backend done

2025-01-25 16:46:31 +03:00
parent e30649ef14
commit b82c2dc1d6
18 changed files with 3937 additions and 0 deletions
--- a/backend/src/middlewares/auth.ts
+++ b/backend/src/middlewares/auth.ts
@@ -0,0 +1,32 @@
+import { NextFunction, Request, Response } from "express";
+import jwt from "jsonwebtoken";
+import { AppDataSource } from "../data-source";
+import { Post } from "../entity/Post";
+import { User } from "../entity/User";
+
+const authenticate = async (req: Request, res: Response, next: NextFunction): Promise<void> => {
+    const token = req.cookies.jwt;
+    if (!token || !jwt.verify(token, process.env.JWT_SECRET)) {
+        res.status(401).send("No valid JWT is present");
+        return;
+    }
+    next();
+}
+
+const authorizeForPost = async (req: Request, res: Response, next: NextFunction): Promise<void> => {
+    const { postId } = req.params;
+    const user = (jwt.decode(req.cookies.jwt) as jwt.JwtPayload);
+    const userId = user.id;
+    const postAuthorId = (await AppDataSource.manager.findOneBy(
+        Post,
+        { id: Number.parseInt(postId) }
+    )).authorId
+
+    if (userId != postAuthorId) {
+        res.status(403).send("Not your post");
+        return;
+    }
+    next();
+}
+
+export default { authenticate, authorizeForPost };
--- a/backend/src/middlewares/existance.ts
+++ b/backend/src/middlewares/existance.ts
@@ -0,0 +1,41 @@
+import { NextFunction, Request, Response } from 'express';
+import { AppDataSource } from '../data-source';
+import { User } from "../entity/User";
+import { Post } from "../entity/Post";
+
+const userShouldExist = async (req: Request, res: Response, next: NextFunction): Promise<void> => {
+    const { username } = req.body;
+
+    if (!(await AppDataSource.manager.findOneBy(User, {
+        username
+    }))) {
+        res.status(404).send("User does not exist.");
+        return;
+    }
+    next();
+}
+
+const userShouldNotExist = async (req: Request, res: Response, next: NextFunction): Promise<void> => {
+    const { username } = req.body;
+
+    if (await AppDataSource.manager.findOneBy(User, {
+        username
+    })) {
+        res.status(409).send("Such user already exists");
+        return;
+    }
+    next();
+}
+
+const postShouldExist = async (req: Request, res: Response, next: NextFunction): Promise<void> => {
+    const postId = Number.parseInt(req.params.postId);
+
+    if (!(await AppDataSource.manager.findOneBy(Post, {id: postId}))) {
+        res.status(404).send("Post not found");
+        return;
+    }
+
+    next();
+}
+
+export default { userShouldExist, userShouldNotExist, postShouldExist};
--- a/backend/src/middlewares/utils.ts
+++ b/backend/src/middlewares/utils.ts
@@ -0,0 +1,49 @@
+import { NextFunction, Request, Response } from "express";
+import { Post } from "../entity/Post";
+import path from "path";
+import fs from 'fs';
+import crypto from 'crypto';
+import jwt, { JwtPayload } from "jsonwebtoken";
+import { AppDataSource } from "../data-source";
+
+// Updates or creates a post and handles things like deleting old post's media
+const handlePostData = async (req: Request, res: Response, next: NextFunction): Promise<void> => {
+    const token = req.cookies.jwt;
+    const user = (jwt.decode(token) as JwtPayload)
+
+    const post = new Post();
+
+    const { message } = req.body;
+    if (req.method == "PUT") {
+        // Delete old post data if it was media
+        const postToUpdate = (await AppDataSource.manager.findOneBy(Post, { id: Number.parseInt(req.params.postId) }));
+
+        if (postToUpdate.type == 1) {
+            const filename = postToUpdate.message;
+            fs.rmSync(`${process.env.UPLOAD_DESTINATION}/${filename}`);
+        }
+    }
+    if (req.file) {
+        const extension = path.extname(req.file.originalname).toLowerCase()
+        if ([".png", ".jpg", ".jpeg", ".webp", ".mp4", ".webm"].indexOf(extension) < 0) {
+            res.status(400).send("Unknown mime type");
+            return;
+        }
+        const buffer = fs.readFileSync(req.file.path);
+        const hash = crypto.createHash('md5');
+        hash.update(buffer);
+        const newFilename = `${hash.digest('hex')}${extension}`;
+        fs.renameSync(`./${req.file.path}`, `${process.env.UPLOAD_DESTINATION}/${newFilename}`)
+        post.message = newFilename
+        post.type = 1
+    } else {
+        post.type = 0;
+        post.message = message;
+    }
+    if (req.method == "POST") post.date = new Date().toISOString();
+    post.authorId = user.id;
+    res.locals.post = post;
+    next();
+}
+
+export default { handlePostData };