From 9fad64a9ef861f6ed5eab624f97dcecbb1e2b7b9 Mon Sep 17 00:00:00 2001 From: Mystikfluu Date: Mon, 25 Jul 2022 18:59:42 +0200 Subject: [PATCH] add basic settings endpoints --- createSchema.sql | 4 +- routes/api/all.js | 4 +- routes/api/options.js | 79 ++++++++++++++++++++++------------- routes/api/settingshandler.js | 38 +++++++++++++++++ server.js | 5 +++ 5 files changed, 98 insertions(+), 32 deletions(-) create mode 100644 routes/api/settingshandler.js diff --git a/createSchema.sql b/createSchema.sql index d68d0ad..34a7d25 100644 --- a/createSchema.sql +++ b/createSchema.sql @@ -14,9 +14,11 @@ CREATE TABLE `users` ( `User_Avatar` varchar(100) DEFAULT NULL, `User_PublicKey` varchar(830) DEFAULT NULL, `User_PrivateKey` text, + `User_Settings` json NOT NULL, PRIMARY KEY (`User_ID`,`User_Name`), UNIQUE KEY `User_Name_UNIQUE` (`User_Name`) -) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; +) ENGINE=InnoDB AUTO_INCREMENT=62 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; + CREATE TABLE `posts` ( diff --git a/routes/api/all.js b/routes/api/all.js index 4c90381..810c419 100644 --- a/routes/api/all.js +++ b/routes/api/all.js @@ -24,13 +24,14 @@ module.exports = { //basically we generate the unsigned cookie res.locals.isbot = true //only bots use user+pass } - let sql = `select User_Name,User_Bio,User_Avatar from ipost.users where User_Name=? and User_PW=?;` + let sql = `select User_Name,User_Bio,User_Avatar,User_Settings from ipost.users where User_Name=? and User_PW=?;` let values = unsigned.split(" ") values[1] = SHA.SHA256(values[1],values[0],HASHES_DIFF) res.locals.bio = "" res.locals.avatar = "" res.locals.publicKey = "" res.locals.privateKey = "" + res.locals.settings = {} con.query(sql, values, function (err, result) { if (err) throw err; if(result[0] && result[0].User_Name && result[0].User_Name == values[0]) { @@ -39,6 +40,7 @@ module.exports = { res.locals.avatar = result[0].User_Avatar || "" res.locals.publicKey = result[0].User_PublicKey || "" res.locals.privateKey = result[0].User_PrivateKey || "" + res.locals.settings = result[0].User_Settings || {} next() } else { res.status(400) diff --git a/routes/api/options.js b/routes/api/options.js index 36c6426..717e0f2 100644 --- a/routes/api/options.js +++ b/routes/api/options.js @@ -1,38 +1,57 @@ +function allowAllTraffic(router,str,type) { + router.options(str,async function(req,res,next) { + res.set("Access-Control-Allow-Origin","*") //we'll allow it for now + res.set("Access-Control-Allow-Methods",type || "GET") + res.set("Access-Control-Allow-Headers","Content-Type") + res.status(200).send("") + }) +} + module.exports = { "setup": function(router,con,server) { - router.options("/api/pid",async function(req,res,next) { - res.set("Access-Control-Allow-Origin","*") //we'll allow it for now - res.set("Access-Control-Allow-Methods","GET") - res.set("Access-Control-Allow-Headers","Content-Type") - res.status(200).send("") - }) + // router.options("/api/pid",async function(req,res,next) { + // res.set("Access-Control-Allow-Origin","*") //we'll allow it for now + // res.set("Access-Control-Allow-Methods","GET") + // res.set("Access-Control-Allow-Headers","Content-Type") + // res.status(200).send("") + // }) - router.options("/api/post",async function(req,res,next) { - res.set("Access-Control-Allow-Origin","*") //we'll allow it for now - res.set("Access-Control-Allow-Methods","POST") - res.set("Access-Control-Allow-Headers","Content-Type") - res.status(200).send("") - }) + // router.options("/api/post",async function(req,res,next) { + // res.set("Access-Control-Allow-Origin","*") //we'll allow it for now + // res.set("Access-Control-Allow-Methods","POST") + // res.set("Access-Control-Allow-Headers","Content-Type") + // res.status(200).send("") + // }) - router.options("/api/getotheruser",async function(req,res,next) { - res.set("Access-Control-Allow-Origin","*") //we'll allow it for now - res.set("Access-Control-Allow-Methods","GET") - res.set("Access-Control-Allow-Headers","Content-Type") - res.status(200).send("") - }) + // router.options("/api/getotheruser",async function(req,res,next) { + // res.set("Access-Control-Allow-Origin","*") //we'll allow it for now + // res.set("Access-Control-Allow-Methods","GET") + // res.set("Access-Control-Allow-Headers","Content-Type") + // res.status(200).send("") + // }) - router.options("/api/getPost",async function(req,res,next) { - res.set("Access-Control-Allow-Origin","*") //we'll allow it for now - res.set("Access-Control-Allow-Methods","GET") - res.set("Access-Control-Allow-Headers","Content-Type") - res.status(200).send("") - }) + // router.options("/api/getPost",async function(req,res,next) { + // res.set("Access-Control-Allow-Origin","*") //we'll allow it for now + // res.set("Access-Control-Allow-Methods","GET") + // res.set("Access-Control-Allow-Headers","Content-Type") + // res.status(200).send("") + // }) + // + // router.options("/api/getPostsLowerThan",async function(req,res,next) { + // res.set("Access-Control-Allow-Origin","*") //we'll allow it for now + // res.set("Access-Control-Allow-Methods","GET") + // res.set("Access-Control-Allow-Headers","Content-Type") + // res.status(200).send("") + // }) + + allowAllTraffic("/api/pid") + allowAllTraffic("/api/post","POST") + allowAllTraffic("/api/getotheruser") + allowAllTraffic("/api/getPost") + allowAllTraffic("/api/getPostsLowerThan") + allowAllTraffic("/api/settings") + allowAllTraffic("/api/settings","POST") - router.options("/api/getPostsLowerThan",async function(req,res,next) { - res.set("Access-Control-Allow-Origin","*") //we'll allow it for now - res.set("Access-Control-Allow-Methods","GET") - res.set("Access-Control-Allow-Headers","Content-Type") - res.status(200).send("") - }) + } } \ No newline at end of file diff --git a/routes/api/settingshandler.js b/routes/api/settingshandler.js new file mode 100644 index 0000000..bdf07d1 --- /dev/null +++ b/routes/api/settingshandler.js @@ -0,0 +1,38 @@ +module.exports = { + "setup": function(router,con,server) { + router.get("/api/settings",function(req,res) { + res.json(res.locals.settings) + }) + + router.post("/api/settings",function(req,res) { + + if(!req.body.setting) { + res.json({"error":"no setting to change"}) + return + } + if((typeof req.body.setting) != "string") { + res.json({"error":"no setting to change"}) + return + } + if((typeof req.body.value) != "string") { + res.json({"error":"no new setting value given"}) + return + } + + let setting_to_change = req.body.setting + let setting_new_value = req.body.value + + res.locals.settings[setting_to_change] = setting_new_value + + let sql = "update users set User_Settings=? where User_Name=?" + let values = [res.locals.settings,res.locals.username] + con.query(sql, values, function (err, result) { + if(err) { + res.json({"status":"error","code":err}) + return + } + res.json({"status":"success"}) + }) + }) + } +} \ No newline at end of file diff --git a/server.js b/server.js index 6d5100b..ca75014 100644 --- a/server.js +++ b/server.js @@ -413,6 +413,11 @@ options.setup(router,con,commonfunctions) let apiALL = require("./routes/api/all.js") apiALL.setup(router,con,commonfunctions) +let settingshandler = require("./routes/api/settingshandler.js") +settingshandler.setup(router,con,commonfunctions) + + + //TODO: loop through all files and load them in router.get("/api/search", async function(req,res) {