@@ -4,7 +4,7 @@ const sequelize = new Sequelize(process.env.DB_DATABASE, process.env.DB_USERNAME
|
||||
host: process.env.DB_HOSTNAME,
|
||||
dialect: 'mariadb',
|
||||
timezone: process.env.DB_TIMEZONE,
|
||||
// logging: false
|
||||
logging: false
|
||||
});
|
||||
|
||||
module.exports = sequelize;
|
||||
@@ -1,7 +1,7 @@
|
||||
const Sequelize = require('sequelize');
|
||||
const sequelize = require('..');
|
||||
|
||||
module.exports = sequelize.define('articles', {
|
||||
const articles = sequelize.define('articles', {
|
||||
index: {
|
||||
type: Sequelize.INTEGER(11),
|
||||
allowNull: false,
|
||||
@@ -30,3 +30,7 @@ module.exports = sequelize.define('articles', {
|
||||
defaultValue: 0
|
||||
}
|
||||
});
|
||||
|
||||
sequelize.sync();
|
||||
|
||||
module.exports = articles;
|
||||
@@ -3,8 +3,6 @@ const sequelize = require('..');
|
||||
|
||||
const articles = require('./articles');
|
||||
|
||||
sequelize.sync();
|
||||
|
||||
const revisions = sequelize.define('revisions', {
|
||||
title: {
|
||||
type: Sequelize.TEXT,
|
||||
|
||||
+2
-9
@@ -2,11 +2,6 @@ const { Op } = require('sequelize');
|
||||
const { articles, revisions } = require('../database/models');
|
||||
|
||||
const route = async (req, res) => {
|
||||
//check the key
|
||||
if (req.body.key != process.env.QUERY_KEY) {
|
||||
return res.status(401).json({ ok: false, error: 'invalid key' });
|
||||
}
|
||||
|
||||
//get the existing record
|
||||
const record = await articles.findOne({
|
||||
where: {
|
||||
@@ -17,7 +12,7 @@ const route = async (req, res) => {
|
||||
});
|
||||
|
||||
if (!record) {
|
||||
return res.status(500).json({ ok: false, error: 'failed to update non-existing record' });
|
||||
return res.status(500).send('Failed to update non-existing record');
|
||||
}
|
||||
|
||||
//store the revision
|
||||
@@ -40,9 +35,7 @@ const route = async (req, res) => {
|
||||
}
|
||||
});
|
||||
|
||||
return res.status(200).json({
|
||||
ok: true
|
||||
});
|
||||
return res.status(200).end();
|
||||
};
|
||||
|
||||
module.exports = route;
|
||||
+19
-7
@@ -1,26 +1,38 @@
|
||||
const express = require('express');
|
||||
const router = express.Router();
|
||||
|
||||
//middleware
|
||||
const authToken = require('../utilities/token-auth');
|
||||
|
||||
//the routes
|
||||
const query = require('./query');
|
||||
const publish = require('./publish');
|
||||
const edit = require('./edit');
|
||||
const remove = require('./remove');
|
||||
|
||||
//basic route management
|
||||
//basic route management (all query possibilities)
|
||||
router.get('/', query(false, false));
|
||||
router.get('/:id(\\d+)', query(false, false));
|
||||
router.get('/archive', query(true, false));
|
||||
router.get('/archive/:id(\\d+)', query(true, false));
|
||||
router.get('/titles', query(false, true));
|
||||
router.get('/titles/:id(\\d+)', query(false, true));
|
||||
router.get('/archive/titles', query(true, true));
|
||||
router.get('/archive/titles/:id(\\d+)', query(true, true));
|
||||
router.get('/metadata', query(false, true));
|
||||
router.get('/metadata/:id(\\d+)', query(false, true));
|
||||
router.get('/archive/metadata', query(true, true));
|
||||
router.get('/archive/metadata/:id(\\d+)', query(true, true));
|
||||
|
||||
//use middleware to authenticate the rest of the routes
|
||||
router.use(authToken);
|
||||
router.use((req, res, next) => {
|
||||
if (req.user.privilege == 'administrator') {
|
||||
next();
|
||||
} else {
|
||||
res.status(403).end();
|
||||
}
|
||||
});
|
||||
|
||||
//authenticated routes
|
||||
router.post('/', publish);
|
||||
|
||||
router.patch('/:id(\\d+)', edit);
|
||||
|
||||
router.delete('/:id(\\d+)', remove);
|
||||
|
||||
module.exports = router;
|
||||
|
||||
@@ -1,11 +1,6 @@
|
||||
const { articles } = require('../database/models');
|
||||
|
||||
const route = async (req, res) => {
|
||||
//check the key
|
||||
if (req.body.key != process.env.QUERY_KEY) {
|
||||
return res.status(401).json({ ok: false, error: 'invalid key' });
|
||||
}
|
||||
|
||||
//upsert the data
|
||||
const [instance, created] = await articles.upsert({
|
||||
title: req.body.title,
|
||||
@@ -14,10 +9,10 @@ const route = async (req, res) => {
|
||||
});
|
||||
|
||||
if (!created) {
|
||||
return res.status(500).json({ ok: false, error: 'failed to create record' });
|
||||
return res.status(500).send('Failed to create record');
|
||||
}
|
||||
|
||||
//BUGFIX
|
||||
//BUGFIX: instance doesn't have the index for some reason
|
||||
const result = await articles.findOne({
|
||||
order: [
|
||||
['index', 'DESC']
|
||||
@@ -25,7 +20,6 @@ const route = async (req, res) => {
|
||||
});
|
||||
|
||||
return res.status(200).json({
|
||||
ok: true,
|
||||
// index: instance.get('index')
|
||||
index: result.index
|
||||
});
|
||||
|
||||
@@ -2,12 +2,12 @@ const { Op } = require('sequelize');
|
||||
const { articles } = require('../database/models');
|
||||
|
||||
//the query function that can be reused
|
||||
const query = (ascending, titlesOnly) => async (req, res) => {
|
||||
//specific search
|
||||
const query = (ascending, metadataOnly) => async (req, res) => {
|
||||
//specific search (id is defined)
|
||||
if (req.params.id && typeof(parseInt(req.params.id)) === 'number') {
|
||||
const result = await articles.findOne({
|
||||
attributes: [
|
||||
'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!titlesOnly ? ['body'] : [])
|
||||
'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!metadataOnly ? ['body'] : [])
|
||||
],
|
||||
where: {
|
||||
index: {
|
||||
@@ -16,15 +16,15 @@ const query = (ascending, titlesOnly) => async (req, res) => {
|
||||
}
|
||||
});
|
||||
|
||||
//returns null if failed to find
|
||||
return res.status(200).json(result);
|
||||
//result is null if failed to find
|
||||
return res.status(200).json(result || []);
|
||||
}
|
||||
|
||||
//default search
|
||||
else {
|
||||
const result = await articles.findAndCountAll({
|
||||
attributes: [
|
||||
'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!titlesOnly ? ['body'] : [])
|
||||
'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!metadataOnly ? ['body'] : [])
|
||||
],
|
||||
order: [
|
||||
['index', ascending ? 'ASC' : 'DESC']
|
||||
|
||||
@@ -2,11 +2,6 @@ const { Op } = require('sequelize');
|
||||
const { articles, revisions } = require('../database/models');
|
||||
|
||||
const route = async (req, res) => {
|
||||
//check the key
|
||||
if (req.body.key != process.env.QUERY_KEY) {
|
||||
return res.status(401).json({ ok: false, error: 'invalid key' });
|
||||
}
|
||||
|
||||
//get the existing record
|
||||
const record = await articles.findOne({
|
||||
where: {
|
||||
@@ -17,7 +12,7 @@ const route = async (req, res) => {
|
||||
});
|
||||
|
||||
if (!record) {
|
||||
return res.status(500).json({ ok: false, error: 'failed to remove non-existing record' });
|
||||
return res.status(500).json('Failed to remove non-existing record');
|
||||
}
|
||||
|
||||
//store the revision
|
||||
@@ -35,9 +30,7 @@ const route = async (req, res) => {
|
||||
}
|
||||
});
|
||||
|
||||
return res.status(200).json({
|
||||
ok: true
|
||||
});
|
||||
return res.status(200).end();
|
||||
};
|
||||
|
||||
module.exports = route;
|
||||
@@ -0,0 +1,21 @@
|
||||
const jwt = require('jsonwebtoken');
|
||||
|
||||
//middleware to authenticate the JWT token
|
||||
module.exports = (req, res, next) => {
|
||||
const authHeader = req.headers['authorization'];
|
||||
const token = authHeader?.split (' ')[1]; //'Bearer token'
|
||||
|
||||
if (!token) {
|
||||
return res.status(401).end();
|
||||
}
|
||||
|
||||
jwt.verify(token, process.env.SECRET_ACCESS, (err, user) => {
|
||||
if (err) {
|
||||
return res.status(403).end();
|
||||
}
|
||||
|
||||
req.user = user;
|
||||
|
||||
next();
|
||||
});
|
||||
};
|
||||
Reference in New Issue
Block a user