Akif9748/akf-forum
Akif9748/akf-forum
1
1
Fork 0
mirror of https://github.com/Akif9748/akf-forum.git synced 2024-11-22 20:10:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

Better error handling

Browse source
This commit is contained in:
Akif9748 2022-08-11 00:49:44 +03:00
parent 832e61afb1
commit b979bfd47c
10 changed files with 26 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -20,8 +20,8 @@ And, you can learn about API in `util/APIDOCS.md`.
* [Camroku](https://github.com/Camroku) - Made stylesheets * [Camroku](https://github.com/Camroku) - Made stylesheets
## To do (Backend, bug fixes) ## To do (Backend, bug fixes)
- `/errors/error` will ~~change~~ deprecate, it will be in res.error . And we will use "alert" for errors with fetch api. this added for messages and reactions... - We will use "alert" for errors with fetch api. this added for messages and reactions...
- message.js/12, so, admin perms,(req.user?.admin || !thread.deleted), and api in message. - message.js/12, so, admin perms,, and api in message.
- the forum will only use api path... this added for messages and reactions... - the forum will only use api path... this added for messages and reactions...
## Roadmap ## Roadmap

5
index.js
View file

@ -1,5 +1,4 @@
const error = require("./errors/error.js"), const session = require('express-session'),
session = require('express-session'),
bodyParser = require('body-parser'), bodyParser = require('body-parser'),
port = process.env.PORT || 3000, port = process.env.PORT || 3000,
mongoose = require("mongoose"), mongoose = require("mongoose"),
@ -20,6 +19,6 @@ app.use(require("./middlewares/user"));
for (const file of fs.readdirSync("./routes")) for (const file of fs.readdirSync("./routes"))
app.use("/" + file.replace(".js", ""), require(`./routes/${file}`)); app.use("/" + file.replace(".js", ""), require(`./routes/${file}`));
app.all("*", (req, res) => error(res, 404, "We have not got this page.")); app.all("*", (req, res) => res.error(404, "We have not got this page."));
app.listen(port, () => console.log("akf-forum on port:", port)); app.listen(port, () => console.log("akf-forum on port:", port));

1
middlewares/user.js
View file

@ -1,6 +1,7 @@
const { UserModel } = require("../models"); const { UserModel } = require("../models");
module.exports = async (req, res, next) => { module.exports = async (req, res, next) => {
req.error = (type, error) => res.status(type).render("error", { type, error });
req.user = await UserModel.get(req.session.userid); req.user = await UserModel.get(req.session.userid);
next(); next();
} }

7
routes/admin.js
View file

@ -1,7 +1,6 @@
const { UserModel } = require("../models") const { UserModel } = require("../models")
const { Router } = require("express") const { Router } = require("express")
const error = require("../errors/error")
const app = Router(); const app = Router();
@ -10,7 +9,7 @@ app.use(require("../middlewares/login"));
app.get("/", async (req, res) => { app.get("/", async (req, res) => {
const user = req.user; const user = req.user;
if (!user.admin) return error(res, 403, "You have not got permissions for view to this page."); if (!user.admin) return res.error( 403, "You have not got permissions for view to this page.");
res.render("admin", { user, user2: false }) res.render("admin", { user, user2: false })
}); });
@ -19,11 +18,11 @@ app.post("/", async (req, res) => {
const user = req.user; const user = req.user;
if (!user.admin) return error(res, 403, "You have not got permissions for view to this page."); if (!user.admin) return res.error(403, "You have not got permissions for view to this page.");
const user2 = await UserModel.get(req.body.userid); const user2 = await UserModel.get(req.body.userid);
if (!user2) if (!user2)
return error(res, 404, "We have not got this user in all of the forum. Vesselam."); return res.error( 404, "We have not got this user in all of the forum. Vesselam.");
else { else {
user2.admin = true; user2.admin = true;

2
routes/api/routes/message.js
View file

@ -12,7 +12,7 @@ app.get("/:id", async (req, res) => {
if (!id) return res.error(400, "Missing id in query") if (!id) return res.error(400, "Missing id in query")
const message = await MessageModel.get(id); const message = await MessageModel.get(id);
if (!message || message.deleted) return res.error(404, "We have not got any message declared as this id."); if (!message || (message.deleted && req.user && !req.user.admin)) return res.error(404, "We have not got any message declared as this id.");
res.complate(message); res.complate(message);

9
routes/login.js
View file

@ -1,6 +1,5 @@
const { UserModel, SecretModel } = require("../models"); const { UserModel, SecretModel } = require("../models");
const { Router } = require("express"); const { Router } = require("express");
const error = require("../errors/error");
const app = Router(); const app = Router();
const bcrypt = require("bcrypt"); const bcrypt = require("bcrypt");
@ -17,19 +16,19 @@ app.post("/", async (req, res) => {
const validPassword = await bcrypt.compare(password, user.password); const validPassword = await bcrypt.compare(password, user.password);
if (!validPassword) return error(res, 403, 'Incorrect Password!') if (!validPassword) return res.error( 403, 'Incorrect Password!')
const member = await UserModel.findOne({ name: username }); const member = await UserModel.findOne({ name: username });
if (!member || member.deleted) return error(res, 403, 'Incorrect Username and/or Password!') if (!member || member.deleted) return res.error( 403, 'Incorrect Username and/or Password!')
req.session.userid = user.id; req.session.userid = user.id;
res.redirect( req.query.redirect || '/'); res.redirect( req.query.redirect || '/');
} else } else
error(res, 403, 'Incorrect Username and/or Password!') res.error( 403, 'Incorrect Username and/or Password!')
} else } else
error(res, 400, "You forgot entering some values") res.error( 400, "You forgot entering some values")

7
routes/message.js
View file

@ -1,5 +1,4 @@
const { MessageModel } = require("../models"); const { MessageModel } = require("../models");
const error = require("../errors/error")
const { Router } = require("express"); const { Router } = require("express");
@ -8,7 +7,7 @@ const app = Router();
app.get("/:id", async (req, res) => { app.get("/:id", async (req, res) => {
const message = await MessageModel.get(req.params.id); const message = await MessageModel.get(req.params.id);
if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id."); if (!message || (message.deleted && req.user && !req.user.admin)) return res.error( 404, "We have not got any message declared as this id.");
res.redirect("/threads/" + message.threadID); res.redirect("/threads/" + message.threadID);
}); });
@ -17,10 +16,10 @@ app.use(require("../middlewares/login"));
app.post("/:id/delete", async (req, res) => { app.post("/:id/delete", async (req, res) => {
const message = await MessageModel.get(req.params.id); const message = await MessageModel.get(req.params.id);
if (!message || message.deleted) return error(res, 404, "We have not got any message declared as this id."); if (!message || message.deleted) return res.error( 404, "We have not got any message declared as this id.");
const user = req.user; const user = req.user;
if (user.id != message.authorID && !user.admin) if (user.id != message.authorID && !user.admin)
return error(res, 403, "You have not got permission for this."); return res.error( 403, "You have not got permission for this.");
message.deleted = true; message.deleted = true;
await message.save(); await message.save();

5
routes/register.js
View file

@ -1,6 +1,5 @@
const { UserModel, SecretModel } = require("../models"); const { UserModel, SecretModel } = require("../models");
const { Router } = require("express") const { Router } = require("express")
const error = require("../errors/error")
const bcrypt = require("bcrypt"); const bcrypt = require("bcrypt");
const app = Router(); const app = Router();
@ -17,7 +16,7 @@ app.post("/", async (req, res) => {
const user = await SecretModel.findOne({ username }); const user = await SecretModel.findOne({ username });
if (user) if (user)
error(res, 400, `We have got an user named ${username}!`) res.error(res, 400, `We have got an user named ${username}!`)
else { else {
@ -35,7 +34,7 @@ app.post("/", async (req, res) => {
} }
} else } else
error(res, 400, "You forgot entering some values") res.error(res, 400, "You forgot entering some values")
}) })

11
routes/threads.js
View file

@ -2,7 +2,6 @@ const { Router } = require("express");
const app = Router(); const app = Router();
const rateLimit = require('express-rate-limit') const rateLimit = require('express-rate-limit')
const error = require("../errors/error")
const { ThreadModel, MessageModel } = require("../models") const { ThreadModel, MessageModel } = require("../models")
@ -42,7 +41,7 @@ app.get("/:id", async (req, res) => {
res.render("thread", { thread, messages, user }) res.render("thread", { thread, messages, user })
} else } else
error(res, 404, "We have not got this thread."); res.error( 404, "We have not got this thread.");
}); });
@ -55,13 +54,13 @@ app.post("/", rateLimit({
windowMs: 10 * 60_000, max: 1, standardHeaders: true, legacyHeaders: false, windowMs: 10 * 60_000, max: 1, standardHeaders: true, legacyHeaders: false,
handler: (request, response, next, options) => handler: (request, response, next, options) =>
!request.user.admin ? !request.user.admin ?
error(response, options.statusCode, "You are begin ratelimited") res.error(options.statusCode, "You are begin ratelimited")
: next() : next()
}), async (req, res) => { }), async (req, res) => {
const { title = null, content = null } = req.body; const { title = null, content = null } = req.body;
if (!title || !content) return error(res, 400, "Title and/or content is missing"); if (!title || !content) return res.error( 400, "Title and/or content is missing");
const user = req.user const user = req.user
const thread = await new ThreadModel({ title, author: user }).takeId() const thread = await new ThreadModel({ title, author: user }).takeId()
@ -76,10 +75,10 @@ app.post("/", rateLimit({
app.post("/:id/delete", async (req, res) => { app.post("/:id/delete", async (req, res) => {
const thread = await ThreadModel.get(req.params.id); const thread = await ThreadModel.get(req.params.id);
if (!thread || thread.deleted) return error(res, 404, "We have not got any thread declared as this id."); if (!thread || thread.deleted) return res.error( 404, "We have not got any thread declared as this id.");
const user = req.user; const user = req.user;
if (user.id != thread.authorID && !user.admin) if (user.id != thread.authorID && !user.admin)
return error(res, 403, "You have not got permission for this."); return res.error( 403, "You have not got permission for this.");
thread.deleted = true; thread.deleted = true;
await thread.save(); await thread.save();

7
routes/users.js
View file

@ -1,7 +1,6 @@
const { Router } = require("express"); const { Router } = require("express");
const app = Router(); const app = Router();
const error = require("../errors/error");
const { UserModel, MessageModel, ThreadModel } = require("../models"); const { UserModel, MessageModel, ThreadModel } = require("../models");
app.get("/", async ({ user }, res) => { app.get("/", async ({ user }, res) => {
@ -22,7 +21,7 @@ app.get("/:id", async (req, res) => {
const thread = await ThreadModel.count({ authorID: id }); const thread = await ThreadModel.count({ authorID: id });
res.render("user", { user, member, counts: { message, thread } }) res.render("user", { user, member, counts: { message, thread } })
} }
else error(res, 404, "We have not got this user."); else res.error(404, "We have not got this user.");
}); });
@ -32,12 +31,12 @@ app.use(require("../middlewares/login"));
app.post("/:id/delete/", async (req, res) => { app.post("/:id/delete/", async (req, res) => {
const user = req.user; const user = req.user;
if (!user?.admin) if (!user?.admin)
return error(res, 403, "You have not got permission for this."); return res.error( 403, "You have not got permission for this.");
const { id = null } = req.params; const { id = null } = req.params;
const member = await UserModel.get(id); const member = await UserModel.get(id);
if (!member || member.deleted) return error(res, 404, "We have not got any user declared as this id."); if (!member || member.deleted) return res.error( 404, "We have not got any user declared as this id.");
member.deleted = true; member.deleted = true;
await member.save(); await member.save();