mirror of
https://github.com/Akif9748/akf-forum.git
synced 2024-11-22 20:10:40 +03:00
Better auth for API
This commit is contained in:
parent
0d356239e7
commit
fd64ac8693
4 changed files with 12 additions and 7 deletions
|
@ -2,13 +2,13 @@
|
|||
Akf-forum has got an API for AJAX, other clients etc.
|
||||
|
||||
## Authorization
|
||||
You need this headers for send request to API:
|
||||
You need this header for send request to API:
|
||||
```json
|
||||
{
|
||||
"username": "testUser",
|
||||
"password": "testPassword"
|
||||
"authorization": "Basic <base64 encoded username:password>"
|
||||
}
|
||||
```
|
||||
|
||||
But in front end, the API will works with session.
|
||||
|
||||
## Default Limits:
|
||||
|
|
|
@ -42,12 +42,14 @@ Akf-forum has got an API for AJAX (fetch), other clients etc. And, you can learn
|
|||
| To do | Is done? |
|
||||
| ----- | -------- |
|
||||
| Profile Message | ⚪ |
|
||||
| Better Auth for API way | ⚪ |
|
||||
| Better Auth for API way | 🟢 |
|
||||
| mod role, permissions | ⚪ |
|
||||
| upload other photos, model for it | ⚪ |
|
||||
| categories page is need a update, thread count in category | ⚪ |
|
||||
| preview for send messages in markdown format | 💚 |
|
||||
| preview for send messages in markdown format | 🟢 |
|
||||
| DC auth will store code for taking tokens, and create secret model setting | ⚪ |
|
||||
- IF a person liked a message, view.
|
||||
- Disable last seen button.
|
||||
|
||||
## Major Version History
|
||||
- V4: Caching
|
||||
|
|
|
@ -8,6 +8,7 @@ const schema = new mongoose.Schema({
|
|||
threadID: String,
|
||||
authorID: String,
|
||||
content: { type: String, maxlength: limits.message },
|
||||
oldContents: [{ type: String, maxlength: limits.message }],
|
||||
time: { type: Date, default: Date.now },
|
||||
deleted: { type: Boolean, default: false },
|
||||
edited: { type: Boolean, default: false },
|
||||
|
|
|
@ -16,7 +16,9 @@ app.use(async (req, res, next) => {
|
|||
res.complate = result => res.status(200).json(result);
|
||||
|
||||
if (req.user) return next();
|
||||
const { username = null, password = null } = req.headers;
|
||||
const authHeader = req.headers.authorization;
|
||||
if (!authHeader) return res.error(401, "No authorization header");
|
||||
const [username, password] = Buffer.from(authHeader.split(' ')[1], "base64").toString().split(":");
|
||||
|
||||
if (!username || !password)
|
||||
return res.error(401, "Authorise headers are missing")
|
||||
|
|
Loading…
Reference in a new issue