f0ckv2/src/inc/routes/apiv2/index.mjs

import sql from '../../sql.mjs';
import lib from '../../lib.mjs';

const allowedMimes = [ "audio", "image", "video", "%" ];
export default router => {
  router.group(/^\/api\/v2/, group => {
    group.get(/$/, (req, res) => {
      res.end("api lol");
    });

    group.get(/\/random(\/user\/.+|\/image|\/video|\/audio)?$/, async (req, res) => {
      const user = req.url.split[3] === "user" ? req.url.split[4] : "%";
      const mime = (allowedMimes.filter(n => req.url.split[3]?.startsWith(n))[0] ? req.url.split[3] : "") + "%";
  
      const rows = await sql("items")
        .orderByRaw("rand()")
        .limit(1)
        .where("mime", "ilike", mime)
        .andWhere("username", "ilike", user);
  
      return res.json({
        success: rows.length > 0,
        items: rows.length > 0 ? rows[0] : []
      });
    });
  
    group.get(/\/p\/([0-9]+)/, async (req, res) => { // legacy
      let eps = 100;
      let id = +req.url.split[3];
  
      const rows = await sql("items").where("id", "<", id).orderBy("id", "desc").limit(eps);
  
      const items = {
        items: rows,
        last: rows[rows.length - 1].id
      };
  
      return res.json({
        success: true,
        items
      });
    });
  
    group.get(/\/item\/[0-9]+$/, async (req, res) => {
      const id = +req.url.split[3];
  
      const item = await sql("items").where("id", id).limit(1);
      const next = await sql("items").select("id").where("id", ">", id).orderBy("id").limit(1);
      const prev = await sql("items").select("id").where("id", "<", id).orderBy("id", "desc").limit(1);
  
      if(item.length === 0) {
        return res.json({
          success: false,
          msg: 'no items found'
        });
      }
  
      const rows = {
        ...item[0],
        ...{
          next: next[0]?.id ?? null,
          prev: prev[0]?.id ?? null
        }
      };

      return res.json({
        success: true,
        rows
      });
    });
  
    group.get(/\/user\/.*(\/\d+)?$/, async (req, res) => {
      const user = req.url.split[3];
      const eps = +req.url.split[4] || 50;
  
      const rows = await sql("items")
        .select("id", "mime", "size", "src", "stamp", "userchannel", "username", "usernetwork")
        .where("username", user)
        .orderBy("stamp", "desc")
        .limit(eps);
        
      return res.json({
        success: rows.length > 0,
        items: rows.length > 0 ? rows : []
      });
    });

    // tags lol

    group.put(/\/admin\/tags\/(?<tagname>.*)/, lib.auth, async (req, res) => {
      if(!req.params.tagname || !req.post.newtag) {
        return res.json({
          success: false,
          msg: 'missing tagname or newtag',
          debug: {
            params: req.params.tagname,
            post: req.post
          }
        }, 400); // bad request
      }

      const tagname = req.params.tagname;
      const newtag = req.post.newtag;

      const tmptag = (
        await sql('tags')
          .where('tag', tagname)
          .limit(1)
        )[0];
      
      if(!tmptag) {
        return res.json({
          success: false,
          msg: 'no tag found'
        }, 404); // not found
      }

      const q = (
        await sql('tags')
          .update({
            tag: newtag
          }, [ 'tag', 'normalized' ])
          .where('tag', tagname)
      )?.[0];

      return res.json(q, tagname === newtag ? 200 : 201); // created (modified)
    });

    group.get(/\/admin\/tags\/suggest$/, lib.auth, async (req, res) => {
      const reply = {
        success: false,
        suggestions: {}
      };

      const searchString = req.url.qs.q;

      if(searchString?.length <= 1) {
        reply.error = 'too short lol';
        return res.json(reply);
      }

      try {
        const q = await sql('tags')
          .select('tag', sql.raw('count(tags_assign.tag_id) as tagged'))
          .leftJoin('tags_assign', 'tags_assign.tag_id', 'tags.id')
          .whereRaw("normalized like '%' || slugify(?) || '%'", [ searchString ])
          .groupBy('tags.id')
          .orderBy('tagged', 'desc')
          .limit(15);
        reply.success = true;
        reply.suggestions = q;
      } catch(err) {
        reply.error = err.msg;
      }

      return res.json(reply);
    });

    group.post(/\/admin\/deletepost$/, lib.auth, async (req, res) => {
      if(!req.post.postid) {
        return res.json({
          success: false,
          msg: 'no postid'
        });
      }
      const postid = +req.post.postid;
  
      await sql("items").where("id", postid).del();

      res.json({
        success: true
      });
    });

    group.post(/\/admin\/togglefav$/, lib.auth, async (req, res) => {
      const postid = +req.post.postid;
      
      let favs = await sql('favorites').select('user_id').where('item_id', postid);

      if(Object.values(favs).filter(u => u.user_id === req.session.id)[0]) {
        // del fav
        await sql('favorites').where('user_id', req.session.id).andWhere('item_id', postid).del();
      }
      else {
        // add fav
        await sql('favorites').insert({
          item_id: postid,
          user_id: req.session.id
        });
      }

      favs = await sql('favorites')
        .select('user.user', 'user_options.avatar')
        .leftJoin('user', 'user.id', 'favorites.user_id')
        .leftJoin('user_options', 'user_options.user_id', 'favorites.user_id')
        .where('favorites.item_id', postid);

      return res.json({
        success: true,
        itemid: postid,
        favs
      });
    });
  
  });

  return router;
};