| 1 |
import { Request } from "express"; |
/** |
| 2 |
|
* This file is part of SudoBot. |
| 3 |
|
* |
| 4 |
|
* Copyright (C) 2021-2022 OSN Inc. |
| 5 |
|
* |
| 6 |
|
* SudoBot is free software; you can redistribute it and/or modify it |
| 7 |
|
* under the terms of the GNU Affero General Public License as published by |
| 8 |
|
* the Free Software Foundation, either version 3 of the License, or |
| 9 |
|
* (at your option) any later version. |
| 10 |
|
* |
| 11 |
|
* SudoBot is distributed in the hope that it will be useful, but |
| 12 |
|
* WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 |
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 14 |
|
* GNU Affero General Public License for more details. |
| 15 |
|
* |
| 16 |
|
* You should have received a copy of the GNU Affero General Public License |
| 17 |
|
* along with SudoBot. If not, see <https://www.gnu.org/licenses/>. |
| 18 |
|
*/ |
| 19 |
|
|
| 20 |
|
import Request from "../Request"; |
| 21 |
import User from "../../models/User"; |
import User from "../../models/User"; |
| 22 |
import Controller from "../Controller"; |
import Controller from "../Controller"; |
| 23 |
import { body } from 'express-validator'; |
import { body } from 'express-validator'; |
| 25 |
import jwt from 'jsonwebtoken'; |
import jwt from 'jsonwebtoken'; |
| 26 |
import KeyValuePair from "../../types/KeyValuePair"; |
import KeyValuePair from "../../types/KeyValuePair"; |
| 27 |
import Response from "../Response"; |
import Response from "../Response"; |
| 28 |
|
import { NextFunction, Response as ExpressResponse } from "express"; |
| 29 |
import ValidatorError from "../middleware/ValidatorError"; |
import ValidatorError from "../middleware/ValidatorError"; |
| 30 |
import RequireAuth from "../middleware/RequireAuth"; |
import RequireAuth from "../middleware/RequireAuth"; |
| 31 |
|
|
| 32 |
|
function RequireAdmin(request: Request, response: ExpressResponse, next: NextFunction) { |
| 33 |
|
if (!request.user?.isAdmin) { |
| 34 |
|
response.status(403).send({ error: "Forbidden", code: 403 }); |
| 35 |
|
return; |
| 36 |
|
} |
| 37 |
|
|
| 38 |
|
next(); |
| 39 |
|
} |
| 40 |
|
|
| 41 |
export default class UserController extends Controller { |
export default class UserController extends Controller { |
| 42 |
middleware(): KeyValuePair<Function[]> { |
middleware(): KeyValuePair<Function[]> { |
| 43 |
return { |
return { |
| 44 |
|
index: [RequireAuth, RequireAdmin], |
| 45 |
create: [ |
create: [ |
| 46 |
|
RequireAuth, |
| 47 |
|
RequireAdmin, |
| 48 |
body(["password"]).isLength({ min: 2 }), |
body(["password"]).isLength({ min: 2 }), |
| 49 |
body(["username"]).custom(async username => { |
body(["username"]).custom(async username => { |
| 50 |
const user = await User.findOne({ username }); |
const user = await User.findOne({ username }); |
| 72 |
} |
} |
| 73 |
|
|
| 74 |
public async index() { |
public async index() { |
|
return new Response(403); |
|
| 75 |
return await User.find().select(["_id", "username", "createdAt"]).limit(30); |
return await User.find().select(["_id", "username", "createdAt"]).limit(30); |
| 76 |
} |
} |
| 77 |
|
|
| 78 |
public async create(request: Request) { |
public async create(request: Request) { |
|
return new Response(403); |
|
|
|
|
| 79 |
const user = new User(); |
const user = new User(); |
| 80 |
|
|
| 81 |
user.username = request.body.username; |
user.username = request.body.username; |
| 184 |
message: "Login successful", |
message: "Login successful", |
| 185 |
username, |
username, |
| 186 |
token, |
token, |
| 187 |
expires: new Date(user.tokenUpdatedAt!.getTime() + (2 * 24 * 60 * 60 * 1000)) |
expires: new Date(user.tokenUpdatedAt!.getTime() + (2 * 24 * 60 * 60 * 1000)), |
| 188 |
|
guilds: this.client.guilds.cache.filter(g => user.guilds.includes(g.id) ?? false) |
| 189 |
}; |
}; |
| 190 |
} |
} |
| 191 |
} |
} |
Parent Directory
| 
Revision Log
| 
Patch