diff --git a/README.md b/README.md index 76eb730..fd5515a 100644 --- a/README.md +++ b/README.md @@ -18,12 +18,10 @@ And, you can learn informations about API in `APIDOCS.md`. * [Camroku](https://github.com/Camroku) - Made stylesheets ## To Do (Backend, bug fixes) -- Middleware. For logged in etc. - Better error codes, example 400 for bad request - Database change. (To MongoDB) - Better DB writing. Example, not `message.author.id`, `messsage.authorID` - `/errors/error` will change, better error page. -- Support for not logins... ## Roadmap - [x] User diff --git a/classes/user.js b/classes/user.js index 46e90f6..1ec145c 100644 --- a/classes/user.js +++ b/classes/user.js @@ -38,7 +38,7 @@ module.exports = class User { this.time = time; this.admin = admin; this.deleted = deleted; - return this ; + return this; } takeId() { diff --git a/middlewares/login.js b/middlewares/login.js index f5f2168..1c2ae78 100644 --- a/middlewares/login.js +++ b/middlewares/login.js @@ -1,10 +1,3 @@ -const { Router } = require("express"); - -const app = Router(); - -app.get("/", (req, res, next) => { +module.exports = (req, res) => { if (!req.session.loggedin) return res.redirect('/login'); - next(); -}); - -module.exports = app; \ No newline at end of file +} \ No newline at end of file diff --git a/public/js/scripts.js b/public/js/scripts.js deleted file mode 100644 index 7b7d13a..0000000 --- a/public/js/scripts.js +++ /dev/null @@ -1,2 +0,0 @@ -const admin = () => document.getElementById("admin").innerHTML = - '

You are admin, and you can go your page!

'; diff --git a/routes/.js b/routes/.js index eac51b3..cae0ae7 100644 --- a/routes/.js +++ b/routes/.js @@ -6,17 +6,12 @@ const app = Router(); app.get("/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); - - const mem = process.memoryUsage().heapUsed / Math.pow(2, 20); - - const users = get("users").length; - - const threads = get("threads").length; - - const messages = get("messages").length; - - const user = new User().getId(req.session.userid) + const + mem = process.memoryUsage().heapUsed / Math.pow(2, 20), + users = get("users").length, + threads = get("threads").length, + messages = get("messages").length, + user = new User().getId(req.session.userid); res.render("index", { mem, user, users, threads, messages }) diff --git a/routes/admin.js b/routes/admin.js index 6bf133f..cad9f2e 100644 --- a/routes/admin.js +++ b/routes/admin.js @@ -5,18 +5,17 @@ const error = require("../errors/error") const app = Router(); +app.use(require("../middlewares/login")); + app.get("/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const user = new User().getId(req.session.userid) if (!user.admin) return error(res, 403, "You have not got permissions for view to this page."); res.render("admin", { user, user2: false }) -} -); +}); app.post("/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const user = new User().getId(req.session.userid) diff --git a/routes/message.js b/routes/message.js index ca06af1..d89dea1 100644 --- a/routes/message.js +++ b/routes/message.js @@ -6,7 +6,6 @@ const { Router } = require("express"); const app = Router(); app.get("/:id", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const message = new Message().getId(req.params.id); if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id."); @@ -15,10 +14,9 @@ app.get("/:id", (req, res) => { }); +app.use(require("../middlewares/login")); + app.post("/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); - - const thread = new Thread().getId(req.body.threadID); if (thread) { @@ -35,8 +33,6 @@ app.post("/", (req, res) => { app.post("/:id/delete", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); - const message = new Message().getId(req.params.id) if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id."); const user = new User().getId(req.session.userid); @@ -50,8 +46,6 @@ app.post("/:id/delete", (req, res) => { }) app.post("/:id/react", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); - const { id = null } = req.params; const info = req.body; const message = new Message().getId(id); diff --git a/routes/threads.js b/routes/threads.js index a91047a..3bdc51f 100644 --- a/routes/threads.js +++ b/routes/threads.js @@ -6,16 +6,8 @@ const { Router } = require("express"); const app = Router(); -app.get("/open*", (req, res) => { - - if (!req.session.loggedin) return res.redirect('/login'); - const user = new User().getId(req.session.userid) - res.render("openThread", { user }) - -}); app.get("/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const user = new User().getId(req.session.userid); @@ -28,7 +20,6 @@ app.get("/", (req, res) => { app.get("/:id", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const { id } = req.params; @@ -42,8 +33,19 @@ app.get("/:id", (req, res) => { error(res, 404, "We have not got this thread."); }); + +app.use(require("../middlewares/login")); + + +app.get("/open*", (req, res) => { + + const user = new User().getId(req.session.userid) + res.render("openThread", { user }) + +}); + + app.post("/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const user = new User().getId(req.session.userid); diff --git a/routes/users.js b/routes/users.js index fff3dcc..6fcc339 100644 --- a/routes/users.js +++ b/routes/users.js @@ -7,26 +7,21 @@ const error = require("../errors/error") const app = Router(); app.get("/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const user = new User().getId(req.session.userid) - - const users = db.get("users").slice(0); const links = users.filter(user => !user.deleted).map(user => "/users/" + user.id); return res.render("users", { users, links, user }) - - }); + app.get("/:id", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const user = new User().getId(req.session.userid) const { id = null } = req.params; const member = new User().getId(req.params.id); - if (member && (user.admin || !member.deleted)) { + if (member && (user?.admin || !member.deleted)) { const message = db.get("messages").filter(message => message.author.id === Number(id)).length const thread = db.get("threads").filter(thread => thread.author.id === Number(id)).length @@ -36,10 +31,13 @@ app.get("/:id", (req, res) => { else error(res, 404, "We have not got this user."); }); + +app.use(require("../middlewares/login")); + + app.post("/:id/delete/", (req, res) => { - if (!req.session.loggedin) return res.redirect('/login'); const user = new User().getId(req.session.userid); - if (!user.admin) + if (!user?.admin) return error(res, 403, "You have not got permission for this."); const id = req.url.slice(9 + 3) diff --git a/views/extra/navbar.ejs b/views/extra/navbar.ejs index 6f62816..0ea7d9e 100644 --- a/views/extra/navbar.ejs +++ b/views/extra/navbar.ejs @@ -1,10 +1,14 @@ - - -
- +<% if (user?.admin){ %> +
+

You are admin, and you can go your page!

 +
+
+ +<% } %> + diff --git a/views/index.ejs b/views/index.ejs index f35b824..3486bde 100644 --- a/views/index.ejs +++ b/views/index.ejs @@ -4,9 +4,9 @@ <%- include("extra/header", {title: "Main page!" }) %> - <%- include("extra/navbar", {user}) %> + <%- include("extra/navbar") %> - +<% if (user) { %>

Welcome, > <%= user.name %> alt=<%= user.name %>>
@@ -16,6 +16,11 @@


+<% } else { %> +

Welcome, Guest!
You can press for register here: + +

+ <% } %>

Statistics:

- <% if (user.admin) {%> + <% if (user?.admin) {%>
@@ -52,7 +52,7 @@
<% }; %> - <%- include("extra/footer") %> + <%- include("extra/footer") %> \ No newline at end of file