From 9e83d751bdc368bef9be1b57141c82a3f2b821b4 Mon Sep 17 00:00:00 2001 From: stringsplit <77242831+nbitzz@users.noreply.github.com> Date: Wed, 4 Oct 2023 19:02:11 -0700 Subject: [PATCH] api-v1: Charlie is on meth --- src/server/routes/api/v1/account.ts | 20 ++++---- src/server/routes/api/v1/customization.ts | 60 ++++++++--------------- 2 files changed, 31 insertions(+), 49 deletions(-) diff --git a/src/server/routes/api/v1/account.ts b/src/server/routes/api/v1/account.ts index b3009b2..81b215c 100644 --- a/src/server/routes/api/v1/account.ts +++ b/src/server/routes/api/v1/account.ts @@ -19,11 +19,11 @@ const parser = bodyParser.json({ const router = Router() -router.use(getAccount) +router.use(getAccount, parser) module.exports = function(files: Files) { - router.post("/login", - parser, + router.post( + "/login", (req, res) => { if (typeof req.body.username != "string" || typeof req.body.password != "string") { ServeError(res, 400, "please provide a username or password") @@ -53,8 +53,8 @@ module.exports = function(files: Files) { } ) - router.post("/create", - parser, + router.post( + "/create", (req, res) => { if (!Configuration.accounts.registrationEnabled) { ServeError(res , 403, "account registration disabled") @@ -109,7 +109,8 @@ module.exports = function(files: Files) { } ) - router.post("/logout", + router.post( + "/logout", (req, res) => { if (!Authentication.validate(req.cookies.auth)) { ServeError(res, 401, "not logged in") @@ -121,10 +122,9 @@ module.exports = function(files: Files) { } ) - router.put("/dfv", - requiresAccount, - requiresPermissions("manage"), - parser, + router.put( + "/dfv", + requiresAccount, requiresPermissions("manage"), (req, res) => { const Account = res.locals.acc as Accounts.Account diff --git a/src/server/routes/api/v1/customization.ts b/src/server/routes/api/v1/customization.ts index 5c282e8..2986612 100644 --- a/src/server/routes/api/v1/customization.ts +++ b/src/server/routes/api/v1/customization.ts @@ -8,6 +8,7 @@ import bodyParser from "body-parser"; import Files, { id_check_regex } from "../../../lib/files"; import * as Accounts from '../../../lib/accounts' import { getAccount, requiresAccount, requiresPermissions } from "../../../lib/middleware"; +import ServeError from "../../../lib/errors"; const Configuration = require(`${process.cwd()}/config.json`) @@ -17,14 +18,13 @@ const parser = bodyParser.json({ const router = Router() -router.use(getAccount) +router.use(getAccount, parser) module.exports = function(files: Files) { - router.put("/css", - requiresAccount, - requiresPermissions("customize"), - parser, - (req, res) => { + router.put( + "/css", + requiresAccount, requiresPermissions("customize"), + async (req, res) => { const Account = res.locals.acc as Accounts.Account if (typeof req.body.fileId != "string") req.body.fileId = undefined; @@ -33,20 +33,13 @@ module.exports = function(files: Files) { !req.body.fileId || (req.body.fileId.match(id_check_regex) == req.body.fileId - && req.body.fileId.length <= Configuration.maxUploadIdLength) + && req.body.fileId.length <= Configuration.maxUploadIdLength) ) { Account.customCSS = req.body.fileId || undefined - if (!req.body.fileId) delete Account.customCSS; - - Accounts.save() - + await Accounts.save() res.send("custom css saved") - } else { - res.status(400) - - res.send("invalid fileid") - } + } else ServeError(res, 400, "invalid fileId") } ) @@ -61,10 +54,8 @@ module.exports = function(files: Files) { ) router.put("/embed/color", - requiresAccount, - requiresPermissions("customize"), - parser, - (req, res) => { + requiresAccount, requiresPermissions("customize"), + async (req, res) => { const Account = res.locals.acc as Accounts.Account if (typeof req.body.color != "string") req.body.color = undefined; @@ -74,40 +65,31 @@ module.exports = function(files: Files) { || (req.body.color.toLowerCase().match(/[a-f0-9]+/) == req.body.color.toLowerCase()) && req.body.color.length == 6 ) { - if (!Account.embed) Account.embed = {}; + if (!Account.embed) Account.embed = {}; Account.embed.color = req.body.color || undefined - if (!req.body.color) delete Account.embed.color; - - Accounts.save() - + await Accounts.save() res.send("custom embed color saved") - } else { - res.status(400) - res.send("invalid hex code") - } + } else ServeError(res,400,"invalid hex code") } ) router.put("/embed/size", - requiresAccount, - requiresPermissions("customize"), - parser, - (req, res) => { + requiresAccount, requiresPermissions("customize"), + async (req, res) => { const Account = res.locals.acc as Accounts.Account - if (typeof req.body.largeImage != "boolean") req.body.color = false; + if (typeof req.body.largeImage != "boolean") { + ServeError(res, 400, "largeImage must be bool"); + return + } if (!Account.embed) Account.embed = {}; - Account.embed.largeImage = req.body.largeImage - - if (!req.body.largeImage) delete Account.embed.largeImage; - - Accounts.save() + await Accounts.save() res.send(`custom embed image size saved`) } )