5 files changed, 1130 insertions, 0 deletions

diff --git a/src/internal-server/app/Controllers/Http/RecipeController.js b/src/internal-server/app/Controllers/Http/RecipeController.js
new file mode 100644
index 000000000..8a6b4f684
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/RecipeController.js
@@ -0,0 +1,120 @@
+const Recipe = use('App/Models/Recipe');
+const Drive = use('Drive');
+const {
+  validateAll,
+} = use('Validator');
+const Env = use('Env');
+
+const fetch = require('node-fetch');
+
+const RECIPES_URL = 'https://api.getferdi.com/v1/recipes';
+
+class RecipeController {
+  // List official and custom recipes
+  async list({
+    response,
+  }) {
+    const officialRecipes = JSON.parse(await (await fetch(RECIPES_URL)).text());
+    const customRecipesArray = (await Recipe.all()).rows;
+    const customRecipes = customRecipesArray.map(recipe => ({
+      id: recipe.recipeId,
+      name: recipe.name,
+      ...JSON.parse(recipe.data),
+    }));
+
+    const recipes = [
+      ...officialRecipes,
+      ...customRecipes,
+    ];
+
+    return response.send(recipes);
+  }
+
+  // Search official and custom recipes
+  async search({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      needle: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a needle',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const needle = request.input('needle');
+
+    // Get results
+    let results;
+
+    if (needle === 'ferdi:custom') {
+      const dbResults = (await Recipe.all()).toJSON();
+      results = dbResults.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+    } else {
+      let remoteResults = [];
+      if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+        remoteResults = JSON.parse(await (await fetch(`${RECIPES_URL}/search?needle=${encodeURIComponent(needle)}`)).text());
+      }
+      const localResultsArray = (await Recipe.query().where('name', 'LIKE', `%${needle}%`).fetch()).toJSON();
+      const localResults = localResultsArray.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+
+      results = [
+        ...localResults,
+        ...remoteResults || [],
+      ];
+    }
+
+    return response.send(results);
+  }
+
+  // Download a recipe
+  async download({
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(params, {
+      recipe: 'required|accepted',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a recipe ID',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const service = params.recipe;
+
+    // Check for invalid characters
+    if (/\.{1,}/.test(service) || /\/{1,}/.test(service)) {
+      return response.send('Invalid recipe name');
+    }
+
+    // Check if recipe exists in recipes folder
+    if (await Drive.exists(`${service}.tar.gz`)) {
+      return response.send(await Drive.get(`${service}.tar.gz`));
+    } if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+      return response.redirect(`${RECIPES_URL}/download/${service}`);
+    }
+    return response.status(400).send({
+      message: 'Recipe not found',
+      code: 'recipe-not-found',
+    });
+  }
+}
+
+module.exports = RecipeController;
diff --git a/src/internal-server/app/Controllers/Http/ServiceController.js b/src/internal-server/app/Controllers/Http/ServiceController.js
new file mode 100644
index 000000000..36d20c70c
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/ServiceController.js
@@ -0,0 +1,290 @@
+const Service = use('App/Models/Service');
+const {
+  validateAll,
+} = use('Validator');
+const Env = use('Env');
+
+const uuid = require('uuid/v4');
+const path = require('path');
+const fs = require('fs-extra');
+
+class ServiceController {
+  // Create a new service for user
+  async create({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|string',
+      recipeId: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let serviceId;
+    do {
+      serviceId = uuid();
+    } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+    await Service.create({
+      serviceId,
+      name: data.name,
+      recipeId: data.recipeId,
+      settings: JSON.stringify(data),
+    });
+
+    return response.send({
+      data: {
+        userId: 1,
+        id: serviceId,
+        isEnabled: true,
+        isNotificationEnabled: true,
+        isBadgeEnabled: true,
+        isMuted: false,
+        isDarkModeEnabled: '',
+        spellcheckerLanguage: '',
+        order: 1,
+        customRecipe: false,
+        hasCustomIcon: false,
+        workspaces: [],
+        iconUrl: null,
+        ...data,
+      },
+      status: ['created'],
+    });
+  }
+
+  // List all services a user has created
+  async list({
+    response,
+  }) {
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map((service) => {
+      const settings = typeof service.settings === 'string' ? JSON.parse(service.settings) : service.settings;
+
+      return {
+        customRecipe: false,
+        hasCustomIcon: false,
+        isBadgeEnabled: true,
+        isDarkModeEnabled: '',
+        isEnabled: true,
+        isMuted: false,
+        isNotificationEnabled: true,
+        order: 1,
+        spellcheckerLanguage: '',
+        workspaces: [],
+        ...JSON.parse(service.settings),
+        iconUrl: settings.iconId ? `http://127.0.0.1:${Env.get('PORT')}/v1/icon/${settings.iconId}` : null,
+        id: service.serviceId,
+        name: service.name,
+        recipeId: service.recipeId,
+        userId: 1,
+      };
+    });
+
+    return response.send(servicesArray);
+  }
+
+  async edit({
+    request,
+    response,
+    params,
+  }) {
+    if (request.file('icon')) {
+      // Upload custom service icon
+      await fs.ensureDir(path.join(Env.get('USER_PATH'), 'icons'));
+
+      const icon = request.file('icon', {
+        types: ['image'],
+        size: '2mb',
+      });
+      const {
+        id,
+      } = params;
+      const service = (await Service.query()
+        .where('serviceId', id).fetch()).rows[0];
+      const settings = typeof service.settings === 'string' ? JSON.parse(service.settings) : service.settings;
+
+      // Generate new icon ID
+      let iconId;
+      do {
+        iconId = uuid() + uuid();
+      // eslint-disable-next-line no-await-in-loop
+      } while (await fs.exists(path.join(Env.get('USER_PATH'), 'icons', iconId)));
+
+      await icon.move(path.join(Env.get('USER_PATH'), 'icons'), {
+        name: iconId,
+        overwrite: true,
+      });
+
+      if (!icon.moved()) {
+        return response.status(500).send(icon.error());
+      }
+
+      const newSettings = {
+        ...settings,
+        ...{
+          iconId,
+          customIconVersion: settings && settings.customIconVersion ? settings.customIconVersion + 1 : 1,
+        },
+      };
+
+      // Update data in database
+      await (Service.query()
+        .where('serviceId', id)).update({
+        name: service.name,
+        settings: JSON.stringify(newSettings),
+      });
+
+      return response.send({
+        data: {
+          id,
+          name: service.name,
+          ...newSettings,
+          iconUrl: `http://127.0.0.1:${Env.get('PORT')}/v1/icon/${newSettings.iconId}`,
+          userId: 1,
+        },
+        status: ['updated'],
+      });
+    }
+    // Update service info
+    const data = request.all();
+    const {
+      id,
+    } = params;
+
+    // Get current settings from db
+    const serviceData = (await Service.query()
+      .where('serviceId', id).fetch()).rows[0];
+
+    const settings = {
+      ...typeof serviceData.settings === 'string' ? JSON.parse(serviceData.settings) : serviceData.settings,
+      ...data,
+    };
+
+    // Update data in database
+    await (Service.query()
+      .where('serviceId', id)).update({
+      name: data.name,
+      settings: JSON.stringify(settings),
+    });
+
+    // Get updated row
+    const service = (await Service.query()
+      .where('serviceId', id).fetch()).rows[0];
+
+    return response.send({
+      data: {
+        id,
+        name: service.name,
+        ...settings,
+        iconUrl: `${Env.get('APP_URL')}/v1/icon/${settings.iconId}`,
+        userId: 1,
+      },
+      status: ['updated'],
+    });
+  }
+
+  async icon({
+    params,
+    response,
+  }) {
+    const {
+      id,
+    } = params;
+
+    const iconPath = path.join(Env.get('USER_PATH'), 'icons', id);
+    if (!await fs.exists(iconPath)) {
+      return response.status(404).send({
+        status: 'Icon doesn\'t exist',
+      });
+    }
+
+    return response.download(iconPath);
+  }
+
+  async reorder({
+    request,
+    response,
+  }) {
+    const data = request.all();
+
+    for (const service of Object.keys(data)) {
+      // Get current settings from db
+      const serviceData = (await Service.query() // eslint-disable-line no-await-in-loop
+        .where('serviceId', service).fetch()).rows[0];
+
+      const settings = {
+        ...JSON.parse(serviceData.settings),
+        order: data[service],
+      };
+
+      // Update data in database
+      await (Service.query() // eslint-disable-line no-await-in-loop
+        .where('serviceId', service))
+        .update({
+          settings: JSON.stringify(settings),
+        });
+    }
+
+    // Get new services
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map((service) => {
+      const settings = typeof service.settings === 'string' ? JSON.parse(service.settings) : service.settings;
+
+      return {
+        customRecipe: false,
+        hasCustomIcon: false,
+        isBadgeEnabled: true,
+        isDarkModeEnabled: '',
+        isEnabled: true,
+        isMuted: false,
+        isNotificationEnabled: true,
+        order: 1,
+        spellcheckerLanguage: '',
+        workspaces: [],
+        ...JSON.parse(service.settings),
+        iconUrl: settings.iconId ? `http://127.0.0.1:${Env.get('PORT')}/v1/icon/${settings.iconId}` : null,
+        id: service.serviceId,
+        name: service.name,
+        recipeId: service.recipeId,
+        userId: 1,
+      };
+    });
+
+    return response.send(servicesArray);
+  }
+
+  update({
+    response,
+  }) {
+    return response.send([]);
+  }
+
+  async delete({
+    params,
+    response,
+  }) {
+    // Update data in database
+    await (Service.query()
+      .where('serviceId', params.id)).delete();
+
+    return response.send({
+      message: 'Sucessfully deleted service',
+      status: 200,
+    });
+  }
+}
+
+module.exports = ServiceController;
diff --git a/src/internal-server/app/Controllers/Http/StaticController.js b/src/internal-server/app/Controllers/Http/StaticController.js
new file mode 100644
index 000000000..69dfee0a3
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/StaticController.js
@@ -0,0 +1,205 @@
+/**
+ * Controller for routes with static responses
+ */
+
+class StaticController {
+  // Enable all features
+  features({
+    response,
+  }) {
+    return response.send({
+      isServiceProxyEnabled: true,
+      isWorkspaceEnabled: true,
+      isAnnouncementsEnabled: true,
+      isSettingsWSEnabled: false,
+      isMagicBarEnabled: true,
+      isTodosEnabled: true,
+      subscribeURL: 'https://getferdi.com',
+      hasInlineCheckout: true,
+    });
+  }
+
+  // Return an empty array
+  emptyArray({
+    response,
+  }) {
+    return response.send([]);
+  }
+
+  // Return list of popular recipes (copy of the response Franz's API is returning)
+  popularRecipes({
+    response,
+  }) {
+    return response.send([{
+      // TODO: Why is this list hardcoded?
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'slack',
+      name: 'Slack',
+      version: '1.0.4',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/slack/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/slack/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'whatsapp',
+      name: 'WhatsApp',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/whatsapp/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/whatsapp/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'messenger',
+      name: 'Messenger',
+      version: '1.0.6',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/messenger/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/messenger/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'telegram',
+      name: 'Telegram',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/telegram/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/telegram/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'gmail',
+      name: 'Gmail',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gmail/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gmail/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'skype',
+      name: 'Skype',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/skype/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/skype/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'hangouts',
+      name: 'Hangouts',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/hangouts/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/hangouts/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'discord',
+      name: 'Discord',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/discord/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/discord/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'tweetdeck',
+      name: 'Tweetdeck',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/tweetdeck/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/tweetdeck/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'hipchat',
+      name: 'HipChat',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/hipchat/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/hipchat/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'gmailinbox',
+      name: 'Inbox by Gmail',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gmailinbox/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gmailinbox/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'rocketchat',
+      name: 'Rocket.Chat',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/rocketchat/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/rocketchat/src/icon.svg',
+      },
+    }, {
+      author: 'Brian Gilbert <brian@briangilbert.net>',
+      featured: false,
+      id: 'gitter',
+      name: 'Gitter',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gitter/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gitter/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'mattermost',
+      name: 'Mattermost',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/mattermost/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/mattermost/src/icon.svg',
+      },
+    }, {
+      author: 'Franz <recipe@meetfranz.com>',
+      featured: false,
+      id: 'toggl',
+      name: 'toggl',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/toggl/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/toggl/src/icon.svg',
+      },
+    }, {
+      author: 'Stuart Clark <stuart@realityloop.com>',
+      featured: false,
+      id: 'twist',
+      name: 'twist',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/twist/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/twist/src/icon.svg',
+      },
+    }]);
+  }
+
+  // Show announcements
+  announcement({
+    response,
+  }) {
+    return response.send({});
+  }
+}
+
+module.exports = StaticController;
diff --git a/src/internal-server/app/Controllers/Http/UserController.js b/src/internal-server/app/Controllers/Http/UserController.js
new file mode 100644
index 000000000..f7cdfc9c9
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/UserController.js
@@ -0,0 +1,367 @@
+const User = use('App/Models/User');
+const Service = use('App/Models/Service');
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+
+const btoa = require('btoa');
+const fetch = require('node-fetch');
+const uuid = require('uuid/v4');
+const crypto = require('crypto');
+
+const apiRequest = (url, route, method, auth) => new Promise((resolve, reject) => {
+  const base = `${url}/v1/`;
+  const user = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+  try {
+    fetch(base + route, {
+      method,
+      headers: {
+        Authorization: `Bearer ${auth}`,
+        'User-Agent': user,
+      },
+    })
+      .then(data => data.json())
+      .then(json => resolve(json));
+  } catch (e) {
+    reject();
+  }
+});
+
+class UserController {
+  // Register a new user
+  async signup({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      firstname: 'required',
+      email: 'required|email',
+      password: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully created account',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Login using an existing user
+  async login({
+    request,
+    response,
+  }) {
+    if (!request.header('Authorization')) {
+      return response.status(401).send({
+        message: 'Please provide authorization',
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully logged in',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Return information about the current user
+  async me({
+    response,
+  }) {
+    const user = await User.find(1);
+
+    const settings = typeof user.settings === 'string' ? JSON.parse(user.settings) : user.settings;
+
+    return response.send({
+      accountType: 'individual',
+      beta: false,
+      donor: {},
+      email: '',
+      emailValidated: true,
+      features: {},
+      firstname: 'Ferdi',
+      id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+      isSubscriptionOwner: true,
+      lastname: 'Application',
+      locale: 'en-US',
+      ...settings || {},
+    });
+  }
+
+  async updateMe({
+    request,
+    response,
+  }) {
+    const user = await User.find(1);
+
+    let settings = user.settings || {};
+    if (typeof settings === 'string') {
+      settings = JSON.parse(settings);
+    }
+
+    const newSettings = {
+      ...settings,
+      ...request.all(),
+    };
+
+    user.settings = JSON.stringify(newSettings);
+    await user.save();
+
+    return response.send({
+      data: {
+        accountType: 'individual',
+        beta: false,
+        donor: {},
+        email: '',
+        emailValidated: true,
+        features: {},
+        firstname: 'Ferdi',
+        id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+        isSubscriptionOwner: true,
+        lastname: 'Application',
+        locale: 'en-US',
+        ...newSettings,
+      },
+      status: [
+        'data-updated',
+      ],
+    });
+  }
+
+  async import({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      email: 'required|email',
+      password: 'required',
+      server: 'required',
+    });
+    if (validation.fails()) {
+      let errorMessage = 'There was an error while trying to import your account:\n';
+      for (const message of validation.messages()) {
+        if (message.validation === 'required') {
+          errorMessage += `- Please make sure to supply your ${message.field}\n`;
+        } else if (message.validation === 'unique') {
+          errorMessage += '- There is already a user with this email.\n';
+        } else {
+          errorMessage += `${message.message}\n`;
+        }
+      }
+      return response.status(401).send(errorMessage);
+    }
+
+    const {
+      email,
+      password,
+      server,
+    } = request.all();
+
+    const hashedPassword = crypto.createHash('sha256').update(password).digest('base64');
+
+    const base = `${server}/v1/`;
+    const userAgent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+    // Try to get an authentication token
+    let token;
+    try {
+      const basicToken = btoa(`${email}:${hashedPassword}`);
+
+      const rawResponse = await fetch(`${base}auth/login`, {
+        method: 'POST',
+        headers: {
+          Authorization: `Basic ${basicToken}`,
+          'User-Agent': userAgent,
+        },
+      });
+      const content = await rawResponse.json();
+
+      if (!content.message || content.message !== 'Successfully logged in') {
+        const errorMessage = 'Could not login into Franz with your supplied credentials. Please check and try again';
+        return response.status(401).send(errorMessage);
+      }
+
+      // eslint-disable-next-line prefer-destructuring
+      token = content.token;
+    } catch (e) {
+      return response.status(401).send({
+        message: 'Cannot login to Franz',
+        error: e,
+      });
+    }
+
+    // Get user information
+    let userInf = false;
+    try {
+      userInf = await apiRequest(server, 'me', 'GET', token);
+    } catch (e) {
+      const errorMessage = `Could not get your user info from Franz. Please check your credentials or try again later.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+    if (!userInf) {
+      const errorMessage = 'Could not get your user info from Franz. Please check your credentials or try again later';
+      return response.status(401).send(errorMessage);
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      const services = await apiRequest(server, 'me/services', 'GET', token);
+
+      for (const service of services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        await Service.create({ // eslint-disable-line no-await-in-loop
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service),
+        });
+
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your services into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      const workspaces = await apiRequest(server, 'workspace', 'GET', token);
+
+      for (const workspace of workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        const services = workspace.services.map(service => serviceIdTranslation[service]);
+
+        await Workspace.create({ // eslint-disable-line no-await-in-loop
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify({}),
+        });
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send('Your account has been imported. You can now use your Franz account in Ferdi.');
+  }
+
+  // Account import/export
+  async export({
+    // eslint-disable-next-line no-unused-vars
+    auth,
+    response,
+  }) {
+    const services = (await Service.all()).toJSON();
+    const workspaces = (await Workspace.all()).toJSON();
+
+    const exportData = {
+      username: 'Ferdi',
+      mail: 'internal@getferdi.com',
+      services,
+      workspaces,
+    };
+
+    return response
+      .header('Content-Type', 'application/force-download')
+      .header('Content-disposition', 'attachment; filename=export.ferdi-data')
+      .send(exportData);
+  }
+
+  async importFerdi({
+    request,
+    response,
+  }) {
+    const validation = await validateAll(request.all(), {
+      file: 'required',
+    });
+    if (validation.fails()) {
+      return response.send(validation.messages());
+    }
+
+    let file;
+    try {
+      file = JSON.parse(request.input('file'));
+    } catch (e) {
+      return response.send('Could not import: Invalid file, could not read file');
+    }
+
+    if (!file || !file.services || !file.workspaces) {
+      return response.send('Could not import: Invalid file (2)');
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      for (const service of file.services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        await Service.create({ // eslint-disable-line no-await-in-loop
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service.settings),
+        });
+
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your services into our system.\nError: ${e}`;
+      return response.send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      for (const workspace of file.workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        const services = workspace.services.map((service) => serviceIdTranslation[service]);
+
+        await Workspace.create({ // eslint-disable-line no-await-in-loop
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify(workspace.data),
+        });
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send('Your account has been imported.');
+  }
+}
+
+module.exports = UserController;
diff --git a/src/internal-server/app/Controllers/Http/WorkspaceController.js b/src/internal-server/app/Controllers/Http/WorkspaceController.js
new file mode 100644
index 000000000..4189fbcdd
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/WorkspaceController.js
@@ -0,0 +1,148 @@
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+
+const uuid = require('uuid/v4');
+
+class WorkspaceController {
+  // Create a new workspace for user
+  async create({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let workspaceId;
+    do {
+      workspaceId = uuid();
+    } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+    const order = (await Workspace.all()).rows.length;
+
+    await Workspace.create({
+      workspaceId,
+      name: data.name,
+      order,
+      services: JSON.stringify([]),
+      data: JSON.stringify(data),
+    });
+
+    return response.send({
+      userId: 1,
+      name: data.name,
+      id: workspaceId,
+      order,
+      workspaces: [],
+    });
+  }
+
+  async edit({
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required',
+      services: 'required|array',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).update({
+      name: data.name,
+      services: JSON.stringify(data.services),
+    });
+
+    // Get updated row
+    const workspace = (await Workspace.query()
+      .where('workspaceId', id).fetch()).rows[0];
+
+    return response.send({
+      id: workspace.workspaceId,
+      name: data.name,
+      order: workspace.order,
+      services: data.services,
+      userId: 1,
+    });
+  }
+
+  async delete({
+    // eslint-disable-next-line no-unused-vars
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(params, {
+      id: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).delete();
+
+    return response.send({
+      message: 'Successfully deleted workspace',
+    });
+  }
+
+  // List all workspaces a user has created
+  async list({
+    response,
+  }) {
+    const workspaces = (await Workspace.all()).rows;
+    // Convert to array with all data Franz wants
+    let workspacesArray = [];
+    if (workspaces) {
+      workspacesArray = workspaces.map(workspace => ({
+        id: workspace.workspaceId,
+        name: workspace.name,
+        order: workspace.order,
+        services: typeof workspace.services === 'string' ? JSON.parse(workspace.services) : workspace.services,
+        userId: 1,
+      }));
+    }
+
+    return response.send(workspacesArray);
+  }
+}
+
+module.exports = WorkspaceController;