diff --git a/client/app/(posts)/post/[id]/page.tsx b/client/app/(posts)/post/[id]/page.tsx index 64cce68d..aeec2963 100644 --- a/client/app/(posts)/post/[id]/page.tsx +++ b/client/app/(posts)/post/[id]/page.tsx @@ -87,69 +87,4 @@ const PostView = async ({ ) } -// export const getServerSideProps: GetServerSideProps = async ({ -// params, -// req, -// res -// }) => { -// const post = await fetch(process.env.API_URL + `/posts/${params?.id}`, { -// method: "GET", -// headers: { -// "Content-Type": "application/json", -// "x-secret-key": process.env.SECRET_KEY || "", -// Authorization: `Bearer ${req.cookies["drift-token"]}` -// } -// }) - -// if (post.status === 401 || post.status === 403) { -// return { -// // can't access the post if it's private -// redirect: { -// destination: "/", -// permanent: false -// }, -// props: {} -// } -// } else if (post.status === 404 || !post.ok) { -// return { -// redirect: { -// destination: "/404", -// permanent: false -// }, -// props: {} -// } -// } - -// const json = (await post.json()) as Post -// const isAuthor = json.users?.find( -// (user) => user.id === req.cookies[USER_COOKIE_NAME] -// ) - -// if (json.visibility === "public" || json.visibility === "unlisted") { -// const sMaxAge = 60 * 60 * 12 // half a day -// res.setHeader( -// "Cache-Control", -// `public, s-maxage=${sMaxAge}, max-age=${sMaxAge}` -// ) -// } else if (json.visibility === "protected" && !isAuthor) { -// return { -// props: { -// post: { -// id: json.id, -// visibility: json.visibility, -// expiresAt: json.expiresAt -// }, -// isProtected: true -// } -// } -// } - -// return { -// props: { -// post: json, -// key: params?.id -// } -// } -// } - export default PostView diff --git a/client/app/settings/components/sections/password.tsx b/client/app/settings/components/sections/password.tsx index 86f16913..cfbbb26a 100644 --- a/client/app/settings/components/sections/password.tsx +++ b/client/app/settings/components/sections/password.tsx @@ -1,7 +1,6 @@ "use client" import { Input, Button, useToasts } from "@geist-ui/core/dist" -import { TOKEN_COOKIE_NAME } from "@lib/constants" import { useState } from "react" const Password = () => { diff --git a/client/app/settings/components/sections/profile.tsx b/client/app/settings/components/sections/profile.tsx index afbf2fd7..f1645a96 100644 --- a/client/app/settings/components/sections/profile.tsx +++ b/client/app/settings/components/sections/profile.tsx @@ -1,11 +1,11 @@ "use client" import { Note, Input, Textarea, Button, useToasts } from "@geist-ui/core/dist" -import { TOKEN_COOKIE_NAME } from "@lib/constants" -import { User } from "next-auth" +import { User } from "@lib/server/prisma" import { useState } from "react" const Profile = ({ user }: { user: User }) => { + // TODO: make this displayName, requires fetching user from DB as session doesnt have it const [name, setName] = useState(user.name || "") const [bio, setBio] = useState() diff --git a/client/lib/constants.ts b/client/lib/constants.ts index af05d8e1..2257c512 100644 --- a/client/lib/constants.ts +++ b/client/lib/constants.ts @@ -126,5 +126,3 @@ export const allowedFileExtensions = [ ...codeFileExtensions ] -export const TOKEN_COOKIE_NAME = "drift-token" -export const USER_COOKIE_NAME = "drift-userid" diff --git a/server/src/routes/admin.ts b/server/src/routes/admin.ts index 026e4b81..780eb627 100644 --- a/server/src/routes/admin.ts +++ b/server/src/routes/admin.ts @@ -1,199 +1,199 @@ -import isAdmin, { UserJwtRequest } from "@lib/middleware/is-admin" -import { Post } from "@lib/models/Post" -import { User } from "@lib/models/User" -import { File } from "@lib/models/File" -import { Router } from "express" -import { celebrate, Joi } from "celebrate" +import isAdmin, { UserJwtRequest } from "@lib/middleware/is-admin"; +import { Post } from "@lib/models/Post"; +import { User } from "@lib/models/User"; +import { File } from "@lib/models/File"; +import { Router } from "express"; +import { celebrate, Joi } from "celebrate"; -export const admin = Router() +export const admin = Router(); -admin.use(isAdmin) +admin.use(isAdmin); admin.get("/is-admin", async (req, res) => { - return res.json({ - isAdmin: true - }) -}) + return res.json({ + isAdmin: true, + }); +}); admin.get("/users", async (req, res, next) => { - try { - const users = await User.findAll({ - attributes: { - exclude: ["password"], - include: ["id", "username", "createdAt", "updatedAt"] - }, - include: [ - { - model: Post, - as: "posts", - attributes: ["id"] - } - ] - }) - res.json(users) - } catch (e) { - next(e) - } -}) + try { + const users = await User.findAll({ + attributes: { + exclude: ["password"], + include: ["id", "username", "createdAt", "updatedAt"], + }, + include: [ + { + model: Post, + as: "posts", + attributes: ["id"], + }, + ], + }); + res.json(users); + } catch (e) { + next(e); + } +}); admin.post( - "/users/toggle-role", - celebrate({ - body: { - id: Joi.string().required(), - role: Joi.string().required().allow("user", "admin") - } - }), - async (req: UserJwtRequest, res, next) => { - try { - const { id, role } = req.body - if (req.user?.id === id) { - return res.status(400).json({ - error: "You can't change your own role" - }) - } + "/users/toggle-role", + celebrate({ + body: { + id: Joi.string().required(), + role: Joi.string().required().allow("user", "admin"), + }, + }), + async (req: UserJwtRequest, res, next) => { + try { + const { id, role } = req.body; + if (req.user?.id === id) { + return res.status(400).json({ + error: "You can't change your own role", + }); + } - const user = await User.findByPk(id) - if (!user) { - return res.status(404).json({ - error: "User not found" - }) - } + const user = await User.findByPk(id); + if (!user) { + return res.status(404).json({ + error: "User not found", + }); + } - await user.update({ - role - }) + await user.update({ + role, + }); - await user.save() + await user.save(); - res.json({ - success: true - }) - } catch (e) { - next(e) - } - } -) + res.json({ + success: true, + }); + } catch (e) { + next(e); + } + } +); admin.delete("/users/:id", async (req, res, next) => { - try { - const user = await User.findByPk(req.params.id) - if (!user) { - return res.status(404).json({ - error: "User not found" - }) - } - // TODO: verify CASCADE is removing files + posts - await user.destroy() + try { + const user = await User.findByPk(req.params.id); + if (!user) { + return res.status(404).json({ + error: "User not found", + }); + } + // TODO: verify CASCADE is removing files + posts + await user.destroy(); - res.json({ - success: true - }) - } catch (e) { - next(e) - } -}) + res.json({ + success: true, + }); + } catch (e) { + next(e); + } +}); admin.delete("/posts/:id", async (req, res, next) => { - try { - const post = await Post.findByPk(req.params.id) - if (!post) { - return res.status(404).json({ - error: "Post not found" - }) - } - await post.destroy() + try { + const post = await Post.findByPk(req.params.id); + if (!post) { + return res.status(404).json({ + error: "Post not found", + }); + } + await post.destroy(); - res.json({ - success: true - }) - } catch (e) { - next(e) - } -}) + res.json({ + success: true, + }); + } catch (e) { + next(e); + } +}); admin.get("/posts", async (req, res, next) => { - try { - const posts = await Post.findAll({ - attributes: { - exclude: ["content"], - include: ["id", "title", "visibility", "createdAt"] - }, - include: [ - { - model: File, - as: "files", - attributes: ["id", "title", "createdAt", "html"] - }, - { - model: User, - as: "users", - attributes: ["id", "username"] - } - ] - }) - res.json(posts) - } catch (e) { - next(e) - } -}) + try { + const posts = await Post.findAll({ + attributes: { + exclude: ["content"], + include: ["id", "title", "visibility", "createdAt"], + }, + include: [ + { + model: File, + as: "files", + attributes: ["id", "title", "createdAt", "html"], + }, + { + model: User, + as: "users", + attributes: ["id", "username"], + }, + ], + }); + res.json(posts); + } catch (e) { + next(e); + } +}); admin.get("/post/:id", async (req, res, next) => { - try { - const post = await Post.findByPk(req.params.id, { - attributes: { - exclude: ["content"], - include: ["id", "title", "visibility", "createdAt"] - }, - include: [ - { - model: File, - as: "files", - attributes: ["id", "title", "sha", "createdAt", "updatedAt", "html"] - }, - { - model: User, - as: "users", - attributes: ["id", "username"] - } - ] - }) - if (!post) { - return res.status(404).json({ - message: "Post not found" - }) - } + try { + const post = await Post.findByPk(req.params.id, { + attributes: { + exclude: ["content"], + include: ["id", "title", "visibility", "createdAt"], + }, + include: [ + { + model: File, + as: "files", + attributes: ["id", "title", "sha", "createdAt", "updatedAt", "html"], + }, + { + model: User, + as: "users", + attributes: ["id", "username"], + }, + ], + }); + if (!post) { + return res.status(404).json({ + message: "Post not found", + }); + } - res.json(post) - } catch (e) { - next(e) - } -}) + res.json(post); + } catch (e) { + next(e); + } +}); admin.delete("/post/:id", async (req, res, next) => { - try { - const post = await Post.findByPk(req.params.id, { - include: [ - { - model: File, - as: "files" - } - ] - }) + try { + const post = await Post.findByPk(req.params.id, { + include: [ + { + model: File, + as: "files", + }, + ], + }); - if (!post) { - return res.status(404).json({ - message: "Post not found" - }) - } + if (!post) { + return res.status(404).json({ + message: "Post not found", + }); + } - if (post.files?.length) - await Promise.all(post.files.map((file) => file.destroy())) - await post.destroy({ force: true }) - res.json({ - message: "Post deleted" - }) - } catch (e) { - next(e) - } -}) + if (post.files?.length) + await Promise.all(post.files.map((file) => file.destroy())); + await post.destroy({ force: true }); + res.json({ + message: "Post deleted", + }); + } catch (e) { + next(e); + } +});