added posts

2022-04-22 16:45:42 +02:00 · 2022-04-22 16:45:42 +02:00 · dd2960b391
commit dd2960b391
parent 9690ca9153
2 changed files with 88 additions and 3 deletions
--- a/server.js
+++ b/server.js
@ -152,7 +152,24 @@ START /API/*
 */

 router.use("/api/*",async function(req,res,next) {
-  increaseAPICall(req,res,next)
+  if(!increaseAPICall(req,res))return;
+  let cookie = req.cookies.AUTH_COOKIE
+  if(!cookie){
+    res.status(400)
+    res.json({"error":"you are not logged in! (no cookie)"})
+    return
+  }
+  let unsigned = unsign(cookie,req,res)
+  let sql = `select * from zerotwohub.users where User_Name=? and User_PW=?;`
+  con.query(sql, values, function (err, result) {
+    if (err) throw err;
+    if(result[0] && result[0].User_Name && result[0].User_Name == username) {
+      res.locals.username = username;
+      next()
+    } else {
+      res.json({"error":"you are not logged in! (invalid cookie)"})
+    }
+  });
 })

 router.get("/api/getuser",async function(req,res) {
@ -185,8 +202,23 @@ router.get("/api/getuser",async function(req,res) {
 })

 router.post("/api/post", async function(req,res) {
-  //already counted due to the /api/* handler
-  res.send("not implemented yet.")
+  let sql = `insert into zerotwohub.posts (post_user_name,post_text) values (?,?);`
+  let values = [res.locals.username,req.body.message]
+  con.query(sql, values, function (err, result) {
+    if (err) throw err;
+    res.json({"post_id":result[0].post_id})
+  });
+})
+
+router.get("/api/getPosts/*", async function(req,res) {
+  let sql = `select post_user_name,post_text from zerotwohub.posts where post_id > ? and post_id < ? order by post_id desc;`
+  let id = parseInt(req.originalUrl.replace("/api/getPosts/"))
+  if(isNaN(id))id=0
+  let values = [id,id+10]
+  con.query(sql, values, function (err, result) {
+    if (err) throw err;
+    res.json(result)
+  });
 })


--- a/views/posts.html
+++ b/views/posts.html
@ -0,0 +1,53 @@
+<!DOCTYPE html>
+<html lang="en" dir="ltr">
+  <head>
+    <meta charset="utf-8">
+    <title></title>
+    <script type="text/javascript">window.post = function(url, data) {return fetch(url, {method: "POST", headers: {'Content-Type': 'application/json'}, body: JSON.stringify(data)});}</script>
+  </head>
+  <body>
+    <div class="self">
+      Username: <span class="Username"></span> <br>
+      <textarea name="name" id="post-text" rows="8" cols="80"></textarea> <br>
+      <button type="button" name="button" id="post-btn">Post</button>
+    </div>
+    <div class="posts" id="posts">
+
+    </div>
+
+    <script type="text/javascript">
+      document.getElementById("post-btn").addEventListener("click",function() {
+        let r = post("/api/post",{"message":document.getElementById("post-text").value})
+        document.getElementById("post-text").value = ""
+        console.log(r);
+      })
+      function createPost(username,text) {
+        const newDiv = document.createElement("div");
+        const newP = document.createElement("p");
+        const newText = document.createTextNode(text);
+        const newUsername = document.createTextNode(username);
+
+        newP.appendChild(newUsername)
+
+        newDiv.appendChild(newP)
+        newDiv.appendChild(newText)
+
+        document.body.appendChild(newDiv)
+
+      }
+
+      async function buildPosts() {
+        let index = 0
+        let last_10_posts = await (await fetch(`/api/getPosts/${index}`)).json()
+        last_10_posts.forEach((item, i) => {
+          console.log(item,i);
+          createPost(item.post_user_name,item.post_text)
+        });
+
+
+      }
+
+
+    </script>
+  </body>
+</html>