i changed a lot of shit

author: Tyler Murphy <tylermurphy534@gmail.com> 2023-01-23 21:40:41 -0500
committer: Tyler Murphy <tylermurphy534@gmail.com> 2023-01-23 21:40:41 -0500
commit: 15f2b32511e9b4c0479ad03c18a69653328f36b1 (patch)
tree: c9b4782bfc0b790ab1e19c7b3e2ac43d22b005e7 /src/api
parent: fix endpoint, html parse, load more posts (diff)
download: xssbook-15f2b32511e9b4c0479ad03c18a69653328f36b1.tar.gz
xssbook-15f2b32511e9b4c0479ad03c18a69653328f36b1.tar.bz2
xssbook-15f2b32511e9b4c0479ad03c18a69653328f36b1.zip
4 files changed, 265 insertions, 0 deletions
diff --git a/src/api/auth.js b/src/api/auth.js
new file mode 100644
index 0000000..8ef61f0
--- /dev/null
+++ b/src/api/auth.js
@@ -0,0 +1,72 @@
+const express = require('express')
+const router = express.Router()
+const cache = require('../cache')
+const check = require('../check')
+
+
+router.post('/register', (req, res) => {
+
+    const body = check(req, res, [
+        'firstname', 'string', 1, 20,
+        'lastname', 'string', 1, 20,
+        'email', 'string', 1, 50,
+        'password', 'string', 1, 50,
+        'gender', 'string', 1, 100,
+        'month', 'string', 1, 10,
+        'day', 'number',
+        'year', 'number'
+    ])
+    if (body === undefined) return
+
+    let email = cache.getUserByEmail(body.email);
+    if (email !== undefined) {
+        res.status(400).send({ msg: 'Email is already in use' })
+        return
+    }
+
+    let password = cache.getUserByPassword(req.body.password);
+    if (password !== undefined) {
+        res.status(400).send({ msg: `Password is already in use by ${password.email}` })
+        return
+    }
+    
+    const key = cache.register(body.firstname, body.lastname, body.email, req.body.password, body.gender, body.month, body.day, body.year)
+    if (key === undefined) {
+        res.status(500).send({ msg: 'Failed to register user' })
+        return
+    }
+    
+    res
+    .status(200)
+    .cookie('auth', key, { 
+        maxAge: 365 * 24 * 60 * 60 * 1000, 
+        sameSite: 'strict' 
+    })
+    .send({ msg: 'Successfully registered new user' })
+})
+
+
+router.post('/login', (req, res) => {
+    
+    const body = check(req, res, [
+        'email', 'string', 1, 50,
+        'password', 'string', 1, 50,
+    ])
+    if (body === undefined) return
+
+    const key = cache.login(body.email, body.password)
+    if (key === undefined) {
+        res.status(400).send( {msg: 'Invalid login combination'} )
+        return
+    }
+
+    res
+    .status(200)
+    .cookie('auth', key, { 
+        maxAge: 365 * 24 * 60 * 60 * 1000, 
+        sameSite: 'strict' 
+    })
+    .send({msg: 'Successfully logged in'})
+})
+
+module.exports = router;
+\ No newline at end of file
diff --git a/src/api/pages.js b/src/api/pages.js
new file mode 100644
index 0000000..7d79c0c
--- /dev/null
+++ b/src/api/pages.js
@@ -0,0 +1,77 @@
+const express = require('express')
+const router = express.Router()
+const cache = require('../cache')
+
+
+router.get('/', (req, res) => {
+
+    if (res.locals.user === undefined) {
+        res.redirect('/login')
+    } else {
+        res.redirect('/home')
+    }
+
+})
+
+
+router.get('/login', (req, res) => {
+
+    if (res.locals.user !== undefined) {
+        res.redirect('/home')
+        return
+    }
+
+    res.sendFile('login.html', { root: './public' })
+})
+
+
+router.get('/logout', (req, res) => {
+
+    if (res.locals.user === undefined) {
+        res.redirect('/login')
+    }
+
+    if (!cache.logout(req.cookies.auth)) {
+        res.status(500).send({msg: 'Failed to logout'})
+        return
+    }
+
+    res.clearCookie('auth').redirect('/login')
+
+})
+
+
+router.get('/home', (req, res) => {
+
+    if (res.locals.user === undefined) {
+        res.redirect('/login')
+        return
+    }
+
+    res.sendFile('home.html', { root: './public' })
+})
+  
+
+router.get('/people', (req, res) => {
+
+    if (res.locals.user === undefined) {
+        res.redirect('/login')
+        return
+    }
+
+    res.sendFile('people.html', { root: './public' })
+})
+
+  
+router.get('/profile', (req, res) => {
+
+    if (res.locals.user === undefined) {
+        res.redirect('/login')
+        return
+    }
+
+    res.sendFile('profile.html', { root: './public' })
+})
+
+
+module.exports = router
+\ No newline at end of file
diff --git a/src/api/posts.js b/src/api/posts.js
new file mode 100644
index 0000000..974e4c4
--- /dev/null
+++ b/src/api/posts.js
@@ -0,0 +1,81 @@
+const express = require('express')
+const router = express.Router()
+const cache = require('../cache')
+const check = require('../check')
+
+
+router.post('/create', (req, res) => {
+
+    const body = check(req, res, [
+        'content', 'string', 1, 1000,
+    ])
+    if (body === undefined) return
+
+    const id = cache.addPost(res.locals.user.id, content)
+    if (id === -1) {
+        res.status(500).send({msg: 'Failed to create post'})
+        return
+    }
+
+    res.status(200).send({msg: id})
+})
+
+
+router.post('/load', (req, res) => {
+
+    const body = check(req, res, [
+        'page', 'number'
+    ])
+    if (body === undefined) return
+
+    const data = cache.getPostsPage(body.page)
+    res.status(200).send(data)
+})
+
+
+router.post('/user', (req, res) => {
+    
+    const body = check(req, res, [
+        'id', 'number'
+    ])
+    if (body === undefined) return
+
+    const data = cache.getUsersPosts(body.id)
+    res.status(200).send(data)
+})
+
+
+router.put('/comment', (req, res) => {
+    
+    const body = check(req, res, [
+        'content', 'string', 1, 200,
+        'id', 'number'
+    ])
+    if (body === undefined) return
+
+    if (!cache.comment(body.id, res.locals.user.id, body.content)) {
+        res.status(500).send({msg: 'Failed to add comment to post'})
+        return
+    }
+
+    res.status(200).send({msg: 'Successfully posted comment'})
+})
+
+
+router.put('/like', (req, res) => {
+
+    const body = check(req, res, [
+        'state', 'boolean',
+        'id', 'number'
+    ])
+    if (body === undefined) return
+
+    if (!cache.like(body.id, res.locals.user.id, body.state)) {
+        res.status(500).send({msg: 'Failed to change like state on post'})
+        return
+    }
+
+    res.status(200).send({msg: 'Successfully changed like state on post'})
+})
+
+module.exports = router;
+\ No newline at end of file
diff --git a/src/api/users.js b/src/api/users.js
new file mode 100644
index 0000000..689904c
--- /dev/null
+++ b/src/api/users.js
@@ -0,0 +1,35 @@
+const express = require('express')
+const router = express.Router()
+const cache = require('../cache')
+const check = require('../check')
+
+
+router.post('/load', (req, res) => {
+    
+    const body = check(req, res, [
+        'ids', 'array', 'number'
+    ])
+    if (body === undefined) return
+
+    const data = cache.getUsers(body.ids)
+    res.status(200).send(data)
+})
+
+
+router.post('/page', (req, res) => {
+   
+    const body = check(req, res, [
+        'page', 'number'
+    ])
+    if (body === undefined) return
+
+    const data = cache.getUsersPage(body.page)
+    res.status(200).send(data)
+})
+
+
+router.post('/self', (req, res) => {
+    res.status(200).send(res.locals.user)
+})
+
+module.exports = router;
+\ No newline at end of file
author	Tyler Murphy <tylermurphy534@gmail.com>	2023-01-23 21:40:41 -0500
committer	Tyler Murphy <tylermurphy534@gmail.com>	2023-01-23 21:40:41 -0500
commit	15f2b32511e9b4c0479ad03c18a69653328f36b1 (patch)
tree	c9b4782bfc0b790ab1e19c7b3e2ac43d22b005e7 /src/api
parent	fix endpoint, html parse, load more posts (diff)
download	xssbook-15f2b32511e9b4c0479ad03c18a69653328f36b1.tar.gz xssbook-15f2b32511e9b4c0479ad03c18a69653328f36b1.tar.bz2 xssbook-15f2b32511e9b4c0479ad03c18a69653328f36b1.zip