split api routes

This commit is contained in:
Flummi 2022-03-27 16:37:16 +02:00
parent 87fd450ef5
commit 8c556baecd
3 changed files with 200 additions and 153 deletions

View File

@ -96,27 +96,36 @@ export default new class {
const derivedKey = await scrypt(str, salt, 64); const derivedKey = await scrypt(str, salt, 64);
return crypto.timingSafeEqual(keyBuffer, derivedKey); return crypto.timingSafeEqual(keyBuffer, derivedKey);
}; };
async auth(req, res, next) {
if(!req.session) {
return res.reply({
code: 401,
body: "401 - Unauthorized"
});
}
return next();
};
async getTags(itemid) { async getTags(itemid) {
const tags = await sql("tags_assign") const tags = await sql("tags_assign")
.select("tags.id", "tags.tag", "tags.normalized", "user.user") .select("tags.id", "tags.tag", "tags.normalized", "user.user")
.leftJoin("tags", "tags.id", "tags_assign.tag_id") .leftJoin("tags", "tags.id", "tags_assign.tag_id")
.leftJoin("user", "user.id", "tags_assign.user_id") .leftJoin("user", "user.id", "tags_assign.user_id")
.where("tags_assign.item_id", itemid) .where("tags_assign.item_id", +itemid)
.orderBy("tags.id", "asc"); .orderBy("tags.id", "asc");
for(let t = 0; t < tags.length; t++) { for(let t = 0; t < tags.length; t++) {
if(tags[t].tag.startsWith(">")) if(tags[t].tag.startsWith(">"))
tags[t].badge = "badge-greentext badge-light"; tags[t].badge = "badge-greentext badge-light";
else if(tags[t].tag.match(/ukraine/i)) else if(tags[t].normalized === "ukraine")
tags[t].badge = "badge-ukraine badge-light"; tags[t].badge = "badge-ukraine badge-light";
else if(/[аА-ЯЁё]/.test(tags[t].tag) || tags[t].tag.match(/russia/)) else if(/[аё]/.test(tags[t].normalized) || tags[t].normalized === "russia")
tags[t].badge = "badge-russia badge-light"; tags[t].badge = "badge-russia badge-light";
else if(tags[t].tag.match(/german/i)) else if(tags[t].normalized === "german")
tags[t].badge = "badge-german badge-light"; tags[t].badge = "badge-german badge-light";
else if(tags[t].tag.match(/dutch/i)) else if(tags[t].normalized === "dutch")
tags[t].badge = "badge-dutch badge-light"; tags[t].badge = "badge-dutch badge-light";
else if(tags[t].tag === "sfw") else if(tags[t].normalized === "sfw")
tags[t].badge = "badge-success"; tags[t].badge = "badge-success";
else if(tags[t].tag === "nsfw") else if(tags[t].normalized === "nsfw")
tags[t].badge = "badge-danger"; tags[t].badge = "badge-danger";
else else
tags[t].badge = "badge-light"; tags[t].badge = "badge-light";

View File

@ -1,20 +1,9 @@
import sql from "../sql.mjs"; import sql from '../../sql.mjs';
import lib from "../lib.mjs"; import lib from '../../lib.mjs';
const allowedMimes = [ "audio", "image", "video", "%" ]; const allowedMimes = [ "audio", "image", "video", "%" ];
const auth = async (req, res, next) => { export default router => {
if(!req.session) {
return res.reply({
code: 401,
body: "401 - Unauthorized"
});
}
return next();
};
export default (router, tpl) => {
router.group(/^\/api\/v2/, group => { router.group(/^\/api\/v2/, group => {
group.get(/$/, (req, res) => { group.get(/$/, (req, res) => {
res.end("api lol"); res.end("api lol");
}); });
@ -96,146 +85,48 @@ export default (router, tpl) => {
}); });
}); });
// adminzeugs // tags lol
group.delete(/\/admin\/(?<postid>\d+)\/tags\/(?<tagname>.*)/, auth, async (req, res) => {
// delete tag group.put(/\/admin\/tags\/(?<tagname>.*)/, lib.auth, async (req, res) => {
if(!req.params.postid || !req.params.tagname) { if(!req.params.tagname || !req.post.newtag) {
return res.json({ return res.json({
success: false, success: false,
msg: 'missing postid or tagname' msg: 'missing tagname or newtag',
}); debug: {
params: req.params.tagname,
post: req.post
}
}, 400); // bad request
} }
const postid = +req.params.postid; const tagname = req.params.tagname;
const tagname = decodeURIComponent(req.params.tagname); const newtag = req.post.newtag;
const tags = await lib.getTags(postid); const tmptag = (
await sql('tags')
.where('tag', tagname)
.limit(1)
)[0];
const tagid = tags.filter(t => t.tag === tagname)[0]?.id ?? null; if(!tmptag) {
if(!tagid) {
return res.json({ return res.json({
success: false, success: false,
msg: 'tag is not assigned', msg: 'no tag found'
tags: await lib.getTags(postid) }, 404); // not found
});
} }
let q = sql("tags_assign").where("tag_id", tagid).andWhere("item_id", postid).del(); const q = (
if(req.session.level < 50) await sql('tags')
q = q.andWhere("user_id", req.session.id);
const reply = !!(await q);
return res.json({
success: reply,
tagid,
tags: await lib.getTags(postid)
})
});
group.post(/\/admin\/(?<postid>\d+)\/tags/, auth, async (req, res) => {
// assign and/or create tag
if(!req.params.postid || !req.post.tagname) {
return res.json({
success: false,
msg: 'missing postid or tag'
});
}
const postid = +req.params.postid;
const tagname = req.post.tagname?.trim();
if(tagname.length >= 45) {
return res.json({
success: false,
msg: 'tag is too long!'
});
}
try {
let tagid = (
await sql("tags")
.select("id")
.whereRaw("normalized = slugify(?)", [ tagname ])
)?.[0]?.id;
if(!tagid) { // create new tag
tagid = (await sql("tags").returning("id").insert({
tag: tagname
}))[0];
}
await sql("tags_assign").insert({
tag_id: tagid,
item_id: postid,
user_id: req.session.id
});
} catch(err) {
return res.json({
success: false,
msg: err.message,
tags: await lib.getTags(postid)
});
}
return res.json({
success: true,
postid: postid,
tag: tagname,
tags: await lib.getTags(postid)
});
});
group.get(/\/admin\/(?<postid>\d+)\/tags$/, auth, async (req, res) => {
// get tags
if(!req.params.postid) {
return res.json({
success: false,
msg: 'missing postid'
});
}
return res.json({
success: true,
tags: await lib.getTags(+req.params.postid)
});
});
group.put(/\/admin\/(?<postid>\d+)\/tags\/toggle$/, auth, async (req, res) => {
// xD
if(!req.params.postid) {
return res.json({
success: false,
msg: 'missing postid'
});
}
const postid = +req.params.postid;
if(!(await lib.getTags(postid)).filter(tag => [1,2].includes(tag.id)).length) {
// insert
await sql('tags_assign').insert({
item_id: postid,
tag_id: 1,
user_id: req.session.id
});
}
else {
// update
await sql('tags_assign')
.update({ .update({
tag_id: sql.raw('(array[2,1])[tag_id]') tag: newtag
}) }, [ 'tag', 'normalized' ])
.whereRaw('tag_id = any(array[1,2])') .where('tag', tagname)
.andWhere('item_id', postid); )?.[0];
}
return res.json({ return res.json(q, tagname === newtag ? 200 : 201); // created (modified)
success: true,
tags: await lib.getTags(postid)
});
}); });
group.get(/\/admin\/tags\/suggest$/, auth, async (req, res) => { group.get(/\/admin\/tags\/suggest$/, lib.auth, async (req, res) => {
const reply = { const reply = {
success: false, success: false,
suggestions: {} suggestions: {}
@ -265,7 +156,7 @@ export default (router, tpl) => {
return res.json(reply); return res.json(reply);
}); });
group.post(/\/admin\/deletepost$/, auth, async (req, res) => { group.post(/\/admin\/deletepost$/, lib.auth, async (req, res) => {
if(!req.post.postid) { if(!req.post.postid) {
return res.json({ return res.json({
success: false, success: false,
@ -281,7 +172,7 @@ export default (router, tpl) => {
}); });
}); });
group.post(/\/admin\/togglefav$/, auth, async (req, res) => { group.post(/\/admin\/togglefav$/, lib.auth, async (req, res) => {
const postid = +req.post.postid; const postid = +req.post.postid;
let favs = await sql('favorites').select('user_id').where('item_id', postid); let favs = await sql('favorites').select('user_id').where('item_id', postid);

View File

@ -0,0 +1,147 @@
import sql from '../../sql.mjs';
import lib from '../../lib.mjs';
export default router => {
router.group(/^\/api\/v2\/admin\/(?<postid>\d+)\/tags/, group => {
group.get(/$/, lib.auth, async (req, res) => {
// get tags
if(!req.params.postid) {
return res.json({
success: false,
msg: 'missing postid'
});
}
return res.json({
success: true,
tags: await lib.getTags(+req.params.postid)
});
});
group.post(/$/, lib.auth, async (req, res) => {
// assign and/or create tag
if(!req.params.postid || !req.post.tagname) {
return res.json({
success: false,
msg: 'missing postid or tag'
});
}
const postid = +req.params.postid;
const tagname = req.post.tagname?.trim();
if(tagname.length >= 45) {
return res.json({
success: false,
msg: 'tag is too long!'
});
}
try {
let tagid = (
await sql("tags")
.select("id")
.whereRaw("normalized = slugify(?)", [ tagname ])
)?.[0]?.id;
if(!tagid) { // create new tag
tagid = (await sql("tags").returning("id").insert({
tag: tagname
}))[0];
}
await sql("tags_assign").insert({
tag_id: tagid,
item_id: postid,
user_id: req.session.id
});
} catch(err) {
return res.json({
success: false,
msg: err.message,
tags: await lib.getTags(postid)
});
}
return res.json({
success: true,
postid: postid,
tag: tagname,
tags: await lib.getTags(postid)
});
});
group.put(/\/toggle$/, lib.auth, async (req, res) => {
// xD
if(!req.params.postid) {
return res.json({
success: false,
msg: 'missing postid'
});
}
const postid = +req.params.postid;
if(!(await lib.getTags(postid)).filter(tag => [1,2].includes(tag.id)).length) {
// insert
await sql('tags_assign').insert({
item_id: postid,
tag_id: 1,
user_id: req.session.id
});
}
else {
// update
await sql('tags_assign')
.update({
tag_id: sql.raw('(array[2,1])[tag_id]')
})
.whereRaw('tag_id = any(array[1,2])')
.andWhere('item_id', postid);
}
return res.json({
success: true,
tags: await lib.getTags(postid)
});
});
group.delete(/\/(?<tagname>.*)/, lib.auth, async (req, res) => {
// delete tag
if(!req.params.postid || !req.params.tagname) {
return res.json({
success: false,
msg: 'missing postid or tagname'
});
}
const postid = +req.params.postid;
const tagname = decodeURIComponent(req.params.tagname);
const tags = await lib.getTags(postid);
const tagid = tags.filter(t => t.tag === tagname)[0]?.id ?? null;
if(!tagid) {
return res.json({
success: false,
msg: 'tag is not assigned',
tags: await lib.getTags(postid)
});
}
let q = sql("tags_assign").where("tag_id", tagid).andWhere("item_id", postid).del();
if(req.session.level < 50)
q = q.andWhere("user_id", req.session.id);
const reply = !!(await q);
return res.json({
success: reply,
tagid,
tags: await lib.getTags(postid)
})
});
});
return router;
};