2023-09-13 19:56:58 +00:00
const core = require ( "./core" ) ;
2023-11-15 18:49:09 +00:00
const bcrypt = require ( "bcrypt" ) ;
const validate = require ( "../form_validation" ) ;
2023-09-13 19:56:58 +00:00
2023-11-15 18:49:09 +00:00
async function postRegister ( req , res ) {
2024-07-08 18:21:36 +00:00
const { username , password } = req . body ; // Get the username and password from the request body
2023-09-13 19:56:58 +00:00
2024-07-08 18:21:36 +00:00
const form _validation = await validate . newUser ( { username : username , password : password } ) ; // Check form for errors
2023-09-21 00:41:57 +00:00
2024-07-08 18:21:36 +00:00
// User registration disabled?
// We also check if the server was setup. If it was not set up, the server will proceed anyways.
if ( ! core . settings [ "ACCOUNT_REGISTRATION" ] && core . settings [ "SETUP_COMPLETE" ] ) return res . json ( { success : false , message : "Account registrations are disabled" } ) ;
2023-09-13 19:56:58 +00:00
2024-07-08 18:21:36 +00:00
// User data valid?
if ( ! form _validation . success ) return res . json ( { success : false , message : form _validation . message } ) ;
2023-09-13 19:56:58 +00:00
2024-07-08 18:21:36 +00:00
// If setup incomplete, set the user role to Admin. This is the initial user so it will be the master user.
const role = core . settings [ "SETUP_COMPLETE" ] ? undefined : "ADMIN" ;
2023-09-13 19:56:58 +00:00
2024-07-08 18:21:36 +00:00
const hashed _password = await bcrypt . hash ( password , 10 ) ; // Hash the password for security :^)
res . json ( await core . newUser ( { username : username , password : hashed _password , role : role } ) ) ;
2023-09-13 19:56:58 +00:00
}
2023-11-15 18:49:09 +00:00
async function postLogin ( req , res ) {
2024-07-08 18:21:36 +00:00
const { username , password } = req . body ; // Get the username and password from the request body
2023-09-13 19:56:58 +00:00
2024-07-08 18:21:36 +00:00
// Get the user by username
const existing _user = await core . getUser ( { username : username , include _password : true } ) ;
if ( ! existing _user . success ) return res . json ( { success : false , message : existing _user . message } ) ;
2023-09-21 00:41:57 +00:00
2024-07-08 18:21:36 +00:00
// Check the password
const password _match = await bcrypt . compare ( password , existing _user . data . password ) ;
if ( ! password _match ) return res . json ( { success : false , message : "Incorrect password" } ) ;
2023-09-21 00:41:57 +00:00
2024-07-08 18:21:36 +00:00
// Send the cookies to the user & return successful
req . session . user = { username : username , id : existing _user . data . id } ;
res . json ( { success : true } ) ;
2023-11-08 10:08:40 +00:00
}
2023-11-15 18:49:09 +00:00
async function postSetting ( request , response ) {
2024-07-08 18:21:36 +00:00
const user = await core . getUser ( { user _id : request . session . user . id } ) ;
2023-11-08 10:08:40 +00:00
2024-07-08 18:21:36 +00:00
if ( ! user . success ) return response . json ( { success : false , message : user . message } ) ;
if ( user . data . role !== "ADMIN" ) return response . json ( { success : false , message : "User is not permitted" } ) ;
2023-11-08 10:08:40 +00:00
2024-07-08 18:21:36 +00:00
response . json ( await core . postSetting ( request . body . setting _name , request . body . value ) ) ;
2023-11-08 10:08:40 +00:00
}
2024-04-30 15:26:35 +00:00
async function postImage ( request , response ) {
2024-07-08 18:21:36 +00:00
// TODO: Permissions for uploading images
// TODO: Verification for image uploading
2024-07-11 23:57:39 +00:00
// FIXME: Naming
2024-07-12 18:46:48 +00:00
let resolution _override ;
if ( request . body . parent _type === "user" ) resolution _override = { width : 500 , height : 500 } ;
return response . json ( await core . uploadMedia ( { parent _id : request . body . post _id || request . body . parent _id , parent _type : request . body . parent _type , file _buffer : request . body . buffer , content _type : request . body . content _type } , { resolution _override : resolution _override } ) ) ;
2024-04-30 15:26:35 +00:00
}
2023-11-15 18:49:09 +00:00
async function deleteImage ( req , res ) {
2024-07-08 18:21:36 +00:00
// TODO: Permissions for deleting image
return res . json ( await core . deleteImage ( req . body , req . session . user . id ) ) ;
2023-11-08 10:08:40 +00:00
}
2023-11-15 18:49:09 +00:00
async function deleteBlog ( req , res ) {
2024-07-08 18:21:36 +00:00
// TODO: Permissions for deleting blog
return res . json ( await core . deletePost ( { post _id : req . body . id , requester _id : req . session . user . id } ) ) ;
2023-11-08 10:08:40 +00:00
}
2023-11-15 18:49:09 +00:00
async function patchBlog ( req , res ) {
2024-07-08 18:21:36 +00:00
return res . json ( await core . editPost ( { requester _id : req . session . user . id , post _id : req . body . id , post _content : req . body } ) ) ;
2024-04-30 15:26:35 +00:00
}
async function patchBiography ( request , response ) {
2024-07-08 18:21:36 +00:00
// TODO: Validate
return response . json ( await core . updateBiography ( { requester _id : request . session . user . id , author _id : request . body . id , biography _content : request . body } ) ) ;
2024-04-30 15:26:35 +00:00
}
async function patchUser ( request , response ) {
2024-07-08 18:21:36 +00:00
return response . json ( await core . editUser ( { requester _id : request . session . user . id , user _id : request . body . id , user _content : request . body } ) ) ;
2023-11-15 18:49:09 +00:00
}
2024-07-08 18:24:31 +00:00
async function postTheme ( request , response ) {
return response . json ( await core . installTheme ( request . body . url , { requester _id : request . session . user . id } ) ) ;
}
async function deleteTheme ( request , response ) {
return response . json ( await core . deleteTheme ( request . body . name , { requester _id : request . session . user . id } ) ) ;
}
2023-11-15 18:49:09 +00:00
2024-07-08 18:24:31 +00:00
module . exports = { postRegister , patchBiography , postLogin , postSetting , postImage , deleteImage , deleteBlog , patchBlog , patchUser , postTheme , deleteTheme } ;