mirror of
https://github.com/Akif9748/akf-forum.git
synced 2024-11-26 13:20:41 +03:00
create and del thread, and del message to fetch
This commit is contained in:
parent
3942af77b4
commit
fb15de2ca1
14 changed files with 106 additions and 96 deletions
|
@ -61,7 +61,7 @@ And, you can learn about API in `util/APIDOCS.md`.
|
|||
| Send message | 🟢 | MEDIUM |
|
||||
| Create thread | 🟢 | MEDIUM |
|
||||
| Get info about thread | 🟢 | MEDIUM |
|
||||
| Delete message & thread | 🔴 | HIGH |
|
||||
| Delete message & thread | 🟢 | HIGH |
|
||||
| Edit message & thread | 🔴 | HIGH |
|
||||
|
||||
### Other
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
module.exports = (res, type, error) =>
|
||||
res.status(type).render("error", { type, error });
|
2
index.js
2
index.js
|
@ -19,6 +19,6 @@ app.use(require("./middlewares/user"));
|
|||
for (const file of fs.readdirSync("./routes"))
|
||||
app.use("/" + file.replace(".js", ""), require(`./routes/${file}`));
|
||||
|
||||
app.all("*", (req, res) => res.error(404, "We have not got this page."));
|
||||
app.all("*", (req, res) => res.status(404).render("error", { type: 404, error: "We have not got this page." }));
|
||||
|
||||
app.listen(port, () => console.log("akf-forum on port:", port));
|
|
@ -1,4 +1,32 @@
|
|||
import request from "./request.js";
|
||||
document.addEventListener("click", async e => {
|
||||
|
||||
if (e.target.id === "delete_thread") {
|
||||
const response = await request("/api/threads/"+e.target.value+"/delete");
|
||||
if (response.result.deleted) {
|
||||
alert("Thread deleted");
|
||||
window.location.href = "/threads";
|
||||
}
|
||||
|
||||
} else if (e.target.id === "delete_message") {
|
||||
const response = await request("/api/messages/" + e.target.value + "/delete");
|
||||
if (response.result.deleted) {
|
||||
alert("Message deleted");
|
||||
location.reload();
|
||||
}
|
||||
} /*else if (e.target.id === "edit_thread") {
|
||||
window.location.href = "/threads/<%= thread.id %>/edit";
|
||||
} */
|
||||
|
||||
|
||||
|
||||
if (!e.target.id.includes("like")) return;
|
||||
const res = await request("/api/messages/" + e.target.value + "/react/" + e.target.id)
|
||||
|
||||
document.getElementById("count" + e.target.value).innerHTML = res.result;
|
||||
|
||||
});
|
||||
|
||||
|
||||
document.getElementById("send").addEventListener("submit", async e => {
|
||||
|
|
@ -59,8 +59,8 @@ app.use(async (req, res, next) => {
|
|||
});
|
||||
|
||||
/* will add for loop */
|
||||
app.use("/messages", require("./routes/message"))
|
||||
app.use("/users", require("./routes/user"))
|
||||
app.use("/messages", require("./routes/messages"))
|
||||
app.use("/users", require("./routes/users"))
|
||||
app.use("/threads", require("./routes/threads"))
|
||||
|
||||
app.all("*", (req, res) => res.error(400, "Bad request"));
|
||||
|
|
|
@ -59,4 +59,17 @@ app.post("/:id/react/:type", async (req, res) => {
|
|||
|
||||
});
|
||||
|
||||
app.post("/:id/delete", async (req, res) => {
|
||||
const message = await MessageModel.get(req.params.id);
|
||||
if (!message || (message.deleted && req.user && !req.user.admin)) return res.error( 404, "We have not got any message declared as this id.");
|
||||
const user = req.user;
|
||||
if (user.id != message.authorID && !user.admin)
|
||||
return res.error( 403, "You have not got permission for this.");
|
||||
message.deleted = true;
|
||||
await message.save();
|
||||
|
||||
res.complate(message);
|
||||
|
||||
})
|
||||
|
||||
module.exports = app;
|
|
@ -34,4 +34,18 @@ app.post("/", async (req, res) => {
|
|||
|
||||
});
|
||||
|
||||
app.post("/:id/delete", async (req, res) => {
|
||||
const thread = await ThreadModel.get(req.params.id);
|
||||
if (!thread || thread.deleted) return res.error( 404, "We have not got any thread declared as this id.");
|
||||
const user = req.user;
|
||||
if (user.id != thread.authorID && !user.admin)
|
||||
return res.error( 403, "You have not got permission for this.");
|
||||
|
||||
thread.deleted = true;
|
||||
await thread.save();
|
||||
|
||||
res.complate(thread);
|
||||
|
||||
})
|
||||
|
||||
module.exports = app;
|
|
@ -12,22 +12,4 @@ app.get("/:id", async (req, res) => {
|
|||
|
||||
});
|
||||
|
||||
app.use(require("../middlewares/login"));
|
||||
|
||||
app.post("/:id/delete", async (req, res) => {
|
||||
const message = await MessageModel.get(req.params.id);
|
||||
if (!message || message.deleted) return res.error( 404, "We have not got any message declared as this id.");
|
||||
const user = req.user;
|
||||
if (user.id != message.authorID && !user.admin)
|
||||
return res.error( 403, "You have not got permission for this.");
|
||||
message.deleted = true;
|
||||
await message.save();
|
||||
|
||||
|
||||
res.status(200).redirect("/threads/" + message.threadID);
|
||||
|
||||
})
|
||||
|
||||
|
||||
|
||||
module.exports = app;
|
|
@ -45,47 +45,4 @@ app.get("/:id", async (req, res) => {
|
|||
});
|
||||
|
||||
|
||||
|
||||
|
||||
app.use(require("../middlewares/login"));
|
||||
|
||||
|
||||
app.post("/", rateLimit({
|
||||
windowMs: 10 * 60_000, max: 1, standardHeaders: true, legacyHeaders: false,
|
||||
handler: (request, response, next, options) =>
|
||||
!request.user.admin ?
|
||||
res.error(options.statusCode, "You are begin ratelimited")
|
||||
: next()
|
||||
}), async (req, res) => {
|
||||
|
||||
const { title = null, content = null } = req.body;
|
||||
|
||||
if (!title || !content) return res.error( 400, "Title and/or content is missing");
|
||||
const user = req.user
|
||||
const thread = await new ThreadModel({ title, author: user }).takeId()
|
||||
|
||||
const message = await new MessageModel({ content, author: user, threadID: thread.id }).takeId()
|
||||
|
||||
await thread.push(message.id).save();
|
||||
|
||||
await message.save();
|
||||
|
||||
res.redirect('/threads/' + thread.id);
|
||||
})
|
||||
|
||||
app.post("/:id/delete", async (req, res) => {
|
||||
const thread = await ThreadModel.get(req.params.id);
|
||||
if (!thread || thread.deleted) return res.error( 404, "We have not got any thread declared as this id.");
|
||||
const user = req.user;
|
||||
if (user.id != thread.authorID && !user.admin)
|
||||
return res.error( 403, "You have not got permission for this.");
|
||||
|
||||
thread.deleted = true;
|
||||
await thread.save();
|
||||
|
||||
|
||||
res.status(200).redirect("/threads/");
|
||||
|
||||
})
|
||||
|
||||
module.exports = app;
|
|
@ -17,10 +17,13 @@ You need this headers for send request to API:
|
|||
## How to request?
|
||||
|
||||
### Request types:
|
||||
- GET `/api/messages/:id`
|
||||
- GET `/api/users/:id`
|
||||
- POST `/api/threads`
|
||||
- GET `/api/threads/:id`
|
||||
- POST `/api/threads/:id/delete`
|
||||
- GET `/api/messages/:id`
|
||||
- POST `/api/messages`
|
||||
- POST `/api/messages/:id/delete`
|
||||
- POST `/api/messages/:id/react/:type`
|
||||
|
||||
### Example request:
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
|
||||
|
||||
|
||||
<form action="/threads/" method="POST">
|
||||
<form>
|
||||
<h2>Title:</h2>
|
||||
<input name="title"></input>
|
||||
|
||||
|
@ -22,6 +22,29 @@
|
|||
</form>
|
||||
|
||||
|
||||
<script type="module">
|
||||
|
||||
import request from "../../js/request.js";
|
||||
|
||||
document.addEventListener("submit", async e => {
|
||||
e.preventDefault();
|
||||
const form = e.target;
|
||||
const data = new FormData(form);
|
||||
|
||||
const response = await request("/api/threads/", "POST", {
|
||||
title: data.get("title"), content: data.get("content")
|
||||
});
|
||||
|
||||
|
||||
if (response.result) {
|
||||
alert("Thread opened");
|
||||
window.location.href = "/threads/" + response.result.id;
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
|
||||
</script>
|
||||
<%- include("extra/footer") %>
|
||||
</body>
|
||||
|
||||
|
|
|
@ -16,12 +16,12 @@
|
|||
<img class="yuvarlak" src=<%= thread.author.avatar %> alt=<%= thread.author.name %>>
|
||||
</h2>
|
||||
|
||||
<% if (user){ %>
|
||||
|
||||
<form style="display:inline;" action="/threads/<%= thread.id %>/delete/" method="post">
|
||||
</a><button type="submit">DELETE</button>
|
||||
</form>
|
||||
<% if (user && !thread.deleted){ %>
|
||||
|
||||
<button id="delete_thread" value="<%= thread.id %>" style="display:inline;" type="submit">DELETE</button>
|
||||
<button id="edit_thread" style="display:inline;" type="submit">EDIT</button>
|
||||
<% } else { %>
|
||||
<h3 style="display:inline;">This thread has been deleted</h3>
|
||||
<% }; %>
|
||||
|
||||
<hr>
|
||||
|
@ -47,10 +47,14 @@
|
|||
<br>
|
||||
|
||||
<% if (user){ %>
|
||||
|
||||
<form style="display:inline;" action="/message/<%= message.id %>/delete/" method="post">
|
||||
</a><button type="submit">DELETE</button>
|
||||
<% if (!message.deleted){ %>
|
||||
<form style="display:inline;">
|
||||
<button id="delete_message" value="<%= message.id %>" type="submit">DELETE</button>
|
||||
</form>
|
||||
<% } else { %>
|
||||
<h3 style="display:inline;">This message has been deleted</h3>
|
||||
<% }; %>
|
||||
|
||||
<div style="float: right;">
|
||||
<h3 id="count<%= message.id %>" style="display:inline;"><%= message.reactCount %></h3>
|
||||
<button style="display:inline;" id="like" value="<%= message.id %>">+🔼</button>
|
||||
|
@ -72,21 +76,9 @@
|
|||
|
||||
<% }); %>
|
||||
|
||||
<script type="module">
|
||||
|
||||
import request from "../js/request.js";
|
||||
|
||||
document.addEventListener("click", async e=>{
|
||||
if (!e.target.id.includes("like"))return;
|
||||
const res = await fetch("/api/messages/"+e.target.value+"/react/" + e.target.id, { method: 'POST' })
|
||||
.then(res=>res.json());
|
||||
document.getElementById("count"+e.target.value).innerHTML = res.result;
|
||||
|
||||
});
|
||||
|
||||
|
||||
</script>
|
||||
</div>
|
||||
|
||||
<hr>
|
||||
|
||||
|
||||
|
@ -103,7 +95,7 @@
|
|||
|
||||
</form>
|
||||
<% if (user){ %>
|
||||
<script type="module" src="/js/send.js"></script>
|
||||
<script type="module" src="/js/thread.js"></script>
|
||||
<% }%>
|
||||
|
||||
<%- include("extra/footer") %>
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
<% threads.forEach(thread=>{ %>
|
||||
<li>
|
||||
<h1 style="display: inline;"> <a href=<%= thread.getLink() %> ><%= thread.title %></a></h1>
|
||||
<h3 style="display: inline;"> | By <%= thread.author.name %></h3>
|
||||
<h3 style="display: inline;"> | By <%= thread.author.name %> <%= thread.deleted ? "(DELETED)" :"" %></h3>
|
||||
</li>
|
||||
<% }); %>
|
||||
</ul>
|
||||
|
|
Loading…
Reference in a new issue