mirror of
https://github.com/Akif9748/akf-forum.git
synced 2024-11-23 04:10:40 +03:00
Better error handling
This commit is contained in:
parent
832e61afb1
commit
b979bfd47c
10 changed files with 26 additions and 32 deletions
|
@ -20,8 +20,8 @@ And, you can learn about API in `util/APIDOCS.md`.
|
||||||
* [Camroku](https://github.com/Camroku) - Made stylesheets
|
* [Camroku](https://github.com/Camroku) - Made stylesheets
|
||||||
|
|
||||||
## To do (Backend, bug fixes)
|
## To do (Backend, bug fixes)
|
||||||
- `/errors/error` will ~~change~~ deprecate, it will be in res.error . And we will use "alert" for errors with fetch api. this added for messages and reactions...
|
- We will use "alert" for errors with fetch api. this added for messages and reactions...
|
||||||
- message.js/12, so, admin perms,(req.user?.admin || !thread.deleted), and api in message.
|
- message.js/12, so, admin perms,, and api in message.
|
||||||
- the forum will only use api path... this added for messages and reactions...
|
- the forum will only use api path... this added for messages and reactions...
|
||||||
|
|
||||||
## Roadmap
|
## Roadmap
|
||||||
|
|
5
index.js
5
index.js
|
@ -1,5 +1,4 @@
|
||||||
const error = require("./errors/error.js"),
|
const session = require('express-session'),
|
||||||
session = require('express-session'),
|
|
||||||
bodyParser = require('body-parser'),
|
bodyParser = require('body-parser'),
|
||||||
port = process.env.PORT || 3000,
|
port = process.env.PORT || 3000,
|
||||||
mongoose = require("mongoose"),
|
mongoose = require("mongoose"),
|
||||||
|
@ -20,6 +19,6 @@ app.use(require("./middlewares/user"));
|
||||||
for (const file of fs.readdirSync("./routes"))
|
for (const file of fs.readdirSync("./routes"))
|
||||||
app.use("/" + file.replace(".js", ""), require(`./routes/${file}`));
|
app.use("/" + file.replace(".js", ""), require(`./routes/${file}`));
|
||||||
|
|
||||||
app.all("*", (req, res) => error(res, 404, "We have not got this page."));
|
app.all("*", (req, res) => res.error(404, "We have not got this page."));
|
||||||
|
|
||||||
app.listen(port, () => console.log("akf-forum on port:", port));
|
app.listen(port, () => console.log("akf-forum on port:", port));
|
|
@ -1,6 +1,7 @@
|
||||||
const { UserModel } = require("../models");
|
const { UserModel } = require("../models");
|
||||||
|
|
||||||
module.exports = async (req, res, next) => {
|
module.exports = async (req, res, next) => {
|
||||||
|
req.error = (type, error) => res.status(type).render("error", { type, error });
|
||||||
req.user = await UserModel.get(req.session.userid);
|
req.user = await UserModel.get(req.session.userid);
|
||||||
next();
|
next();
|
||||||
}
|
}
|
|
@ -1,7 +1,6 @@
|
||||||
const { UserModel } = require("../models")
|
const { UserModel } = require("../models")
|
||||||
|
|
||||||
const { Router } = require("express")
|
const { Router } = require("express")
|
||||||
const error = require("../errors/error")
|
|
||||||
|
|
||||||
const app = Router();
|
const app = Router();
|
||||||
|
|
||||||
|
@ -10,7 +9,7 @@ app.use(require("../middlewares/login"));
|
||||||
app.get("/", async (req, res) => {
|
app.get("/", async (req, res) => {
|
||||||
const user = req.user;
|
const user = req.user;
|
||||||
|
|
||||||
if (!user.admin) return error(res, 403, "You have not got permissions for view to this page.");
|
if (!user.admin) return res.error( 403, "You have not got permissions for view to this page.");
|
||||||
|
|
||||||
res.render("admin", { user, user2: false })
|
res.render("admin", { user, user2: false })
|
||||||
});
|
});
|
||||||
|
@ -19,11 +18,11 @@ app.post("/", async (req, res) => {
|
||||||
|
|
||||||
const user = req.user;
|
const user = req.user;
|
||||||
|
|
||||||
if (!user.admin) return error(res, 403, "You have not got permissions for view to this page.");
|
if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
|
||||||
const user2 = await UserModel.get(req.body.userid);
|
const user2 = await UserModel.get(req.body.userid);
|
||||||
|
|
||||||
if (!user2)
|
if (!user2)
|
||||||
return error(res, 404, "We have not got this user in all of the forum. Vesselam.");
|
return res.error( 404, "We have not got this user in all of the forum. Vesselam.");
|
||||||
|
|
||||||
else {
|
else {
|
||||||
user2.admin = true;
|
user2.admin = true;
|
||||||
|
|
|
@ -12,7 +12,7 @@ app.get("/:id", async (req, res) => {
|
||||||
if (!id) return res.error(400, "Missing id in query")
|
if (!id) return res.error(400, "Missing id in query")
|
||||||
const message = await MessageModel.get(id);
|
const message = await MessageModel.get(id);
|
||||||
|
|
||||||
if (!message || message.deleted) return res.error(404, "We have not got any message declared as this id.");
|
if (!message || (message.deleted && req.user && !req.user.admin)) return res.error(404, "We have not got any message declared as this id.");
|
||||||
|
|
||||||
res.complate(message);
|
res.complate(message);
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
const { UserModel, SecretModel } = require("../models");
|
const { UserModel, SecretModel } = require("../models");
|
||||||
const { Router } = require("express");
|
const { Router } = require("express");
|
||||||
const error = require("../errors/error");
|
|
||||||
const app = Router();
|
const app = Router();
|
||||||
const bcrypt = require("bcrypt");
|
const bcrypt = require("bcrypt");
|
||||||
|
|
||||||
|
@ -17,19 +16,19 @@ app.post("/", async (req, res) => {
|
||||||
|
|
||||||
const validPassword = await bcrypt.compare(password, user.password);
|
const validPassword = await bcrypt.compare(password, user.password);
|
||||||
|
|
||||||
if (!validPassword) return error(res, 403, 'Incorrect Password!')
|
if (!validPassword) return res.error( 403, 'Incorrect Password!')
|
||||||
const member = await UserModel.findOne({ name: username });
|
const member = await UserModel.findOne({ name: username });
|
||||||
if (!member || member.deleted) return error(res, 403, 'Incorrect Username and/or Password!')
|
if (!member || member.deleted) return res.error( 403, 'Incorrect Username and/or Password!')
|
||||||
|
|
||||||
req.session.userid = user.id;
|
req.session.userid = user.id;
|
||||||
|
|
||||||
res.redirect( req.query.redirect || '/');
|
res.redirect( req.query.redirect || '/');
|
||||||
} else
|
} else
|
||||||
error(res, 403, 'Incorrect Username and/or Password!')
|
res.error( 403, 'Incorrect Username and/or Password!')
|
||||||
|
|
||||||
|
|
||||||
} else
|
} else
|
||||||
error(res, 400, "You forgot entering some values")
|
res.error( 400, "You forgot entering some values")
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
const { MessageModel } = require("../models");
|
const { MessageModel } = require("../models");
|
||||||
const error = require("../errors/error")
|
|
||||||
|
|
||||||
const { Router } = require("express");
|
const { Router } = require("express");
|
||||||
|
|
||||||
|
@ -8,7 +7,7 @@ const app = Router();
|
||||||
app.get("/:id", async (req, res) => {
|
app.get("/:id", async (req, res) => {
|
||||||
const message = await MessageModel.get(req.params.id);
|
const message = await MessageModel.get(req.params.id);
|
||||||
|
|
||||||
if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id.");
|
if (!message || (message.deleted && req.user && !req.user.admin)) return res.error( 404, "We have not got any message declared as this id.");
|
||||||
res.redirect("/threads/" + message.threadID);
|
res.redirect("/threads/" + message.threadID);
|
||||||
|
|
||||||
});
|
});
|
||||||
|
@ -17,10 +16,10 @@ app.use(require("../middlewares/login"));
|
||||||
|
|
||||||
app.post("/:id/delete", async (req, res) => {
|
app.post("/:id/delete", async (req, res) => {
|
||||||
const message = await MessageModel.get(req.params.id);
|
const message = await MessageModel.get(req.params.id);
|
||||||
if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id.");
|
if (!message || message.deleted) return res.error( 404, "We have not got any message declared as this id.");
|
||||||
const user = req.user;
|
const user = req.user;
|
||||||
if (user.id != message.authorID && !user.admin)
|
if (user.id != message.authorID && !user.admin)
|
||||||
return error(res, 403, "You have not got permission for this.");
|
return res.error( 403, "You have not got permission for this.");
|
||||||
message.deleted = true;
|
message.deleted = true;
|
||||||
await message.save();
|
await message.save();
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
const { UserModel, SecretModel } = require("../models");
|
const { UserModel, SecretModel } = require("../models");
|
||||||
const { Router } = require("express")
|
const { Router } = require("express")
|
||||||
const error = require("../errors/error")
|
|
||||||
const bcrypt = require("bcrypt");
|
const bcrypt = require("bcrypt");
|
||||||
|
|
||||||
const app = Router();
|
const app = Router();
|
||||||
|
@ -17,7 +16,7 @@ app.post("/", async (req, res) => {
|
||||||
const user = await SecretModel.findOne({ username });
|
const user = await SecretModel.findOne({ username });
|
||||||
|
|
||||||
if (user)
|
if (user)
|
||||||
error(res, 400, `We have got an user named ${username}!`)
|
res.error(res, 400, `We have got an user named ${username}!`)
|
||||||
|
|
||||||
else {
|
else {
|
||||||
|
|
||||||
|
@ -35,7 +34,7 @@ app.post("/", async (req, res) => {
|
||||||
}
|
}
|
||||||
|
|
||||||
} else
|
} else
|
||||||
error(res, 400, "You forgot entering some values")
|
res.error(res, 400, "You forgot entering some values")
|
||||||
|
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
|
@ -2,7 +2,6 @@ const { Router } = require("express");
|
||||||
const app = Router();
|
const app = Router();
|
||||||
const rateLimit = require('express-rate-limit')
|
const rateLimit = require('express-rate-limit')
|
||||||
|
|
||||||
const error = require("../errors/error")
|
|
||||||
const { ThreadModel, MessageModel } = require("../models")
|
const { ThreadModel, MessageModel } = require("../models")
|
||||||
|
|
||||||
|
|
||||||
|
@ -42,7 +41,7 @@ app.get("/:id", async (req, res) => {
|
||||||
|
|
||||||
res.render("thread", { thread, messages, user })
|
res.render("thread", { thread, messages, user })
|
||||||
} else
|
} else
|
||||||
error(res, 404, "We have not got this thread.");
|
res.error( 404, "We have not got this thread.");
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
@ -55,13 +54,13 @@ app.post("/", rateLimit({
|
||||||
windowMs: 10 * 60_000, max: 1, standardHeaders: true, legacyHeaders: false,
|
windowMs: 10 * 60_000, max: 1, standardHeaders: true, legacyHeaders: false,
|
||||||
handler: (request, response, next, options) =>
|
handler: (request, response, next, options) =>
|
||||||
!request.user.admin ?
|
!request.user.admin ?
|
||||||
error(response, options.statusCode, "You are begin ratelimited")
|
res.error(options.statusCode, "You are begin ratelimited")
|
||||||
: next()
|
: next()
|
||||||
}), async (req, res) => {
|
}), async (req, res) => {
|
||||||
|
|
||||||
const { title = null, content = null } = req.body;
|
const { title = null, content = null } = req.body;
|
||||||
|
|
||||||
if (!title || !content) return error(res, 400, "Title and/or content is missing");
|
if (!title || !content) return res.error( 400, "Title and/or content is missing");
|
||||||
const user = req.user
|
const user = req.user
|
||||||
const thread = await new ThreadModel({ title, author: user }).takeId()
|
const thread = await new ThreadModel({ title, author: user }).takeId()
|
||||||
|
|
||||||
|
@ -76,10 +75,10 @@ app.post("/", rateLimit({
|
||||||
|
|
||||||
app.post("/:id/delete", async (req, res) => {
|
app.post("/:id/delete", async (req, res) => {
|
||||||
const thread = await ThreadModel.get(req.params.id);
|
const thread = await ThreadModel.get(req.params.id);
|
||||||
if (!thread || thread.deleted) return error(res, 404, "We have not got any thread declared as this id.");
|
if (!thread || thread.deleted) return res.error( 404, "We have not got any thread declared as this id.");
|
||||||
const user = req.user;
|
const user = req.user;
|
||||||
if (user.id != thread.authorID && !user.admin)
|
if (user.id != thread.authorID && !user.admin)
|
||||||
return error(res, 403, "You have not got permission for this.");
|
return res.error( 403, "You have not got permission for this.");
|
||||||
|
|
||||||
thread.deleted = true;
|
thread.deleted = true;
|
||||||
await thread.save();
|
await thread.save();
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
const { Router } = require("express");
|
const { Router } = require("express");
|
||||||
const app = Router();
|
const app = Router();
|
||||||
|
|
||||||
const error = require("../errors/error");
|
|
||||||
const { UserModel, MessageModel, ThreadModel } = require("../models");
|
const { UserModel, MessageModel, ThreadModel } = require("../models");
|
||||||
|
|
||||||
app.get("/", async ({ user }, res) => {
|
app.get("/", async ({ user }, res) => {
|
||||||
|
@ -22,7 +21,7 @@ app.get("/:id", async (req, res) => {
|
||||||
const thread = await ThreadModel.count({ authorID: id });
|
const thread = await ThreadModel.count({ authorID: id });
|
||||||
res.render("user", { user, member, counts: { message, thread } })
|
res.render("user", { user, member, counts: { message, thread } })
|
||||||
}
|
}
|
||||||
else error(res, 404, "We have not got this user.");
|
else res.error(404, "We have not got this user.");
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -32,12 +31,12 @@ app.use(require("../middlewares/login"));
|
||||||
app.post("/:id/delete/", async (req, res) => {
|
app.post("/:id/delete/", async (req, res) => {
|
||||||
const user = req.user;
|
const user = req.user;
|
||||||
if (!user?.admin)
|
if (!user?.admin)
|
||||||
return error(res, 403, "You have not got permission for this.");
|
return res.error( 403, "You have not got permission for this.");
|
||||||
|
|
||||||
const { id = null } = req.params;
|
const { id = null } = req.params;
|
||||||
const member = await UserModel.get(id);
|
const member = await UserModel.get(id);
|
||||||
|
|
||||||
if (!member || member.deleted) return error(res, 404, "We have not got any user declared as this id.");
|
if (!member || member.deleted) return res.error( 404, "We have not got any user declared as this id.");
|
||||||
|
|
||||||
member.deleted = true;
|
member.deleted = true;
|
||||||
await member.save();
|
await member.save();
|
||||||
|
|
Loading…
Reference in a new issue