add a short cooldown to posting

add a posting_id
2022-07-24 11:25:13 +02:00 · 2022-07-24 11:25:13 +02:00 · 2fff81f5b2
commit 2fff81f5b2
parent 80f85a7326
2 changed files with 68 additions and 6 deletions
--- a/js/posts.js
+++ b/js/posts.js
@ -34,18 +34,47 @@ socket.addEventListener("message", async function (event) {
    }
  }
 })
-
+var posting_id = undefined;
+var cd = true //inversed "cooldown"

 async function postMessage() {
  let len = document.getElementById("post-text").value.length
  if(len >= 1001) {
-    alert(`Error, your message cant contain more than 1000 characters! (${len})`)
+    alert(`Your message cant contain more than 1000 characters! (${len})`)
    return
  }
-  let r = await post("/api/post",{"message":document.getElementById("post-text").value,"reply_id":reply_id,"receiver":currentChannel})
-  if(window.location.href.split("?mention=")[1])location.replace('/posts');
-  document.getElementById("post-text").value=""
-  unreply()
+  if(cd && posting_id!=undefined) {
+    let r = await post("/api/post",{"message":document.getElementById("post-text").value,"reply_id":reply_id,"receiver":currentChannel,"pid": posting_id})
+    update_pid()
+    if(window.location.href.split("?mention=")[1])location.replace('/posts');
+    document.getElementById("post-text").value=""
+    unreply()
+    cd = false
+    setTimeout(function(){
+      cd = true
+    },200)
+  } else {
+    alert("Please wait a tiny bit before posting again")
+  }
+}
+
+async function update_pid() {
+  let r = (await fetch("/api/pid")).json()
+  if(r.error) {
+    //an error occurred
+    if(r.error == "you cannot access the api without being logged in") {
+      //account error, go to login page
+      location.replace("/")
+      return
+    }
+
+    //possibly more errors coming soon :tm: ?
+
+
+    return
+  }
+  posting_id = r.pid
+  console.log("Updated pid",posting_id)
 }

 document.getElementById("post-btn").addEventListener("click",postMessage)
@ -288,6 +317,8 @@ async function loadChannels() {
 }

 function init() {
+  setInterval(update_pid,30000)
+  update_pid()
  main()
  firstAsk()
  loadChannels()
--- a/server.js
+++ b/server.js
@ -400,6 +400,13 @@ START /API/*

 */

+router.options("/api/pid",async function(req,res,next) {
+  res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
+  res.set("Access-Control-Allow-Methods","GET")
+  res.set("Access-Control-Allow-Headers","Content-Type")
+  res.status(200).send("")
+})
+
 router.options("/api/post",async function(req,res,next) {
  res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
  res.set("Access-Control-Allow-Methods","POST")
@ -547,6 +554,20 @@ router.get("/api/getotheruser",async function(req,res) {
  });
 })

+const PIDS = {} //[pid]: true/"already_used"
+
+router.get("/api/pid", async function(req,res) {
+  res.set("Access-Control-Allow-Origin","*")
+  let pid = genstring(10) //collision chance is low enough, but we'll check anyways
+  while (PIDS[pid] != undefined){
+    pid = genstring(10)
+  }
+  PIDS[pid] = true
+  setTimeout(function() {
+    PIDS[pid]=undefined
+  },40000)
+})
+
 router.post("/api/post", async function(req,res) {
  if(!req.body.message) {
    res.json({"error":"no message to post"})
@ -556,6 +577,16 @@ router.post("/api/post", async function(req,res) {
    res.json({"error":"no message to post"})
    return
  }
+  if((typeof req.body.pid) != "string") {
+    res.json({"error":"no pid given"})
+    return
+  }
+  if(req.body.pid.length != 10 || PIDS[req.body.pid] !== true) {
+    res.json({"error":"invalid pid given"})
+    return
+  }
+  PIDS[req.body.pid] = "already_used"
+
  let reply_id
  if(!req.body.reply_id || req.body.reply_id < 0) {
    reply_id = 0