Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2025-01-19 01:31:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated albumsController to use new auth

Browse Source
This commit is contained in:
Pitu 2017-01-29 22:17:49 -03:00
parent 16164115aa
commit 751a876360
1 changed files with 81 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
controllers/albumsController.js
View File

@ -5,15 +5,18 @@ let albumsController = {}
albumsController.list = function(req, res, next){ albumsController.list = function(req, res, next){
if(req.headers.auth !== config.adminToken) let token = req.headers.token
return res.status(401).json({ success: false, description: 'not-authorized'}) if(token === undefined) return res.status(401).json({ success: false, description: 'No token provided' })
db.table('users').where('token', token).then((user) => {
if(user.length === 0) return res.status(401).json({ success: false, description: 'Invalid token'})
let fields = ['id', 'name'] let fields = ['id', 'name']
if(req.params.sidebar === undefined) if(req.params.sidebar === undefined)
fields.push('timestamp') fields.push('timestamp')
db.table('albums').select(fields).where('enabled', 1).then((albums) => { db.table('albums').select(fields).where({enabled: 1, userid: user.id}).then((albums) => {
if(req.params.sidebar !== undefined) if(req.params.sidebar !== undefined)
return res.json({ success: true, albums }) return res.json({ success: true, albums })
@ -37,46 +40,66 @@ albumsController.list = function(req, res, next){
return res.json({ success: true, albums }) return res.json({ success: true, albums })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) }) }).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) }) }).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
} }
albumsController.create = function(req, res, next){ albumsController.create = function(req, res, next){
if(req.headers.auth !== config.adminToken) let token = req.headers.token
return res.status(401).json({ success: false, description: 'not-authorized'}) if(token === undefined) return res.status(401).json({ success: false, description: 'No token provided' })
db.table('users').where('token', token).then((user) => {
if(user.length === 0) return res.status(401).json({ success: false, description: 'Invalid token'})
let name = req.body.name let name = req.body.name
if(name === undefined || name === '') if(name === undefined || name === '')
return res.json({ success: false, description: 'No album name specified' }) return res.json({ success: false, description: 'No album name specified' })
db.table('albums').where('name', name).where('enabled', 1).then((album) => { db.table('albums').where({
name: name,
enabled: 1,
userid: user.id
}).then((album) => {
if(album.length !== 0) return res.json({ success: false, description: 'There\'s already an album with that name' }) if(album.length !== 0) return res.json({ success: false, description: 'There\'s already an album with that name' })
db.table('albums').insert({ db.table('albums').insert({
name: name, name: name,
enabled: 1, enabled: 1,
userid: user.id,
timestamp: Math.floor(Date.now() / 1000) timestamp: Math.floor(Date.now() / 1000)
}).then(() => { }).then(() => {
return res.json({ success: true }) return res.json({ success: true })
}) })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) }) }).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
} }
albumsController.delete = function(req, res, next){ albumsController.delete = function(req, res, next){
if(req.headers.auth !== config.adminToken) let token = req.headers.token
return res.status(401).json({ success: false, description: 'not-authorized'}) if(token === undefined) return res.status(401).json({ success: false, description: 'No token provided' })
db.table('users').where('token', token).then((user) => {
if(user.length === 0) return res.status(401).json({ success: false, description: 'Invalid token'})
let id = req.body.id let id = req.body.id
if(id === undefined || id === '') if(id === undefined || id === '')
return res.json({ success: false, description: 'No album specified' }) return res.json({ success: false, description: 'No album specified' })
db.table('albums').where('id', id).update({ enabled: 0 }).then(() => { db.table('albums').where({id: id, userid: user.id}).update({ enabled: 0 }).then(() => {
return res.json({ success: true }) return res.json({ success: true })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) }) }).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
} }
albumsController.rename = function(req, res, next){ albumsController.rename = function(req, res, next){
if(req.headers.auth !== config.adminToken) let token = req.headers.token
return res.status(401).json({ success: false, description: 'not-authorized'}) if(token === undefined) return res.status(401).json({ success: false, description: 'No token provided' })
db.table('users').where('token', token).then((user) => {
if(user.length === 0) return res.status(401).json({ success: false, description: 'Invalid token'})
let id = req.body.id let id = req.body.id
if(id === undefined || id === '') if(id === undefined || id === '')
@ -86,14 +109,14 @@ albumsController.rename = function(req, res, next){
if(name === undefined || name === '') if(name === undefined || name === '')
return res.json({ success: false, description: 'No name specified' }) return res.json({ success: false, description: 'No name specified' })
db.table('albums').where('name', name).then((results) => { db.table('albums').where({name: name, userid: user.id}).then((results) => {
if(results.length !== 0) if(results.length !== 0) return res.json({ success: false, description: 'Name already in use' })
return res.json({ success: false, description: 'Name already in use' })
db.table('albums').where('id', id).update({ name: name }).then(() => { db.table('albums').where({id: id, userid: user.id}).update({ name: name }).then(() => {
return res.json({ success: true }) return res.json({ success: true })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) }) }).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) }) }).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
} }