From 87b81cef8190a291ee6171ad8f725f4658f5a721 Mon Sep 17 00:00:00 2001
From: Mystikfluu <Mystikfluu@gmail.com>
Date: Wed, 24 Aug 2022 23:58:25 +0200
Subject: [PATCH] add channels & current user in template

---
 js/posts.js       |  4 +---
 routes/api/all.js | 35 +++++++++++++++++++++--------------
 server.js         | 19 ++++++++++++++++---
 views/posts.html  |  4 ++++
 4 files changed, 42 insertions(+), 20 deletions(-)

diff --git a/js/posts.js b/js/posts.js
index 7d41edc..4ec7c93 100644
--- a/js/posts.js
+++ b/js/posts.js
@@ -1,4 +1,3 @@
-let user
 let username
 
 const wss_server = "wss://ipost.tk"
@@ -339,7 +338,6 @@ function switchChannel(channelname) {
 async function loadChannels() {
   //        <!-- <p class="channel">- Channel Name -</p> -->
 
-  let channels = await (await fetch("/api/getChannels")).json()
   let tab = document.getElementById("channelTab")
   tab.innerHTML = ""
   for (let i = 0; i < channels.length; i++) {
@@ -367,7 +365,7 @@ async function loadChannels() {
 
 function init() {
   setInterval(update_pid,30000)
-  update_pid()
+  if(posting_id=="")update_pid()
   main()
   firstAsk()
   loadChannels()
diff --git a/routes/api/all.js b/routes/api/all.js
index 696e6c5..8b02e51 100644
--- a/routes/api/all.js
+++ b/routes/api/all.js
@@ -6,19 +6,12 @@ const HASHES_DB = config.cookies.server_hashes;
 const HASHES_COOKIE = config.cookies.client_hashes;
 const HASHES_DIFF = HASHES_DB - HASHES_COOKIE;
 export const setup = function (router, con, server) {
-    router.use("/api/*", async function (req, res, next) {
+    router.use("/*", async function (req, res, next) {
         res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
-        if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] == "/api/getotheruser") {
-            next();
-            return;
-        }
-        if (!server.increaseAPICall(req, res))
-            return;
         let unsigned;
         if (req.body.user == undefined || req.body.pass == undefined) {
             unsigned = unsign.getunsigned(req, res);
-            if (!unsigned)
-                return;
+            if (!unsigned)next()
         }
         else {
             unsigned = `${req.body.user} ${SHA.SHA256(req.body.pass, req.body.user, HASHES_COOKIE)}`;
@@ -43,14 +36,28 @@ export const setup = function (router, con, server) {
                     res.locals.settings = {};
                 if (res.locals.settings == null)
                     res.locals.settings = {};
-                next();
-            }
-            else {
-                res.status(400);
-                res.json({ "error": "you cannot access the api without being logged in" });
+                
             }
+            next()
         });
     });
+
+    router.use("/api/*", async function (req, res, next) {
+        res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
+        if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] == "/api/getotheruser") {
+            next();
+            return;
+        }
+        if (!server.increaseAPICall(req, res))return;
+
+        if (res.locals.username != undefined) {
+            next();
+        }
+        else {
+            res.status(400);
+            res.json({ "error": "you cannot access the api without being logged in" });
+        }
+    });
 };
 export default {
     setup
diff --git a/server.js b/server.js
index 4bd2455..ecf9ea3 100644
--- a/server.js
+++ b/server.js
@@ -856,15 +856,25 @@ function load_var(fina) {
 import {minify as min_js} from "uglify-js"
 import Clean from 'clean-css';
 
+function get_channels(){
+    return new Promise(function(resolve, reject) {
+        let sql = `select post_receiver_name from ipost.posts where post_is_private = '0' group by post_receiver_name;`;
+        con.query(sql, [], function (err, result) {
+            if (err)reject(err)
+            resolve(result)
+        });
+    })
+}
 
-const global_page_variables = {
+let global_page_variables = {
     globalcss: load_var("./css/global.css"),
     httppostjs: load_var("./js/httppost.js"),
     navbar: load_var("./extra_modules/navbar.html"),
     markdownjs: load_var("./js/markdown.js"),
     htmlescapejs: load_var("./js/htmlescape.js"),
     warnmessagejs: load_var("./js/warn_message.js"),
-    loadfile: load_var
+    loadfile: load_var,
+    getChannels: get_channels
 }
 
 router.get("/*", async function(request, response) {
@@ -892,7 +902,10 @@ router.get("/*", async function(request, response) {
     }
 
     if(path != "") {
-        ejs.renderFile(path,global_page_variables,async function(err,str){
+        global_page_variables.user = { "username": response.locals.username, "bio": response.locals.bio, "avatar": response.locals.avatar }
+        ejs.renderFile(path,global_page_variables,{async: true},async function(err,str){
+            str = await str
+            err = await err
             if(err) {
                 console.log(1,err)
                 response.status(500)
diff --git a/views/posts.html b/views/posts.html
index 7d89e8a..66df8d3 100644
--- a/views/posts.html
+++ b/views/posts.html
@@ -13,6 +13,10 @@
     <script type="text/javascript"><%- htmlescapejs %></script>
     <script type="text/javascript"><%- markdownjs %></script>
     <script type="text/javascript"><%- warnmessagejs %></script>
+    <script type="text/javascript">let channels = <%- JSON.stringify(await getChannels()) %></script>
+    <script type="text/javascript">let user = <%- JSON.stringify(user) %></script>
+    
+    
   </head>
   <body>
     <%- navbar %>