diff --git a/index.js b/index.js index af2995b..af4f2eb 100644 --- a/index.js +++ b/index.js @@ -1,4 +1,5 @@ const { UserModel, BanModel } = require("./models"), + rateLimit = require('express-rate-limit'), { def_theme } = require("./config.json"), ipBlock = require('express-ip-block'), session = require('express-session'), @@ -8,7 +9,6 @@ const { UserModel, BanModel } = require("./models"), express = require('express'), fs = require("fs"), app = express(); -const rateLimit = require('express-rate-limit') app.ips = []; @@ -22,7 +22,7 @@ app.use( session({ secret: 'secret', resave: true, saveUninitialized: true }), express.static("public"), express.json(), ipBlock(app.ips), async (req, res, next) => { - req.headers["x-forwarded-for"] + req.headers["x-forwarded-for"]; req.user = await UserModel.get(req.session.userID); res.reply = (page, options = {}, status = 200) => res.status(status) .render(page, { user: req.user, theme: req.user?.theme || def_theme, ...options }); diff --git a/routes/.js b/routes/.js index 464e1b1..398ca9e 100644 --- a/routes/.js +++ b/routes/.js @@ -3,13 +3,12 @@ const { Router } = require("express"); const app = Router(); app.get("/", async (req, res) => { - const mem = process.memoryUsage().heapUsed / Math.pow(2, 20), - users = await UserModel.count({deleted:false}), - threads = await ThreadModel.count({deleted:false}), - messages = await MessageModel.count({deleted:false}); + users = await UserModel.count({ deleted: false }), + threads = await ThreadModel.count({ deleted: false }), + messages = await MessageModel.count({ deleted: false }); res.reply("index", { mem, users, threads, messages }) diff --git a/routes/login.js b/routes/login.js index ccf3daf..ce8eb19 100644 --- a/routes/login.js +++ b/routes/login.js @@ -10,23 +10,19 @@ app.post("/", async (req, res) => { const { username = null, password = null } = req.body; - if (username && password) { - const user = await SecretModel.findOne({ username }); - if (user) { + if (!username || !password) + return res.error(400, "You forgot entering some values") - if (!await bcrypt.compare(password, user.password)) return res.error(403, 'Incorrect Password!') - const member = await UserModel.findOne({ name: username }); - if (!member || member.deleted) return res.error(403, 'Incorrect Username and/or Password!') + const user = await SecretModel.findOne({ username }); + if (!user) return res.error(403, 'Incorrect Username and/or Password!'); - req.session.userID = user.id; + if (!await bcrypt.compare(password, user.password)) return res.error(403, 'Incorrect Password!') + const member = await UserModel.findOne({ name: username }); + if (!member || member.deleted) return res.error(403, 'Incorrect Username and/or Password!') - res.redirect(req.query.redirect || '/'); - } else - res.error(403, 'Incorrect Username and/or Password!') + req.session.userID = user.id; - - } else - res.error(400, "You forgot entering some values") + res.redirect(req.query.redirect || '/'); }); diff --git a/routes/search.js b/routes/search.js index 92b30e6..5f557e4 100644 --- a/routes/search.js +++ b/routes/search.js @@ -10,6 +10,7 @@ app.get("/users", async (req, res) => { const users = await UserModel.find({ name: { $regex: req.query.q, $options: "i" } }).limit(10); res.reply("users", { users, page: null }); }); + app.get("/messages", async (req, res) => { if (!Object.values(req.query).length) return res.error(400, "Missing query parameters in request body."); const query = {}; @@ -18,6 +19,7 @@ app.get("/messages", async (req, res) => { const messages = await MessageModel.find(query).limit(10); res.reply("messages",{messages}); }); + app.get("/threads", async (req, res) => { if (!Object.values(req.query).length) return res.error(400, "Missing query parameters in request body."); const query = {};