my projects

JavaScript/SecretsProject/.gitignore

@@ -0,0 +1,118 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Snowpack dependency directory (https://snowpack.dev/)
+web_modules/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+.env.production
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+.parcel-cache
+
+# Next.js build output
+.next
+out
+
+# Nuxt.js build / generate output
+.nuxt
+dist
+
+# Gatsby files
+.cache/
+# Comment in the public line in if your project uses Gatsby and not Next.js
+# https://nextjs.org/blog/next-9-1#public-directory-support
+# public
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# TernJS port file
+.tern-port
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test
+
+# yarn v2
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.*

JavaScript/SecretsProject/app.js

@@ -0,0 +1,100 @@
+//Here LEVEL-1,LEVEL-2,LEVEL-3 AND LEVEL-4 security has been shown
+require('dotenv').config();
+const express=require('express');
+const bodyParser=require('body-parser');
+const ejs=require('ejs');
+const mongoose=require('mongoose');
+const validator=require('validator');
+//const encrypt=require('mongoose-encryption');  USED IN LEVEL-2
+//const md5=require('md5');              USED IN LEVEL-3
+const bcrypt=require('bcrypt');      //USED IN LEVEL-4
+const saltRounds = 10;
+const app=express();
+
+app.use(express.static("public"));
+app.set('view engine', 'ejs');
+app.use(bodyParser.urlencoded({extended: true}));
+
+mongoose.connect("mongodb://localhost:27017/userDB", { useNewUrlParser: true })
+.then(()=> console.log("Connection successful..."))
+.catch((err)=>console.log(err));
+
+const userSchema= new mongoose.Schema({
+      email: {
+          type: String, 
+          required:true, 
+          validate(value){
+            if(!validator.isEmail(value))    //Npm Validator
+            throw new Error("Email is invalid");
+           }},
+      password: {
+          type: String, 
+          required: true, 
+      }
+
+});
+
+//Level-2
+/*userSchema.plugin(encrypt, { secret: process.env.SECRET , encryptedFields: ['password']});*/
+const User= new mongoose.model("User",userSchema);
+
+//Level-3 (Hashing) see in the register route below in password
+
+//Level-4 Salting and Hashing by bcrypt in register route below in password
+
+
+app.get("/",function(req,res){
+    res.render("home");
+});
+app.get("/login",function(req,res){
+    res.render("login");
+});
+app.get("/register",function(req,res){
+    res.render("register");
+});
+
+app.post("/register",function(req,res){
+
+    bcrypt.hash(req.body.password, saltRounds, function(err, hash) {
+
+    const newUser= new User({
+        email: req.body.username,
+        //password: req.body.password       LEVEL-2
+        //password: md5(req.body.password)  Level-3
+        password: hash
+        });
+    newUser.save(function(err){
+        if(!err)
+        res.render("secrets");
+        else
+        console.log(err);
+     });  
+    });
+
+});
+app.post("/login",function(req,res){
+    const username=req.body.username;
+    const password=req.body.password;       //   LEVEL-2 and LEVEL-4
+   //const pass=md5(req.body.password);   LEVEL-3
+
+    User.findOne({email: username},function(err,foundUser){
+        if(err)
+        console.log(err);
+        else
+        {
+            if(foundUser){
+                if(bcrypt.compareSync(password, foundUser.password)){
+                    res.render("secrets");
+                }
+                else
+                res.send("Invalid Credentials")
+            }
+            else{
+                res.redirect("/login");            
+            }
+        }
+    })
+});
+app.listen(3000,function(){
+    console.log("The server is running at port 3000");
+});

JavaScript/SecretsProject/app2.js

@@ -0,0 +1,117 @@
+//Using passport.js to add cookies and sessions
+require('dotenv').config();
+const express=require('express');
+const bodyParser=require('body-parser');
+const ejs=require('ejs');
+const mongoose=require('mongoose');
+const validator=require('validator');
+const session = require('express-session');
+const passport=require('passport');
+const passportLocalMongoose=require('passport-local-mongoose');
+
+const app=express();
+
+app.use(express.static("public"));
+app.set('view engine', 'ejs');
+app.use(bodyParser.urlencoded({extended: true}));
+
+
+app.use(session({
+  secret: "My own little secret.",
+  resave:false,
+  saveUninitialized: false
+}));
+app.use(passport.initialize());
+app.use(passport.session());
+
+mongoose.connect("mongodb://localhost:27017/userDB", { useNewUrlParser: true })
+.then(()=> console.log("Connection successful..."))
+.catch((err)=>console.log(err));
+
+const userSchema= new mongoose.Schema({
+      username: {
+          type: String,
+          required:true,
+          unique:true,
+         validate(value){
+            if(!validator.isEmail(value))    //Npm Validator
+            throw new Error("Email is invalid");
+           }},
+      password: {
+          type: String,
+          unique:true
+      }
+
+});
+
+userSchema.plugin(passportLocalMongoose);
+
+
+const User= new mongoose.model("User",userSchema);
+
+
+
+passport.use(User.createStrategy());
+passport.serializeUser(User.serializeUser());
+passport.deserializeUser(User.deserializeUser());
+
+app.get("/",function(req,res){
+    res.render("home");
+});
+app.get("/login",function(req,res){
+    res.render("login");
+});
+app.get("/register",function(req,res){
+    res.render("register");
+});
+app.get("/secrets",function(req,res){
+    if(req.isAuthenticated()){
+        res.render("secrets");
+    }
+    else
+    res.redirect("/login");
+});
+app.get("/logout",function(req,res){
+    req.logout();
+    res.redirect("/");
+});
+
+
+app.post("/register",function(req,res){
+
+    User.register({username: req.body.username},req.body.password,function(err,user){
+        if(err)
+        {
+            console.log(err);
+            res.redirect("/register");
+        }
+        else
+        {
+           passport.authenticate("local")(req,res,function(){
+               res.redirect("/secrets");
+           });
+        }
+    });
+
+});
+app.post("/login",function(req,res){
+    const newUser=new User({
+        username: req.body.username,
+        password: req.body.password
+    });
+    req.login(newUser,function(err){
+        if(err){
+            console.log(err);
+        }
+        else
+        {
+            passport.authenticate("local")(req,res,function(){
+               res.redirect("/secrets");
+            });
+        }
+    });
+});
+
+app.listen(3000,function(){
+    console.log("The server is running at port 3000");
+});