/[sudobot]/trunk/src/api/controllers/UserController.ts
ViewVC logotype

Diff of /trunk/src/api/controllers/UserController.ts

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 394 by rakin, Mon Jul 29 17:29:59 2024 UTC revision 395 by rakin, Mon Jul 29 17:30:01 2024 UTC
# Line 17  Line 17 
17  * along with SudoBot. If not, see <https://www.gnu.org/licenses/>.  * along with SudoBot. If not, see <https://www.gnu.org/licenses/>.
18  */  */
19    
20  import { Request } from "express";  import Request from "../Request";
21  import User from "../../models/User";  import User from "../../models/User";
22  import Controller from "../Controller";  import Controller from "../Controller";
23  import { body } from 'express-validator';  import { body } from 'express-validator';
# Line 25  import bcrypt from 'bcrypt'; Line 25  import bcrypt from 'bcrypt';
25  import jwt from 'jsonwebtoken';  import jwt from 'jsonwebtoken';
26  import KeyValuePair from "../../types/KeyValuePair";  import KeyValuePair from "../../types/KeyValuePair";
27  import Response from "../Response";  import Response from "../Response";
28    import { NextFunction, Response as ExpressResponse } from "express";
29  import ValidatorError from "../middleware/ValidatorError";  import ValidatorError from "../middleware/ValidatorError";
30  import RequireAuth from "../middleware/RequireAuth";  import RequireAuth from "../middleware/RequireAuth";
31    
32    function RequireAdmin(request: Request, response: ExpressResponse, next: NextFunction) {
33        if (!request.user?.isAdmin) {
34            response.status(403).send({ error: "Forbidden", code: 403 });
35            return;
36        }
37    
38        next();
39    }
40    
41  export default class UserController extends Controller {  export default class UserController extends Controller {
42      middleware(): KeyValuePair<Function[]> {      middleware(): KeyValuePair<Function[]> {
43          return {          return {
44                index: [RequireAuth, RequireAdmin],
45              create: [              create: [
46                    RequireAuth,
47                    RequireAdmin,
48                  body(["password"]).isLength({ min: 2 }),                  body(["password"]).isLength({ min: 2 }),
49                  body(["username"]).custom(async username => {                  body(["username"]).custom(async username => {
50                      const user = await User.findOne({ username });                      const user = await User.findOne({ username });
# Line 59  export default class UserController exte Line 72  export default class UserController exte
72      }      }
73    
74      public async index() {      public async index() {
         return new Response(403);  
75          return await User.find().select(["_id", "username", "createdAt"]).limit(30);          return await User.find().select(["_id", "username", "createdAt"]).limit(30);
76      }      }
77    
78      public async create(request: Request) {      public async create(request: Request) {
         return new Response(403);  
   
79          const user = new User();          const user = new User();
80    
81          user.username = request.body.username;          user.username = request.body.username;
Legend:
Removed from v.394  
changed lines
  Added in v.395
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26