leca/dach
1
0
Fork 0
forked from dachan/dach
Code Pull Requests Activity

rework of the DB structure, rewrite of the API

Browse Source
This commit is contained in:
leca
2023-11-17 01:17:39 +03:00
parent 82b1a82aac
commit d61797a748
1 changed files with 59 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
src/index.js
View File

@@ -67,51 +67,84 @@ app.post('/api/uploadMedia', async (req, res) => {
});
app.get('/api/getPosts/:boardId/:threadId', async (req, res) => {
posts = [];
(await db.query('SELECT post_id FROM posts WHERE board_id = $1 AND thread_id = $2', [req.params.boardId, req.params.threadId])).rows
.forEach((post) => posts.push(post.post_id))
res.setHeader('Content-Type', 'application/json');
res.end(JSON.stringify(posts));
});
app.post('/api/post', async (req, res) => {
const { content, } = req.body;
let login = req.session.login,
token = req.session.token,
isAdmin = false;
const {options, content, threadId, boardId} = req.body;
if (!threadId || !boardId) return res.status(400).send("Не указано ID треда или доски");
if (login && token) {
if (authorize(login, token)) isAdmin = true;
else res.status(403).send("Невалидный токен");
}
let postId = Number((await db.query('SELECT post_id FROM posts WHERE board_id = $1 ORDER BY post_id DESC LIMIT 1', [boardId])).rows[0].post_id) + 1
await db.query('INSERT INTO posts(board_id, thread_id, post_id, options, content, media_ids, is_root, timestamp, user_ip) VALUES ($1, $2, $3, $4, $5, \'{}\', false, NOW(), $6)', [boardId, threadId, postId, options, content, req.socket.remoteAddress]);
await db.query('UPDATE threads SET posts_ids = ARRAY_APPEND(posts_ids, $1) WHERE thread_id = $2 AND board_id = $3', [postId, threadId, boardId]);
res.status(200).send("Пост отправлен");
});
app.post('/api/createThread', async (req, res) => {
let login, token, isLocked, isPinned
let login = req.session.login,
token = req.session.token,
isLocked,
isPinned,
isAdmin = false;
const { boardId, threadTitle, content, options} = req.body;
isLocked = isLocked? isLocked : false;
if (!boardId) return res.status(400).send("Не указано имя доски");
isLocked = isLocked? isLocked : false; // if undefined then false
isPinned = isPinned? isPinned : false;
console.log(`Board id: ${boardId}\nThread name: ${threadTitle}\nIs locked: ${isLocked}\nIs pinned: ${isPinned}\nContent: ${content}\nOptions: ${options}`);
try {
let currentSession = req.session;
token = currentSession.token;
login = currentSession.login;
} catch (err) {
console.log(err);
if (login && token) {
if (authorize(login, token)) isAdmin = true;
else res.status(403).send("Невалидный токен");
}
const boardOptions = (await db.query('SELECT options FROM boards WHERE board_id = $1', [boardId])).rows[0].options;
if (login && token && token != tokens[login]) return res.status(403).send("Невалидный токен");
let isAdmin = token? true : false;
const boardOptions = (await db.query('SELECT * FROM boards WHERE board_id = $1', [boardId])).rows[0].options
let postId = (await db.query('SELECT nextval(pg_get_serial_sequence(\'posts\', \'post_id\'))')).rows[0].nextval;
let threadId = (await db.query('SELECT nextval(pg_get_serial_sequence(\'threads\', \'thread_id\'))')).rows[0].nextval;
let threadId = (await db.query('SELECT EXISTS(SELECT FROM threads WHERE board_id = $1)', [boardId])).rows[0].exists?
Number((await db.query('SELECT thread_id FROM threads WHERE board_id = $1 ORDER BY thread_id DESC LIMIT 1', [boardId])).rows[0].thread_id) + 1
: 0
let postId = (await db.query('SELECT EXISTS(SELECT FROM posts WHERE board_id = $1)', [boardId])).rows[0].exists?
Number((await db.query('SELECT post_id FROM posts WHERE board_id = $1 ORDER BY post_id DESC LIMIT 1', [boardId])).rows[0].post_id) + 1
: 0
console.log(`ThreadId: ${threadId} postId: ${postId}`);
let validateResults = validateThread(threadTitle, isLocked,
isPinned, content, options,
boardOptions, isAdmin);
if (validateResults != "ok") return res.status(400).send(validateResults);
await db.query('INSERT INTO posts (post_id, content, is_root, timestamp, user_ip) VALUES($1, $2, $3, NOW(), $4)', [postId, content, true, req.socket.remoteAddress]);
await db.query('INSERT INTO threads (thread_id, thread_name, posts_ids, is_locked, is_pinned, options) VALUES ($1, $2, $3, $4, $5, $6)', [threadId, threadTitle, [postId], isLocked, isPinned, options]);
await db.query('UPDATE boards SET threads_ids = ARRAY_APPEND(threads_ids, $1) WHERE board_id = $2', [threadId, boardId]);
await db.query('INSERT INTO posts (board_id, thread_id, post_id, content, is_root, timestamp, user_ip) VALUES($1, $2, $3, $4, $5, NOW(), $6)', [boardId, threadId, postId, content, true, req.socket.remoteAddress]);
await db.query('INSERT INTO threads (board_id, thread_id, thread_name, posts_ids, is_locked, is_pinned, options) VALUES ($1, $2, $3, $4, $5, $6, $7)', [boardId, threadId, threadTitle, [postId], isLocked, isPinned, options]);
// await db.query('UPDATE boards SET threads_ids = ARRAY_APPEND(threads_ids, $1) WHERE board_id = $2', [threadId, boardId]);
res.redirect(`/${boardId}/${postId}`);
});
app.get('/api/getThreads/:boardId', async (req, res) => {
let queryRes = (await db.query('SELECT * FROM boards WHERE board_id = $1', [req.params.boardId])).rows[0];
// let queryRes = (await db.query('SELECT * FROM boards WHERE board_id = $1', [req.params.boardId])).rows[0];
threads = [];
(await db.query('SELECT thread_id FROM threads WHERE board_id = $1', [req.params.boardId])).rows
.forEach((thread) => threads.push(thread.thread_id))
res.setHeader('Content-Type', 'application/json');
res.end(JSON.stringify(queryRes.threads_ids));
res.end(JSON.stringify(threads));
});
app.get('/api/getBoards', async (req, res) => {
@@ -182,4 +215,8 @@ const validateThread = (threadName, isLocked, isPinned, content, options, boardO
//TODO: check if image is required
return 'ok'
}
};
const authorize = (login, token) => {
return tokens[login] == token? true : false;
};