2022-08-09 19:16:34 +03:00
|
|
|
const { ThreadModel, MessageModel } = require("../models");
|
2022-03-21 23:53:22 +03:00
|
|
|
const error = require("../errors/error")
|
2022-08-10 00:22:12 +03:00
|
|
|
const rateLimit = require('express-rate-limit')
|
2022-03-21 23:53:22 +03:00
|
|
|
|
|
|
|
const { Router } = require("express");
|
|
|
|
|
|
|
|
const app = Router();
|
|
|
|
|
2022-04-06 21:14:46 +03:00
|
|
|
app.get("/:id", async (req, res) => {
|
2022-08-09 19:16:34 +03:00
|
|
|
const message = await MessageModel.get(req.params.id);
|
2022-03-21 23:53:22 +03:00
|
|
|
|
|
|
|
if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id.");
|
2022-04-06 21:14:46 +03:00
|
|
|
res.redirect("/threads/" + message.threadID);
|
2022-03-21 23:53:22 +03:00
|
|
|
|
|
|
|
});
|
|
|
|
|
2022-04-03 21:01:55 +03:00
|
|
|
app.use(require("../middlewares/login"));
|
2022-03-21 23:53:22 +03:00
|
|
|
|
2022-08-10 00:22:12 +03:00
|
|
|
app.post("/", rateLimit({
|
2022-08-10 02:08:18 +03:00
|
|
|
windowMs: 60_000, max: 1, standardHeaders: true, legacyHeaders: false,
|
|
|
|
handler: (request, response, next, options) =>
|
|
|
|
!request.user.admin ?
|
|
|
|
error(response, options.statusCode, "You are begin ratelimited")
|
|
|
|
: next()
|
2022-08-10 00:22:12 +03:00
|
|
|
}), async (req, res) => {
|
2022-04-06 21:14:46 +03:00
|
|
|
|
2022-08-09 19:16:34 +03:00
|
|
|
const thread = await ThreadModel.get(req.body.threadID);
|
2022-03-21 23:53:22 +03:00
|
|
|
if (thread) {
|
2022-08-09 19:16:34 +03:00
|
|
|
const message = await new MessageModel({ content: req.body.content, author: req.user, threadID: thread.id }).takeId();
|
|
|
|
await message.save();
|
|
|
|
await thread.push(message.id).save();
|
2022-04-06 21:14:46 +03:00
|
|
|
|
2022-03-21 23:53:22 +03:00
|
|
|
res.redirect('/threads/' + req.body.threadID);
|
|
|
|
|
|
|
|
}
|
|
|
|
else
|
|
|
|
error(res, 404, "We have not got this thread.");
|
|
|
|
|
|
|
|
});
|
|
|
|
|
2022-04-06 21:14:46 +03:00
|
|
|
app.post("/:id/delete", async (req, res) => {
|
2022-08-09 19:16:34 +03:00
|
|
|
const message = await MessageModel.get(req.params.id);
|
2022-03-21 23:53:22 +03:00
|
|
|
if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id.");
|
2022-04-06 21:14:46 +03:00
|
|
|
const user = req.user;
|
|
|
|
if (user.id != message.authorID && !user.admin)
|
2022-03-21 23:53:22 +03:00
|
|
|
return error(res, 403, "You have not got permission for this.");
|
|
|
|
message.deleted = true;
|
2022-08-09 19:16:34 +03:00
|
|
|
await message.save();
|
2022-03-21 23:53:22 +03:00
|
|
|
|
|
|
|
|
2022-08-10 00:22:12 +03:00
|
|
|
res.status(200).redirect("/threads/" + message.threadID);
|
2022-03-21 23:53:22 +03:00
|
|
|
|
|
|
|
})
|
2022-04-06 21:14:46 +03:00
|
|
|
app.post("/:id/react", async (req, res) => {
|
2022-03-21 23:53:22 +03:00
|
|
|
const info = req.body;
|
2022-08-09 19:16:34 +03:00
|
|
|
const message = await MessageModel.get(req.params.id);
|
2022-03-21 23:53:22 +03:00
|
|
|
if (message) {
|
2022-08-09 19:16:34 +03:00
|
|
|
if (req.user.id in message.react)
|
2022-03-21 23:53:22 +03:00
|
|
|
delete message.react[req.session.userid];
|
2022-08-09 19:16:34 +03:00
|
|
|
else
|
|
|
|
message.react[req.session.userid] = "like" in info;
|
|
|
|
|
2022-03-21 23:53:22 +03:00
|
|
|
|
2022-08-09 19:16:34 +03:00
|
|
|
await message.save();
|
2022-04-06 21:14:46 +03:00
|
|
|
res.redirect("/threads/" + message.threadID);
|
2022-03-21 23:53:22 +03:00
|
|
|
} else error(res, 404, "We have not got this Message for reacting.");
|
|
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
2022-04-06 21:14:46 +03:00
|
|
|
|
|
|
|
|
|
|
|
|
2022-03-21 23:53:22 +03:00
|
|
|
module.exports = app;
|