add basic settings endpoints

2022-07-25 18:59:42 +02:00 · 2022-07-25 18:59:42 +02:00 · 9fad64a9ef
commit 9fad64a9ef
parent 406b55a21b
5 changed files with 98 additions and 32 deletions
--- a/createSchema.sql
+++ b/createSchema.sql
@ -14,9 +14,11 @@ CREATE TABLE `users` (
  `User_Avatar` varchar(100) DEFAULT NULL,
  `User_PublicKey` varchar(830) DEFAULT NULL,
  `User_PrivateKey` text,
+  `User_Settings` json NOT NULL,
  PRIMARY KEY (`User_ID`,`User_Name`),
  UNIQUE KEY `User_Name_UNIQUE` (`User_Name`)
-) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;
+) ENGINE=InnoDB AUTO_INCREMENT=62 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;
+


 CREATE TABLE `posts` (
--- a/routes/api/all.js
+++ b/routes/api/all.js
@ -24,13 +24,14 @@ module.exports = {
        //basically we generate the unsigned cookie
        res.locals.isbot = true //only bots use user+pass
      }
-      let sql = `select User_Name,User_Bio,User_Avatar from ipost.users where User_Name=? and User_PW=?;`
+      let sql = `select User_Name,User_Bio,User_Avatar,User_Settings from ipost.users where User_Name=? and User_PW=?;`
      let values = unsigned.split(" ")
      values[1] = SHA.SHA256(values[1],values[0],HASHES_DIFF)
      res.locals.bio = ""
      res.locals.avatar = ""
      res.locals.publicKey = ""
      res.locals.privateKey = ""
+      res.locals.settings = {}
      con.query(sql, values, function (err, result) {
        if (err) throw err;
        if(result[0] && result[0].User_Name && result[0].User_Name == values[0]) {
@ -39,6 +40,7 @@ module.exports = {
          res.locals.avatar = result[0].User_Avatar || ""
          res.locals.publicKey = result[0].User_PublicKey || ""
          res.locals.privateKey = result[0].User_PrivateKey || ""
+          res.locals.settings = result[0].User_Settings || {}
          next()
        } else {
          res.status(400)
--- a/routes/api/options.js
+++ b/routes/api/options.js
@ -1,38 +1,57 @@
+function allowAllTraffic(router,str,type) {
+    router.options(str,async function(req,res,next) {
+        res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
+        res.set("Access-Control-Allow-Methods",type || "GET")
+        res.set("Access-Control-Allow-Headers","Content-Type")
+        res.status(200).send("")
+    })
+}
+
 module.exports = {
    "setup": function(router,con,server) {
-        router.options("/api/pid",async function(req,res,next) {
-            res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
-            res.set("Access-Control-Allow-Methods","GET")
-            res.set("Access-Control-Allow-Headers","Content-Type")
-            res.status(200).send("")
-        })
+        // router.options("/api/pid",async function(req,res,next) {
+        //     res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
+        //     res.set("Access-Control-Allow-Methods","GET")
+        //     res.set("Access-Control-Allow-Headers","Content-Type")
+        //     res.status(200).send("")
+        // })
        
-        router.options("/api/post",async function(req,res,next) {
-            res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
-            res.set("Access-Control-Allow-Methods","POST")
-            res.set("Access-Control-Allow-Headers","Content-Type")
-            res.status(200).send("")
-        })
+        // router.options("/api/post",async function(req,res,next) {
+        //     res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
+        //     res.set("Access-Control-Allow-Methods","POST")
+        //     res.set("Access-Control-Allow-Headers","Content-Type")
+        //     res.status(200).send("")
+        // })
        
-        router.options("/api/getotheruser",async function(req,res,next) {
-            res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
-            res.set("Access-Control-Allow-Methods","GET")
-            res.set("Access-Control-Allow-Headers","Content-Type")
-            res.status(200).send("")
-        })
+        // router.options("/api/getotheruser",async function(req,res,next) {
+        //     res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
+        //     res.set("Access-Control-Allow-Methods","GET")
+        //     res.set("Access-Control-Allow-Headers","Content-Type")
+        //     res.status(200).send("")
+        // })
        
-        router.options("/api/getPost",async function(req,res,next) {
-            res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
-            res.set("Access-Control-Allow-Methods","GET")
-            res.set("Access-Control-Allow-Headers","Content-Type")
-            res.status(200).send("")
-        })
+        // router.options("/api/getPost",async function(req,res,next) {
+        //     res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
+        //     res.set("Access-Control-Allow-Methods","GET")
+        //     res.set("Access-Control-Allow-Headers","Content-Type")
+        //     res.status(200).send("")
+        // })
+        // 
+        // router.options("/api/getPostsLowerThan",async function(req,res,next) {
+        //     res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
+        //     res.set("Access-Control-Allow-Methods","GET")
+        //     res.set("Access-Control-Allow-Headers","Content-Type")
+        //     res.status(200).send("")
+        // })
+
+        allowAllTraffic("/api/pid")
+        allowAllTraffic("/api/post","POST")
+        allowAllTraffic("/api/getotheruser")
+        allowAllTraffic("/api/getPost")
+        allowAllTraffic("/api/getPostsLowerThan")
+        allowAllTraffic("/api/settings")
+        allowAllTraffic("/api/settings","POST")
        
-        router.options("/api/getPostsLowerThan",async function(req,res,next) {
-            res.set("Access-Control-Allow-Origin","*") //we'll allow it for now
-            res.set("Access-Control-Allow-Methods","GET")
-            res.set("Access-Control-Allow-Headers","Content-Type")
-            res.status(200).send("")
-        })
+
    }
 }
--- a/routes/api/settingshandler.js
+++ b/routes/api/settingshandler.js
@ -0,0 +1,38 @@
+module.exports = {
+    "setup": function(router,con,server) {
+        router.get("/api/settings",function(req,res) {
+            res.json(res.locals.settings)
+        })
+
+        router.post("/api/settings",function(req,res) {
+
+            if(!req.body.setting) {
+                res.json({"error":"no setting to change"})
+                return
+            }
+            if((typeof req.body.setting) != "string") {
+                res.json({"error":"no setting to change"})
+                return
+            }
+            if((typeof req.body.value) != "string") {
+                res.json({"error":"no new setting value given"})
+                return
+            }
+
+            let setting_to_change = req.body.setting
+            let setting_new_value = req.body.value
+
+            res.locals.settings[setting_to_change] = setting_new_value
+
+            let sql = "update users set User_Settings=? where User_Name=?"
+            let values = [res.locals.settings,res.locals.username]
+            con.query(sql, values, function (err, result) {
+                if(err) {
+                    res.json({"status":"error","code":err})
+                    return
+                }
+                res.json({"status":"success"})
+            })
+        })
+    }
+}
--- a/server.js
+++ b/server.js
@ -413,6 +413,11 @@ options.setup(router,con,commonfunctions)
 let apiALL = require("./routes/api/all.js")
 apiALL.setup(router,con,commonfunctions)

+let settingshandler = require("./routes/api/settingshandler.js")
+settingshandler.setup(router,con,commonfunctions)
+
+
+
 //TODO: loop through all files and load them in

 router.get("/api/search", async function(req,res) {