvaluation(@Field("title") String title, @Field("id") String id, @Field("associatedActivity") String associatedactivity,
70   - @Field("consequence") int consequence, @Field("measures") String measures, @Field("outcome") String outcome, @Field("probability") int probability, @Field("token") String token);
  76 + @Field("consequence") int consequence, @Field("measures") String measures, @Field("outcome") String outcome, @Field("probability") int probability);
  77 +
71 78  
72   - @FormUrlEncoded
73 79 @DELETE("incident/{id}")
74   - Call<String> deleteIncident(@Path("id") String id, @Field("token") String token);
  80 + Call<String> deleteIncident(@Path("id") String id);
  81 +
75 82  
76   - @FormUrlEncoded
77 83 @DELETE("evaluation/{id}")
78   - Call<String> deleteEvaluation(@Path("id") String id, @Field("token") String token);
  84 + Call<String> deleteEvaluation(@Path("id") String id);
  85 +
79 86  
80 87  
81   - @FormUrlEncoded
82 88 @PATCH("incident/{id}")
83 89 Call<Incident> editIncident(@Path("id") String id, @Field("date") String date, @Field("location") String location,
84   - @Field("title") String title, @Field("description") String description, @Field("associatedEval") String associatedEval, @Field("token") String token);
85   -
86   -
  90 + @Field("title") String title, @Field("description") String description, @Field("associatedEval") String associatedEval);
87 91 }
... ...
Risiko/app/src/main/java/api/TokenEncrypter.java
... ... @@ -15,6 +15,11 @@ import javax.crypto.SecretKey;
15 15 import javax.crypto.SecretKeyFactory;
16 16 import javax.crypto.spec.DESedeKeySpec;
17 17  
  18 +import dataclasses.User;
  19 +import retrofit2.Call;
  20 +import retrofit2.Callback;
  21 +import retrofit2.Response;
  22 +
18 23  
19 24 /**
20 25 * Class for encrypting and decrypting login token. With given key.
... ... @@ -33,6 +38,23 @@ public class TokenEncrypter {
33 38 return "";
34 39 }
35 40  
  41 + public static User getUserByToken(String token){
  42 + System.out.println(token);
  43 + final User[] user = new User[1];
  44 + Api.getInstance().getUser(token).enqueue(new Callback<User>() {
  45 + @Override
  46 + public void onResponse(Call<User> call, Response<User> response) {
  47 + user[0] = response.body();
  48 + }
  49 +
  50 + @Override
  51 + public void onFailure(Call<User> call, Throwable t) {
  52 + System.out.println(t.getMessage());
  53 + }
  54 + });
  55 + return user[0];
  56 + }
  57 +
36 58 /**
37 59 * @param stringToEncrypt The string you want to encrypt.
38 60 * @param key The encryption key.
... ...
Risiko/app/src/main/java/dataclasses/User.java
... ... @@ -9,65 +9,42 @@ public class User {
9 9 public static final int READACCESS_ALL = 1, READACESS_NURSE_ANESTHETIST = 2, READACCESS_CHILD_NURSE = 3,
10 10 READACCESS_ALL_TYPES_NURSE = 4, READACCESS_DOCTOR = 5, READACCESS_CONSULTANT = 6, READACCESS_PARAMEDICS = 7;
11 11  
12   - String userId;
13   - String userName;
14   - String firstname;
15   - String lastname;
16   - int groupNumber; //TODO: Gruppenummer er bare en lett måte å kunne implementere dette med begrenset innsyn
17   - Boolean isOwner; //TODO: Tenker vi må lage høyde for en sjekk på om bruker er eier av en sak, slik at vi kan bruke det for å se om de har rettigheter til å endre/slette en sak
18   -
19   - public User(String userId, String userName, String firstname, String lastname, int groupNumber, Boolean isOwner) {
20   - this.userId = userId;
21   - this.userName = userName;
22   - this.firstname = firstname;
23   - this.lastname = lastname;
24   - this.groupNumber = groupNumber;
25   - this.isOwner = isOwner;
  12 + String username;
  13 + String name;
  14 + int groupnumber; //TODO: Gruppenummer er bare en lett måte å kunne implementere dette med begrenset innsyn
  15 +
  16 + public User(String userame, String name,int groupnumber) {
  17 + this.username = userame;
  18 + this.groupnumber = groupnumber;
  19 + this.name = name;
26 20 }
27 21  
28   - public String getUserId() {
29   - return userId;
  22 + public String getUsername() {
  23 + return username;
30 24 }
31 25  
32   - public void setUserId(String userId) {
33   - this.userId = userId;
  26 + public void setUsername(String username) {
  27 + this.username = username;
34 28 }
35 29  
36   - public String getFirstname() {
37   - return firstname;
  30 + public String getName() {
  31 + return name;
38 32 }
39 33  
40   - public void setFirstname(String firstname) {
41   - this.firstname = firstname;
  34 + public void setName(String name) {
  35 + this.name = name;
42 36 }
43 37  
44   - public String getLastname() {
45   - return lastname;
  38 + public int getGroupnumber() {
  39 + return groupnumber;
46 40 }
47 41  
48   - public void setLastname(String lastname) {
49   - this.lastname = lastname;
  42 + public void setGroupnumber(int groupnumber) {
  43 + this.groupnumber = groupnumber;
50 44 }
51 45  
52   - public int getGroupNumber() {
53   - return groupNumber;
54   - }
55   -
56   - public void setGroupNumber(int groupNumber) {
57   - this.groupNumber = groupNumber;
58   - }
59   -
60   - public Boolean getOwner() {
61   - return isOwner;
62   - }
63   -
64   - public void setOwner(Boolean owner) {
65   - isOwner = owner;
66   - }
67   -
68   -
69 46 public String getReadAccessString() {
70   - switch (groupNumber) {
  47 + switch (groupnumber) {
71 48 case READACCESS_ALL: return "All helsepersonell";
72 49 case READACESS_NURSE_ANESTHETIST: return "Anestiesisykepleier";
73 50 case READACCESS_CHILD_NURSE: return "Barnesykepleier";
... ...
restApi/.idea/workspace.xml
... ... @@ -2,10 +2,13 @@
2 2 <project version="4">
3 3 <component name="ChangeListManager">
4 4 <list default="true" id="0e20d303-9de8-4113-bfd9-019e72b304dc" name="Default" comment="">
  5 + <change beforePath="$PROJECT_DIR$/../Risiko/.idea/misc.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/.idea/misc.xml" afterDir="false" />
  6 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/activity/MainPage.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/activity/MainPage.java" afterDir="false" />
  7 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Api.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Api.java" afterDir="false" />
  8 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Endpoints.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Endpoints.java" afterDir="false" />
  9 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/dataclasses/User.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/dataclasses/User.java" afterDir="false" />
5 10 <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
6 11 <change beforePath="$PROJECT_DIR$/api/routes/routes.js" beforeDir="false" afterPath="$PROJECT_DIR$/api/routes/routes.js" afterDir="false" />
7   - <change beforePath="$PROJECT_DIR$/package-lock.json" beforeDir="false" afterPath="$PROJECT_DIR$/package-lock.json" afterDir="false" />
8   - <change beforePath="$PROJECT_DIR$/package.json" beforeDir="false" afterPath="$PROJECT_DIR$/package.json" afterDir="false" />
9 12 </list>
10 13 <option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" />
11 14 <option name="SHOW_DIALOG" value="false" />
... ... @@ -51,14 +54,68 @@
51 54 </counts>
52 55 </usages-collector>
53 56 </session>
  57 + <session id="920369055">
  58 + <usages-collector id="statistics.file.extensions.edit">
  59 + <counts>
  60 + <entry key="js" value="794" />
  61 + </counts>
  62 + </usages-collector>
  63 + <usages-collector id="statistics.file.types.edit">
  64 + <counts>
  65 + <entry key="JavaScript" value="794" />
  66 + </counts>
  67 + </usages-collector>
  68 + <usages-collector id="statistics.file.extensions.open">
  69 + <counts>
  70 + <entry key="js" value="1" />
  71 + </counts>
  72 + </usages-collector>
  73 + <usages-collector id="statistics.file.types.open">
  74 + <counts>
  75 + <entry key="JavaScript" value="1" />
  76 + </counts>
  77 + </usages-collector>
  78 + <usages-collector id="statistics.lifecycle.project">
  79 + <counts>
  80 + <entry key="project.closed" value="1" />
  81 + </counts>
  82 + </usages-collector>
  83 + </session>
54 84 </component>
55 85 <component name="FileEditorManager">
56 86 <leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
57 87 <file pinned="false" current-in-tab="true">
58 88 <entry file="file://$PROJECT_DIR$/api/routes/routes.js">
59 89 <provider selected="true" editor-type-id="text-editor">
60   - <state relative-caret-position="173">
61   - <caret line="55" column="62" selection-start-line="55" selection-start-column="62" selection-end-line="55" selection-end-column="62" />
  90 + <state relative-caret-position="616">
  91 + <caret line="483" column="6" lean-forward="true" selection-start-line="483" selection-start-column="6" selection-end-line="483" selection-end-column="6" />
  92 + </state>
  93 + </provider>
  94 + </entry>
  95 + </file>
  96 + <file pinned="false" current-in-tab="false">
  97 + <entry file="file://$PROJECT_DIR$/node_modules/cassandra-driver/lib/readers.js">
  98 + <provider selected="true" editor-type-id="text-editor">
  99 + <state relative-caret-position="287">
  100 + <caret line="325" column="14" selection-start-line="325" selection-start-column="14" selection-end-line="325" selection-end-column="14" />
  101 + </state>
  102 + </provider>
  103 + </entry>
  104 + </file>
  105 + <file pinned="false" current-in-tab="false">
  106 + <entry file="file://$PROJECT_DIR$/server.js">
  107 + <provider selected="true" editor-type-id="text-editor">
  108 + <state relative-caret-position="119">
  109 + <caret line="8" selection-start-line="8" selection-end-line="8" />
  110 + </state>
  111 + </provider>
  112 + </entry>
  113 + </file>
  114 + <file pinned="false" current-in-tab="false">
  115 + <entry file="file://$PROJECT_DIR$/node_modules/express/lib/application.js">
  116 + <provider selected="true" editor-type-id="text-editor">
  117 + <state relative-caret-position="10387">
  118 + <caret line="617" column="23" selection-start-line="617" selection-start-column="23" selection-end-line="617" selection-end-column="23" />
62 119 </state>
63 120 </provider>
64 121 </entry>
... ... @@ -66,8 +123,8 @@
66 123 <file pinned="false" current-in-tab="false">
67 124 <entry file="file://$PROJECT_DIR$/package.json">
68 125 <provider selected="true" editor-type-id="text-editor">
69   - <state relative-caret-position="120">
70   - <caret line="8" column="38" selection-start-line="8" selection-start-column="38" selection-end-line="8" selection-end-column="38" />
  126 + <state relative-caret-position="153">
  127 + <caret line="9" column="4" selection-start-line="9" selection-start-column="4" selection-end-line="9" selection-end-column="4" />
71 128 </state>
72 129 </provider>
73 130 </entry>
... ... @@ -109,10 +166,8 @@
109 166 </component>
110 167 <component name="PhpWorkspaceProjectConfiguration" backward_compatibility_performed="true" />
111 168 <component name="ProjectFrameBounds" extendedState="6">
112   - <option name="x" value="-1374" />
113   - <option name="y" value="471" />
114   - <option name="width" value="1382" />
115   - <option name="height" value="784" />
  169 + <option name="width" value="2560" />
  170 + <option name="height" value="1440" />
116 171 </component>
117 172 <component name="ProjectView">
118 173 <navigator proportions="" version="1">
... ... @@ -229,18 +284,19 @@
229 284 <servers />
230 285 </component>
231 286 <component name="TimeTrackingManager">
232   - <option name="totallyTimeSpent" value="60958000" />
  287 + <option name="totallyTimeSpent" value="68337000" />
233 288 </component>
234 289 <component name="ToolWindowManager">
235   - <frame x="-1374" y="471" width="1382" height="784" extended-state="6" />
  290 + <frame x="-8" y="-8" width="2576" height="1416" extended-state="6" />
  291 + <editor active="true" />
236 292 <layout>
237   - <window_info content_ui="combo" id="Project" order="0" sideWeight="0.70153844" visible="true" weight="0.18377976" />
  293 + <window_info content_ui="combo" id="Project" order="0" sideWeight="0.6918877" visible="true" weight="0.13869189" />
238 294 <window_info id="Structure" order="1" weight="0.25" />
239   - <window_info id="npm" order="2" sideWeight="0.29846153" side_tool="true" visible="true" weight="0.18377976" />
  295 + <window_info id="npm" order="2" sideWeight="0.30811232" side_tool="true" visible="true" weight="0.13869189" />
240 296 <window_info id="Favorites" order="3" side_tool="true" />
241 297 <window_info anchor="bottom" id="Message" order="0" />
242 298 <window_info anchor="bottom" id="Find" order="1" />
243   - <window_info anchor="bottom" id="Run" order="2" weight="0.37384614" />
  299 + <window_info anchor="bottom" id="Run" order="2" weight="0.30889237" />
244 300 <window_info anchor="bottom" id="Debug" order="3" weight="0.42307693" />
245 301 <window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
246 302 <window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
... ... @@ -262,24 +318,6 @@
262 318 <component name="VcsContentAnnotationSettings">
263 319 <option name="myLimit" value="2678400000" />
264 320 </component>
265   - <component name="XDebuggerManager">
266   - <breakpoint-manager>
267   - <breakpoints>
268   - <line-breakpoint enabled="true" type="javascript">
269   - <url>file://$PROJECT_DIR$/api/routes/routes.js</url>
270   - <line>49</line>
271   - <properties lambdaOrdinal="-1" />
272   - <option name="timeStamp" value="9" />
273   - </line-breakpoint>
274   - <line-breakpoint enabled="true" type="javascript">
275   - <url>file://$PROJECT_DIR$/api/routes/routes.js</url>
276   - <line>48</line>
277   - <properties lambdaOrdinal="-1" />
278   - <option name="timeStamp" value="10" />
279   - </line-breakpoint>
280   - </breakpoints>
281   - </breakpoint-manager>
282   - </component>
283 321 <component name="editorHistoryManager">
284 322 <entry file="file://$PROJECT_DIR$/node_modules/cassandra-driver/lib/requests.js">
285 323 <provider selected="true" editor-type-id="text-editor">
... ... @@ -290,8 +328,8 @@
290 328 </entry>
291 329 <entry file="file://$PROJECT_DIR$/package.json">
292 330 <provider selected="true" editor-type-id="text-editor">
293   - <state relative-caret-position="120">
294   - <caret line="8" column="38" selection-start-line="8" selection-start-column="38" selection-end-line="8" selection-end-column="38" />
  331 + <state relative-caret-position="153">
  332 + <caret line="9" column="4" selection-start-line="9" selection-start-column="4" selection-end-line="9" selection-end-column="4" />
295 333 </state>
296 334 </provider>
297 335 </entry>
... ... @@ -302,10 +340,17 @@
302 340 </state>
303 341 </provider>
304 342 </entry>
  343 + <entry file="file://$PROJECT_DIR$/node_modules/cassandra-driver/lib/readers.js">
  344 + <provider selected="true" editor-type-id="text-editor">
  345 + <state relative-caret-position="287">
  346 + <caret line="325" column="14" selection-start-line="325" selection-start-column="14" selection-end-line="325" selection-end-column="14" />
  347 + </state>
  348 + </provider>
  349 + </entry>
305 350 <entry file="file://$PROJECT_DIR$/api/routes/routes.js">
306 351 <provider selected="true" editor-type-id="text-editor">
307   - <state relative-caret-position="173">
308   - <caret line="55" column="62" selection-start-line="55" selection-start-column="62" selection-end-line="55" selection-end-column="62" />
  352 + <state relative-caret-position="616">
  353 + <caret line="483" column="6" lean-forward="true" selection-start-line="483" selection-start-column="6" selection-end-line="483" selection-end-column="6" />
309 354 </state>
310 355 </provider>
311 356 </entry>
... ...
restApi/api/routes/routes.js
... ... @@ -40,10 +40,10 @@ var appRouter = function(app) {
40 40 db.execute("SELECT passwordhash FROM risk.user WHERE username = ?", params, { prepare : true }, function (error, result) {
41 41 if (error) {
42 42 console.log("Wrong username or password\n" + error);
43   - return response.status(403).send("Wrong username or password");
  43 + return response.status(400).send("Bad request");
44 44 } else {
45   - console.log("User found");
46 45  
  46 + if (result.rows.length == 0) return response.status(403).send("Wrong username or password");
47 47 var token = "";
48 48  
49 49 byteRandomizer(255 - req.body.username.length, function (err, res) {
... ... @@ -61,16 +61,46 @@ var appRouter = function(app) {
61 61 });
62 62 }
63 63 });
  64 + });
  65 +
64 66  
  67 + app.get("/user/:apitoken", function (request, response) {
  68 + const params = [request.params.apitoken];
  69 + db.execute("SELECT user " +
  70 + "FROM risk.keys " +
  71 + "WHERE apitoken = ? " +
  72 + "ALLOW FILTERING",
  73 + params,
  74 + { prepare : true},
  75 + function (error, result) {
  76 + if (error) {
  77 + console.log(error);
  78 + return response.status(404).send("Not found");
  79 + }
  80 + const userParams = [result.rows[0].get(0)];
  81 + db.execute("SELECT username, groupnumber, name " +
  82 + "FROM risk.user " +
  83 + "WHERE username = ? " +
  84 + "ALLOW FILTERING",
  85 + userParams,
  86 + { prepare : true},
  87 + function (errorUser, resultUser) {
  88 + if (errorUser) {
  89 + console.log(errorUser);
  90 + return response.status(404).send("Not found")
  91 + }
  92 + console.log("User found by apitoken");
  93 + return response.status(200).send(resultUser.rows[0])
  94 + }
  95 + );
  96 + }
  97 + );
65 98 });
66 99  
67 100 /**
68 101 * Get incident by id endpoint (a get request at http://localhost:3000/incident/1 will return incident with id 1)
69 102 */
70 103 app.get("/incident/:id", function (req, res) {
71   - if (!checkForAuthorizedUser(req.body.token)) {
72   - return res.status(401).send("Unauthorized user")
73   - }
74 104  
75 105 if (!req.params.id) {
76 106 logEndpoint("get /incident/{id}", null, "ID missing");
... ... @@ -104,9 +134,6 @@ var appRouter = function(app) {
104 134 * See all incidents (a get request at http://localhost:3000/incident will return all incidents)
105 135 */
106 136 app.get("/incident", function (req, res) {
107   - if (!checkForAuthorizedUser(req.body.token)) {
108   - return res.status(401).send("Unauthorized user")
109   - }
110 137  
111 138 db.execute('SELECT * ' +
112 139 'FROM risk.incident',
... ... @@ -132,9 +159,6 @@ var appRouter = function(app) {
132 159 * Add a new incident (a post request at http://localhost:3000/incident - with an "x-www-form-urlencoded" body of params)
133 160 */
134 161 app.post("/incident", function(req, res) {
135   - if (!checkForAuthorizedUser(req.body.token)) {
136   - return res.status(401).send("Unauthorized user")
137   - }
138 162  
139 163 // All these parameters must exist in the body with the exact name for this method to work
140 164 if(!req.body.date || !req.body.location || !req.body.title || !req.body.description || !req.body.associatedEval) {
... ... @@ -159,9 +183,6 @@ var appRouter = function(app) {
159 183 * Update an incident (a patch request at http://localhost:3000/incident/{id} will update the incident with the params passed in the request body)
160 184 */
161 185 app.patch("/incident/:id", function (req, res) {
162   - if (!checkForAuthorizedUser(req.body.token)) {
163   - return res.status(401).send("Unauthorized user")
164   - }
165 186  
166 187 if (!req.params.id) {
167 188 logEndpoint("patch /incident", null, "ID missing");
... ... @@ -194,9 +215,6 @@ var appRouter = function(app) {
194 215 * Delete an incident (a delete request at http://localhost:3000/incident/{id} should delete incident with the id passed in)
195 216 */
196 217 app.delete("/incident/:id", function (req, res) {
197   - if (!checkForAuthorizedUser(req.body.token)) {
198   - return res.status(401).send("Unauthorized user")
199   - }
200 218  
201 219 if (!req.params.id) {
202 220 logEndpoint("delete /incident", null, "ID missing");
... ... @@ -224,9 +242,6 @@ var appRouter = function(app) {
224 242 * See an evaluation with id x
225 243 */
226 244 app.get("/evaluation/:id", function (req, res) {
227   - if (!checkForAuthorizedUser(req.body.token)) {
228   - return res.status(401).send("Unauthorized user")
229   - }
230 245  
231 246 if (!req.params.id) {
232 247 logEndpoint("get /evaluation/{id}", null, "ID missing");
... ... @@ -261,9 +276,6 @@ var appRouter = function(app) {
261 276 * See all evaluations
262 277 */
263 278 app.get("/evaluation", function (req, res) {
264   - if (!checkForAuthorizedUser(req.body.token)) {
265   - return res.status(401).send("Unauthorized user")
266   - }
267 279  
268 280 db.execute('SELECT * ' +
269 281 'FROM risk.evaluation',
... ... @@ -289,9 +301,6 @@ var appRouter = function(app) {
289 301 * Add a new evaluation
290 302 */
291 303 app.post("/evaluation", function(req, res) {
292   - if (!checkForAuthorizedUser(req.body.token)) {
293   - return res.status(401).send("Unauthorized user")
294   - }
295 304  
296 305 if(!req.body.title || !req.body.outcome || !req.body.measures || !req.body.consequence || !req.body.probability || !req.body.associatedActivity) {
297 306 logEndpoint("post /evaluation/", null, "Missing params in body");
... ... @@ -317,9 +326,6 @@ var appRouter = function(app) {
317 326 */
318 327  
319 328 app.delete("/evaluation/:id", function (req, res) {
320   - if (!checkForAuthorizedUser(req.body.token)) {
321   - return res.status(401).send("Unauthorized user")
322   - }
323 329  
324 330 if (!req.params.id) {
325 331 logEndpoint("delete /evaluation", null, "ID missing");
... ... @@ -347,9 +353,6 @@ var appRouter = function(app) {
347 353 * See an activity with id x
348 354 */
349 355 app.get("/activity/:id", function (req, res) {
350   - if (!checkForAuthorizedUser(req.body.token)) {
351   - return res.status(401).send("Unauthorized user")
352   - }
353 356  
354 357 if (!req.params.id) {
355 358 logEndpoint("get /activity/{id}", null, "ID missing");
... ... @@ -383,9 +386,6 @@ var appRouter = function(app) {
383 386 * See all activities
384 387 */
385 388 app.get("/activity", function (req, res) {
386   - if (!checkForAuthorizedUser(req.body.token)) {
387   - return res.status(401).send("Unauthorized user")
388   - }
389 389  
390 390 db.execute('SELECT * ' +
391 391 'FROM risk.activity',
... ...