Akif9748/akf-forum
Akif9748/akf-forum
1
1
Fork 0
mirror of https://github.com/Akif9748/akf-forum.git synced 2024-07-05 16:58:15 +03:00
Code Issues Packages Projects Releases Wiki Activity
b979bfd47c
akf-forum/routes/threads.js
Akif9748 b979bfd47c Better error handling
2022-08-11 00:49:44 +03:00

91 lines
2.5 KiB
JavaScript
Raw Blame History

const { Router } = require("express");
const app = Router();
const rateLimit = require('express-rate-limit')
const { ThreadModel, MessageModel } = require("../models")
app.get("/", async (req, res) => {
const user = req.user;
const threads = await ThreadModel.find(user?.admin ? {} : { deleted: false }).limit(10);
return res.render("threads", { threads, user });
});
app.get("/create*", async (req, res) => {
const user = req.user
res.render("createThread", { user })
});
app.get("/:id", async (req, res) => {
const { id } = req.params;
const thread = await ThreadModel.get(id);
const user = req.user;
if (thread && (user?.admin || !thread.deleted)) {
const messages = await Promise.all(thread.messages.map(async id => {
const message = await MessageModel.get(id)
const arr = Object.values(message.react)
message.reactCount = arr.filter(Boolean).length - arr.filter(x => !x).length;
return user?.admin || !message?.deleted ? message : null;
}));
res.render("thread", { thread, messages, user })
} else
res.error( 404, "We have not got this thread.");
});
app.use(require("../middlewares/login"));
app.post("/", rateLimit({
windowMs: 10 * 60_000, max: 1, standardHeaders: true, legacyHeaders: false,
handler: (request, response, next, options) =>
!request.user.admin ?
res.error(options.statusCode, "You are begin ratelimited")
: next()
}), async (req, res) => {
const { title = null, content = null } = req.body;
if (!title || !content) return res.error( 400, "Title and/or content is missing");
const user = req.user
const thread = await new ThreadModel({ title, author: user }).takeId()
const message = await new MessageModel({ content, author: user, threadID: thread.id }).takeId()
await thread.push(message.id).save();
await message.save();
res.redirect('/threads/' + thread.id);
})
app.post("/:id/delete", async (req, res) => {
const thread = await ThreadModel.get(req.params.id);
if (!thread || thread.deleted) return res.error( 404, "We have not got any thread declared as this id.");
const user = req.user;
if (user.id != thread.authorID && !user.admin)
return res.error( 403, "You have not got permission for this.");
thread.deleted = true;
await thread.save();
res.status(200).redirect("/threads/");
})
module.exports = app;
Reference in New Issue View Git Blame Copy Permalink