kajvans/forum-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity

tuned some things and added some to user route

Browse Source
This commit is contained in:
kaj van schalkwijk
2024-01-24 16:28:02 +01:00
parent 49cd0b1953
commit 421ab338fc
8 changed files with 500 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routes/user.js
+172 -9
View File
@@ -1,25 +1,58 @@
const db = require('../surreal');
const router = require('express').Router();
const middleware = require('../auth/middleware');
const {auth, publicauth} = require('../auth/middleware');
const passwordauth = require('../auth/password');
router.get('/:username', async (req, res) => {
router.get('/:username',publicauth, async (req, res) => {
try{
const username = req.params.username;
if(!username) return res.status(400).json({error: "Missing username"});
const user = await db.query(`SELECT description, creation FROM users WHERE username = string::lowercase("${username}")`);
const user = await db.query(`SELECT description, creation, visibility, likedPosts, comments, savedPosts FROM users WHERE username = string::lowercase("${username}")`);
if(user.length == 0) return res.status(400).json({error: "User does not exist"});
const posts = await db.query(`SELECT * FROM posts WHERE author = string::lowercase("${username}")`);
const returnData = {
description: user[0].description,
creation: user[0].creation,
posts: posts
if(req.user == username){
const returnData = {
description: user[0].description,
creation: user[0].creation,
posts: posts,
likedPosts: user[0].likedPosts,
comments: user[0].comments,
savedPosts: user[0].savedPosts,
visibility: user[0].visibility
}
res.status(200).json({returnData});
}
res.status(200).json({returnData});
else {
if(user[0].visibility.likes == false){
for(let i = 0; i < posts.length; i++){
posts[i].likes = "Hidden";
}
}
if(user[0].visibility.savedPosts == false){
for(let i = 0; i < posts.length; i++){
posts[i].savedPosts = "Hidden";
}
}
const returnData = {
description: user[0].description,
creation: user[0].creation,
posts: posts,
likedPosts: user[0].likedPosts,
comments: user[0].comments,
savedPosts: user[0].savedPosts
}
res.status(200).json({returnData});
}
}
catch(err){
console.log(err);
@@ -27,7 +60,7 @@ router.get('/:username', async (req, res) => {
}
});
router.put('/description', middleware, async (req, res) => {
router.put('/description', auth, async (req, res) => {
try{
const username = req.user;
const {description} = req.body;
@@ -46,4 +79,134 @@ router.put('/description', middleware, async (req, res) => {
}
});
router.put('/password', auth, async (req, res) => {
try{
const username = req.user;
const {oldpassword, newpassword} = req.body;
if(!username) return res.status(400).json({error: "Missing username"});
if(!oldpassword) return res.status(400).json({error: "Missing old password"});
if(!newpassword) return res.status(400).json({error: "Missing new password"});
const user = await db.query(`SELECT * FROM users WHERE username = string::lowercase("${username}")`);
if(user.length == 0) return res.status(400).json({error: "User does not exist"});
const verify = await passwordauth.verify(oldpassword, user[0].password);
if(!verify) return res.status(400).json({error: "Old password is incorrect"});
const hash = await passwordauth.hash(newpassword);
const newUserPassword = await db.query(`UPDATE users SET password = "${hash}" WHERE username = string::lowercase("${username}")`);
res.status(200).json({message: "Password updated"});
}
catch(err){
console.log(err);
res.status(500).json({error: "Internal server error"});
}
});
router.put('/username', auth, async (req, res) => {
try{
const username = req.user;
const {newusername} = req.body;
if(!username) return res.status(400).json({error: "Missing username"});
if(!newusername) return res.status(400).json({error: "Missing new username"});
const user = await db.query(`SELECT * FROM users WHERE username = string::lowercase("${username}")`);
if(user.length == 0) return res.status(400).json({error: "User does not exist"});
const check = await db.query(`SELECT * FROM users WHERE username = string::lowercase("${newusername}")`);
if(check.length > 0) return res.status(400).json({error: "Username already exists"});
const newUser = await db.query(`UPDATE users SET username = string::lowercase("${newusername}") WHERE username = string::lowercase("${username}")`);
const newPost = await db.query(`UPDATE posts SET author = string::lowercase("${newusername}") WHERE author = string::lowercase("${username}")`);
const newComment = await db.query(`UPDATE comments SET author = string::lowercase("${newusername}") WHERE author = string::lowercase("${username}")`);
const likedPosts = user[0].likedPosts;
for(let i = 0; i < likedPosts.length; i++){
const post = await db.query(`SELECT * FROM posts WHERE id = posts:"${likedPosts[i]}"`);
const likes = post[0].likes;
for(let j = 0; j < likes.length; j++){
if(likes[j] == username){
likes.splice(j, 1);
likes.push(newusername);
const updatePost = await db.query(`UPDATE posts SET likes = "${likes}" WHERE id = "${likedPosts[i]}"`);
}
}
}
res.status(200).json({message: "Username updated"});
}
catch(err){
console.log(err);
res.status(500).json({error: "Internal server error"});
}
});
router.put('/visibility', auth, async (req, res) => {
try{
const username = req.user;
const {likes, savedPosts} = req.body;
if(!username) return res.status(400).json({error: "Missing username"});
if(likes == undefined) return res.status(400).json({error: "Missing likes"});
if(savedPosts == undefined) return res.status(400).json({error: "Missing savedPosts"});
if(typeof likes != "boolean") return res.status(400).json({error: "Invalid likes"});
if(typeof savedPosts != "boolean") return res.status(400).json({error: "Invalid savedPosts"});
const visibility = {
likes: likes,
savedPosts: savedPosts
}
const user = await db.query(`UPDATE users SET visibility = "${visibility}" WHERE username = string::lowercase("${username}")`);
res.status(200).json({message: "Visibility updated"});
}
catch(err){
console.log(err);
res.status(500).json({error: "Internal server error"});
}
});
router.get('/description/:username', publicauth, async (req, res) => {
try{
const username = req.params.username;
if(!username) return res.status(400).json({error: "Missing username"});
const user = await db.query(`SELECT description FROM users WHERE username = string::lowercase("${username}")`);
if(user.length == 0) return res.status(400).json({error: "User does not exist"});
res.status(200).json({description: user[0].description});
}
catch(err){
console.log(err);
res.status(500).json({error: "Internal server error"});
}
});
router.get('/visibility', auth, async (req, res) => {
try{
const username = req.user;
if(!username) return res.status(400).json({error: "Missing username"});
const user = await db.query(`SELECT visibility FROM users WHERE username = string::lowercase("${username}")`);
if(user.length == 0) return res.status(400).json({error: "User does not exist"});
res.status(200).json({visibility: user[0].visibility});
}
catch(err){
console.log(err);
res.status(500).json({error: "Internal server error"});
}
});
module.exports = router;