split/monofile
1
0
Fork 0
mirror of https://github.com/mollersuite/monofile.git synced 2024-11-22 05:46:26 -08:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity

Merge branch 'api-v1' of https://github.com/nbitzz/monofile into api-v1

Browse source
This commit is contained in:
linkability 2023-10-05 20:08:42 +01:00
parent 01bb4684a3 9e83d751bd
commit 48e00b1b54
No known key found for this signature in database
2 changed files with 31 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
src/server/routes/api/v1/account.ts
View file

@ -20,11 +20,11 @@ const parser = bodyParser.json({
const router = Router() const router = Router()
router.use(getAccount) router.use(getAccount, parser)
module.exports = function(files: Files) { module.exports = function(files: Files) {
router.post("/login", router.post(
parser, "/login",
(req, res) => { (req, res) => {
if (typeof req.body.username != "string" || typeof req.body.password != "string") { if (typeof req.body.username != "string" || typeof req.body.password != "string") {
ServeError(res, 400, "please provide a username or password") ServeError(res, 400, "please provide a username or password")
@ -54,8 +54,8 @@ module.exports = function(files: Files) {
} }
) )
router.post("/create", router.post(
parser, "/create",
(req, res) => { (req, res) => {
if (!Configuration.accounts.registrationEnabled) { if (!Configuration.accounts.registrationEnabled) {
ServeError(res , 403, "account registration disabled") ServeError(res , 403, "account registration disabled")
@ -110,7 +110,8 @@ module.exports = function(files: Files) {
} }
) )
router.post("/logout", router.post(
"/logout",
(req, res) => { (req, res) => {
if (!Authentication.validate(req.cookies.auth)) { if (!Authentication.validate(req.cookies.auth)) {
ServeError(res, 401, "not logged in") ServeError(res, 401, "not logged in")
@ -122,10 +123,9 @@ module.exports = function(files: Files) {
} }
) )
router.put("/dfv", router.put(
requiresAccount, "/dfv",
requiresPermissions("manage"), requiresAccount, requiresPermissions("manage"),
parser,
(req, res) => { (req, res) => {
const Account = res.locals.acc as Accounts.Account const Account = res.locals.acc as Accounts.Account

60
src/server/routes/api/v1/customization.ts
View file

@ -8,6 +8,7 @@ import bodyParser from "body-parser";
import Files, { id_check_regex } from "../../../lib/files"; import Files, { id_check_regex } from "../../../lib/files";
import * as Accounts from '../../../lib/accounts' import * as Accounts from '../../../lib/accounts'
import { getAccount, requiresAccount, requiresPermissions } from "../../../lib/middleware"; import { getAccount, requiresAccount, requiresPermissions } from "../../../lib/middleware";
import ServeError from "../../../lib/errors";
const Configuration = require(`${process.cwd()}/config.json`) const Configuration = require(`${process.cwd()}/config.json`)
@ -17,14 +18,13 @@ const parser = bodyParser.json({
const router = Router() const router = Router()
router.use(getAccount) router.use(getAccount, parser)
module.exports = function(files: Files) { module.exports = function(files: Files) {
router.put("/css", router.put(
requiresAccount, "/css",
requiresPermissions("customize"), requiresAccount, requiresPermissions("customize"),
parser, async (req, res) => {
(req, res) => {
const Account = res.locals.acc as Accounts.Account const Account = res.locals.acc as Accounts.Account
if (typeof req.body.fileId != "string") req.body.fileId = undefined; if (typeof req.body.fileId != "string") req.body.fileId = undefined;
@ -33,20 +33,13 @@ module.exports = function(files: Files) {
!req.body.fileId !req.body.fileId
|| ||
(req.body.fileId.match(id_check_regex) == req.body.fileId (req.body.fileId.match(id_check_regex) == req.body.fileId
&& req.body.fileId.length <= Configuration.maxUploadIdLength) && req.body.fileId.length <= Configuration.maxUploadIdLength)
) { ) {
Account.customCSS = req.body.fileId || undefined Account.customCSS = req.body.fileId || undefined
if (!req.body.fileId) delete Account.customCSS; await Accounts.save()
Accounts.save()
res.send("custom css saved") res.send("custom css saved")
} else { } else ServeError(res, 400, "invalid fileId")
res.status(400)
res.send("invalid fileid")
}
} }
) )
@ -61,10 +54,8 @@ module.exports = function(files: Files) {
) )
router.put("/embed/color", router.put("/embed/color",
requiresAccount, requiresAccount, requiresPermissions("customize"),
requiresPermissions("customize"), async (req, res) => {
parser,
(req, res) => {
const Account = res.locals.acc as Accounts.Account const Account = res.locals.acc as Accounts.Account
if (typeof req.body.color != "string") req.body.color = undefined; if (typeof req.body.color != "string") req.body.color = undefined;
@ -74,40 +65,31 @@ module.exports = function(files: Files) {
|| (req.body.color.toLowerCase().match(/[a-f0-9]+/) == req.body.color.toLowerCase()) || (req.body.color.toLowerCase().match(/[a-f0-9]+/) == req.body.color.toLowerCase())
&& req.body.color.length == 6 && req.body.color.length == 6
) { ) {
if (!Account.embed) Account.embed = {};
if (!Account.embed) Account.embed = {};
Account.embed.color = req.body.color || undefined Account.embed.color = req.body.color || undefined
if (!req.body.color) delete Account.embed.color; await Accounts.save()
Accounts.save()
res.send("custom embed color saved") res.send("custom embed color saved")
} else {
res.status(400)
res.send("invalid hex code") } else ServeError(res,400,"invalid hex code")
}
} }
) )
router.put("/embed/size", router.put("/embed/size",
requiresAccount, requiresAccount, requiresPermissions("customize"),
requiresPermissions("customize"), async (req, res) => {
parser,
(req, res) => {
const Account = res.locals.acc as Accounts.Account const Account = res.locals.acc as Accounts.Account
if (typeof req.body.largeImage != "boolean") req.body.color = false; if (typeof req.body.largeImage != "boolean") {
ServeError(res, 400, "largeImage must be bool");
return
}
if (!Account.embed) Account.embed = {}; if (!Account.embed) Account.embed = {};
Account.embed.largeImage = req.body.largeImage Account.embed.largeImage = req.body.largeImage
if (!req.body.largeImage) delete Account.embed.largeImage; await Accounts.save()
Accounts.save()
res.send(`custom embed image size saved`) res.send(`custom embed image size saved`)
} }
) )