server/router/user.js
Artem Anufrij cff48aaada
All checks were successful
continuous-integration/drone Build is passing
move
2023-02-08 12:30:56 +01:00

173 lines
4.9 KiB
JavaScript

console.log("router/user INIT");
var express = require("express");
var database = require("../services/database");
var bcrypt = require("bcryptjs");
var router = new express.Router();
var server = require("../server");
var passport = server.passport;
router
.route("")
.get(passport.authenticate("jwt", { session: false }), (req, res) => {
database.users.collection(result => {
res.json(result).end();
});
})
.post(passport.authenticate("jwt", { session: false }), (req, res) => {
process.stdout.write("add user\n");
if (
req.user.roles.includes("admin") ||
req.user.roles.includes("moderator")
) {
let newUser = {
name: req.body.name,
password: req.body.password
};
database.addUser(newUser, () => {
res.end();
});
} else {
res.status(401).end();
}
})
.delete(passport.authenticate("jwt", { session: false }), (req, res) => {
process.stdout.write("delete user\n");
if (req.user.roles.includes("admin") || req.user._id == req.query.id) {
database.userById(req.query.id, (user) => {
if (user.roles.includes("admin")) {
res.status(403).end();
} else {
database.deleteUser(req.query.id, () => {
database.users.collection(result => {
res.json(result).end();
});
});
}
});
} else {
res.status(401).end();
}
})
.put(passport.authenticate("jwt", { session: false }), (req, res) => {
process.stdout.write("update user\n");
if (req.user.roles.includes("admin")) {
if (req.body.newPassword) {
database.updateUserPassword(req.body.name, req.body.newPassword);
} else {
database.updateUserRole(req.body, () => {
res.status(202).end();
});
}
res.end();
} else {
res.status(401).end();
}
});
router
.route("/:name/exists")
.get(passport.authenticate("jwt", { session: false }), (req, res) => {
if (
req.user.roles.includes("admin") ||
req.user.roles.includes("moderator")
) {
database.userByName(req.params.name, user => {
res.json({ exists: user != null }).end();
});
} else {
res.status(401).end();
}
});
router
.route("/update")
.post(passport.authenticate("jwt", { session: false }), (req, res) => {
if (!req.user) {
return res.status(401).end();
}
if (!req.body.oldPassword) {
database.updateUserConfig(req.user, req.body);
process.stdout.write("config changed\n");
}
if (req.body.oldPassword && req.user.password) {
bcrypt.compare(req.body.oldPassword, req.user.password, function (err, isMatch) {
if (err) throw err;
if (isMatch) {
database.updateUserPassword(req.user.name, req.body.newPassword);
process.stdout.write("password changed\n");
res.status(202);
} else {
process.stdout.write("no match\n");
res.status(422);
}
res.end();
});
} else {
res.end();
}
});
router
.route("/favourites")
.get(passport.authenticate("jwt", { session: false }), (req, res) => {
process.stdout.write("router/user GET favourites\n");
database.user.favourites(id, result => {
res.json(result).end();
});
})
.post(passport.authenticate("jwt", { session: false }), (req, res) => {
let item = req.body;
item.userId = req.user._id;
process.stdout.write("router/user POST favourites\n");
database.users.insertFavourite(item, () => {
res.status(200).end();
})
})
.delete(passport.authenticate("jwt", { session: false }), (req, res) => {
let item = {};
item.itemId = req.query.itemId;
item.userId = req.user._id;
process.stdout.write("router/user DELETE favourites " + req.query.itemId + "\n");
database.users.deleteFavourite(item, () => {
res.status(200).end();
});
});
router
.route("/history")
.get(passport.authenticate("jwt", { session: false }), (req, res) => {
database.historyList(req.user._id, result => {
res.json(result).end();
});
})
.post(passport.authenticate("jwt", { session: false }), (req, res) => {
let item = req.body;
item.userId = req.user._id;
database.updateHistory(item, () => {
database.historyList(req.user._id, result => {
res.json(result).end();
});
});
})
.delete(passport.authenticate("jwt", { session: false }), (req, res) => {
database.clearHistory(req.user._id, () => {
process.stdout.write("history cleared for '" + req.user.name + "'\n");
res.status(200).end();
});
});
router
.route("/settings")
.put(passport.authenticate("jwt", { session: false }), (req, res) => {
req.user.player.repeat = req.body.repeat;
req.user.player.shuffle = req.body.shuffle;
database.updateUserSettings(req.user, () => {
res.status(202).end();
});
});
module.exports = router;