|
|
|
@ -4,12 +4,17 @@
|
|
|
|
|
* - Resources
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
import { MagicNumbers } from 'ass-json';
|
|
|
|
|
import fs from 'fs-extra';
|
|
|
|
|
import { Router, Request, Response, NextFunction } from 'express';
|
|
|
|
|
import { findFromToken, setUserPassword, users, createNewUser, deleteUser, setUserMeta, deleteUserMeta, setUsername, resetToken, verifyCliKey } from '../auth';
|
|
|
|
|
import { log } from '../utils';
|
|
|
|
|
import { log, path } from '../utils';
|
|
|
|
|
import { data } from '../data';
|
|
|
|
|
import { User } from '../types/auth';
|
|
|
|
|
|
|
|
|
|
// Load the status codes
|
|
|
|
|
const { CODE_OK, CODE_BAD_REQUEST, CODE_UNAUTHORIZED, CODE_NOT_FOUND, CODE_CONFLICT, CODE_INTERNAL_SERVER_ERROR }: MagicNumbers = fs.readJsonSync(path('MagicNumbers.json'));
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* The primary API router
|
|
|
|
|
*/
|
|
|
|
@ -26,12 +31,12 @@ const errorHandler = (res: Response, err: Error | any) => {
|
|
|
|
|
let code: number;
|
|
|
|
|
switch (err.message) {
|
|
|
|
|
case 'User not found':
|
|
|
|
|
code = 404; break;
|
|
|
|
|
code = CODE_NOT_FOUND; break;
|
|
|
|
|
case 'Meta key already exists':
|
|
|
|
|
case 'Username already taken':
|
|
|
|
|
code = 409; break;
|
|
|
|
|
code = CODE_CONFLICT; break;
|
|
|
|
|
default:
|
|
|
|
|
code = 500;
|
|
|
|
|
code = CODE_INTERNAL_SERVER_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res.status(code).type('text').send(err.message ?? err);
|
|
|
|
@ -43,14 +48,14 @@ const errorHandler = (res: Response, err: Error | any) => {
|
|
|
|
|
*/
|
|
|
|
|
const adminAuthMiddleware = (req: Request, res: Response, next: NextFunction) => {
|
|
|
|
|
const user = findFromToken(req.headers.authorization ?? '');
|
|
|
|
|
(verifyCliKey(req) || (user && user.admin)) ? next() : res.sendStatus(401);
|
|
|
|
|
(verifyCliKey(req) || (user && user.admin)) ? next() : res.sendStatus(CODE_UNAUTHORIZED);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Simple function to either return JSON or a 404, so I don't have to write it 40 times.
|
|
|
|
|
* @since v0.14.0
|
|
|
|
|
*/
|
|
|
|
|
const userFinder = (res: Response, user: User | undefined) => user ? res.json(user) : res.sendStatus(404);
|
|
|
|
|
const userFinder = (res: Response, user: User | undefined) => user ? res.json(user) : res.sendStatus(CODE_NOT_FOUND);
|
|
|
|
|
|
|
|
|
|
function buildUserRouter() {
|
|
|
|
|
const userRouter = Router();
|
|
|
|
@ -75,7 +80,7 @@ function buildUserRouter() {
|
|
|
|
|
const newPassword = req.body.password;
|
|
|
|
|
|
|
|
|
|
setUserPassword(id, newPassword)
|
|
|
|
|
.then(() => res.sendStatus(200))
|
|
|
|
|
.then(() => res.sendStatus(CODE_OK))
|
|
|
|
|
.catch((err) => errorHandler(res, err));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
@ -89,7 +94,7 @@ function buildUserRouter() {
|
|
|
|
|
|
|
|
|
|
// Block if username or password is empty, or if username is already taken
|
|
|
|
|
if (username == null || username.length === 0 || password == null || password.length == 0 || users.find(user => user.username === username))
|
|
|
|
|
return res.sendStatus(400);
|
|
|
|
|
return res.sendStatus(CODE_BAD_REQUEST);
|
|
|
|
|
|
|
|
|
|
createNewUser(username, password, admin, meta)
|
|
|
|
|
.then((user) => res.send(user))
|
|
|
|
@ -107,7 +112,7 @@ function buildUserRouter() {
|
|
|
|
|
const id = req.params.id;
|
|
|
|
|
|
|
|
|
|
deleteUser(id)
|
|
|
|
|
.then(() => res.sendStatus(200))
|
|
|
|
|
.then(() => res.sendStatus(CODE_OK))
|
|
|
|
|
.catch((err) => errorHandler(res, err));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
@ -120,10 +125,10 @@ function buildUserRouter() {
|
|
|
|
|
const force = req.body.force ?? false;
|
|
|
|
|
|
|
|
|
|
if (key == null || key.length === 0 || value == null || value.length === 0)
|
|
|
|
|
return res.sendStatus(400);
|
|
|
|
|
return res.sendStatus(CODE_BAD_REQUEST);
|
|
|
|
|
|
|
|
|
|
setUserMeta(id, key, value, force)
|
|
|
|
|
.then(() => res.sendStatus(200))
|
|
|
|
|
.then(() => res.sendStatus(CODE_OK))
|
|
|
|
|
.catch((err) => errorHandler(res, err));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
@ -134,10 +139,10 @@ function buildUserRouter() {
|
|
|
|
|
const key: string | undefined = req.body.key;
|
|
|
|
|
|
|
|
|
|
if (key == null || key.length === 0)
|
|
|
|
|
return res.sendStatus(400);
|
|
|
|
|
return res.sendStatus(CODE_BAD_REQUEST);
|
|
|
|
|
|
|
|
|
|
deleteUserMeta(id, key)
|
|
|
|
|
.then(() => res.sendStatus(200))
|
|
|
|
|
.then(() => res.sendStatus(CODE_OK))
|
|
|
|
|
.catch((err) => errorHandler(res, err));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
@ -149,10 +154,10 @@ function buildUserRouter() {
|
|
|
|
|
const username: string | undefined = req.body.username;
|
|
|
|
|
|
|
|
|
|
if (username == null || username.length === 0)
|
|
|
|
|
return res.sendStatus(400);
|
|
|
|
|
return res.sendStatus(CODE_BAD_REQUEST);
|
|
|
|
|
|
|
|
|
|
setUsername(id, username)
|
|
|
|
|
.then(() => res.sendStatus(200))
|
|
|
|
|
.then(() => res.sendStatus(CODE_OK))
|
|
|
|
|
.catch((err) => errorHandler(res, err));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
@ -163,7 +168,7 @@ function buildUserRouter() {
|
|
|
|
|
const id = req.params.id;
|
|
|
|
|
|
|
|
|
|
resetToken(id)
|
|
|
|
|
.then(() => res.sendStatus(200))
|
|
|
|
|
.then(() => res.sendStatus(CODE_OK))
|
|
|
|
|
.catch((err) => errorHandler(res, err));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|