POST request parsing added

package.json

@@ -23,6 +23,7 @@
   },
   "homepage": "https://github.com/chmllr/NoteHub",
   "dependencies": {
+    "body-parser": "^1.14.1",
     "express": "^4.13.3",
     "lru-cache": "^2.6.5",
     "marked": "^0.3.5",

resources/public/js/publishing.js

@@ -38,7 +38,8 @@ function onLoad() {
   $("publish-button").onclick = function(e) {
     if ($plain_password.value != "") $("password").value = md5($plain_password.value);
     $plain_password.value = null;
-    $("signature").value = md5($("session").value + $note.value);
+    $("signature").value = md5($("session").value + 
+      $note.value.replace(/[\n\r]/g, ""));
   }
   if (iosDetected) $note.className += " ui-border";
   else $note.focus();

server.js

@@ -2,9 +2,13 @@ var express = require('express');
 var page = require('./src/page');
 var storage = require('./src/storage');
 var md5 = require('md5');
-var LRU = require("lru-cache");
+var LRU = require("lru-cache")
+var bodyParser = require('body-parser');
 
 var app = express();
+
+app.use(bodyParser.urlencoded({ extended: true }));
+
 var CACHE = new LRU(30);
 
 var getTimeStamp = () => {
@@ -20,7 +24,13 @@ app.get('/new', function (req, res) {
 });
 
 app.post('/note', function (req, res) {
-  console.log(req.params);
+  var body = req.body, session = body.session, note = body.note; 
+  if (session.indexOf(getTimeStamp()) != 0)
+    return sendResponse(res, 400, "Session expired");
+  var expectedSignature = md5(session + note.replace(/[\n\r]/g, "")); 
+  if (expectedSignature != body.signature)
+    return sendResponse(res, 400, "Signature mismatch");
+  sendResponse(res, 200, JSON.stringify(body));
 });
 
 app.get("/:year/:month/:day/:title", function (req, res) {
@@ -39,6 +49,11 @@ app.get(/\/([a-zA-Z0-9]*)/, function (req, res) {
   });
 });
 
+var sendResponse = (res, code, message) => {
+  res.status(code);
+  res.send(message);
+};
+
 var server = app.listen(3000, function () {
   console.log('NoteHub server listening on port %s', server.address().port);
 });