diff --git a/package.json b/package.json index fb07f0753a..d2b409f62d 100644 --- a/package.json +++ b/package.json @@ -24,11 +24,10 @@ "nconf": "*", "icalendar": "git://github.com/lefnire/node-icalendar#master", "nodetime": "*", - "resolve": "~0.2.3", - "request": "~2.14.0", "querystring": "~0.1.0", - "nock": "~0.15.2", - "superagent": "~0.12.4" + "superagent": "~0.12.4", + "resolve": "~0.2.3", + "browserify": "1.17.3" }, "private": true, "subdomain": "habitrpg", diff --git a/public/500.html b/public/500.html index 3d6b161835..fec68a85bf 100644 --- a/public/500.html +++ b/public/500.html @@ -36,15 +36,8 @@
-

The server is under heavy load or is experiencing issues.

-

Try again in a few, the developer has been notified. In the meantime, Habit could use your support to get these issues squared away - please consider backing the Kickstarter Campaign.

- Kickstarter -
-
-

 

-

-
-
+

The server is experiencing issues.

+

Try again in a few, the developer has been notified. The most likely culprit is this issue which Tyler is working frantically to fix. (Any memory leak experts?)

diff --git a/public/splash.html b/public/splash.html index 9b40c43f11..2c66d1a255 100644 --- a/public/splash.html +++ b/public/splash.html @@ -39,8 +39,7 @@

HabitRPG

-

A habit tracker app which treats your goals like a Role Playing Game. Level up as you succeed, lose HP as you fail, earn money to buy weapons and armor.

- Kickstarter +

Habit tracking which treats your goals like a Role Playing Game. Level up as you succeed, lose HP as you fail, earn money to buy weapons and armor.

Play
diff --git a/server.js b/server.js index 7aae084865..c19fa948ec 100644 --- a/server.js +++ b/server.js @@ -19,14 +19,6 @@ process.env.SMTP_PASS = conf.get("SMTP_PASS"); process.env.SMTP_SERVICE = conf.get("SMTP_SERVICE"); process.env.STRIPE_API_KEY = conf.get("STRIPE_API_KEY"); process.env.STRIPE_PUB_KEY = conf.get("STRIPE_PUB_KEY"); -process.env.NODETIME_KEY = conf.get("NODETIME_KEY"); - -if (process.env.NODETIME_KEY) { - require('nodetime').profile({ - accountKey: process.env.NODETIME_KEY, - appName: 'HabitRPG' - }); -} process.on('uncaughtException', function (error) { diff --git a/src/app/index.coffee b/src/app/index.coffee index b4d27a9cb0..2c2f3340ca 100644 --- a/src/app/index.coffee +++ b/src/app/index.coffee @@ -24,6 +24,8 @@ _ = require('underscore') # ========== ROUTES ========== get '/', (page, model, next) -> + return page.redirect '/' if page.params?.query?.play? + # temporary view variables, so we don't call model.set() too fast _view = model.get '_view' || {} diff --git a/src/app/items.coffee b/src/app/items.coffee index 0c18ce9acd..643c1d2288 100644 --- a/src/app/items.coffee +++ b/src/app/items.coffee @@ -28,7 +28,7 @@ items = module.exports.items = ] shield: [ {index: 0, text: "No Shield", classes: 'shield_0', notes:'No Shield.', modifier: 0.00, value:0} - {index: 1, text: "Wooden Shield", classes: 'shield_1', notes:'Decreases HP loss by 2%', modifier: 0.02, value:20} + {index: 1, text: "Wooden Shield", classes: 'shield_1', notes:'Decreases HP loss by 3%', modifier: 0.03, value:20} {index: 2, text: "Buckler", classes: 'shield_2', notes:'Decreases HP loss by 4%.', modifier: 0.04, value:35} {index: 3, text: "Enforced Shield", classes: 'shield_3', notes:'Decreases HP loss by 5%.', modifier: 0.05, value:55} {index: 4, text: "Red Shield", classes: 'shield_4', notes:'Decreases HP loss by 7%.', modifier: 0.07, value:70} diff --git a/src/app/party.coffee b/src/app/party.coffee index 2e5c269671..0284d2444d 100644 --- a/src/app/party.coffee +++ b/src/app/party.coffee @@ -23,7 +23,7 @@ module.exports.partySubscribe = partySubscribe = (model, cb) -> # partyUnsubscribe model, -> # Restart subscription to the main user - selfQ = model.query('users').withId(model.get('_userId') or model.session.userId) + selfQ = model.query('users').withId model.get('_userId') #or model.session.userId # see http://goo.gl/TPYIt selfQ.subscribe (err, self) -> throw err if err u = self.at(0) @@ -166,7 +166,7 @@ module.exports.app = (appExports, model) -> # model.set '_party', null # model.set '_partyMembers', null # partyUnsubscribe model, -> -# selfQ = model.query('users').withId(model.get('_userId') or model.session.userId) +# selfQ = model.query('users').withId model.get('_userId') #or model.session.userId # see http://goo.gl/TPYIt # selfQ.subscribe (err, u) -> # model.ref '_user', u.at(0) # browser.resetDom model \ No newline at end of file diff --git a/src/app/tasks.coffee b/src/app/tasks.coffee index 0feba1c746..8f14840e9f 100644 --- a/src/app/tasks.coffee +++ b/src/app/tasks.coffee @@ -43,8 +43,8 @@ module.exports.app = (appExports, model) -> list = model.at "_#{type}List" newModel = model.at('_new' + type.charAt(0).toUpperCase() + type.slice(1)) text = newModel.get() - # Don't add a blank task - if /^(\s)*$/.test(text) + # Don't add a blank task; 20/02/13 Added a check for undefined value, more at issue #463 -lancemanfv + if /^(\s)*$/.test(text) || text == undefined console.error "Task text entered was an empty string." return @@ -171,4 +171,4 @@ module.exports.app = (appExports, model) -> direction = 'up' if direction == 'true/' direction = 'down' if direction == 'false/' task = model.at $(el).parents('li')[0] - scoring.score(task.get('id'), direction) \ No newline at end of file + scoring.score(task.get('id'), direction) diff --git a/src/server/api.coffee b/src/server/api.coffee index 979e1ead6b..262712e193 100644 --- a/src/server/api.coffee +++ b/src/server/api.coffee @@ -60,7 +60,7 @@ router.post '/user/tasks', (req, res) -> return res.json task -router.get '/user/calendar.ics', (req, res) -> +router.get '/users/:uid/calendar.ics', (req, res) -> #return next() #disable for now {uid} = req.params {apiToken} = req.query diff --git a/src/server/index.coffee b/src/server/index.coffee index ab304c3c72..aaaabe8f00 100644 --- a/src/server/index.coffee +++ b/src/server/index.coffee @@ -69,10 +69,10 @@ mongo_store = new MongoStore {url: process.env.NODE_DB_URI}, -> cookie: { maxAge: TWO_WEEKS } # defaults to 2 weeks? aka, can delete this line? store: mongo_store ) - # Show splash page for newcomers - .use(middleware.splash) # Adds req.getModel method .use(store.modelMiddleware()) + # Show splash page for newcomers + .use(middleware.splash) .use(priv.middleware) .use(middleware.view) .use(auth.middleware(strategies, options)) diff --git a/src/server/middleware.coffee b/src/server/middleware.coffee index d74eb1953e..6fa8210a1d 100644 --- a/src/server/middleware.coffee +++ b/src/server/middleware.coffee @@ -1,10 +1,11 @@ module.exports.splash = (req, res, next) -> # This was an API call, not a page load - return next() if /^\/api/.test req.path - if !req.session.userId? and !req.query?.play? - res.redirect('/splash.html') - else - next() +return next() if /^\/(api)|(v1)/.test req.path + +unless req.query?.play? or req.getModel().get('_userId') + res.redirect('/splash.html') +else + next() module.exports.view = (req, res, next) -> model = req.getModel() diff --git a/src/server/private.coffee b/src/server/private.coffee index e9b5617053..f882bac83b 100644 --- a/src/server/private.coffee +++ b/src/server/private.coffee @@ -50,7 +50,7 @@ module.exports.routes = (expressApp) -> return res.send(500, err.response.error.message) else model = req.getModel() - userId = model.session.userId + userId = model.get('_userId') #or model.session.userId # see http://goo.gl/TPYIt req._isServer = true model.fetch "users.#{userId}", (err, user) -> model.ref '_user', "users.#{userId}" diff --git a/src/server/store.coffee b/src/server/store.coffee index 0dc2af090e..cebd70e5cd 100644 --- a/src/server/store.coffee +++ b/src/server/store.coffee @@ -1,3 +1,5 @@ +derbyAuth = require('derby-auth/store') + ### Setup read / write access @param store @@ -14,14 +16,21 @@ module.exports.customAccessControl = (store) -> userAccess = (store) -> store.readPathAccess "users.*", -> # captures, accept, err -> + accept = arguments[arguments.length-2] + err = arguments[arguments.length - 1] +# return err(derbyAuth.SESSION_INVALIDATED_ERROR) if derbyAuth.bustedSession(@) + return accept(false) if derbyAuth.bustedSession(@) + accept = arguments[arguments.length - 2] - return accept(true) unless @session?.userId # https://github.com/codeparty/racer/issues/37 uid = arguments[0] - accept (uid is @session.userId) or @session.req?._isServer + accept (uid is @session.userId) or derbyAuth.isServer(@) store.writeAccess "*", "users.*", -> # captures, value, accept, err -> accept = arguments[arguments.length-2] - return accept(true) unless @session?.userId # https://github.com/codeparty/racer/issues/37 + err = arguments[arguments.length - 1] +# return err(derbyAuth.SESSION_INVALIDATED_ERROR) if derbyAuth.bustedSession(@) + return accept(false) if derbyAuth.bustedSession(@) + captures = arguments[0].split('.') uid = captures.shift() attrPath = captures.join('.') # new array shifted left, after shift() was run @@ -31,21 +40,25 @@ userAccess = (store) -> return accept(true) # Same session (user.id = this.session.userId) - if (uid is @session.userId) or @session.req?._isServer + if (uid is @session.userId) or derbyAuth.isServer(@) return accept(true) accept(false) store.writeAccess "*", "users.*.balance", (id, newBalance, accept, err) -> - return accept(true) unless @session?.userId # https://github.com/codeparty/racer/issues/37 +# return err(derbyAuth.SESSION_INVALIDATED_ERROR) if derbyAuth.bustedSession(@) + return accept(false) if derbyAuth.bustedSession(@) + oldBalance = @session.req?._racerModel?.get("users.#{id}.balance") || 0 purchasingSomethingOnClient = newBalance < oldBalance accept(purchasingSomethingOnClient or @session.req?._isServer) store.writeAccess "*", "users.*.flags.ads", -> # captures, value, accept, err -> - accept = arguments[arguments.length - 1] - return accept(true) unless @session?.userId # https://github.com/codeparty/racer/issues/37 - accept(@session.req?._isServer) + err = arguments[arguments.length - 1] +# return err(derbyAuth.SESSION_INVALIDATED_ERROR) if derbyAuth.bustedSession(@) + return accept(false) if derbyAuth.bustedSession(@) + + accept(derbyAuth.isServer(@)) ### @@ -56,14 +69,12 @@ REST = (store) -> store.query.expose "users", "withIdAndToken", (uid, token) -> @byId(uid) .where('apiToken').equals(token) - .limit(1) + .one store.queryAccess "users", "withIdAndToken", (uid, token, accept, err) -> return accept(true) if uid && token accept(false) # only user has id & token - #store.query.expose - ### Party permissions @@ -79,11 +90,15 @@ partySystem = (store) -> 'auth.facebook.displayName') store.queryAccess "users", "party", (ids, accept, err) -> +# return err(derbyAuth.SESSION_INVALIDATED_ERROR) if derbyAuth.bustedSession(@) + return accept(false) if derbyAuth.bustedSession(@) accept(true) # no harm in public user stats store.query.expose "parties", "withId", (id) -> @where("id").equals(id) store.queryAccess "parties", "withId", (id, accept, err) -> +# return err(derbyAuth.SESSION_INVALIDATED_ERROR) if derbyAuth.bustedSession(@) + return accept(false) if derbyAuth.bustedSession(@) accept(true) store.readPathAccess "parties.*", -> @@ -92,4 +107,7 @@ partySystem = (store) -> store.writeAccess "*", "parties.*", -> accept = arguments[arguments.length-2] + err = arguments[arguments.length - 1] +# return err(derbyAuth.SESSION_INVALIDATED_ERROR) if derbyAuth.bustedSession(@) + return accept(false) if derbyAuth.bustedSession(@) accept(true)