code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

added new features

Browse Source 
added user bio
added getotheruser endpoint
sending better responses in post api
This commit is contained in:
Mystikfluu 2022-04-26 19:43:33 +02:00
parent 12106f0492
commit 182ff8fcad
1 changed files with 39 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
server.js
View File

@ -209,6 +209,7 @@ router.use("/api/*",async function(req,res,next) {
if (err) throw err; if (err) throw err;
if(result[0] && result[0].User_Name && result[0].User_Name == values[0]) { if(result[0] && result[0].User_Name && result[0].User_Name == values[0]) {
res.locals.username = values[0]; res.locals.username = values[0];
res.locals.bio = result[0].User_Bio
next() next()
} else { } else {
res.json({"error":"you cannot access the api without being logged in"}) res.json({"error":"you cannot access the api without being logged in"})
@ -217,37 +218,27 @@ router.use("/api/*",async function(req,res,next) {
}) })
router.get("/api/getuser",async function(req,res) { router.get("/api/getuser",async function(req,res) {
res.json({"username":res.locals.username,"bio":res.locals.bio})
})
router.get("/api/getotheruser",async function(req,res) {
//already counted due to the /api/* handler //already counted due to the /api/* handler
let cookie = req.cookies.AUTH_COOKIE let username = req.query.user
if(!cookie){
res.status(400)
res.json({"error":"you are not logged in! (no cookie)"})
return
}
let unsigned = unsign(cookie,req,res)
let values = unsigned.split(" ") let sql = `select * from zerotwohub.users where User_Name=?;`
let username = values[0] con.query(sql, [username], function (err, result) {
values[1] = SHA256(values[1],username,HASHES_DIFF)
let sql = `select * from zerotwohub.users where User_Name=? and User_PW=?;`
let sent_res = false
con.query(sql, values, function (err, result) {
if (err) throw err; if (err) throw err;
if(result[0] && result[0].User_Name && result[0].User_Name == username) { if(result[0] && result[0].User_Name && result[0].User_Name == username) {
res.json({"username":username}) res.json({"username":username,"bio":result[0].User_Bio})
} else { } else {
res.json({"error":"you are not logged in! (invalid cookie)"}) res.json({"error":"there is no such user!"})
} }
sent_res = true
}); });
setTimeout(function(){if(!sent_res)res.json({"error":"timeout"})},3000);
}) })
router.post("/api/post", async function(req,res) { router.post("/api/post", async function(req,res) {
if(!req.body.message) { if(!req.body.message) {
res.send("error") res.json({"error":"no message to post"})
return return
} }
let sql = `insert into zerotwohub.posts (post_user_name,post_text,post_time) values (?,?,?);` let sql = `insert into zerotwohub.posts (post_user_name,post_text,post_time) values (?,?,?);`
@ -258,7 +249,7 @@ router.post("/api/post", async function(req,res) {
wss.clients.forEach(function(ws) { wss.clients.forEach(function(ws) {
ws.send("new_post " + res.locals.username) ws.send("new_post " + res.locals.username)
}); });
res.send("success") res.json({"success":"successfully posted message"})
}); });
}) })
@ -275,7 +266,6 @@ router.post("/api/post", async function(req,res) {
// }) // })
router.get("/api/getPosts/*", async function(req,res) { router.get("/api/getPosts/*", async function(req,res) {
let sql = `select post_user_name,post_text,post_time,post_special_text from zerotwohub.posts order by post_id desc;` let sql = `select post_user_name,post_text,post_time,post_special_text from zerotwohub.posts order by post_id desc;`
con.query(sql, [], function (err, result) { con.query(sql, [], function (err, result) {
if (err) throw err; if (err) throw err;
@ -283,6 +273,20 @@ router.get("/api/getPosts/*", async function(req,res) {
}); });
}) })
router.post("/api/setBio", async function(req,res) {
let bio = req.body.Bio
if(!bio){
res.status(400)
res.json({"error":"no bio set!"})
return
}
let sql = `update zerotwohub.users set User_Bio=? where User_Name=?`
con.query(sql, [bio,res.locals.username], function (err, result) {
if (err) throw err;
res.json({"success":"updated bio"})
});
})
router.post("/api/changePW", async function(req,res) { router.post("/api/changePW", async function(req,res) {
if(req.body.newPW.length < 10) { if(req.body.newPW.length < 10) {
res.status(400) res.status(400)
@ -317,12 +321,20 @@ router.post("/api/changePW", async function(req,res) {
}) })
/* /*
END /API/* END /API/*
*/ */
router.get("/users/*", async function(req,res) {
if(!increaseUSERCall(req,res))return
res.sendFile(dir + "views/otheruser.html")
})
router.get("/css/*", (request, response) => { router.get("/css/*", (request, response) => {
if(!increaseUSERCall(request,response))return if(!increaseUSERCall(request,response))return
if(fs.existsSync(__dirname + request.originalUrl)){ if(fs.existsSync(__dirname + request.originalUrl)){
@ -389,6 +401,11 @@ router.post("/register",async function(req,res) {
res.send("username is too long") res.send("username is too long")
return return
} }
if(username.search("@")!=-1) {
res.status(400)
res.send("username can't contain @-characters")
return
}
if(!password) { if(!password) {
res.status(400) res.status(400)
res.redirect("/register?success=false&reason=password") res.redirect("/register?success=false&reason=password")