generated from lucien/api-template
274 lines
No EOL
7.4 KiB
JavaScript
274 lines
No EOL
7.4 KiB
JavaScript
const express = require('express');
|
|
const {
|
|
getConnection,
|
|
getChannels,
|
|
getChannel,
|
|
addChannel,
|
|
getMessages,
|
|
addMessage,
|
|
addMention,
|
|
getMentions,
|
|
getUserByUsername,
|
|
deleteChannelMessages,
|
|
deleteChannel,
|
|
getMessageReplies,
|
|
addAttachment,
|
|
getMessageAttachments,
|
|
getUnusedAttachments,
|
|
deleteUnusedAttachments,
|
|
searchChannels
|
|
} = require('../libs/mysql');
|
|
const rateLimit = require("express-rate-limit");
|
|
const slowDown = require("express-slow-down");
|
|
const { checkAuth } = require('../libs/middlewares');
|
|
const multer = require('multer');
|
|
const fs = require('node:fs');
|
|
|
|
const upload = multer({ dest: 'data/attachments/' })
|
|
upload.limits = {
|
|
fileSize: 1024 * 1024 * 5,
|
|
files: 1,
|
|
};
|
|
|
|
const limiter = rateLimit({
|
|
windowMs: 1 * 1000,
|
|
max: 2,
|
|
});
|
|
|
|
const speedLimiter = slowDown({
|
|
windowMs: 1 * 1000,
|
|
delayAfter: 2,
|
|
delayMs: () => 5000,
|
|
});
|
|
|
|
const router = express.Router();
|
|
|
|
router.get('/', async (req, res) => {
|
|
const { search } = req.query;
|
|
const connection = await getConnection();
|
|
if (search) {
|
|
const channels = await searchChannels(connection, search);
|
|
connection.end();
|
|
return res.send(channels);
|
|
}
|
|
const channels = await getChannels(connection);
|
|
connection.end();
|
|
res.send(channels);
|
|
});
|
|
|
|
router.get('/:name', async (req, res) => {
|
|
const name = req.params.name;
|
|
const connection = await getConnection();
|
|
const channel = await getChannel(connection, name);
|
|
connection.end();
|
|
if (channel[0]) {
|
|
res.send(channel[0]);
|
|
} else {
|
|
res.status(400).send({ error: 'No channel found' });
|
|
}
|
|
});
|
|
|
|
router.use('/:name/purge', checkAuth);
|
|
router.post('/:name/purge', async (req, res) => {
|
|
const name = req.params.name;
|
|
const user = req.user;
|
|
|
|
const connection = await getConnection();
|
|
|
|
const channel = await getChannel(connection, name);
|
|
if (!channel[0]) {
|
|
connection.end();
|
|
return res.status(400).send({ error: 'No channel found' });
|
|
}
|
|
|
|
if (user.admin !== 1) {
|
|
connection.end();
|
|
return res.status(401).send({ error: 'Unauthorized' });
|
|
}
|
|
|
|
await deleteChannelMessages(connection, channel[0].id);
|
|
connection.end();
|
|
|
|
req.sockets.emit({
|
|
type: 'purge_channel',
|
|
channel_id: channel[0].id,
|
|
});
|
|
|
|
res.send({ message: 'Channel purged' });
|
|
});
|
|
|
|
router.use('/:name/delete', checkAuth);
|
|
router.post('/:name/delete', async (req, res) => {
|
|
const name = req.params.name;
|
|
const user = req.user;
|
|
|
|
const connection = await getConnection();
|
|
|
|
const channel = await getChannel(connection, name);
|
|
if (!channel[0]) {
|
|
connection.end();
|
|
return res.status(400).send({ error: 'No channel found' });
|
|
}
|
|
|
|
if (user.admin !== 1) {
|
|
connection.end();
|
|
return res.status(401).send({ error: 'Unauthorized' });
|
|
}
|
|
|
|
await deleteChannel(connection, channel[0].id);
|
|
|
|
const attachments = await getUnusedAttachments(connection);
|
|
for (const attachment of attachments) {
|
|
if (fs.existsSync(`data/attachments/${attachment.file_name}`)) {
|
|
fs.unlinkSync(`data/attachments/${attachment.file_name}`);
|
|
}
|
|
}
|
|
await deleteUnusedAttachments(connection);
|
|
|
|
connection.end();
|
|
|
|
req.sockets.emit({
|
|
type: 'delete_channel',
|
|
channel_id: channel[0].id,
|
|
});
|
|
|
|
res.send({ message: 'Channel deleted' });
|
|
});
|
|
|
|
async function getReplies(message, connection) {
|
|
const replies = await getMessageReplies(connection, message.id);
|
|
for (const reply of replies) {
|
|
if (reply.has_replies) {
|
|
const subReplies = await getReplies(reply, connection);
|
|
reply.replies = subReplies;
|
|
}
|
|
if (reply.content.includes('@')) {
|
|
const mentions = await getMentions(connection, reply.id);
|
|
reply.mentions = mentions;
|
|
} else {
|
|
reply.mentions = [];
|
|
}
|
|
}
|
|
return replies;
|
|
}
|
|
|
|
router.get('/:name/messages', async (req, res) => {
|
|
const name = req.params.name;
|
|
const limit = Number(req.query.limit) || 10;
|
|
const connection = await getConnection();
|
|
const channel = await getChannel(connection, name);
|
|
if (!channel[0]) {
|
|
connection.end();
|
|
return res.send('No channel found');
|
|
}
|
|
const messages = await getMessages(connection, channel[0].id, limit);
|
|
|
|
for (const message of messages) {
|
|
if (message.has_mentions) {
|
|
const mentions = await getMentions(connection, message.id);
|
|
message.mentions = mentions;
|
|
} else {
|
|
message.mentions = [];
|
|
}
|
|
|
|
if (message.has_replies) {
|
|
const replies = await getReplies(message, connection);
|
|
message.replies = replies;
|
|
}
|
|
else {
|
|
message.replies = [];
|
|
}
|
|
|
|
if (message.has_attachments) {
|
|
const attachments = await getMessageAttachments(connection, message.id);
|
|
message.attachments = attachments;
|
|
}
|
|
else {
|
|
message.attachments = [];
|
|
}
|
|
}
|
|
|
|
connection.end();
|
|
res.send(messages);
|
|
});
|
|
|
|
router.post('/:name/messages/send', speedLimiter, limiter, upload.single("attachment"), checkAuth, async (req, res) => {
|
|
const { message } = req.body;
|
|
const name = req.params.name;
|
|
const user = req.user;
|
|
const attachement = req.file;
|
|
|
|
if (!message) {
|
|
if (attachement) fs.unlinkSync(`data/attachements/${attachement.filename}`);
|
|
return res.status(400).send({ error: 'Missing parameters' });
|
|
}
|
|
|
|
const connection = await getConnection();
|
|
|
|
const channel = await getChannel(connection, name);
|
|
if (!channel[0]) {
|
|
connection.end();
|
|
if (attachement) fs.unlinkSync(`data/attachements/${attachement.filename}`);
|
|
return res.send('No channel found');
|
|
}
|
|
|
|
const sent_message = await addMessage(connection, channel[0].id, user.id, message.replace("\"", "'"));
|
|
const message_id = sent_message.insertId;
|
|
|
|
if (attachement) {
|
|
await addAttachment(connection, message_id, attachement.filename);
|
|
}
|
|
|
|
for (const word of message.split(' ')) {
|
|
if (word.startsWith('@')) {
|
|
const username = word.substring(1);
|
|
const mentionedUser = await getUserByUsername(connection, username);
|
|
if (mentionedUser[0]) {
|
|
await addMention(connection, message_id, mentionedUser[0].id);
|
|
}
|
|
}
|
|
}
|
|
|
|
connection.end();
|
|
|
|
req.sockets.emit({
|
|
type: 'new_message',
|
|
channel_id: channel[0].id,
|
|
user_id: user.id,
|
|
});
|
|
|
|
res.send({ message: 'Message sent' });
|
|
});
|
|
|
|
router.post('/add', speedLimiter, limiter, checkAuth, async (req, res) => {
|
|
const { name, description } = req.body;
|
|
const user = req.user;
|
|
|
|
if (!name || !description) {
|
|
return res.status(400).send({ error: 'Missing parameters' });
|
|
}
|
|
|
|
const connection = await getConnection();
|
|
|
|
const channel = await getChannel(connection, name);
|
|
if (channel[0]) {
|
|
connection.end();
|
|
return res.status(400).send({ error: 'Channel already exists' });
|
|
}
|
|
|
|
if (!/^[a-zA-Z0-9-_]+$/.test(name)) {
|
|
connection.end();
|
|
return res.status(400).send({ error: 'Invalid channel name' });
|
|
}
|
|
|
|
await addChannel(connection, name, description, user.id);
|
|
connection.end();
|
|
|
|
req.sockets.emit({
|
|
type: 'new_channel'
|
|
});
|
|
|
|
res.send({ message: 'Channel added' });
|
|
});
|
|
|
|
module.exports = router; |