Merge branch 'api-v1' of https://github.com/nbitzz/monofile into api-v1

2024-11-22 05:46:26 -08:00 · 2023-10-05 20:08:42 +01:00 · 2023-10-05 20:08:42 +01:00 · 48e00b1b54
parent 01bb4684a3 9e83d751bd
commit 48e00b1b54
2 changed files with 31 additions and 49 deletions
--- a/src/server/routes/api/v1/account.ts
+++ b/src/server/routes/api/v1/account.ts
@ -20,11 +20,11 @@ const parser = bodyParser.json({

 const router = Router()

-router.use(getAccount)
+router.use(getAccount, parser)

 module.exports = function(files: Files) {
-    router.post("/login",
-        parser,
+    router.post(
+        "/login",
        (req, res) => {
            if (typeof req.body.username != "string" || typeof req.body.password != "string") {
                ServeError(res, 400, "please provide a username or password")
@ -54,8 +54,8 @@ module.exports = function(files: Files) {
        }
    )

-    router.post("/create",
-        parser,
+    router.post(
+        "/create",
        (req, res) => {
            if (!Configuration.accounts.registrationEnabled) {
                ServeError(res , 403, "account registration disabled")
@ -110,7 +110,8 @@ module.exports = function(files: Files) {
        }
    )

-    router.post("/logout",
+    router.post(
+        "/logout",
        (req, res) => {
            if (!Authentication.validate(req.cookies.auth)) {
                ServeError(res, 401, "not logged in")
@ -122,10 +123,9 @@ module.exports = function(files: Files) {
        }
    )

-    router.put("/dfv",
-        requiresAccount,
-        requiresPermissions("manage"),
-        parser,
+    router.put(
+        "/dfv",
+        requiresAccount, requiresPermissions("manage"),
        (req, res) => {
            const Account = res.locals.acc as Accounts.Account

--- a/src/server/routes/api/v1/customization.ts
+++ b/src/server/routes/api/v1/customization.ts
@ -8,6 +8,7 @@ import bodyParser from "body-parser";
 import Files, { id_check_regex } from "../../../lib/files";
 import * as Accounts from '../../../lib/accounts'
 import { getAccount, requiresAccount, requiresPermissions } from "../../../lib/middleware";
+import ServeError from "../../../lib/errors";

 const Configuration = require(`${process.cwd()}/config.json`)

@ -17,14 +18,13 @@ const parser = bodyParser.json({

 const router = Router()

-router.use(getAccount)
+router.use(getAccount, parser)

 module.exports = function(files: Files) {
-    router.put("/css",
-        requiresAccount,
-        requiresPermissions("customize"),
-        parser,
-        (req, res) => {
+    router.put(
+        "/css",
+        requiresAccount, requiresPermissions("customize"),
+        async (req, res) => {
            const Account = res.locals.acc as Accounts.Account

            if (typeof req.body.fileId != "string") req.body.fileId = undefined;
@ -33,20 +33,13 @@ module.exports = function(files: Files) {
                !req.body.fileId
                ||
                (req.body.fileId.match(id_check_regex) == req.body.fileId 
-                && req.body.fileId.length <= Configuration.maxUploadIdLength)
+              && req.body.fileId.length <= Configuration.maxUploadIdLength)
            ) {
                Account.customCSS = req.body.fileId || undefined

-                if (!req.body.fileId) delete Account.customCSS;
-
-                Accounts.save()
-
+                await Accounts.save()
                res.send("custom css saved")
-            } else {
-                res.status(400)
-
-                res.send("invalid fileid")
-            }
+            } else ServeError(res, 400, "invalid fileId")
        }
    )

@ -61,10 +54,8 @@ module.exports = function(files: Files) {
    )

    router.put("/embed/color",
-        requiresAccount,
-        requiresPermissions("customize"),
-        parser,
-        (req, res) => {
+        requiresAccount, requiresPermissions("customize"),
+        async (req, res) => {
            const Account = res.locals.acc as Accounts.Account

            if (typeof req.body.color != "string") req.body.color = undefined;
@ -74,40 +65,31 @@ module.exports = function(files: Files) {
                || (req.body.color.toLowerCase().match(/[a-f0-9]+/) == req.body.color.toLowerCase())
                && req.body.color.length == 6
            ) {
-                if (!Account.embed) Account.embed = {};

+                if (!Account.embed) Account.embed = {};
                Account.embed.color = req.body.color || undefined

-                if (!req.body.color) delete Account.embed.color;
-
-                Accounts.save()
-
+                await Accounts.save()
                res.send("custom embed color saved")
-            } else {
-                res.status(400)

-                res.send("invalid hex code")
-            }
+            } else ServeError(res,400,"invalid hex code")
        }
    )

    router.put("/embed/size",
-        requiresAccount,
-        requiresPermissions("customize"),
-        parser,
-        (req, res) => {
+        requiresAccount, requiresPermissions("customize"),
+        async (req, res) => {
            const Account = res.locals.acc as Accounts.Account

-            if (typeof req.body.largeImage != "boolean") req.body.color = false;
+            if (typeof req.body.largeImage != "boolean") {
+                ServeError(res, 400, "largeImage must be bool");
+                return
+            }

            if (!Account.embed) Account.embed = {};
-
            Account.embed.largeImage = req.body.largeImage

-            if (!req.body.largeImage) delete Account.embed.largeImage;
-
-            Accounts.save()
-
+            await Accounts.save()
            res.send(`custom embed image size saved`)
        }
    )