forked from dachan/dach
implemented /api/createThread with no media so far
This commit is contained in:
parent
61f28db7fa
commit
a7f6899164
43
src/index.js
43
src/index.js
|
@ -20,6 +20,10 @@ const db = new Client({
|
|||
port: 5432
|
||||
});
|
||||
|
||||
const errorHandler = (err) => {
|
||||
if (err) console.log(err);
|
||||
}
|
||||
|
||||
db.connect((error) => {
|
||||
if (error) console.log(error);
|
||||
else console.log("Database connected");
|
||||
|
@ -33,9 +37,7 @@ const init = async () => {
|
|||
|
||||
console.log("No tables found, assuming first run, creating database scheme");
|
||||
|
||||
db.query(initSQL, (err, res) => {
|
||||
if (err) console.log(err);
|
||||
});
|
||||
db.query(initSQL, errorHandler);
|
||||
|
||||
let adminPassword = Math.random().toString(36).slice(-8);
|
||||
let passwordHash = await bcrypt.hash(adminPassword, 8);
|
||||
|
@ -76,9 +78,14 @@ app.post('/api/post', async (req, res) => {
|
|||
});
|
||||
|
||||
app.post('/api/createThread', async (req, res) => {
|
||||
let login, token
|
||||
const { boardId, threadName, isLocked, isPinned, content, options} = req.body;
|
||||
let login, token, isLocked, isPinned
|
||||
const { boardId, threadTitle, content, options} = req.body;
|
||||
|
||||
isLocked = isLocked? isLocked : false;
|
||||
isPinned = isPinned? isPinned : false;
|
||||
|
||||
console.log(`Board id: ${boardId}\nThread name: ${threadTitle}\nIs locked: ${isLocked}\nIs pinned: ${isPinned}\nContent: ${content}\nOptions: ${options}`);
|
||||
|
||||
try {
|
||||
let currentSession = req.session;
|
||||
token = currentSession.token;
|
||||
|
@ -87,9 +94,21 @@ app.post('/api/createThread', async (req, res) => {
|
|||
console.log(err);
|
||||
}
|
||||
|
||||
if (token != tokens[login]) return res.status(403).send("Невалидный токен");
|
||||
// if ()
|
||||
|
||||
if (login && token && token != tokens[login]) return res.status(403).send("Невалидный токен");
|
||||
let isAdmin = token? true : false;
|
||||
|
||||
const boardOptions = (await db.query('SELECT * FROM boards WHERE board_id = $1', [boardId])).rows[0].options
|
||||
let postId = (await db.query('SELECT nextval(pg_get_serial_sequence(\'posts\', \'post_id\'))')).rows[0].nextval;
|
||||
|
||||
let validateResults = validateThread(threadTitle, isLocked,
|
||||
isPinned, content, options,
|
||||
boardOptions, isAdmin);
|
||||
if (validateResults != "ok") return res.status(400).send(validateResults);
|
||||
|
||||
await db.query('INSERT INTO posts (post_id, content, is_root, timestamp, user_ip) VALUES($1, $2, $3, NOW(), $4)', [postId, content, true, req.socket.remoteAddress]);
|
||||
await db.query('INSERT INTO threads (thread_name, posts_ids, is_locked, is_pinned, options) VALUES ($1, $2, $3, $4, $5)', [threadTitle, [postId], isLocked, isPinned, options]);
|
||||
res.redirect(`/${boardId}/${postId}`);
|
||||
});
|
||||
|
||||
app.get('/api/getBoards', async (req, res) => {
|
||||
|
@ -152,4 +171,12 @@ app.post('/api/createBoard', async (req, res) => {
|
|||
|
||||
app.listen(process.env.APP_PORT, () => {
|
||||
console.log("App started");
|
||||
});
|
||||
});
|
||||
|
||||
const validateThread = (threadName, isLocked, isPinned, content, options, boardOptions, isAdmin) => {
|
||||
if ((isPinned || isLocked) && !isAdmin) return "Нет прав на выставление админских флагов";
|
||||
if (!content) return "Нельзя создать тред без текста";
|
||||
|
||||
//TODO: check if image is required
|
||||
return 'ok'
|
||||
}
|
Loading…
Reference in New Issue