Updated dependencies

.envdev

@@ -1,5 +1,7 @@
 WEB_PORT=3100
 
+WEB_ORIGIN=http://localhost:3001
+
 DB_HOSTNAME=database
 DB_DATABASE=news
 DB_USERNAME=news

.github/FUNDING.yml

@@ -0,0 +1,5 @@
+# These are supported funding model platforms
+
+patreon: krgamestudios
+ko_fi: krgamestudios
+custom: ["https://www.paypal.com/donate/?hosted_button_id=73Q82T2ZHV8AA"]

.github/workflows/docker.yml

@@ -26,7 +26,7 @@ jobs:
           docker_image: krgamestudios/news-server
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1 
+        uses: docker/login-action@v1
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}

Dockerfile

@@ -1,5 +1,4 @@
-
-FROM node:16
+FROM node:18
 WORKDIR "/app"
 COPY package*.json ./
 RUN npm install --production

README.md

@@ -2,6 +2,8 @@
 
 An API centric news server. Uses Sequelize and mariaDB by default.
 
+This server is available via docker hub at krgamestudios/news-server.
+
 # Setup
 
 There are multiple ways to run this app - it can run on it's own via `npm start` (for production) or `npm run dev` (for development). it can also run inside docker using `docker-compose up --build` - run `node configure-script.js` to generate docker-compose.yml and startup.sql.
@@ -13,7 +15,7 @@ POST https://dev-auth.krgamestudios.com/auth/login HTTP/1.1
 Content-Type: application/json
 
 {
-	"email": "kayneruse@gmail.com",
+	"email": "example@example.com",
 	"password": "helloworld"
 }
 ```
@@ -46,6 +48,7 @@ GET /news/archive/:id
 		"title": title,			//title of the article
 		"author": author,		//author of the aricle
 		"body": body,			//body of the article
+		"rendered": rendered	//body rendered as HTML
 		"edits": edits			//number of times this article has been edited
 		"createdAt": createdAt	//time created
 		"updatedAt": updatedAt	//time updated

configure-script.js

@@ -30,10 +30,11 @@ const question = (prompt, def = null) => {
 	//project configuration
 	const appName = await question('App Name', 'news');
 	const appWebAddress = await question('Web Addr', `${appName}.example.com`);
+	const appWebOrigin = await question('Web Origin', `https://example.com`); //TODO: clean these up properly
 	const appPort = await question('App Port', '3100');
 
 	const appDBUser = await question('DB User', appName);
-	const appDBPass = await question('DB Pass', uuid());
+	const appDBPass = await question('DB Pass', 'venusaur');
 	const dbRootPass = await question('DB Root Pass');
 
 	const appSecretAccess = await question('Access Token Secret', uuid(32));
@@ -59,6 +60,7 @@ services:
       - "traefik.http.services.${appName}service.loadbalancer.server.port=${appPort}"
     environment:
       - WEB_PORT=${appPort}
+      - WEB_ORIGIN=${appWebOrigin}
       - DB_HOSTNAME=database
       - DB_DATABASE=${appName}
       - DB_USERNAME=${appDBUser}
@@ -109,7 +111,7 @@ networks:
 `;
 
 	const dockerfile = `
-FROM node:16
+FROM node:18
 WORKDIR "/app"
 COPY package*.json ./
 RUN npm install --production

package.json

@@ -1,6 +1,6 @@
 {
   "name": "news-server",
-  "version": "1.3.0",
+  "version": "1.5.3",
   "description": "An API centric news server. Uses Sequelize and mariaDB by default.",
   "main": "server/server.js",
   "scripts": {
@@ -20,13 +20,14 @@
   "homepage": "https://github.com/krgamestudios/news-server#readme",
   "dependencies": {
     "cors": "^2.8.5",
-    "dotenv": "^8.6.0",
-    "express": "^4.17.1",
+    "dotenv": "^16.0.3",
+    "express": "^4.18.2",
     "jsonwebtoken": "^8.5.1",
-    "mariadb": "^2.5.4",
-    "sequelize": "^6.6.5"
+    "mariadb": "^3.0.2",
+    "markdown-it": "^13.0.1",
+    "sequelize": "^6.25.5"
   },
   "devDependencies": {
-    "nodemon": "^2.0.12"
+    "nodemon": "^2.0.20"
   }
 }

server/database/models/articles.js

@@ -25,6 +25,11 @@ const articles = sequelize.define('articles', {
 		defaultValue: ''
 	},
 
+	rendered: {
+		type: Sequelize.TEXT,
+		defaultValue: ''
+	},
+
 	edits: {
 		type: Sequelize.INTEGER(11),
 		defaultValue: 0

server/database/models/revisions.js

@@ -1,9 +1,15 @@
 const Sequelize = require('sequelize');
 const sequelize = require('..');
 
-const articles = require('./articles');
-
 const revisions = sequelize.define('revisions', {
+	index: {
+		type: Sequelize.INTEGER(11),
+		allowNull: false,
+		autoIncrement: true,
+		primaryKey: true,
+		unique: true
+	},
+
 	title: {
 		type: Sequelize.TEXT,
 		defaultValue: ''
@@ -19,6 +25,11 @@ const revisions = sequelize.define('revisions', {
 		defaultValue: ''
 	},
 
+	rendered: {
+		type: Sequelize.TEXT,
+		defaultValue: ''
+	},
+
 	originalIndex: {
 		type: Sequelize.INTEGER(11),
 		default: null

server/news/edit.js

@@ -1,5 +1,6 @@
 const { Op } = require('sequelize');
 const { articles, revisions } = require('../database/models');
+const markdownIt = require('markdown-it')({ html: true });
 
 const route = async (req, res) => {
 	//get the existing record
@@ -20,6 +21,7 @@ const route = async (req, res) => {
 		title: record.title,
 		author: record.author,
 		body: record.body,
+		rendered: record.rendered,
 		originalIndex: record.index
 	});
 
@@ -28,6 +30,7 @@ const route = async (req, res) => {
 		title: req.body.title || record.title,
 		author: req.body.author || record.author,
 		body: req.body.body || record.body,
+		rendered: markdownIt.render(req.body.body) || record.rendered,
 		edits: record.edits + 1
 	}, {
 		where: {

server/news/index.js

@@ -1,5 +1,6 @@
 const express = require('express');
 const router = express.Router();
+const cors = require('cors'); //route-by-route, because some routes are available without authentication
 
 //middleware
 const authToken = require('../utilities/token-auth');
@@ -11,19 +12,27 @@ const edit = require('./edit');
 const remove = require('./remove');
 
 //basic route management (all query possibilities)
-router.get('/', query(false, false));
-router.get('/:id(\\d+)', query(false, false));
-router.get('/archive', query(true, false));
-router.get('/archive/:id(\\d+)', query(true, false));
-router.get('/metadata', query(false, true));
-router.get('/metadata/:id(\\d+)', query(false, true));
-router.get('/archive/metadata', query(true, true));
-router.get('/archive/metadata/:id(\\d+)', query(true, true));
+router.get('/', cors(), query(false, false));
+router.get('/:id(\\d+)', cors(), query(false, false));
+router.get('/archive', cors(), query(true, false));
+router.get('/archive/:id(\\d+)', cors(), query(true, false));
+router.get('/metadata', cors(), query(false, true));
+router.get('/metadata/:id(\\d+)', cors(), query(false, true));
+router.get('/archive/metadata', cors(), query(true, true));
+router.get('/archive/metadata/:id(\\d+)', cors(), query(true, true));
 
 //use middleware to authenticate the rest of the routes
+router.use(cors({
+	credentials: true,
+	origin: [`${process.env.WEB_ORIGIN}`], //because auth-server
+	allowedHeaders: ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization', 'Set-Cookie'],
+	exposedHeaders: ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization', 'Set-Cookie'],
+}));
+
 router.use(authToken);
+
 router.use((req, res, next) => {
-	if (req.user.admin) {
+	if (req.user.mod) {
 		next();
 	} else {
 		res.status(403).end();

server/news/publish.js

@@ -1,4 +1,5 @@
 const { articles } = require('../database/models');
+const markdownIt = require('markdown-it')({ html: true });
 
 const route = async (req, res) => {
 	//check for missing data
@@ -18,7 +19,8 @@ const route = async (req, res) => {
 	const [instance, created] = await articles.upsert({
 		title: req.body.title,
 		author: req.body.author,
-		body: req.body.body
+		body: req.body.body,
+		rendered: markdownIt.render(req.body.body),
 	});
 
 	if (!created) {

server/news/query.js

@@ -7,7 +7,7 @@ const query = (ascending, metadataOnly) => async (req, res) => {
 	if (req.params.id && typeof(parseInt(req.params.id)) === 'number') {
 		const result = await articles.findOne({
 			attributes: [
-				'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!metadataOnly ? ['body'] : [])
+				'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!metadataOnly ? ['body', 'rendered'] : [])
 			],
 			where: {
 				index: {
@@ -24,7 +24,7 @@ const query = (ascending, metadataOnly) => async (req, res) => {
 	else {
 		const result = await articles.findAndCountAll({
 			attributes: [
-				'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!metadataOnly ? ['body'] : [])
+				'index', 'title', 'author', 'edits', 'createdAt', 'updatedAt', ...(!metadataOnly ? ['body', 'rendered'] : [])
 			],
 			order: [
 				['index', ascending ? 'ASC' : 'DESC']

server/news/remove.js

@@ -20,6 +20,7 @@ const route = async (req, res) => {
 		title: record.title,
 		author: record.author,
 		body: record.body,
+		rendered: record.rendered,
 		originalIndex: record.index
 	});
 

server/server.js

@@ -5,11 +5,9 @@ require('dotenv').config();
 const express = require('express');
 const app = express();
 const server = require('http').Server(app);
-const cors = require('cors');
 
 //config
 app.use(express.json());
-app.use(cors());
 
 //database connection
 const database = require('./database');
@@ -26,4 +24,48 @@ app.get('*', (req, res) => {
 server.listen(process.env.WEB_PORT || 3100, async (err) => {
 	await database.sync();
 	console.log(`listening to localhost:${process.env.WEB_PORT || 3100}`);
+
+	//COMPATABILITY: parse the unrendered data from the database
+	const markdownIt = require('markdown-it')();
+	const { articles, revisions } = require('./database/models');
+
+	const missingArticles = await articles.findAll({
+		where: {
+			rendered: ''
+		}
+	});
+
+	const missingRevisions = await revisions.findAll({
+		where: {
+			rendered: ''
+		}
+	});
+
+	await Promise.all(
+		missingArticles.map(async ma => {
+			ma.update({
+				rendered: markdownIt.render(ma.body)
+			}, {
+				where: {
+					index: ma.index
+				}
+			});
+		})
+	)
+		.then(result => {if (result.length > 0) console.log('Rendered articles in HTML'); })
+	;
+
+	await Promise.all(
+		missingRevisions.map(async mr => {
+			mr.update({
+				rendered: markdownIt.render(mr.body)
+			}, {
+				where: {
+					index: mr.index
+				}
+			});
+		})
+	)
+	.then(result => {if (result.length > 0) console.log('Rendered revisions in HTML'); })
+	;
 });

test/dev-news-requests.rest

@@ -1,23 +1,34 @@
 #Query
-GET https://dev-news.eggtrainer.com/news HTTP/1.1
+GET https://dev-news.krgamestudios.com/news HTTP/1.1
+
+###
+
+#Login
+POST https://dev-auth.krgamestudios.com/auth/login HTTP/1.1
+Content-Type: application/json
+
+{
+	"email": "example@example.com",
+	"password": "helloworld"
+}
 
 ###
 
 #Publish
-POST https://dev-news.eggtrainer.com/news HTTP/1.1
+POST https://dev-news.krgamestudios.com/news HTTP/1.1
 Content-Type: application/json
 Authorization: Bearer
 
 {
 	"title": "Hello World",
-	"author": "Kayne Ruse",
+	"author": "Anonymous",
 	"body": "Lorem ipsum."
 }
 
 ###
 
 #Edit
-PATCH https://dev-news.eggtrainer.com/news/1 HTTP/1.1
+PATCH https://dev-news.krgamestudios.com/news/1 HTTP/1.1
 Content-Type: application/json
 Authorization: Bearer
 
@@ -28,6 +39,6 @@ Authorization: Bearer
 ###
 
 #Delete
-DELETE https://dev-news.eggtrainer.com/news/1 HTTP/1.1
+DELETE https://dev-news.krgamestudios.com/news/1 HTTP/1.1
 Content-Type: application/json
 Authorization: Bearer

test/localhost-requests.rest

@@ -0,0 +1,44 @@
+#Query
+GET http://localhost:3100/news HTTP/1.1
+
+###
+
+#Login
+POST https://dev-auth.krgamestudios.com/auth/login HTTP/1.1
+Content-Type: application/json
+
+{
+	"email": "example@example.com",
+	"password": "helloworld"
+}
+
+###
+
+#Publish
+POST http://localhost:3100/news HTTP/1.1
+Content-Type: application/json
+Authorization: Bearer
+
+{
+	"title": "Hello World",
+	"author": "Anonymous",
+	"body": "Lorem ipsum."
+}
+
+###
+
+#Edit
+PATCH http://localhost:3100/news/1 HTTP/1.1
+Content-Type: application/json
+Authorization: Bearer
+
+{
+	"title": "Goodnight World"
+}
+
+###
+
+#Delete
+DELETE http://localhost:3100/news/1 HTTP/1.1
+Content-Type: application/json
+Authorization: Bearer

test/requests.rest

@@ -1,54 +0,0 @@
-#Login to the auth-server
-POST http://127.0.0.1:3200/auth/login HTTP/1.1
-Content-Type: application/json
-
-{
-	"email": "kayneruse@gmail.com",
-	"password": "helloworld"
-}
-
-###
-
-#Refresh from the auth-server
-POST http://127.0.0.1:3200/auth/token HTTP/1.1
-Content-Type: application/json
-
-{
-	"token": ""
-}
-
-###
-
-#Query
-GET http://127.0.0.1:3100/news HTTP/1.1
-
-###
-
-#Publish
-POST http://127.0.0.1:3100/news HTTP/1.1
-Content-Type: application/json
-Authorization: Bearer
-
-{
-	"title": "Hello World",
-	"author": "Kayne Ruse",
-	"body": "Lorem ipsum dolor sit amet..."
-}
-
-###
-
-#Edit
-PATCH http://127.0.0.1:3100/news/5 HTTP/1.1
-Content-Type: application/json
-Authorization: Bearer
-
-{
-	"title": "Goodnight World"
-}
-
-###
-
-#Delete
-DELETE http://127.0.0.1:3100/news/4 HTTP/1.1
-Content-Type: application/json
-Authorization: Bearer

tools/debug-startup.sql

@@ -0,0 +1,4 @@
+#use this while debugging
+CREATE DATABASE IF NOT EXISTS news;
+CREATE USER IF NOT EXISTS 'news'@'%' IDENTIFIED BY 'venusaur';
+GRANT ALL PRIVILEGES ON news.* TO 'news'@'%';

tools/migrations/version-1.4.0.sql

@@ -0,0 +1,4 @@
+ALTER TABLE articles ADD COLUMN rendered TEXT DEFAULT "" AFTER body;
+
+ALTER TABLE revisions ADD COLUMN rendered TEXT DEFAULT "" AFTER body;
+