Added old titles, and content for API.

This commit is contained in:
Akif9748 2022-09-21 23:06:14 +03:00
parent 984ac0e621
commit 4d39433fe1
8 changed files with 33 additions and 21 deletions

View file

@ -41,7 +41,7 @@ Akf-forum has got an API for AJAX (fetch), other clients etc. And, you can learn
## TO-DO list ## TO-DO list
| To do | Is done? | | To do | Is done? |
| ----- | -------- | | ----- | -------- |
| Profile Message | ⚪ | | Profile Message or DM | ⚪ |
| Better Auth for API way | 🟢 | | Better Auth for API way | 🟢 |
| mod role, permissions | ⚪ | | mod role, permissions | ⚪ |
| upload other photos, model for it | ⚪ | | upload other photos, model for it | ⚪ |
@ -50,6 +50,9 @@ Akf-forum has got an API for AJAX (fetch), other clients etc. And, you can learn
| DC auth will store code for taking tokens, and create secret model setting | ⚪ | | DC auth will store code for taking tokens, and create secret model setting | ⚪ |
- IF a person liked a message, view. - IF a person liked a message, view.
- Disable last seen button. - Disable last seen button.
- email auth.
- thread.state =="approval" for threads.
- old contents / titles add to forum interface
## Major Version History ## Major Version History
- V4: Caching - V4: Caching

View file

@ -9,7 +9,7 @@ const
app = express(), app = express(),
{ urlencoded: BP } = require('body-parser'), { urlencoded: BP } = require('body-parser'),
{ mw: IP } = require('request-ip'), { mw: IP } = require('request-ip'),
RL = require('express-rate-limit'), { RL } = require('./lib'),
SES = require('express-session'), SES = require('express-session'),
MS = require("connect-mongo"), MS = require("connect-mongo"),
DB = mongoose.connect(process.env.MONGO_DB_URL) DB = mongoose.connect(process.env.MONGO_DB_URL)
@ -47,8 +47,7 @@ app.use(express.static("public"), express.json(), IP(), BP({ extended: true }),
if (discord_auth) if (discord_auth)
app.set("discord_auth", `https://discord.com/api/oauth2/authorize?client_id=${process.env.DISCORD_CLIENT}&redirect_uri=${host}%2Fdiscord_auth%2Fhash&response_type=token&scope=identify`); app.set("discord_auth", `https://discord.com/api/oauth2/authorize?client_id=${process.env.DISCORD_CLIENT}&redirect_uri=${host}%2Fdiscord_auth%2Fhash&response_type=token&scope=identify`);
if (RLS.enabled) if (RLS.enabled) app.use(RL(RSL.windowMs, RLS.max));
app.use(RL({ ...RLS, handler: (req, res, next, opts) => !req.user?.admin ? res.error(opts.statusCode, "You are begin ratelimited") : next() }));
for (const file of fs.readdirSync("./routes")) for (const file of fs.readdirSync("./routes"))
app.use("/" + file.replace(".js", ""), require(`./routes/${file}`)); app.use("/" + file.replace(".js", ""), require(`./routes/${file}`));

7
lib.js Normal file
View file

@ -0,0 +1,7 @@
const RL = require('express-rate-limit');
module.exports.RL = (windowMs = 60_000, max = 1) =>
RL({
windowMs, max, standardHeaders: true, legacyHeaders: false,
handler: (req, res, next, opts) => !req.user?.admin ? res.error(opts.statusCode, "You are begin ratelimited") : next()
})

View file

@ -8,7 +8,7 @@ const schema = new mongoose.Schema({
threadID: String, threadID: String,
authorID: String, authorID: String,
content: { type: String, maxlength: limits.message }, content: { type: String, maxlength: limits.message },
oldContents: [{ type: String, maxlength: limits.message }], oldContents: [String],
time: { type: Date, default: Date.now }, time: { type: Date, default: Date.now },
deleted: { type: Boolean, default: false }, deleted: { type: Boolean, default: false },
edited: { type: Boolean, default: false }, edited: { type: Boolean, default: false },

View file

@ -11,6 +11,8 @@ const schema = new mongoose.Schema({
author: Object, author: Object,
title: { type: String, maxlength: limits.title }, title: { type: String, maxlength: limits.title },
oldTitles: [String],
time: { type: Date, default: Date.now }, time: { type: Date, default: Date.now },
deleted: { type: Boolean, default: false }, deleted: { type: Boolean, default: false },
edited: { type: Boolean, default: false }, edited: { type: Boolean, default: false },

View file

@ -1,6 +1,5 @@
const { MessageModel, ThreadModel } = require("../../../models"); const { MessageModel, ThreadModel } = require("../../../models");
const rateLimit = require('express-rate-limit') const { RL } = require('../../../lib');
const { Router } = require("express") const { Router } = require("express")
const app = Router(); const app = Router();
@ -32,6 +31,10 @@ app.patch("/:id/", async (req, res) => {
if (content.length < 5 || content.length > limits.message) return res.error(400, "content must be between 5 - 1024 characters"); if (content.length < 5 || content.length > limits.message) return res.error(400, "content must be between 5 - 1024 characters");
message.content = content; message.content = content;
if (!message.oldContents.includes(content))
message.oldContents.push(content);
message.edited = true; message.edited = true;
await message.save(); await message.save();
@ -39,11 +42,7 @@ app.patch("/:id/", async (req, res) => {
}) })
app.post("/", rateLimit({ app.post("/", RL(), async (req, res) => {
windowMs: 60_000, max: 1, standardHeaders: true, legacyHeaders: false,
handler: (request, response, next, options) =>
!request.user.admin ? response.error(options.statusCode, "You are begin ratelimited") : next()
}), async (req, res) => {
const { threadID, content } = req.body; const { threadID, content } = req.body;
if (!content) return res.error(400, "Missing message content in request body."); if (!content) return res.error(400, "Missing message content in request body.");

View file

@ -1,5 +1,6 @@
const { MessageModel, ThreadModel } = require("../../../models"); const { MessageModel, ThreadModel } = require("../../../models");
const { Router } = require("express") const { Router } = require("express")
const { RL } = require('../../../lib');
const app = Router(); const app = Router();
app.param("id", async (req, res, next, id) => { app.param("id", async (req, res, next, id) => {
@ -36,7 +37,7 @@ app.get("/:id/messages/", async (req, res) => {
}) })
app.post("/", async (req, res) => { app.post("/", RL(5 * 60_000, 1), async (req, res) => {
const { title, content, category } = req.body; const { title, content, category } = req.body;
@ -68,6 +69,10 @@ app.patch("/:id/", async (req, res) => {
if (title.length < 5 || title.length > limits.title) return res.error(400, "title must be between 5 - 128 characters"); if (title.length < 5 || title.length > limits.title) return res.error(400, "title must be between 5 - 128 characters");
thread.title = title; thread.title = title;
if (!thread.oldTitles.includes(title))
thread.oldTitles.push(title);
await thread.save(); await thread.save();
res.complate(thread); res.complate(thread);

View file

@ -1,22 +1,19 @@
const { UserModel, SecretModel } = require("../models"); const { UserModel, SecretModel } = require("../models");
const { Router } = require("express") const { Router } = require("express")
const bcrypt = require("bcrypt"); const bcrypt = require("bcrypt");
const rateLimit = require('express-rate-limit'); const { RL } = require('../lib');
const app = Router(); const app = Router();
app.get("/", (req, res) => res.reply("register", { user: null, discord: req.app.get("discord_auth") })); app.get("/", (req, res) => res.reply("register", { user: null, discord: req.app.get("discord_auth") }));
app.post("/", rateLimit({ app.post("/", RL(24 * 60 * 60_000, 5), async (req, res) => {
windowMs: 24 * 60 * 60_000, max: 5, standardHeaders: true, legacyHeaders: false,
handler: (_r, response, _n, options) => response.error(options.statusCode, "You are begin ratelimited")
}), async (req, res) => {
req.session.userID = null; req.session.userID = null;
let { username, password: body_pass, about } = req.body; let { username, password: body_pass, about } = req.body;
if (!username || !body_pass) return res.error(400, "You forgot entering some values"); if (!username || !body_pass) return res.error(400, "You forgot entering some values");
const {names} = req.app.get("limits"); const { names } = req.app.get("limits");
if (username.length < 3 || names > 25) return res.error(400, "Username must be between 3 - 25 characters"); if (username.length < 3 || names > 25) return res.error(400, "Username must be between 3 - 25 characters");
if (body_pass.length < 3 || names > 25) return res.error(400, "Password must be between 3 - 25 characters"); if (body_pass.length < 3 || names > 25) return res.error(400, "Password must be between 3 - 25 characters");