rm old constants
This commit is contained in:
parent
c31b911c86
commit
c5e276b51c
5 changed files with 174 additions and 242 deletions
|
@ -87,69 +87,4 @@ const PostView = async ({
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
// export const getServerSideProps: GetServerSideProps = async ({
|
|
||||||
// params,
|
|
||||||
// req,
|
|
||||||
// res
|
|
||||||
// }) => {
|
|
||||||
// const post = await fetch(process.env.API_URL + `/posts/${params?.id}`, {
|
|
||||||
// method: "GET",
|
|
||||||
// headers: {
|
|
||||||
// "Content-Type": "application/json",
|
|
||||||
// "x-secret-key": process.env.SECRET_KEY || "",
|
|
||||||
// Authorization: `Bearer ${req.cookies["drift-token"]}`
|
|
||||||
// }
|
|
||||||
// })
|
|
||||||
|
|
||||||
// if (post.status === 401 || post.status === 403) {
|
|
||||||
// return {
|
|
||||||
// // can't access the post if it's private
|
|
||||||
// redirect: {
|
|
||||||
// destination: "/",
|
|
||||||
// permanent: false
|
|
||||||
// },
|
|
||||||
// props: {}
|
|
||||||
// }
|
|
||||||
// } else if (post.status === 404 || !post.ok) {
|
|
||||||
// return {
|
|
||||||
// redirect: {
|
|
||||||
// destination: "/404",
|
|
||||||
// permanent: false
|
|
||||||
// },
|
|
||||||
// props: {}
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
|
|
||||||
// const json = (await post.json()) as Post
|
|
||||||
// const isAuthor = json.users?.find(
|
|
||||||
// (user) => user.id === req.cookies[USER_COOKIE_NAME]
|
|
||||||
// )
|
|
||||||
|
|
||||||
// if (json.visibility === "public" || json.visibility === "unlisted") {
|
|
||||||
// const sMaxAge = 60 * 60 * 12 // half a day
|
|
||||||
// res.setHeader(
|
|
||||||
// "Cache-Control",
|
|
||||||
// `public, s-maxage=${sMaxAge}, max-age=${sMaxAge}`
|
|
||||||
// )
|
|
||||||
// } else if (json.visibility === "protected" && !isAuthor) {
|
|
||||||
// return {
|
|
||||||
// props: {
|
|
||||||
// post: {
|
|
||||||
// id: json.id,
|
|
||||||
// visibility: json.visibility,
|
|
||||||
// expiresAt: json.expiresAt
|
|
||||||
// },
|
|
||||||
// isProtected: true
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
|
|
||||||
// return {
|
|
||||||
// props: {
|
|
||||||
// post: json,
|
|
||||||
// key: params?.id
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
|
|
||||||
export default PostView
|
export default PostView
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
"use client"
|
"use client"
|
||||||
|
|
||||||
import { Input, Button, useToasts } from "@geist-ui/core/dist"
|
import { Input, Button, useToasts } from "@geist-ui/core/dist"
|
||||||
import { TOKEN_COOKIE_NAME } from "@lib/constants"
|
|
||||||
import { useState } from "react"
|
import { useState } from "react"
|
||||||
|
|
||||||
const Password = () => {
|
const Password = () => {
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
"use client"
|
"use client"
|
||||||
|
|
||||||
import { Note, Input, Textarea, Button, useToasts } from "@geist-ui/core/dist"
|
import { Note, Input, Textarea, Button, useToasts } from "@geist-ui/core/dist"
|
||||||
import { TOKEN_COOKIE_NAME } from "@lib/constants"
|
import { User } from "@lib/server/prisma"
|
||||||
import { User } from "next-auth"
|
|
||||||
import { useState } from "react"
|
import { useState } from "react"
|
||||||
|
|
||||||
const Profile = ({ user }: { user: User }) => {
|
const Profile = ({ user }: { user: User }) => {
|
||||||
|
// TODO: make this displayName, requires fetching user from DB as session doesnt have it
|
||||||
const [name, setName] = useState<string>(user.name || "")
|
const [name, setName] = useState<string>(user.name || "")
|
||||||
const [bio, setBio] = useState<string>()
|
const [bio, setBio] = useState<string>()
|
||||||
|
|
||||||
|
|
|
@ -126,5 +126,3 @@ export const allowedFileExtensions = [
|
||||||
...codeFileExtensions
|
...codeFileExtensions
|
||||||
]
|
]
|
||||||
|
|
||||||
export const TOKEN_COOKIE_NAME = "drift-token"
|
|
||||||
export const USER_COOKIE_NAME = "drift-userid"
|
|
||||||
|
|
|
@ -1,199 +1,199 @@
|
||||||
import isAdmin, { UserJwtRequest } from "@lib/middleware/is-admin"
|
import isAdmin, { UserJwtRequest } from "@lib/middleware/is-admin";
|
||||||
import { Post } from "@lib/models/Post"
|
import { Post } from "@lib/models/Post";
|
||||||
import { User } from "@lib/models/User"
|
import { User } from "@lib/models/User";
|
||||||
import { File } from "@lib/models/File"
|
import { File } from "@lib/models/File";
|
||||||
import { Router } from "express"
|
import { Router } from "express";
|
||||||
import { celebrate, Joi } from "celebrate"
|
import { celebrate, Joi } from "celebrate";
|
||||||
|
|
||||||
export const admin = Router()
|
export const admin = Router();
|
||||||
|
|
||||||
admin.use(isAdmin)
|
admin.use(isAdmin);
|
||||||
|
|
||||||
admin.get("/is-admin", async (req, res) => {
|
admin.get("/is-admin", async (req, res) => {
|
||||||
return res.json({
|
return res.json({
|
||||||
isAdmin: true
|
isAdmin: true,
|
||||||
})
|
});
|
||||||
})
|
});
|
||||||
|
|
||||||
admin.get("/users", async (req, res, next) => {
|
admin.get("/users", async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
const users = await User.findAll({
|
const users = await User.findAll({
|
||||||
attributes: {
|
attributes: {
|
||||||
exclude: ["password"],
|
exclude: ["password"],
|
||||||
include: ["id", "username", "createdAt", "updatedAt"]
|
include: ["id", "username", "createdAt", "updatedAt"],
|
||||||
},
|
},
|
||||||
include: [
|
include: [
|
||||||
{
|
{
|
||||||
model: Post,
|
model: Post,
|
||||||
as: "posts",
|
as: "posts",
|
||||||
attributes: ["id"]
|
attributes: ["id"],
|
||||||
}
|
},
|
||||||
]
|
],
|
||||||
})
|
});
|
||||||
res.json(users)
|
res.json(users);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
next(e)
|
next(e);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
|
|
||||||
admin.post(
|
admin.post(
|
||||||
"/users/toggle-role",
|
"/users/toggle-role",
|
||||||
celebrate({
|
celebrate({
|
||||||
body: {
|
body: {
|
||||||
id: Joi.string().required(),
|
id: Joi.string().required(),
|
||||||
role: Joi.string().required().allow("user", "admin")
|
role: Joi.string().required().allow("user", "admin"),
|
||||||
}
|
},
|
||||||
}),
|
}),
|
||||||
async (req: UserJwtRequest, res, next) => {
|
async (req: UserJwtRequest, res, next) => {
|
||||||
try {
|
try {
|
||||||
const { id, role } = req.body
|
const { id, role } = req.body;
|
||||||
if (req.user?.id === id) {
|
if (req.user?.id === id) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
error: "You can't change your own role"
|
error: "You can't change your own role",
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
const user = await User.findByPk(id)
|
const user = await User.findByPk(id);
|
||||||
if (!user) {
|
if (!user) {
|
||||||
return res.status(404).json({
|
return res.status(404).json({
|
||||||
error: "User not found"
|
error: "User not found",
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
await user.update({
|
await user.update({
|
||||||
role
|
role,
|
||||||
})
|
});
|
||||||
|
|
||||||
await user.save()
|
await user.save();
|
||||||
|
|
||||||
res.json({
|
res.json({
|
||||||
success: true
|
success: true,
|
||||||
})
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
next(e)
|
next(e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
)
|
);
|
||||||
|
|
||||||
admin.delete("/users/:id", async (req, res, next) => {
|
admin.delete("/users/:id", async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
const user = await User.findByPk(req.params.id)
|
const user = await User.findByPk(req.params.id);
|
||||||
if (!user) {
|
if (!user) {
|
||||||
return res.status(404).json({
|
return res.status(404).json({
|
||||||
error: "User not found"
|
error: "User not found",
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
// TODO: verify CASCADE is removing files + posts
|
// TODO: verify CASCADE is removing files + posts
|
||||||
await user.destroy()
|
await user.destroy();
|
||||||
|
|
||||||
res.json({
|
res.json({
|
||||||
success: true
|
success: true,
|
||||||
})
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
next(e)
|
next(e);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
|
|
||||||
admin.delete("/posts/:id", async (req, res, next) => {
|
admin.delete("/posts/:id", async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
const post = await Post.findByPk(req.params.id)
|
const post = await Post.findByPk(req.params.id);
|
||||||
if (!post) {
|
if (!post) {
|
||||||
return res.status(404).json({
|
return res.status(404).json({
|
||||||
error: "Post not found"
|
error: "Post not found",
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
await post.destroy()
|
await post.destroy();
|
||||||
|
|
||||||
res.json({
|
res.json({
|
||||||
success: true
|
success: true,
|
||||||
})
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
next(e)
|
next(e);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
|
|
||||||
admin.get("/posts", async (req, res, next) => {
|
admin.get("/posts", async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
const posts = await Post.findAll({
|
const posts = await Post.findAll({
|
||||||
attributes: {
|
attributes: {
|
||||||
exclude: ["content"],
|
exclude: ["content"],
|
||||||
include: ["id", "title", "visibility", "createdAt"]
|
include: ["id", "title", "visibility", "createdAt"],
|
||||||
},
|
},
|
||||||
include: [
|
include: [
|
||||||
{
|
{
|
||||||
model: File,
|
model: File,
|
||||||
as: "files",
|
as: "files",
|
||||||
attributes: ["id", "title", "createdAt", "html"]
|
attributes: ["id", "title", "createdAt", "html"],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
model: User,
|
model: User,
|
||||||
as: "users",
|
as: "users",
|
||||||
attributes: ["id", "username"]
|
attributes: ["id", "username"],
|
||||||
}
|
},
|
||||||
]
|
],
|
||||||
})
|
});
|
||||||
res.json(posts)
|
res.json(posts);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
next(e)
|
next(e);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
|
|
||||||
admin.get("/post/:id", async (req, res, next) => {
|
admin.get("/post/:id", async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
const post = await Post.findByPk(req.params.id, {
|
const post = await Post.findByPk(req.params.id, {
|
||||||
attributes: {
|
attributes: {
|
||||||
exclude: ["content"],
|
exclude: ["content"],
|
||||||
include: ["id", "title", "visibility", "createdAt"]
|
include: ["id", "title", "visibility", "createdAt"],
|
||||||
},
|
},
|
||||||
include: [
|
include: [
|
||||||
{
|
{
|
||||||
model: File,
|
model: File,
|
||||||
as: "files",
|
as: "files",
|
||||||
attributes: ["id", "title", "sha", "createdAt", "updatedAt", "html"]
|
attributes: ["id", "title", "sha", "createdAt", "updatedAt", "html"],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
model: User,
|
model: User,
|
||||||
as: "users",
|
as: "users",
|
||||||
attributes: ["id", "username"]
|
attributes: ["id", "username"],
|
||||||
}
|
},
|
||||||
]
|
],
|
||||||
})
|
});
|
||||||
if (!post) {
|
if (!post) {
|
||||||
return res.status(404).json({
|
return res.status(404).json({
|
||||||
message: "Post not found"
|
message: "Post not found",
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
res.json(post)
|
res.json(post);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
next(e)
|
next(e);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
|
|
||||||
admin.delete("/post/:id", async (req, res, next) => {
|
admin.delete("/post/:id", async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
const post = await Post.findByPk(req.params.id, {
|
const post = await Post.findByPk(req.params.id, {
|
||||||
include: [
|
include: [
|
||||||
{
|
{
|
||||||
model: File,
|
model: File,
|
||||||
as: "files"
|
as: "files",
|
||||||
}
|
},
|
||||||
]
|
],
|
||||||
})
|
});
|
||||||
|
|
||||||
if (!post) {
|
if (!post) {
|
||||||
return res.status(404).json({
|
return res.status(404).json({
|
||||||
message: "Post not found"
|
message: "Post not found",
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
if (post.files?.length)
|
if (post.files?.length)
|
||||||
await Promise.all(post.files.map((file) => file.destroy()))
|
await Promise.all(post.files.map((file) => file.destroy()));
|
||||||
await post.destroy({ force: true })
|
await post.destroy({ force: true });
|
||||||
res.json({
|
res.json({
|
||||||
message: "Post deleted"
|
message: "Post deleted",
|
||||||
})
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
next(e)
|
next(e);
|
||||||
}
|
}
|
||||||
})
|
});
|
||||||
|
|
Loading…
Reference in a new issue