Ban and unban working

server/accounts/deletion.js

@@ -39,7 +39,6 @@ const route = async (req, res) => {
 
 //actually delete the accounts
 cron.schedule('0 * * * *', () => {
-	console.log('wiping accounts');
 	accounts.destroy({
 		where: {
 			deletion: {

server/admin/ban.js

@@ -0,0 +1,40 @@
+const { Op } = require('sequelize');
+const { bannedEmails, accounts } = require('../database/models');
+
+const route = async (req, res) => {
+	//fetch the account based on the email or username
+	const account = await accounts.findOne({
+		attrubutes: ['username', 'email'],
+		where: {
+			[Op.or]: {
+				username: {
+					[Op.eq]: req.fields.username,
+				},
+				email: {
+					[Op.eq]: req.fields.email
+				}
+			}
+		}
+	});
+
+	//just in case
+	if (account && account.privilege == 'administrator') {
+		return res.status(401).send('Couldn\'t ban an admin');
+	}
+
+	//need either an email or an account
+	if (!account && !req.fields.email) {
+		return res.status(401).send('Couldn\'t determine the ban info');
+	}
+
+	//apply the ban
+	await bannedEmails.upsert({
+		email: (account || req.fields).email,
+		reason: req.fields.reason ? req.fields.reason : null,
+		expiry: req.fields.expiry ? new Date(Date.parse(req.fields.expiry)) : null
+	});
+
+	return res.status(200).send(`Email ${(account || req.fields).email} banned (username ${account ? account.username : 'not found'})`);
+};
+
+module.exports = route;

server/admin/banned.js

@@ -2,12 +2,6 @@ const { Op } = require('sequelize');
 const { bannedEmails, accounts } = require('../database/models');
 
 const route = async (req, res) => {
-	//TODO: move to middleware
-	//make sure the account is an admin
-	if (req.cookies['admin'] !== process.env.SESSION_ADMIN) {
-		return res.status(401).send('invalid admin status');
-	}
-
 	//merge the banned accounts with the account data, if any
 	const data = await bannedEmails.findAll()
 		.then(bans => bans.map(async ban => {

server/admin/index.js

@@ -1,9 +1,19 @@
 const express = require('express');
 const router = express.Router();
 
-//basic account management
-router.post('/banned', require('./banned'));
-//router.post('/ban', require('./ban'));
-//router.post('/unban', require('./unban'));
+//middleware
+router.use((req, res, next) => {
+	//make sure the account is an admin
+	if (req.cookies['admin'] !== process.env.SESSION_ADMIN) {
+		return res.status(401).send('invalid admin status');
+	} else {
+		next();
+	}
+});
 
-module.exports = router;
+//basic account ban management
+router.get('/banned', require('./banned'));
+router.post('/ban', require('./ban'));
+router.post('/unban', require('./unban'));
+
+module.exports = router;

server/admin/unban.js

@@ -0,0 +1,46 @@
+const Sequelize = require('sequelize');
+const Op = Sequelize.Op;
+const { bannedEmails, accounts } = require('../database/models');
+var cron = require('node-cron');
+
+const route = async (req, res) => {
+	console.log(req.fields.entry)
+	//get the account, if one is found
+	const account = await accounts.findOne({
+		where: {
+			[Op.or]: {
+				email: {
+					[Op.eq]: req.fields.entry
+				},
+				username: {
+					[Op.eq]: req.fields.entry
+				}
+			}
+		},
+	});
+
+	//accept either email or username
+	const affectedRows = await bannedEmails.destroy({
+		where: {
+			email: {
+				[Op.eq]: account?.email || req.fields.entry || ''
+			}
+		}
+	});
+
+	return res.status(200).send(`${affectedRows} emails unbanned`);
+};
+
+//delete any expired bans
+cron.schedule('0 * * * *', () => {
+	bannedEmails.destroy({
+		where: {
+			expiry: {
+				[Op.lt]: Sequelize.fn('NOW'),
+				[Op.not]: null
+			}
+		}
+	});
+});
+
+module.exports = route;