13 files changed, 1072 insertions, 0 deletions

diff --git a/src/internal-server/app/Controllers/Http/RecipeController.js b/src/internal-server/app/Controllers/Http/RecipeController.js
new file mode 100644
index 000000000..8a6b4f684
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/RecipeController.js
@@ -0,0 +1,120 @@
+const Recipe = use('App/Models/Recipe');
+const Drive = use('Drive');
+const {
+  validateAll,
+} = use('Validator');
+const Env = use('Env');
+
+const fetch = require('node-fetch');
+
+const RECIPES_URL = 'https://api.getferdi.com/v1/recipes';
+
+class RecipeController {
+  // List official and custom recipes
+  async list({
+    response,
+  }) {
+    const officialRecipes = JSON.parse(await (await fetch(RECIPES_URL)).text());
+    const customRecipesArray = (await Recipe.all()).rows;
+    const customRecipes = customRecipesArray.map(recipe => ({
+      id: recipe.recipeId,
+      name: recipe.name,
+      ...JSON.parse(recipe.data),
+    }));
+
+    const recipes = [
+      ...officialRecipes,
+      ...customRecipes,
+    ];
+
+    return response.send(recipes);
+  }
+
+  // Search official and custom recipes
+  async search({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      needle: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a needle',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const needle = request.input('needle');
+
+    // Get results
+    let results;
+
+    if (needle === 'ferdi:custom') {
+      const dbResults = (await Recipe.all()).toJSON();
+      results = dbResults.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+    } else {
+      let remoteResults = [];
+      if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+        remoteResults = JSON.parse(await (await fetch(`${RECIPES_URL}/search?needle=${encodeURIComponent(needle)}`)).text());
+      }
+      const localResultsArray = (await Recipe.query().where('name', 'LIKE', `%${needle}%`).fetch()).toJSON();
+      const localResults = localResultsArray.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+
+      results = [
+        ...localResults,
+        ...remoteResults || [],
+      ];
+    }
+
+    return response.send(results);
+  }
+
+  // Download a recipe
+  async download({
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(params, {
+      recipe: 'required|accepted',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a recipe ID',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const service = params.recipe;
+
+    // Check for invalid characters
+    if (/\.{1,}/.test(service) || /\/{1,}/.test(service)) {
+      return response.send('Invalid recipe name');
+    }
+
+    // Check if recipe exists in recipes folder
+    if (await Drive.exists(`${service}.tar.gz`)) {
+      return response.send(await Drive.get(`${service}.tar.gz`));
+    } if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+      return response.redirect(`${RECIPES_URL}/download/${service}`);
+    }
+    return response.status(400).send({
+      message: 'Recipe not found',
+      code: 'recipe-not-found',
+    });
+  }
+}
+
+module.exports = RecipeController;
diff --git a/src/internal-server/app/Controllers/Http/ServiceController.js b/src/internal-server/app/Controllers/Http/ServiceController.js
new file mode 100644
index 000000000..c76a287f7
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/ServiceController.js
@@ -0,0 +1,292 @@
+const Service = use('App/Models/Service');
+const { validateAll } = use('Validator');
+const Env = use('Env');
+
+const uuid = require('uuid/v4');
+const path = require('path');
+const fs = require('fs-extra');
+const { LOCAL_HOSTNAME } = require('../../../../config');
+
+const hostname = LOCAL_HOSTNAME;
+const port = Env.get('PORT');
+
+class ServiceController {
+  // Create a new service for user
+  async create({ request, response }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|string',
+      recipeId: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let serviceId;
+    do {
+      serviceId = uuid();
+    } while (
+      (await Service.query().where('serviceId', serviceId).fetch()).rows
+        .length > 0
+    ); // eslint-disable-line no-await-in-loop
+
+    await Service.create({
+      serviceId,
+      name: data.name,
+      recipeId: data.recipeId,
+      settings: JSON.stringify(data),
+    });
+
+    return response.send({
+      data: {
+        userId: 1,
+        id: serviceId,
+        isEnabled: true,
+        isNotificationEnabled: true,
+        isBadgeEnabled: true,
+        isMuted: false,
+        isDarkModeEnabled: '', // TODO: This should ideally be a boolean (false). But, changing it caused the sidebar toggle to not work.
+        spellcheckerLanguage: '',
+        order: 1,
+        customRecipe: false,
+        hasCustomIcon: false,
+        workspaces: [],
+        iconUrl: null,
+        ...data,
+      },
+      status: ['created'],
+    });
+  }
+
+  // List all services a user has created
+  async list({ response }) {
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map(service => {
+      const settings =
+        typeof service.settings === 'string'
+          ? JSON.parse(service.settings)
+          : service.settings;
+
+      return {
+        customRecipe: false,
+        hasCustomIcon: false,
+        isBadgeEnabled: true,
+        isDarkModeEnabled: '', // TODO: This should ideally be a boolean (false). But, changing it caused the sidebar toggle to not work.
+        isEnabled: true,
+        isMuted: false,
+        isNotificationEnabled: true,
+        order: 1,
+        spellcheckerLanguage: '',
+        workspaces: [],
+        ...JSON.parse(service.settings),
+        iconUrl: settings.iconId
+          ? `http://${hostname}:${port}/v1/icon/${settings.iconId}`
+          : null,
+        id: service.serviceId,
+        name: service.name,
+        recipeId: service.recipeId,
+        userId: 1,
+      };
+    });
+
+    return response.send(servicesArray);
+  }
+
+  async edit({ request, response, params }) {
+    if (request.file('icon')) {
+      // Upload custom service icon
+      await fs.ensureDir(path.join(Env.get('USER_PATH'), 'icons'));
+
+      const icon = request.file('icon', {
+        types: ['image'],
+        size: '2mb',
+      });
+      const { id } = params;
+      const service = (await Service.query().where('serviceId', id).fetch())
+        .rows[0];
+      const settings =
+        typeof service.settings === 'string'
+          ? JSON.parse(service.settings)
+          : service.settings;
+
+      // Generate new icon ID
+      let iconId;
+      do {
+        iconId = uuid() + uuid();
+      } while (fs.existsSync(path.join(Env.get('USER_PATH'), 'icons', iconId)));
+
+      await icon.move(path.join(Env.get('USER_PATH'), 'icons'), {
+        name: iconId,
+        overwrite: true,
+      });
+
+      if (!icon.moved()) {
+        return response.status(500).send(icon.error());
+      }
+
+      const newSettings = {
+        ...settings,
+        ...{
+          iconId,
+          customIconVersion:
+            settings && settings.customIconVersion
+              ? settings.customIconVersion + 1
+              : 1,
+        },
+      };
+
+      // Update data in database
+      await Service.query()
+        .where('serviceId', id)
+        .update({
+          name: service.name,
+          settings: JSON.stringify(newSettings),
+        });
+
+      return response.send({
+        data: {
+          id,
+          name: service.name,
+          ...newSettings,
+          iconUrl: `http://${hostname}:${port}/v1/icon/${
+            newSettings.iconId
+          }`,
+          userId: 1,
+        },
+        status: ['updated'],
+      });
+    }
+    // Update service info
+    const data = request.all();
+    const { id } = params;
+
+    // Get current settings from db
+    const serviceData = (await Service.query().where('serviceId', id).fetch())
+      .rows[0];
+
+    const settings = {
+      ...(typeof serviceData.settings === 'string'
+        ? JSON.parse(serviceData.settings)
+        : serviceData.settings),
+      ...data,
+    };
+
+    // Update data in database
+    await Service.query()
+      .where('serviceId', id)
+      .update({
+        name: data.name,
+        settings: JSON.stringify(settings),
+      });
+
+    // Get updated row
+    const service = (await Service.query().where('serviceId', id).fetch())
+      .rows[0];
+
+    return response.send({
+      data: {
+        id,
+        name: service.name,
+        ...settings,
+        iconUrl: `${Env.get('APP_URL')}/v1/icon/${settings.iconId}`,
+        userId: 1,
+      },
+      status: ['updated'],
+    });
+  }
+
+  async icon({ params, response }) {
+    const { id } = params;
+
+    const iconPath = path.join(Env.get('USER_PATH'), 'icons', id);
+    if (!fs.existsSync(iconPath)) {
+      return response.status(404).send({
+        status: "Icon doesn't exist",
+      });
+    }
+
+    return response.download(iconPath);
+  }
+
+  async reorder({ request, response }) {
+    const data = request.all();
+
+    for (const service of Object.keys(data)) {
+      // Get current settings from db
+      const serviceData = (
+        await Service.query() // eslint-disable-line no-await-in-loop
+          .where('serviceId', service)
+          .fetch()
+      ).rows[0];
+
+      const settings = {
+        ...JSON.parse(serviceData.settings),
+        order: data[service],
+      };
+
+      // Update data in database
+      await Service.query() // eslint-disable-line no-await-in-loop
+        .where('serviceId', service)
+        .update({
+          settings: JSON.stringify(settings),
+        });
+    }
+
+    // Get new services
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map(service => {
+      const settings =
+        typeof service.settings === 'string'
+          ? JSON.parse(service.settings)
+          : service.settings;
+
+      return {
+        customRecipe: false,
+        hasCustomIcon: false,
+        isBadgeEnabled: true,
+        isDarkModeEnabled: '', // TODO: This should ideally be a boolean (false). But, changing it caused the sidebar toggle to not work.
+        isEnabled: true,
+        isMuted: false,
+        isNotificationEnabled: true,
+        order: 1,
+        spellcheckerLanguage: '',
+        workspaces: [],
+        ...JSON.parse(service.settings),
+        iconUrl: settings.iconId
+          ? `http://${hostname}:${port}/v1/icon/${settings.iconId}`
+          : null,
+        id: service.serviceId,
+        name: service.name,
+        recipeId: service.recipeId,
+        userId: 1,
+      };
+    });
+
+    return response.send(servicesArray);
+  }
+
+  update({ response }) {
+    return response.send([]);
+  }
+
+  async delete({ params, response }) {
+    // Update data in database
+    await Service.query().where('serviceId', params.id).delete();
+
+    return response.send({
+      message: 'Sucessfully deleted service',
+      status: 200,
+    });
+  }
+}
+
+module.exports = ServiceController;
diff --git a/src/internal-server/app/Controllers/Http/StaticController.js b/src/internal-server/app/Controllers/Http/StaticController.js
new file mode 100644
index 000000000..b9a145061
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/StaticController.js
@@ -0,0 +1,37 @@
+/**
+ * Controller for routes with static responses
+ */
+
+class StaticController {
+  // Enable all features
+  features({
+    response,
+  }) {
+    return response.send({
+      isServiceProxyEnabled: true,
+      isWorkspaceEnabled: true,
+      isAnnouncementsEnabled: true,
+      isSettingsWSEnabled: false,
+      isMagicBarEnabled: true,
+      isTodosEnabled: true,
+      subscribeURL: 'https://getferdi.com',
+      hasInlineCheckout: true,
+    });
+  }
+
+  // Return an empty array
+  emptyArray({
+    response,
+  }) {
+    return response.send([]);
+  }
+
+  // Show announcements
+  announcement({
+    response,
+  }) {
+    return response.send({});
+  }
+}
+
+module.exports = StaticController;
diff --git a/src/internal-server/app/Controllers/Http/UserController.js b/src/internal-server/app/Controllers/Http/UserController.js
new file mode 100644
index 000000000..a3ad736fa
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/UserController.js
@@ -0,0 +1,370 @@
+const User = use('App/Models/User');
+const Service = use('App/Models/Service');
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+
+const btoa = require('btoa');
+const fetch = require('node-fetch');
+const uuid = require('uuid/v4');
+const crypto = require('crypto');
+const { DEFAULT_APP_SETTINGS } = require('../../../../environment');
+
+const apiRequest = (url, route, method, auth) => new Promise((resolve, reject) => {
+  const base = `${url}/v1/`;
+  const user = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+  try {
+    fetch(base + route, {
+      method,
+      headers: {
+        Authorization: `Bearer ${auth}`,
+        'User-Agent': user,
+      },
+    })
+      .then(data => data.json())
+      .then(json => resolve(json));
+  } catch (e) {
+    reject();
+  }
+});
+
+class UserController {
+  // Register a new user
+  async signup({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      firstname: 'required',
+      email: 'required|email',
+      password: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully created account',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Login using an existing user
+  async login({
+    request,
+    response,
+  }) {
+    if (!request.header('Authorization')) {
+      return response.status(401).send({
+        message: 'Please provide authorization',
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully logged in',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Return information about the current user
+  async me({
+    response,
+  }) {
+    const user = await User.find(1);
+
+    const settings = typeof user.settings === 'string' ? JSON.parse(user.settings) : user.settings;
+
+    return response.send({
+      accountType: 'individual',
+      beta: false,
+      donor: {},
+      email: '',
+      emailValidated: true,
+      features: {},
+      firstname: 'Ferdi',
+      id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+      isSubscriptionOwner: true,
+      lastname: 'Application',
+      locale: DEFAULT_APP_SETTINGS.fallbackLocale,
+      ...settings || {},
+    });
+  }
+
+  async updateMe({
+    request,
+    response,
+  }) {
+    const user = await User.find(1);
+
+    let settings = user.settings || {};
+    if (typeof settings === 'string') {
+      settings = JSON.parse(settings);
+    }
+
+    const newSettings = {
+      ...settings,
+      ...request.all(),
+    };
+
+    user.settings = JSON.stringify(newSettings);
+    await user.save();
+
+    return response.send({
+      data: {
+        accountType: 'individual',
+        beta: false,
+        donor: {},
+        email: '',
+        emailValidated: true,
+        features: {},
+        firstname: 'Ferdi',
+        id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+        isSubscriptionOwner: true,
+        lastname: 'Application',
+        locale: DEFAULT_APP_SETTINGS.fallbackLocale,
+        ...newSettings,
+      },
+      status: [
+        'data-updated',
+      ],
+    });
+  }
+
+  async import({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      email: 'required|email',
+      password: 'required',
+      server: 'required',
+    });
+    if (validation.fails()) {
+      let errorMessage = 'There was an error while trying to import your account:\n';
+      for (const message of validation.messages()) {
+        if (message.validation === 'required') {
+          errorMessage += `- Please make sure to supply your ${message.field}\n`;
+        } else if (message.validation === 'unique') {
+          errorMessage += '- There is already a user with this email.\n';
+        } else {
+          errorMessage += `${message.message}\n`;
+        }
+      }
+      return response.status(401).send(errorMessage);
+    }
+
+    const {
+      email,
+      password,
+      server,
+    } = request.all();
+
+    const hashedPassword = crypto.createHash('sha256').update(password).digest('base64');
+
+    const base = `${server}/v1/`;
+    const userAgent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+    // Try to get an authentication token
+    let token;
+    try {
+      const basicToken = btoa(`${email}:${hashedPassword}`);
+
+      const rawResponse = await fetch(`${base}auth/login`, {
+        method: 'POST',
+        headers: {
+          Authorization: `Basic ${basicToken}`,
+          'User-Agent': userAgent,
+        },
+      });
+      const content = await rawResponse.json();
+
+      if (!content.message || content.message !== 'Successfully logged in') {
+        const errorMessage = 'Could not login into Franz with your supplied credentials. Please check and try again';
+        return response.status(401).send(errorMessage);
+      }
+
+      // eslint-disable-next-line prefer-destructuring
+      token = content.token;
+    } catch (e) {
+      return response.status(401).send({
+        message: 'Cannot login to Franz',
+        error: e,
+      });
+    }
+
+    // Get user information
+    let userInf = false;
+    try {
+      userInf = await apiRequest(server, 'me', 'GET', token);
+    } catch (e) {
+      const errorMessage = `Could not get your user info from Franz. Please check your credentials or try again later.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+    if (!userInf) {
+      const errorMessage = 'Could not get your user info from Franz. Please check your credentials or try again later';
+      return response.status(401).send(errorMessage);
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      const services = await apiRequest(server, 'me/services', 'GET', token);
+
+      for (const service of services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        await Service.create({ // eslint-disable-line no-await-in-loop
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service),
+        });
+
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your services into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      const workspaces = await apiRequest(server, 'workspace', 'GET', token);
+
+      for (const workspace of workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        const services = workspace.services.map(service => serviceIdTranslation[service]);
+
+        await Workspace.create({ // eslint-disable-line no-await-in-loop
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify({}),
+        });
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send('Your account has been imported. You can now use your Franz account in Ferdi.');
+  }
+
+  // Account import/export
+  async export({
+    // eslint-disable-next-line no-unused-vars
+    auth,
+    response,
+  }) {
+    const services = (await Service.all()).toJSON();
+    const workspaces = (await Workspace.all()).toJSON();
+
+    const exportData = {
+      username: 'Ferdi',
+      mail: 'internal@getferdi.com',
+      services,
+      workspaces,
+    };
+
+    return response
+      .header('Content-Type', 'application/force-download')
+      .header('Content-disposition', 'attachment; filename=export.ferdi-data')
+      .send(exportData);
+  }
+
+  async importFerdi({
+    request,
+    response,
+  }) {
+    const validation = await validateAll(request.all(), {
+      file: 'required',
+    });
+    if (validation.fails()) {
+      return response.send(validation.messages());
+    }
+
+    let file;
+    try {
+      file = JSON.parse(request.input('file'));
+    } catch (e) {
+      return response.send('Could not import: Invalid file, could not read file');
+    }
+
+    if (!file || !file.services || !file.workspaces) {
+      return response.send('Could not import: Invalid file (2)');
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      for (const service of file.services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        await Service.create({ // eslint-disable-line no-await-in-loop
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service.settings),
+        });
+
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your services into our system.\nError: ${e}`;
+      return response.send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      for (const workspace of file.workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        const services = (workspace.services && typeof (workspace.services) === 'object') ?
+          workspace.services.map((service) => serviceIdTranslation[service]) :
+          [];
+
+        await Workspace.create({ // eslint-disable-line no-await-in-loop
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify(workspace.data),
+        });
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send('Your account has been imported.');
+  }
+}
+
+module.exports = UserController;
diff --git a/src/internal-server/app/Controllers/Http/WorkspaceController.js b/src/internal-server/app/Controllers/Http/WorkspaceController.js
new file mode 100644
index 000000000..4189fbcdd
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/WorkspaceController.js
@@ -0,0 +1,148 @@
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+
+const uuid = require('uuid/v4');
+
+class WorkspaceController {
+  // Create a new workspace for user
+  async create({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let workspaceId;
+    do {
+      workspaceId = uuid();
+    } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+    const order = (await Workspace.all()).rows.length;
+
+    await Workspace.create({
+      workspaceId,
+      name: data.name,
+      order,
+      services: JSON.stringify([]),
+      data: JSON.stringify(data),
+    });
+
+    return response.send({
+      userId: 1,
+      name: data.name,
+      id: workspaceId,
+      order,
+      workspaces: [],
+    });
+  }
+
+  async edit({
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required',
+      services: 'required|array',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).update({
+      name: data.name,
+      services: JSON.stringify(data.services),
+    });
+
+    // Get updated row
+    const workspace = (await Workspace.query()
+      .where('workspaceId', id).fetch()).rows[0];
+
+    return response.send({
+      id: workspace.workspaceId,
+      name: data.name,
+      order: workspace.order,
+      services: data.services,
+      userId: 1,
+    });
+  }
+
+  async delete({
+    // eslint-disable-next-line no-unused-vars
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(params, {
+      id: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).delete();
+
+    return response.send({
+      message: 'Successfully deleted workspace',
+    });
+  }
+
+  // List all workspaces a user has created
+  async list({
+    response,
+  }) {
+    const workspaces = (await Workspace.all()).rows;
+    // Convert to array with all data Franz wants
+    let workspacesArray = [];
+    if (workspaces) {
+      workspacesArray = workspaces.map(workspace => ({
+        id: workspace.workspaceId,
+        name: workspace.name,
+        order: workspace.order,
+        services: typeof workspace.services === 'string' ? JSON.parse(workspace.services) : workspace.services,
+        userId: 1,
+      }));
+    }
+
+    return response.send(workspacesArray);
+  }
+}
+
+module.exports = WorkspaceController;
diff --git a/src/internal-server/app/Exceptions/Handler.js b/src/internal-server/app/Exceptions/Handler.js
new file mode 100644
index 000000000..ab323fd38
--- /dev/null
+++ b/src/internal-server/app/Exceptions/Handler.js
@@ -0,0 +1,40 @@
+const BaseExceptionHandler = use('BaseExceptionHandler');
+
+/**
+ * This class handles all exceptions thrown during
+ * the HTTP request lifecycle.
+ *
+ * @class ExceptionHandler
+ */
+class ExceptionHandler extends BaseExceptionHandler {
+  /**
+   * Handle exception thrown during the HTTP lifecycle
+   *
+   * @method handle
+   *
+   * @param  {Object} error
+   * @param  {object} options.response
+   *
+   * @return {Promise<void>}
+   */
+  async handle(error, { response }) {
+    if (error.name === 'ValidationException') {
+      return response.status(400).send('Invalid arguments');
+    }
+
+    return response.status(error.status).send(error.message);
+  }
+
+  /**
+   * Report exception for logging or debugging.
+   *
+   * @method report
+   *
+   * @return {Promise<boolean>}
+   */
+  async report() {
+    return true;
+  }
+}
+
+module.exports = ExceptionHandler;
diff --git a/src/internal-server/app/Middleware/ConvertEmptyStringsToNull.js b/src/internal-server/app/Middleware/ConvertEmptyStringsToNull.js
new file mode 100644
index 000000000..87f1f6c25
--- /dev/null
+++ b/src/internal-server/app/Middleware/ConvertEmptyStringsToNull.js
@@ -0,0 +1,15 @@
+class ConvertEmptyStringsToNull {
+  async handle({ request }, next) {
+    if (Object.keys(request.body).length) {
+      request.body = Object.assign(
+        ...Object.keys(request.body).map(key => ({
+          [key]: request.body[key] !== '' ? request.body[key] : null,
+        })),
+      );
+    }
+
+    await next();
+  }
+}
+
+module.exports = ConvertEmptyStringsToNull;
diff --git a/src/internal-server/app/Models/Recipe.js b/src/internal-server/app/Models/Recipe.js
new file mode 100644
index 000000000..bd9741114
--- /dev/null
+++ b/src/internal-server/app/Models/Recipe.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Recipe extends Model {
+}
+
+module.exports = Recipe;
diff --git a/src/internal-server/app/Models/Service.js b/src/internal-server/app/Models/Service.js
new file mode 100644
index 000000000..a2e5c981e
--- /dev/null
+++ b/src/internal-server/app/Models/Service.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Service extends Model {
+}
+
+module.exports = Service;
diff --git a/src/internal-server/app/Models/Token.js b/src/internal-server/app/Models/Token.js
new file mode 100644
index 000000000..83e989117
--- /dev/null
+++ b/src/internal-server/app/Models/Token.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Token extends Model {
+}
+
+module.exports = Token;
diff --git a/src/internal-server/app/Models/Traits/NoTimestamp.js b/src/internal-server/app/Models/Traits/NoTimestamp.js
new file mode 100644
index 000000000..914f542f0
--- /dev/null
+++ b/src/internal-server/app/Models/Traits/NoTimestamp.js
@@ -0,0 +1,14 @@
+class NoTimestamp {
+  register(Model) {
+    Object.defineProperties(Model, {
+      createdAtColumn: {
+        get: () => null,
+      },
+      updatedAtColumn: {
+        get: () => null,
+      },
+    });
+  }
+}
+
+module.exports = NoTimestamp;
diff --git a/src/internal-server/app/Models/User.js b/src/internal-server/app/Models/User.js
new file mode 100644
index 000000000..907710d8d
--- /dev/null
+++ b/src/internal-server/app/Models/User.js
@@ -0,0 +1,8 @@
+// File is required by AdonisJS but not used by the server
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class User extends Model {
+}
+
+module.exports = User;
diff --git a/src/internal-server/app/Models/Workspace.js b/src/internal-server/app/Models/Workspace.js
new file mode 100644
index 000000000..dcf39ac75
--- /dev/null
+++ b/src/internal-server/app/Models/Workspace.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Workspace extends Model {
+}
+
+module.exports = Workspace;