mirror of
https://github.com/Akif9748/akf-forum.git
synced 2024-10-04 11:48:31 +03:00
Akif9748
11965e8de9
added ratelimit to post threads and messages. Added encryption to passwords. Thread.ejs is fixed
71 lines
No EOL
1.6 KiB
JavaScript
71 lines
No EOL
1.6 KiB
JavaScript
const { Router } = require("express");
|
|
const app = Router();
|
|
const rateLimit = require('express-rate-limit')
|
|
|
|
const error = require("../errors/error")
|
|
const { ThreadModel, MessageModel } = require("../models")
|
|
|
|
|
|
app.get("/", async (req, res) => {
|
|
|
|
const user = req.user;
|
|
|
|
const threads = await ThreadModel.find({}).limit(10);
|
|
|
|
return res.render("threads", { threads, user });
|
|
});
|
|
|
|
|
|
app.get("/create*", async (req, res) => {
|
|
|
|
const user = req.user
|
|
res.render("createThread", { user })
|
|
|
|
});
|
|
|
|
app.get("/:id", async (req, res) => {
|
|
|
|
const { id } = req.params;
|
|
|
|
const thread = await ThreadModel.get(id);
|
|
|
|
if (thread) {
|
|
const user = req.user;
|
|
|
|
const messages = await Promise.all(thread.messages.map(async id => {
|
|
const message = await MessageModel.get(id)
|
|
return (user.admin || !message?.deleted) ? message : null;
|
|
}));
|
|
|
|
res.render("thread", { thread, messages, user })
|
|
} else
|
|
error(res, 404, "We have not got this thread.");
|
|
});
|
|
|
|
|
|
|
|
|
|
app.use(require("../middlewares/login"));
|
|
|
|
|
|
app.post("/", rateLimit({
|
|
windowMs: 10*60_000, max: 1, standardHeaders: true, legacyHeaders: false
|
|
}), async (req, res) => {
|
|
|
|
const { title = null, content = null } = req.body;
|
|
|
|
if (!title || !content) return error(res, 400, "Title and/or content is missing");
|
|
const user = req.user
|
|
const thread = await new ThreadModel({ title, author: user }).takeId()
|
|
|
|
const message = await new MessageModel({ content, author: user, threadID: thread.id }).takeId()
|
|
|
|
await thread.push(message.id).save();
|
|
|
|
await message.save();
|
|
|
|
res.redirect('/threads/' + thread.id);
|
|
})
|
|
|
|
|
|
module.exports = app; |