Commit 1214b5156327031fe5616188cec6ec6d1bd98ec3

Authored by Ali B
1 parent cca91439

Login completed. Now encryption and decryption of token is working. User can be …

…fetched by using the token that is created. Password is hashed in the database and verified by the server when trying to login
Risiko/.idea/misc.xml
@@ -25,7 +25,7 @@ @@ -25,7 +25,7 @@
25 </value> 25 </value>
26 </option> 26 </option>
27 </component> 27 </component>
28 - <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8" project-jdk-type="JavaSDK"> 28 + <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8 (1)" project-jdk-type="JavaSDK">
29 <output url="file://$PROJECT_DIR$/build/classes" /> 29 <output url="file://$PROJECT_DIR$/build/classes" />
30 </component> 30 </component>
31 <component name="ProjectType"> 31 <component name="ProjectType">
Risiko/app/src/main/java/activity/Activities.java
@@ -34,7 +34,7 @@ public class Activities extends AppCompatActivity { @@ -34,7 +34,7 @@ public class Activities extends AppCompatActivity {
34 34
35 token = TokenEncrypter.getToken(this); 35 token = TokenEncrypter.getToken(this);
36 36
37 - Api.get().getAllActivities(token) 37 + Api.getInstance().getAllActivities()
38 .enqueue(new Callback<List<Activity>>() { 38 .enqueue(new Callback<List<Activity>>() {
39 @Override 39 @Override
40 public void onResponse(Call<List<Activity>> call, Response<List<Activity>> response) { 40 public void onResponse(Call<List<Activity>> call, Response<List<Activity>> response) {
Risiko/app/src/main/java/activity/EditIncident.java
@@ -67,7 +67,7 @@ public class EditIncident extends AppCompatActivity { @@ -67,7 +67,7 @@ public class EditIncident extends AppCompatActivity {
67 67
68 spinnerAssociatedRisk = findViewById(R.id.spinner_associated_risk); 68 spinnerAssociatedRisk = findViewById(R.id.spinner_associated_risk);
69 69
70 - Api.get().getAllEvaluations(token) 70 + Api.getInstance().getAllEvaluations()
71 .enqueue(new Callback<List<Evaluation>>() { 71 .enqueue(new Callback<List<Evaluation>>() {
72 72
73 @Override 73 @Override
@@ -90,7 +90,7 @@ public class EditIncident extends AppCompatActivity { @@ -90,7 +90,7 @@ public class EditIncident extends AppCompatActivity {
90 String newlocation = etLocation.getText().toString(); 90 String newlocation = etLocation.getText().toString();
91 String newdescription = etDescription.getText().toString(); 91 String newdescription = etDescription.getText().toString();
92 92
93 - Api.get().editIncident(id, newdate, newlocation, newtitle, newdescription, associatedRisk, token).enqueue(new Callback<dataclasses.Incident>() { 93 + Api.getInstance().editIncident(id, newdate, newlocation, newtitle, newdescription, associatedRisk).enqueue(new Callback<dataclasses.Incident>() {
94 @Override 94 @Override
95 public void onResponse(Call<Incident> call, Response<Incident> response) { 95 public void onResponse(Call<Incident> call, Response<Incident> response) {
96 System.out.println(response); 96 System.out.println(response);
Risiko/app/src/main/java/activity/Evaluations.java
1 package activity; 1 package activity;
2 2
3 -import android.content.DialogInterface;  
4 import android.content.Intent; 3 import android.content.Intent;
5 import android.graphics.Typeface; 4 import android.graphics.Typeface;
6 import android.support.v7.app.AlertDialog; 5 import android.support.v7.app.AlertDialog;
@@ -57,7 +56,7 @@ public class Evaluations extends AppCompatActivity { @@ -57,7 +56,7 @@ public class Evaluations extends AppCompatActivity {
57 System.out.println(activityId); 56 System.out.println(activityId);
58 57
59 58
60 - Api.get().getAllEvaluations(token) 59 + Api.getInstance().getAllEvaluations()
61 .enqueue(new Callback<List<Evaluation>>() { 60 .enqueue(new Callback<List<Evaluation>>() {
62 @Override 61 @Override
63 public void onResponse(Call<List<Evaluation>> call, Response<List<Evaluation>> response) { 62 public void onResponse(Call<List<Evaluation>> call, Response<List<Evaluation>> response) {
@@ -186,7 +185,7 @@ public class Evaluations extends AppCompatActivity { @@ -186,7 +185,7 @@ public class Evaluations extends AppCompatActivity {
186 public void onClick(DialogInterface dialogInterface, int i) { 185 public void onClick(DialogInterface dialogInterface, int i) {
187 finish(); 186 finish();
188 187
189 - Api.get().deleteEvaluation(id).enqueue(new Callback<String>() { 188 + Api.getInstance().deleteEvaluation(id).enqueue(new Callback<String>() {
190 @Override 189 @Override
191 public void onResponse(Call<String> call, Response<String> response) { 190 public void onResponse(Call<String> call, Response<String> response) {
192 finish(); 191 finish();
Risiko/app/src/main/java/activity/Incident.java
@@ -12,7 +12,6 @@ import android.view.Menu; @@ -12,7 +12,6 @@ import android.view.Menu;
12 import android.view.MenuItem; 12 import android.view.MenuItem;
13 import android.view.View; 13 import android.view.View;
14 import android.widget.Button; 14 import android.widget.Button;
15 -import android.widget.EditText;  
16 import android.widget.ListView; 15 import android.widget.ListView;
17 import android.widget.TextView; 16 import android.widget.TextView;
18 import android.widget.Toast; 17 import android.widget.Toast;
@@ -21,7 +20,6 @@ import com.risiko.risiko.R; @@ -21,7 +20,6 @@ import com.risiko.risiko.R;
21 20
22 import java.security.MessageDigest; 21 import java.security.MessageDigest;
23 import java.security.NoSuchAlgorithmException; 22 import java.security.NoSuchAlgorithmException;
24 -import java.util.ArrayList;  
25 import java.util.List; 23 import java.util.List;
26 24
27 import adapters.ListAdapterIncidents; 25 import adapters.ListAdapterIncidents;
@@ -57,7 +55,7 @@ public class Incident extends AppCompatActivity { @@ -57,7 +55,7 @@ public class Incident extends AppCompatActivity {
57 // insertEvents(incidentList); 55 // insertEvents(incidentList);
58 56
59 57
60 - Api.get().getAllIncidents(token) 58 + Api.getInstance().getAllIncidents()
61 .enqueue(new Callback<List<dataclasses.Incident>>() { 59 .enqueue(new Callback<List<dataclasses.Incident>>() {
62 60
63 @Override 61 @Override
@@ -126,7 +124,7 @@ public class Incident extends AppCompatActivity { @@ -126,7 +124,7 @@ public class Incident extends AppCompatActivity {
126 124
127 125
128 System.out.println("EVALID" + chosenItem.getAssociatedeval()); 126 System.out.println("EVALID" + chosenItem.getAssociatedeval());
129 - Api.get().getEvaluation(chosenItem.getAssociatedeval(), token).enqueue(new Callback<Evaluation>() { 127 + Api.getInstance().getEvaluation(chosenItem.getAssociatedeval()).enqueue(new Callback<Evaluation>() {
130 @Override 128 @Override
131 public void onResponse(Call<Evaluation> call, Response<Evaluation> response) { 129 public void onResponse(Call<Evaluation> call, Response<Evaluation> response) {
132 Evaluation evaluation = response.body(); 130 Evaluation evaluation = response.body();
@@ -141,10 +139,6 @@ public class Incident extends AppCompatActivity { @@ -141,10 +139,6 @@ public class Incident extends AppCompatActivity {
141 } 139 }
142 }); 140 });
143 141
144 -  
145 -  
146 -  
147 -  
148 tvTitle.setText(chosenItem.getTitle()); 142 tvTitle.setText(chosenItem.getTitle());
149 tvDate.setText(chosenItem.getDate()); 143 tvDate.setText(chosenItem.getDate());
150 tvLocation.setText(chosenItem.getLocation()); 144 tvLocation.setText(chosenItem.getLocation());
@@ -182,7 +176,7 @@ public class Incident extends AppCompatActivity { @@ -182,7 +176,7 @@ public class Incident extends AppCompatActivity {
182 @Override 176 @Override
183 public void onClick(DialogInterface dialogInterface, int i) { 177 public void onClick(DialogInterface dialogInterface, int i) {
184 178
185 - Api.get().deleteIncident(chosenEventId, token).enqueue(new Callback<String>() { 179 + Api.getInstance().deleteIncident(chosenEventId).enqueue(new Callback<String>() {
186 @Override 180 @Override
187 public void onResponse(Call<String> call, Response<String> response) { 181 public void onResponse(Call<String> call, Response<String> response) {
188 finish(); 182 finish();
Risiko/app/src/main/java/activity/MainPage.java
@@ -3,6 +3,8 @@ package activity; @@ -3,6 +3,8 @@ package activity;
3 import android.content.BroadcastReceiver; 3 import android.content.BroadcastReceiver;
4 import android.content.Context; 4 import android.content.Context;
5 import android.content.Intent; 5 import android.content.Intent;
  6 +import android.content.IntentFilter;
  7 +import android.support.v4.content.LocalBroadcastManager;
6 import android.support.v7.app.AppCompatActivity; 8 import android.support.v7.app.AppCompatActivity;
7 import android.os.Bundle; 9 import android.os.Bundle;
8 import android.text.TextUtils; 10 import android.text.TextUtils;
@@ -15,11 +17,18 @@ import android.widget.Toast; @@ -15,11 +17,18 @@ import android.widget.Toast;
15 import com.risiko.risiko.R; 17 import com.risiko.risiko.R;
16 18
17 import api.APILoginService; 19 import api.APILoginService;
  20 +import api.Api;
  21 +import api.TokenEncrypter;
  22 +import dataclasses.User;
  23 +import retrofit2.Call;
  24 +import retrofit2.Callback;
  25 +import retrofit2.Response;
18 26
19 public class MainPage extends AppCompatActivity { 27 public class MainPage extends AppCompatActivity {
20 Button toMainMenu; 28 Button toMainMenu;
21 private EditText etUsernameView; 29 private EditText etUsernameView;
22 private EditText etPasswordView; 30 private EditText etPasswordView;
  31 + private BroadCastReceiverLogin broadCastReceiverLogin;
23 32
24 @Override 33 @Override
25 protected void onCreate(Bundle savedInstanceState) { 34 protected void onCreate(Bundle savedInstanceState) {
@@ -29,6 +38,7 @@ public class MainPage extends AppCompatActivity { @@ -29,6 +38,7 @@ public class MainPage extends AppCompatActivity {
29 toMainMenu.setOnClickListener(view -> attemptLogin()); 38 toMainMenu.setOnClickListener(view -> attemptLogin());
30 etUsernameView = findViewById(R.id.et_username); 39 etUsernameView = findViewById(R.id.et_username);
31 etPasswordView = findViewById(R.id.et_password); 40 etPasswordView = findViewById(R.id.et_password);
  41 + setBroadCastReceiver();
32 } 42 }
33 43
34 public void toMainMenuEvent(){ 44 public void toMainMenuEvent(){
@@ -85,14 +95,24 @@ public class MainPage extends AppCompatActivity { @@ -85,14 +95,24 @@ public class MainPage extends AppCompatActivity {
85 } 95 }
86 96
87 /** 97 /**
  98 + * Set the broadcast receiver for login.
  99 + */
  100 + private void setBroadCastReceiver() {
  101 + broadCastReceiverLogin = new BroadCastReceiverLogin();
  102 + IntentFilter filter = new IntentFilter(BroadCastReceiverLogin.USER_LOGIN);
  103 + LocalBroadcastManager.getInstance(this).registerReceiver(broadCastReceiverLogin, filter);
  104 + }
  105 +
  106 + /**
88 * This is the Broadcast receiver for login. The LoginService will send a broadcast when the login credentials has been checked.' 107 * This is the Broadcast receiver for login. The LoginService will send a broadcast when the login credentials has been checked.'
89 * The onReceive will check the response and act accordingly. 108 * The onReceive will check the response and act accordingly.
90 */ 109 */
91 public class BroadCastReceiverLogin extends BroadcastReceiver { 110 public class BroadCastReceiverLogin extends BroadcastReceiver {
92 - public static final String USER_LOGIN = "risiko.USER_LOGIN"; 111 + public static final String USER_LOGIN = "com.risiko.risiko.USER_LOGIN";
93 112
94 @Override 113 @Override
95 public void onReceive(Context context, Intent intent) { 114 public void onReceive(Context context, Intent intent) {
  115 + System.out.println("broadcast received");
96 onResponse(intent.getIntExtra("responseCode", 400)); 116 onResponse(intent.getIntExtra("responseCode", 400));
97 } 117 }
98 118
@@ -109,9 +129,7 @@ public class MainPage extends AppCompatActivity { @@ -109,9 +129,7 @@ public class MainPage extends AppCompatActivity {
109 129
110 // Code for success 130 // Code for success
111 case 202: 131 case 202:
112 - //TODO: Success, go to main menu  
113 - System.out.println("LOGIN");  
114 - Toast.makeText(getBaseContext(), "Halla brusjan success", Toast.LENGTH_LONG).show(); 132 + toMainMenuEvent();
115 break; 133 break;
116 134
117 // Error from php server. 135 // Error from php server.
Risiko/app/src/main/java/activity/NewEvaluation.java
@@ -14,13 +14,11 @@ import android.widget.Toast; @@ -14,13 +14,11 @@ import android.widget.Toast;
14 14
15 import com.risiko.risiko.R; 15 import com.risiko.risiko.R;
16 16
17 -import java.util.HashMap;  
18 import java.util.UUID; 17 import java.util.UUID;
19 18
20 import api.Api; 19 import api.Api;
21 import api.TokenEncrypter; 20 import api.TokenEncrypter;
22 import database.DatabaseSource; 21 import database.DatabaseSource;
23 -import dataclasses.Evaluation;  
24 import retrofit2.Call; 22 import retrofit2.Call;
25 import retrofit2.Callback; 23 import retrofit2.Callback;
26 import retrofit2.Response; 24 import retrofit2.Response;
@@ -64,7 +62,7 @@ public class NewEvaluation extends AppCompatActivity { @@ -64,7 +62,7 @@ public class NewEvaluation extends AppCompatActivity {
64 int consequenceValue = getConsequenceValue(consequence); 62 int consequenceValue = getConsequenceValue(consequence);
65 int probabilityValue = getProbabilityValue(probability); 63 int probabilityValue = getProbabilityValue(probability);
66 64
67 - Api.get().newEvaluation(title, UUID.randomUUID().toString() ,activityId,consequenceValue,action,outcome,probabilityValue, token).enqueue(new Callback<String>() { 65 + Api.getInstance().newEvaluation(title, UUID.randomUUID().toString() ,activityId,consequenceValue,action,outcome,probabilityValue).enqueue(new Callback<String>() {
68 @Override 66 @Override
69 public void onResponse(Call<String> call, Response<String> response) { 67 public void onResponse(Call<String> call, Response<String> response) {
70 System.out.println(response); 68 System.out.println(response);
Risiko/app/src/main/java/activity/NewIncident.java
@@ -70,7 +70,7 @@ public class NewIncident extends AppCompatActivity { @@ -70,7 +70,7 @@ public class NewIncident extends AppCompatActivity {
70 70
71 // dbs.getAllEvaluation(evaluations); 71 // dbs.getAllEvaluation(evaluations);
72 72
73 - Api.get().getAllEvaluations(token) 73 + Api.getInstance().getAllEvaluations()
74 .enqueue(new Callback<List<Evaluation>>() { 74 .enqueue(new Callback<List<Evaluation>>() {
75 75
76 @Override 76 @Override
@@ -97,7 +97,7 @@ public class NewIncident extends AppCompatActivity { @@ -97,7 +97,7 @@ public class NewIncident extends AppCompatActivity {
97 dataclasses.Incident newIncident = new Incident(id, date, location, title, description, associatedRisk); 97 dataclasses.Incident newIncident = new Incident(id, date, location, title, description, associatedRisk);
98 98
99 99
100 - Api.get().newIncident(date, title, id, associatedRisk, description, location, token).enqueue(new Callback<String>() { 100 + Api.getInstance().newIncident(date, title, id, associatedRisk, description, location).enqueue(new Callback<String>() {
101 @Override 101 @Override
102 public void onResponse(Call<String> call, Response<String> response) { 102 public void onResponse(Call<String> call, Response<String> response) {
103 System.out.println(response); 103 System.out.println(response);
Risiko/app/src/main/java/api/APILoginService.java
@@ -5,7 +5,6 @@ import android.content.Context; @@ -5,7 +5,6 @@ import android.content.Context;
5 import android.content.Intent; 5 import android.content.Intent;
6 import android.content.SharedPreferences; 6 import android.content.SharedPreferences;
7 import android.support.v4.content.LocalBroadcastManager; 7 import android.support.v4.content.LocalBroadcastManager;
8 -import android.widget.Toast;  
9 8
10 import com.risiko.risiko.R; 9 import com.risiko.risiko.R;
11 10
@@ -62,7 +61,7 @@ public class APILoginService extends IntentService { @@ -62,7 +61,7 @@ public class APILoginService extends IntentService {
62 private void handleActionLogin(String password, String username) throws NullPointerException { 61 private void handleActionLogin(String password, String username) throws NullPointerException {
63 62
64 63
65 - Api.get().login(username, password).enqueue(new Callback<String>() { 64 + Api.getInstance().login(username, password).enqueue(new Callback<String>() {
66 @Override 65 @Override
67 public void onResponse(Call<String> call, Response<String> response) { 66 public void onResponse(Call<String> call, Response<String> response) {
68 if (response.code() == 202) { 67 if (response.code() == 202) {
Risiko/app/src/main/java/api/Api.java
1 package api; 1 package api;
2 2
  3 +import com.google.gson.Gson;
  4 +import com.google.gson.GsonBuilder;
  5 +
3 import retrofit2.Retrofit; 6 import retrofit2.Retrofit;
4 import retrofit2.converter.gson.GsonConverterFactory; 7 import retrofit2.converter.gson.GsonConverterFactory;
5 8
@@ -11,11 +14,15 @@ public class Api { @@ -11,11 +14,15 @@ public class Api {
11 14
12 private static Endpoints instance; 15 private static Endpoints instance;
13 16
14 - public static Endpoints get(){ 17 + public static Endpoints getInstance(){
15 if (instance == null){ 18 if (instance == null){
  19 + Gson gson = new GsonBuilder()
  20 + .setLenient()
  21 + .create();
  22 +
16 Retrofit retrofit = new Retrofit.Builder() 23 Retrofit retrofit = new Retrofit.Builder()
17 .baseUrl(Endpoints.BASEURL) 24 .baseUrl(Endpoints.BASEURL)
18 - .addConverterFactory(GsonConverterFactory.create()) 25 + .addConverterFactory(GsonConverterFactory.create(gson))
19 .build(); 26 .build();
20 instance = retrofit.create(Endpoints.class); 27 instance = retrofit.create(Endpoints.class);
21 } 28 }
Risiko/app/src/main/java/api/Endpoints.java
@@ -8,6 +8,7 @@ import java.util.UUID; @@ -8,6 +8,7 @@ import java.util.UUID;
8 import dataclasses.Activity; 8 import dataclasses.Activity;
9 import dataclasses.Evaluation; 9 import dataclasses.Evaluation;
10 import dataclasses.Incident; 10 import dataclasses.Incident;
  11 +import dataclasses.User;
11 import retrofit2.Call; 12 import retrofit2.Call;
12 import retrofit2.http.Body; 13 import retrofit2.http.Body;
13 import retrofit2.http.DELETE; 14 import retrofit2.http.DELETE;
@@ -27,7 +28,9 @@ public interface Endpoints { @@ -27,7 +28,9 @@ public interface Endpoints {
27 // THE BASEURL HAS TO BE CHANGE TO THE IP-ADDRESS YOU ARE CONNECTED TO AT LOCALHOST 28 // THE BASEURL HAS TO BE CHANGE TO THE IP-ADDRESS YOU ARE CONNECTED TO AT LOCALHOST
28 29
29 //HOS ALI 30 //HOS ALI
30 - String BASEURL = "http://172.20.10.4:3000/"; 31 +// String BASEURL = "http://172.20.10.4:3000/";
  32 + String BASEURL = "http://172.20.10.2:3000/";
  33 +// String BASEURL = "http://192.168.38.200:3000/";
31 34
32 //HOS KRISTIN 35 //HOS KRISTIN
33 // String BASEURL = "http://192.168.84.67:3000/"; 36 // String BASEURL = "http://192.168.84.67:3000/";
@@ -39,49 +42,50 @@ public interface Endpoints { @@ -39,49 +42,50 @@ public interface Endpoints {
39 @POST("login") 42 @POST("login")
40 Call<String> login(@Field("username") String username, @Field("password") String password); 43 Call<String> login(@Field("username") String username, @Field("password") String password);
41 44
42 - @FormUrlEncoded 45 + @GET("user/{apitoken}")
  46 + Call<User> getUser(@Path("apitoken") String apiToken);
  47 +
  48 +
43 @GET("evaluation") 49 @GET("evaluation")
44 - Call<List<Evaluation>> getAllEvaluations(@Field("token") String token); 50 + Call<List<Evaluation>> getAllEvaluations();
  51 +
45 52
46 - @FormUrlEncoded  
47 @GET("evaluation/{id}") 53 @GET("evaluation/{id}")
48 - Call<Evaluation> getEvaluation(@Path("id") String id, @Field("token") String token); 54 + Call<Evaluation> getEvaluation(@Path("id") String id);
  55 +
49 56
50 - @FormUrlEncoded  
51 @GET("activity") 57 @GET("activity")
52 - Call<List<Activity>> getAllActivities(@Field("token") String token); 58 + Call<List<Activity>> getAllActivities();
  59 +
53 60
54 - @FormUrlEncoded  
55 @GET("incident") 61 @GET("incident")
56 - Call<List<Incident>> getAllIncidents(@Field("token") String token); 62 + Call<List<Incident>> getAllIncidents();
  63 +
57 64
58 - @FormUrlEncoded  
59 @GET("incident/{id}") 65 @GET("incident/{id}")
60 - Call<List<Incident>> getIncident(@Path("id") String id, @Field("token") String token); 66 + Call<List<Incident>> getIncident(@Path("id") String id);
61 67
62 @FormUrlEncoded 68 @FormUrlEncoded
63 @POST("incident") 69 @POST("incident")
64 Call<String> newIncident(@Field("date") String date, @Field("title") String title, @Field("id") String id, @Field("associatedEval") String associatedEval, 70 Call<String> newIncident(@Field("date") String date, @Field("title") String title, @Field("id") String id, @Field("associatedEval") String associatedEval,
65 - @Field("description") String description, @Field("location") String location, @Field("token") String token); 71 + @Field("description") String description, @Field("location") String location);
66 72
67 @FormUrlEncoded 73 @FormUrlEncoded
68 @POST("evaluation") 74 @POST("evaluation")
69 Call<String> newEvaluation(@Field("title") String title, @Field("id") String id, @Field("associatedActivity") String associatedactivity, 75 Call<String> newEvaluation(@Field("title") String title, @Field("id") String id, @Field("associatedActivity") String associatedactivity,
70 - @Field("consequence") int consequence, @Field("measures") String measures, @Field("outcome") String outcome, @Field("probability") int probability, @Field("token") String token); 76 + @Field("consequence") int consequence, @Field("measures") String measures, @Field("outcome") String outcome, @Field("probability") int probability);
  77 +
71 78
72 - @FormUrlEncoded  
73 @DELETE("incident/{id}") 79 @DELETE("incident/{id}")
74 - Call<String> deleteIncident(@Path("id") String id, @Field("token") String token); 80 + Call<String> deleteIncident(@Path("id") String id);
  81 +
75 82
76 - @FormUrlEncoded  
77 @DELETE("evaluation/{id}") 83 @DELETE("evaluation/{id}")
78 - Call<String> deleteEvaluation(@Path("id") String id, @Field("token") String token); 84 + Call<String> deleteEvaluation(@Path("id") String id);
  85 +
79 86
80 87
81 - @FormUrlEncoded  
82 @PATCH("incident/{id}") 88 @PATCH("incident/{id}")
83 Call<Incident> editIncident(@Path("id") String id, @Field("date") String date, @Field("location") String location, 89 Call<Incident> editIncident(@Path("id") String id, @Field("date") String date, @Field("location") String location,
84 - @Field("title") String title, @Field("description") String description, @Field("associatedEval") String associatedEval, @Field("token") String token);  
85 -  
86 - 90 + @Field("title") String title, @Field("description") String description, @Field("associatedEval") String associatedEval);
87 } 91 }
Risiko/app/src/main/java/api/TokenEncrypter.java
@@ -15,6 +15,11 @@ import javax.crypto.SecretKey; @@ -15,6 +15,11 @@ import javax.crypto.SecretKey;
15 import javax.crypto.SecretKeyFactory; 15 import javax.crypto.SecretKeyFactory;
16 import javax.crypto.spec.DESedeKeySpec; 16 import javax.crypto.spec.DESedeKeySpec;
17 17
  18 +import dataclasses.User;
  19 +import retrofit2.Call;
  20 +import retrofit2.Callback;
  21 +import retrofit2.Response;
  22 +
18 23
19 /** 24 /**
20 * Class for encrypting and decrypting login token. With given key. 25 * Class for encrypting and decrypting login token. With given key.
@@ -33,6 +38,23 @@ public class TokenEncrypter { @@ -33,6 +38,23 @@ public class TokenEncrypter {
33 return ""; 38 return "";
34 } 39 }
35 40
  41 + public static User getUserByToken(String token){
  42 + System.out.println(token);
  43 + final User[] user = new User[1];
  44 + Api.getInstance().getUser(token).enqueue(new Callback<User>() {
  45 + @Override
  46 + public void onResponse(Call<User> call, Response<User> response) {
  47 + user[0] = response.body();
  48 + }
  49 +
  50 + @Override
  51 + public void onFailure(Call<User> call, Throwable t) {
  52 + System.out.println(t.getMessage());
  53 + }
  54 + });
  55 + return user[0];
  56 + }
  57 +
36 /** 58 /**
37 * @param stringToEncrypt The string you want to encrypt. 59 * @param stringToEncrypt The string you want to encrypt.
38 * @param key The encryption key. 60 * @param key The encryption key.
Risiko/app/src/main/java/dataclasses/User.java
@@ -9,65 +9,42 @@ public class User { @@ -9,65 +9,42 @@ public class User {
9 public static final int READACCESS_ALL = 1, READACESS_NURSE_ANESTHETIST = 2, READACCESS_CHILD_NURSE = 3, 9 public static final int READACCESS_ALL = 1, READACESS_NURSE_ANESTHETIST = 2, READACCESS_CHILD_NURSE = 3,
10 READACCESS_ALL_TYPES_NURSE = 4, READACCESS_DOCTOR = 5, READACCESS_CONSULTANT = 6, READACCESS_PARAMEDICS = 7; 10 READACCESS_ALL_TYPES_NURSE = 4, READACCESS_DOCTOR = 5, READACCESS_CONSULTANT = 6, READACCESS_PARAMEDICS = 7;
11 11
12 - String userId;  
13 - String userName;  
14 - String firstname;  
15 - String lastname;  
16 - int groupNumber; //TODO: Gruppenummer er bare en lett måte å kunne implementere dette med begrenset innsyn  
17 - Boolean isOwner; //TODO: Tenker vi må lage høyde for en sjekk på om bruker er eier av en sak, slik at vi kan bruke det for å se om de har rettigheter til å endre/slette en sak  
18 -  
19 - public User(String userId, String userName, String firstname, String lastname, int groupNumber, Boolean isOwner) {  
20 - this.userId = userId;  
21 - this.userName = userName;  
22 - this.firstname = firstname;  
23 - this.lastname = lastname;  
24 - this.groupNumber = groupNumber;  
25 - this.isOwner = isOwner; 12 + String username;
  13 + String name;
  14 + int groupnumber; //TODO: Gruppenummer er bare en lett måte å kunne implementere dette med begrenset innsyn
  15 +
  16 + public User(String userame, String name,int groupnumber) {
  17 + this.username = userame;
  18 + this.groupnumber = groupnumber;
  19 + this.name = name;
26 } 20 }
27 21
28 - public String getUserId() {  
29 - return userId; 22 + public String getUsername() {
  23 + return username;
30 } 24 }
31 25
32 - public void setUserId(String userId) {  
33 - this.userId = userId; 26 + public void setUsername(String username) {
  27 + this.username = username;
34 } 28 }
35 29
36 - public String getFirstname() {  
37 - return firstname; 30 + public String getName() {
  31 + return name;
38 } 32 }
39 33
40 - public void setFirstname(String firstname) {  
41 - this.firstname = firstname; 34 + public void setName(String name) {
  35 + this.name = name;
42 } 36 }
43 37
44 - public String getLastname() {  
45 - return lastname; 38 + public int getGroupnumber() {
  39 + return groupnumber;
46 } 40 }
47 41
48 - public void setLastname(String lastname) {  
49 - this.lastname = lastname; 42 + public void setGroupnumber(int groupnumber) {
  43 + this.groupnumber = groupnumber;
50 } 44 }
51 45
52 - public int getGroupNumber() {  
53 - return groupNumber;  
54 - }  
55 -  
56 - public void setGroupNumber(int groupNumber) {  
57 - this.groupNumber = groupNumber;  
58 - }  
59 -  
60 - public Boolean getOwner() {  
61 - return isOwner;  
62 - }  
63 -  
64 - public void setOwner(Boolean owner) {  
65 - isOwner = owner;  
66 - }  
67 -  
68 -  
69 public String getReadAccessString() { 46 public String getReadAccessString() {
70 - switch (groupNumber) { 47 + switch (groupnumber) {
71 case READACCESS_ALL: return "All helsepersonell"; 48 case READACCESS_ALL: return "All helsepersonell";
72 case READACESS_NURSE_ANESTHETIST: return "Anestiesisykepleier"; 49 case READACESS_NURSE_ANESTHETIST: return "Anestiesisykepleier";
73 case READACCESS_CHILD_NURSE: return "Barnesykepleier"; 50 case READACCESS_CHILD_NURSE: return "Barnesykepleier";
restApi/.idea/workspace.xml
@@ -2,10 +2,13 @@ @@ -2,10 +2,13 @@
2 <project version="4"> 2 <project version="4">
3 <component name="ChangeListManager"> 3 <component name="ChangeListManager">
4 <list default="true" id="0e20d303-9de8-4113-bfd9-019e72b304dc" name="Default" comment=""> 4 <list default="true" id="0e20d303-9de8-4113-bfd9-019e72b304dc" name="Default" comment="">
  5 + <change beforePath="$PROJECT_DIR$/../Risiko/.idea/misc.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/.idea/misc.xml" afterDir="false" />
  6 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/activity/MainPage.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/activity/MainPage.java" afterDir="false" />
  7 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Api.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Api.java" afterDir="false" />
  8 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Endpoints.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/api/Endpoints.java" afterDir="false" />
  9 + <change beforePath="$PROJECT_DIR$/../Risiko/app/src/main/java/dataclasses/User.java" beforeDir="false" afterPath="$PROJECT_DIR$/../Risiko/app/src/main/java/dataclasses/User.java" afterDir="false" />
5 <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" /> 10 <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
6 <change beforePath="$PROJECT_DIR$/api/routes/routes.js" beforeDir="false" afterPath="$PROJECT_DIR$/api/routes/routes.js" afterDir="false" /> 11 <change beforePath="$PROJECT_DIR$/api/routes/routes.js" beforeDir="false" afterPath="$PROJECT_DIR$/api/routes/routes.js" afterDir="false" />
7 - <change beforePath="$PROJECT_DIR$/package-lock.json" beforeDir="false" afterPath="$PROJECT_DIR$/package-lock.json" afterDir="false" />  
8 - <change beforePath="$PROJECT_DIR$/package.json" beforeDir="false" afterPath="$PROJECT_DIR$/package.json" afterDir="false" />  
9 </list> 12 </list>
10 <option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" /> 13 <option name="EXCLUDED_CONVERTED_TO_IGNORED" value="true" />
11 <option name="SHOW_DIALOG" value="false" /> 14 <option name="SHOW_DIALOG" value="false" />
@@ -51,14 +54,68 @@ @@ -51,14 +54,68 @@
51 </counts> 54 </counts>
52 </usages-collector> 55 </usages-collector>
53 </session> 56 </session>
  57 + <session id="920369055">
  58 + <usages-collector id="statistics.file.extensions.edit">
  59 + <counts>
  60 + <entry key="js" value="794" />
  61 + </counts>
  62 + </usages-collector>
  63 + <usages-collector id="statistics.file.types.edit">
  64 + <counts>
  65 + <entry key="JavaScript" value="794" />
  66 + </counts>
  67 + </usages-collector>
  68 + <usages-collector id="statistics.file.extensions.open">
  69 + <counts>
  70 + <entry key="js" value="1" />
  71 + </counts>
  72 + </usages-collector>
  73 + <usages-collector id="statistics.file.types.open">
  74 + <counts>
  75 + <entry key="JavaScript" value="1" />
  76 + </counts>
  77 + </usages-collector>
  78 + <usages-collector id="statistics.lifecycle.project">
  79 + <counts>
  80 + <entry key="project.closed" value="1" />
  81 + </counts>
  82 + </usages-collector>
  83 + </session>
54 </component> 84 </component>
55 <component name="FileEditorManager"> 85 <component name="FileEditorManager">
56 <leaf SIDE_TABS_SIZE_LIMIT_KEY="300"> 86 <leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
57 <file pinned="false" current-in-tab="true"> 87 <file pinned="false" current-in-tab="true">
58 <entry file="file://$PROJECT_DIR$/api/routes/routes.js"> 88 <entry file="file://$PROJECT_DIR$/api/routes/routes.js">
59 <provider selected="true" editor-type-id="text-editor"> 89 <provider selected="true" editor-type-id="text-editor">
60 - <state relative-caret-position="173">  
61 - <caret line="55" column="62" selection-start-line="55" selection-start-column="62" selection-end-line="55" selection-end-column="62" /> 90 + <state relative-caret-position="616">
  91 + <caret line="483" column="6" lean-forward="true" selection-start-line="483" selection-start-column="6" selection-end-line="483" selection-end-column="6" />
  92 + </state>
  93 + </provider>
  94 + </entry>
  95 + </file>
  96 + <file pinned="false" current-in-tab="false">
  97 + <entry file="file://$PROJECT_DIR$/node_modules/cassandra-driver/lib/readers.js">
  98 + <provider selected="true" editor-type-id="text-editor">
  99 + <state relative-caret-position="287">
  100 + <caret line="325" column="14" selection-start-line="325" selection-start-column="14" selection-end-line="325" selection-end-column="14" />
  101 + </state>
  102 + </provider>
  103 + </entry>
  104 + </file>
  105 + <file pinned="false" current-in-tab="false">
  106 + <entry file="file://$PROJECT_DIR$/server.js">
  107 + <provider selected="true" editor-type-id="text-editor">
  108 + <state relative-caret-position="119">
  109 + <caret line="8" selection-start-line="8" selection-end-line="8" />
  110 + </state>
  111 + </provider>
  112 + </entry>
  113 + </file>
  114 + <file pinned="false" current-in-tab="false">
  115 + <entry file="file://$PROJECT_DIR$/node_modules/express/lib/application.js">
  116 + <provider selected="true" editor-type-id="text-editor">
  117 + <state relative-caret-position="10387">
  118 + <caret line="617" column="23" selection-start-line="617" selection-start-column="23" selection-end-line="617" selection-end-column="23" />
62 </state> 119 </state>
63 </provider> 120 </provider>
64 </entry> 121 </entry>
@@ -66,8 +123,8 @@ @@ -66,8 +123,8 @@
66 <file pinned="false" current-in-tab="false"> 123 <file pinned="false" current-in-tab="false">
67 <entry file="file://$PROJECT_DIR$/package.json"> 124 <entry file="file://$PROJECT_DIR$/package.json">
68 <provider selected="true" editor-type-id="text-editor"> 125 <provider selected="true" editor-type-id="text-editor">
69 - <state relative-caret-position="120">  
70 - <caret line="8" column="38" selection-start-line="8" selection-start-column="38" selection-end-line="8" selection-end-column="38" /> 126 + <state relative-caret-position="153">
  127 + <caret line="9" column="4" selection-start-line="9" selection-start-column="4" selection-end-line="9" selection-end-column="4" />
71 </state> 128 </state>
72 </provider> 129 </provider>
73 </entry> 130 </entry>
@@ -109,10 +166,8 @@ @@ -109,10 +166,8 @@
109 </component> 166 </component>
110 <component name="PhpWorkspaceProjectConfiguration" backward_compatibility_performed="true" /> 167 <component name="PhpWorkspaceProjectConfiguration" backward_compatibility_performed="true" />
111 <component name="ProjectFrameBounds" extendedState="6"> 168 <component name="ProjectFrameBounds" extendedState="6">
112 - <option name="x" value="-1374" />  
113 - <option name="y" value="471" />  
114 - <option name="width" value="1382" />  
115 - <option name="height" value="784" /> 169 + <option name="width" value="2560" />
  170 + <option name="height" value="1440" />
116 </component> 171 </component>
117 <component name="ProjectView"> 172 <component name="ProjectView">
118 <navigator proportions="" version="1"> 173 <navigator proportions="" version="1">
@@ -229,18 +284,19 @@ @@ -229,18 +284,19 @@
229 <servers /> 284 <servers />
230 </component> 285 </component>
231 <component name="TimeTrackingManager"> 286 <component name="TimeTrackingManager">
232 - <option name="totallyTimeSpent" value="60958000" /> 287 + <option name="totallyTimeSpent" value="68337000" />
233 </component> 288 </component>
234 <component name="ToolWindowManager"> 289 <component name="ToolWindowManager">
235 - <frame x="-1374" y="471" width="1382" height="784" extended-state="6" /> 290 + <frame x="-8" y="-8" width="2576" height="1416" extended-state="6" />
  291 + <editor active="true" />
236 <layout> 292 <layout>
237 - <window_info content_ui="combo" id="Project" order="0" sideWeight="0.70153844" visible="true" weight="0.18377976" /> 293 + <window_info content_ui="combo" id="Project" order="0" sideWeight="0.6918877" visible="true" weight="0.13869189" />
238 <window_info id="Structure" order="1" weight="0.25" /> 294 <window_info id="Structure" order="1" weight="0.25" />
239 - <window_info id="npm" order="2" sideWeight="0.29846153" side_tool="true" visible="true" weight="0.18377976" /> 295 + <window_info id="npm" order="2" sideWeight="0.30811232" side_tool="true" visible="true" weight="0.13869189" />
240 <window_info id="Favorites" order="3" side_tool="true" /> 296 <window_info id="Favorites" order="3" side_tool="true" />
241 <window_info anchor="bottom" id="Message" order="0" /> 297 <window_info anchor="bottom" id="Message" order="0" />
242 <window_info anchor="bottom" id="Find" order="1" /> 298 <window_info anchor="bottom" id="Find" order="1" />
243 - <window_info anchor="bottom" id="Run" order="2" weight="0.37384614" /> 299 + <window_info anchor="bottom" id="Run" order="2" weight="0.30889237" />
244 <window_info anchor="bottom" id="Debug" order="3" weight="0.42307693" /> 300 <window_info anchor="bottom" id="Debug" order="3" weight="0.42307693" />
245 <window_info anchor="bottom" id="Cvs" order="4" weight="0.25" /> 301 <window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
246 <window_info anchor="bottom" id="Inspection" order="5" weight="0.4" /> 302 <window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
@@ -262,24 +318,6 @@ @@ -262,24 +318,6 @@
262 <component name="VcsContentAnnotationSettings"> 318 <component name="VcsContentAnnotationSettings">
263 <option name="myLimit" value="2678400000" /> 319 <option name="myLimit" value="2678400000" />
264 </component> 320 </component>
265 - <component name="XDebuggerManager">  
266 - <breakpoint-manager>  
267 - <breakpoints>  
268 - <line-breakpoint enabled="true" type="javascript">  
269 - <url>file://$PROJECT_DIR$/api/routes/routes.js</url>  
270 - <line>49</line>  
271 - <properties lambdaOrdinal="-1" />  
272 - <option name="timeStamp" value="9" />  
273 - </line-breakpoint>  
274 - <line-breakpoint enabled="true" type="javascript">  
275 - <url>file://$PROJECT_DIR$/api/routes/routes.js</url>  
276 - <line>48</line>  
277 - <properties lambdaOrdinal="-1" />  
278 - <option name="timeStamp" value="10" />  
279 - </line-breakpoint>  
280 - </breakpoints>  
281 - </breakpoint-manager>  
282 - </component>  
283 <component name="editorHistoryManager"> 321 <component name="editorHistoryManager">
284 <entry file="file://$PROJECT_DIR$/node_modules/cassandra-driver/lib/requests.js"> 322 <entry file="file://$PROJECT_DIR$/node_modules/cassandra-driver/lib/requests.js">
285 <provider selected="true" editor-type-id="text-editor"> 323 <provider selected="true" editor-type-id="text-editor">
@@ -290,8 +328,8 @@ @@ -290,8 +328,8 @@
290 </entry> 328 </entry>
291 <entry file="file://$PROJECT_DIR$/package.json"> 329 <entry file="file://$PROJECT_DIR$/package.json">
292 <provider selected="true" editor-type-id="text-editor"> 330 <provider selected="true" editor-type-id="text-editor">
293 - <state relative-caret-position="120">  
294 - <caret line="8" column="38" selection-start-line="8" selection-start-column="38" selection-end-line="8" selection-end-column="38" /> 331 + <state relative-caret-position="153">
  332 + <caret line="9" column="4" selection-start-line="9" selection-start-column="4" selection-end-line="9" selection-end-column="4" />
295 </state> 333 </state>
296 </provider> 334 </provider>
297 </entry> 335 </entry>
@@ -302,10 +340,17 @@ @@ -302,10 +340,17 @@
302 </state> 340 </state>
303 </provider> 341 </provider>
304 </entry> 342 </entry>
  343 + <entry file="file://$PROJECT_DIR$/node_modules/cassandra-driver/lib/readers.js">
  344 + <provider selected="true" editor-type-id="text-editor">
  345 + <state relative-caret-position="287">
  346 + <caret line="325" column="14" selection-start-line="325" selection-start-column="14" selection-end-line="325" selection-end-column="14" />
  347 + </state>
  348 + </provider>
  349 + </entry>
305 <entry file="file://$PROJECT_DIR$/api/routes/routes.js"> 350 <entry file="file://$PROJECT_DIR$/api/routes/routes.js">
306 <provider selected="true" editor-type-id="text-editor"> 351 <provider selected="true" editor-type-id="text-editor">
307 - <state relative-caret-position="173">  
308 - <caret line="55" column="62" selection-start-line="55" selection-start-column="62" selection-end-line="55" selection-end-column="62" /> 352 + <state relative-caret-position="616">
  353 + <caret line="483" column="6" lean-forward="true" selection-start-line="483" selection-start-column="6" selection-end-line="483" selection-end-column="6" />
309 </state> 354 </state>
310 </provider> 355 </provider>
311 </entry> 356 </entry>
restApi/api/routes/routes.js
@@ -40,10 +40,10 @@ var appRouter = function(app) { @@ -40,10 +40,10 @@ var appRouter = function(app) {
40 db.execute("SELECT passwordhash FROM risk.user WHERE username = ?", params, { prepare : true }, function (error, result) { 40 db.execute("SELECT passwordhash FROM risk.user WHERE username = ?", params, { prepare : true }, function (error, result) {
41 if (error) { 41 if (error) {
42 console.log("Wrong username or password\n" + error); 42 console.log("Wrong username or password\n" + error);
43 - return response.status(403).send("Wrong username or password"); 43 + return response.status(400).send("Bad request");
44 } else { 44 } else {
45 - console.log("User found");  
46 45
  46 + if (result.rows.length == 0) return response.status(403).send("Wrong username or password");
47 var token = ""; 47 var token = "";
48 48
49 byteRandomizer(255 - req.body.username.length, function (err, res) { 49 byteRandomizer(255 - req.body.username.length, function (err, res) {
@@ -61,16 +61,46 @@ var appRouter = function(app) { @@ -61,16 +61,46 @@ var appRouter = function(app) {
61 }); 61 });
62 } 62 }
63 }); 63 });
  64 + });
  65 +
64 66
  67 + app.get("/user/:apitoken", function (request, response) {
  68 + const params = [request.params.apitoken];
  69 + db.execute("SELECT user " +
  70 + "FROM risk.keys " +
  71 + "WHERE apitoken = ? " +
  72 + "ALLOW FILTERING",
  73 + params,
  74 + { prepare : true},
  75 + function (error, result) {
  76 + if (error) {
  77 + console.log(error);
  78 + return response.status(404).send("Not found");
  79 + }
  80 + const userParams = [result.rows[0].get(0)];
  81 + db.execute("SELECT username, groupnumber, name " +
  82 + "FROM risk.user " +
  83 + "WHERE username = ? " +
  84 + "ALLOW FILTERING",
  85 + userParams,
  86 + { prepare : true},
  87 + function (errorUser, resultUser) {
  88 + if (errorUser) {
  89 + console.log(errorUser);
  90 + return response.status(404).send("Not found")
  91 + }
  92 + console.log("User found by apitoken");
  93 + return response.status(200).send(resultUser.rows[0])
  94 + }
  95 + );
  96 + }
  97 + );
65 }); 98 });
66 99
67 /** 100 /**
68 * Get incident by id endpoint (a get request at http://localhost:3000/incident/1 will return incident with id 1) 101 * Get incident by id endpoint (a get request at http://localhost:3000/incident/1 will return incident with id 1)
69 */ 102 */
70 app.get("/incident/:id", function (req, res) { 103 app.get("/incident/:id", function (req, res) {
71 - if (!checkForAuthorizedUser(req.body.token)) {  
72 - return res.status(401).send("Unauthorized user")  
73 - }  
74 104
75 if (!req.params.id) { 105 if (!req.params.id) {
76 logEndpoint("get /incident/{id}", null, "ID missing"); 106 logEndpoint("get /incident/{id}", null, "ID missing");
@@ -104,9 +134,6 @@ var appRouter = function(app) { @@ -104,9 +134,6 @@ var appRouter = function(app) {
104 * See all incidents (a get request at http://localhost:3000/incident will return all incidents) 134 * See all incidents (a get request at http://localhost:3000/incident will return all incidents)
105 */ 135 */
106 app.get("/incident", function (req, res) { 136 app.get("/incident", function (req, res) {
107 - if (!checkForAuthorizedUser(req.body.token)) {  
108 - return res.status(401).send("Unauthorized user")  
109 - }  
110 137
111 db.execute('SELECT * ' + 138 db.execute('SELECT * ' +
112 'FROM risk.incident', 139 'FROM risk.incident',
@@ -132,9 +159,6 @@ var appRouter = function(app) { @@ -132,9 +159,6 @@ var appRouter = function(app) {
132 * Add a new incident (a post request at http://localhost:3000/incident - with an "x-www-form-urlencoded" body of params) 159 * Add a new incident (a post request at http://localhost:3000/incident - with an "x-www-form-urlencoded" body of params)
133 */ 160 */
134 app.post("/incident", function(req, res) { 161 app.post("/incident", function(req, res) {
135 - if (!checkForAuthorizedUser(req.body.token)) {  
136 - return res.status(401).send("Unauthorized user")  
137 - }  
138 162
139 // All these parameters must exist in the body with the exact name for this method to work 163 // All these parameters must exist in the body with the exact name for this method to work
140 if(!req.body.date || !req.body.location || !req.body.title || !req.body.description || !req.body.associatedEval) { 164 if(!req.body.date || !req.body.location || !req.body.title || !req.body.description || !req.body.associatedEval) {
@@ -159,9 +183,6 @@ var appRouter = function(app) { @@ -159,9 +183,6 @@ var appRouter = function(app) {
159 * Update an incident (a patch request at http://localhost:3000/incident/{id} will update the incident with the params passed in the request body) 183 * Update an incident (a patch request at http://localhost:3000/incident/{id} will update the incident with the params passed in the request body)
160 */ 184 */
161 app.patch("/incident/:id", function (req, res) { 185 app.patch("/incident/:id", function (req, res) {
162 - if (!checkForAuthorizedUser(req.body.token)) {  
163 - return res.status(401).send("Unauthorized user")  
164 - }  
165 186
166 if (!req.params.id) { 187 if (!req.params.id) {
167 logEndpoint("patch /incident", null, "ID missing"); 188 logEndpoint("patch /incident", null, "ID missing");
@@ -194,9 +215,6 @@ var appRouter = function(app) { @@ -194,9 +215,6 @@ var appRouter = function(app) {
194 * Delete an incident (a delete request at http://localhost:3000/incident/{id} should delete incident with the id passed in) 215 * Delete an incident (a delete request at http://localhost:3000/incident/{id} should delete incident with the id passed in)
195 */ 216 */
196 app.delete("/incident/:id", function (req, res) { 217 app.delete("/incident/:id", function (req, res) {
197 - if (!checkForAuthorizedUser(req.body.token)) {  
198 - return res.status(401).send("Unauthorized user")  
199 - }  
200 218
201 if (!req.params.id) { 219 if (!req.params.id) {
202 logEndpoint("delete /incident", null, "ID missing"); 220 logEndpoint("delete /incident", null, "ID missing");
@@ -224,9 +242,6 @@ var appRouter = function(app) { @@ -224,9 +242,6 @@ var appRouter = function(app) {
224 * See an evaluation with id x 242 * See an evaluation with id x
225 */ 243 */
226 app.get("/evaluation/:id", function (req, res) { 244 app.get("/evaluation/:id", function (req, res) {
227 - if (!checkForAuthorizedUser(req.body.token)) {  
228 - return res.status(401).send("Unauthorized user")  
229 - }  
230 245
231 if (!req.params.id) { 246 if (!req.params.id) {
232 logEndpoint("get /evaluation/{id}", null, "ID missing"); 247 logEndpoint("get /evaluation/{id}", null, "ID missing");
@@ -261,9 +276,6 @@ var appRouter = function(app) { @@ -261,9 +276,6 @@ var appRouter = function(app) {
261 * See all evaluations 276 * See all evaluations
262 */ 277 */
263 app.get("/evaluation", function (req, res) { 278 app.get("/evaluation", function (req, res) {
264 - if (!checkForAuthorizedUser(req.body.token)) {  
265 - return res.status(401).send("Unauthorized user")  
266 - }  
267 279
268 db.execute('SELECT * ' + 280 db.execute('SELECT * ' +
269 'FROM risk.evaluation', 281 'FROM risk.evaluation',
@@ -289,9 +301,6 @@ var appRouter = function(app) { @@ -289,9 +301,6 @@ var appRouter = function(app) {
289 * Add a new evaluation 301 * Add a new evaluation
290 */ 302 */
291 app.post("/evaluation", function(req, res) { 303 app.post("/evaluation", function(req, res) {
292 - if (!checkForAuthorizedUser(req.body.token)) {  
293 - return res.status(401).send("Unauthorized user")  
294 - }  
295 304
296 if(!req.body.title || !req.body.outcome || !req.body.measures || !req.body.consequence || !req.body.probability || !req.body.associatedActivity) { 305 if(!req.body.title || !req.body.outcome || !req.body.measures || !req.body.consequence || !req.body.probability || !req.body.associatedActivity) {
297 logEndpoint("post /evaluation/", null, "Missing params in body"); 306 logEndpoint("post /evaluation/", null, "Missing params in body");
@@ -317,9 +326,6 @@ var appRouter = function(app) { @@ -317,9 +326,6 @@ var appRouter = function(app) {
317 */ 326 */
318 327
319 app.delete("/evaluation/:id", function (req, res) { 328 app.delete("/evaluation/:id", function (req, res) {
320 - if (!checkForAuthorizedUser(req.body.token)) {  
321 - return res.status(401).send("Unauthorized user")  
322 - }  
323 329
324 if (!req.params.id) { 330 if (!req.params.id) {
325 logEndpoint("delete /evaluation", null, "ID missing"); 331 logEndpoint("delete /evaluation", null, "ID missing");
@@ -347,9 +353,6 @@ var appRouter = function(app) { @@ -347,9 +353,6 @@ var appRouter = function(app) {
347 * See an activity with id x 353 * See an activity with id x
348 */ 354 */
349 app.get("/activity/:id", function (req, res) { 355 app.get("/activity/:id", function (req, res) {
350 - if (!checkForAuthorizedUser(req.body.token)) {  
351 - return res.status(401).send("Unauthorized user")  
352 - }  
353 356
354 if (!req.params.id) { 357 if (!req.params.id) {
355 logEndpoint("get /activity/{id}", null, "ID missing"); 358 logEndpoint("get /activity/{id}", null, "ID missing");
@@ -383,9 +386,6 @@ var appRouter = function(app) { @@ -383,9 +386,6 @@ var appRouter = function(app) {
383 * See all activities 386 * See all activities
384 */ 387 */
385 app.get("/activity", function (req, res) { 388 app.get("/activity", function (req, res) {
386 - if (!checkForAuthorizedUser(req.body.token)) {  
387 - return res.status(401).send("Unauthorized user")  
388 - }  
389 389
390 db.execute('SELECT * ' + 390 db.execute('SELECT * ' +
391 'FROM risk.activity', 391 'FROM risk.activity',