encrypt/gancio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new /setup api

Browse Source
This commit is contained in:
les
2021-09-30 11:12:45 +02:00
parent a247b42544
commit 7747562425
1 changed files with 147 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
server/api/index.js
View File

@@ -2,35 +2,47 @@ const express = require('express')
const multer = require('multer') const multer = require('multer')
const cors = require('cors')() const cors = require('cors')()
const { isAuth, isAdmin } = require('./auth') const config = require('../config')
const eventController = require('./controller/event')
const exportController = require('./controller/export')
const userController = require('./controller/user')
const settingsController = require('./controller/settings')
const instanceController = require('./controller/instance')
const apUserController = require('./controller/ap_user')
const resourceController = require('./controller/resource')
const oauthController = require('./controller/oauth')
const announceController = require('./controller/announce')
const helpers = require('../helpers')
const storage = require('./storage')
const upload = multer({ storage })
const config = require('config')
const log = require('../log') const log = require('../log')
const api = express.Router() const api = express.Router()
api.use(express.urlencoded({ extended: false })) api.use(express.urlencoded({ extended: false }))
api.use(express.json()) api.use(express.json())
/**
if (config.firstrun) {
const setupController = require('./controller/setup')
const settingsController = require('./controller/settings')
api.post('/settings', settingsController.setRequest)
api.post('/setup/db', setupController.setupDb)
api.post('/setup/restart', setupController.restart)
} else {
const { isAuth, isAdmin } = require('./auth')
const eventController = require('./controller/event')
const settingsController = require('./controller/settings')
const exportController = require('./controller/export')
const userController = require('./controller/user')
const instanceController = require('./controller/instance')
const apUserController = require('./controller/ap_user')
const resourceController = require('./controller/resource')
const oauthController = require('./controller/oauth')
const announceController = require('./controller/announce')
const helpers = require('../helpers')
const storage = require('./storage')
const upload = multer({ storage })
/**
* Get current authenticated user * Get current authenticated user
* @category User * @category User
* @name /api/user * @name /api/user
* @type GET * @type GET
* @example **Response** * @example **Response**
* ```json * ```json
{ {
"description" : null, "description" : null,
"recover_code" : "", "recover_code" : "",
"id" : 1, "id" : 1,
@@ -40,33 +52,35 @@ api.use(express.json())
"settings" : "{}", "settings" : "{}",
"email" : "eventi@cisti.org", "email" : "eventi@cisti.org",
"is_admin" : true "is_admin" : true
} }
``` ```
*/ */
api.get('/user', isAuth, (req, res) => res.json(req.user)) api.get('/ping', (req, res) => res.sendStatus(200))
api.get('/user', isAuth, (req, res) => res.json(req.user))
api.post('/user/recover', userController.forgotPassword)
api.post('/user/check_recover_code', userController.checkRecoverCode)
api.post('/user/recover_password', userController.updatePasswordWithRecoverCode)
// register and add users api.post('/user/recover', userController.forgotPassword)
api.post('/user/register', userController.register) api.post('/user/check_recover_code', userController.checkRecoverCode)
api.post('/user', isAdmin, userController.create) api.post('/user/recover_password', userController.updatePasswordWithRecoverCode)
// update user // register and add users
api.put('/user', isAuth, userController.update) api.post('/user/register', userController.register)
api.post('/user', isAdmin, userController.create)
// delete user // update user
api.delete('/user/:id', isAdmin, userController.remove) api.put('/user', isAuth, userController.update)
api.delete('/user', isAdmin, userController.remove)
// get all users // delete user
api.get('/users', isAdmin, userController.getAll) api.delete('/user/:id', isAdmin, userController.remove)
api.delete('/user', isAdmin, userController.remove)
// update a place (modify address..) // get all users
api.put('/place', isAdmin, eventController.updatePlace) api.get('/users', isAdmin, userController.getAll)
/** // update a place (modify address..)
api.put('/place', isAdmin, eventController.updatePlace)
/**
* Add a new event * Add a new event
* @category Event * @category Event
* @name /event * @name /event
@@ -86,60 +100,62 @@ api.put('/place', isAdmin, eventController.updatePlace)
* @param {image} [image] - Image * @param {image} [image] - Image
*/ */
// allow anyone to add an event (anon event has to be confirmed, TODO: flood protection) // allow anyone to add an event (anon event has to be confirmed, TODO: flood protection)
api.post('/event', upload.single('image'), eventController.add) api.post('/event', upload.single('image'), eventController.add)
api.put('/event', isAuth, upload.single('image'), eventController.update) api.put('/event', isAuth, upload.single('image'), eventController.update)
api.get('/event/import', isAuth, helpers.importURL) api.get('/event/import', isAuth, helpers.importURL)
// remove event // remove event
api.delete('/event/:id', isAuth, eventController.remove) api.delete('/event/:id', isAuth, eventController.remove)
// get tags/places // get tags/places
api.get('/event/meta', eventController.getMeta) api.get('/event/meta', eventController.getMeta)
// get unconfirmed events // get unconfirmed events
api.get('/event/unconfirmed', isAdmin, eventController.getUnconfirmed) api.get('/event/unconfirmed', isAdmin, eventController.getUnconfirmed)
// add event notification TODO // add event notification TODO
api.post('/event/notification', eventController.addNotification) api.post('/event/notification', eventController.addNotification)
api.delete('/event/notification/:code', eventController.delNotification) api.delete('/event/notification/:code', eventController.delNotification)
api.get('/settings', settingsController.getAllRequest) api.get('/settings', settingsController.getAllRequest)
api.post('/settings', isAdmin, settingsController.setRequest) api.post('/settings', isAdmin, settingsController.setRequest)
api.post('/settings/logo', isAdmin, multer({ dest: config.upload_path }).single('logo'), settingsController.setLogo) api.post('/settings/logo', isAdmin, multer({ dest: config.upload_path }).single('logo'), settingsController.setLogo)
api.post('/settings/smtp', isAdmin, settingsController.testSMTP)
// confirm event // confirm event
api.put('/event/confirm/:event_id', isAuth, eventController.confirm) api.put('/event/confirm/:event_id', isAuth, eventController.confirm)
api.put('/event/unconfirm/:event_id', isAuth, eventController.unconfirm) api.put('/event/unconfirm/:event_id', isAuth, eventController.unconfirm)
// get event // get event
api.get('/event/:event_id.:format?', cors, eventController.get) api.get('/event/:event_id.:format?', cors, eventController.get)
// export events (rss/ics) // export events (rss/ics)
api.get('/export/:type', cors, exportController.export) api.get('/export/:type', cors, exportController.export)
// get events in this range // get events in this range
api.get('/events', cors, eventController.select) api.get('/events', cors, eventController.select)
api.get('/instances', isAdmin, instanceController.getAll) api.get('/instances', isAdmin, instanceController.getAll)
api.get('/instances/:instance_domain', isAdmin, instanceController.get) api.get('/instances/:instance_domain', isAdmin, instanceController.get)
api.post('/instances/toggle_block', isAdmin, instanceController.toggleBlock) api.post('/instances/toggle_block', isAdmin, instanceController.toggleBlock)
api.post('/instances/toggle_user_block', isAdmin, apUserController.toggleBlock) api.post('/instances/toggle_user_block', isAdmin, apUserController.toggleBlock)
api.put('/resources/:resource_id', isAdmin, resourceController.hide) api.put('/resources/:resource_id', isAdmin, resourceController.hide)
api.delete('/resources/:resource_id', isAdmin, resourceController.remove) api.delete('/resources/:resource_id', isAdmin, resourceController.remove)
api.get('/resources', isAdmin, resourceController.getAll) api.get('/resources', isAdmin, resourceController.getAll)
// - ADMIN ANNOUNCEMENTS // - ADMIN ANNOUNCEMENTS
api.get('/announcements', isAdmin, announceController.getAll) api.get('/announcements', isAdmin, announceController.getAll)
api.post('/announcements', isAdmin, announceController.add) api.post('/announcements', isAdmin, announceController.add)
api.put('/announcements/:announce_id', isAdmin, announceController.update) api.put('/announcements/:announce_id', isAdmin, announceController.update)
api.delete('/announcements/:announce_id', isAdmin, announceController.remove) api.delete('/announcements/:announce_id', isAdmin, announceController.remove)
// OAUTH // OAUTH
api.get('/clients', isAuth, oauthController.getClients) api.get('/clients', isAuth, oauthController.getClients)
api.get('/client/:client_id', isAuth, oauthController.getClient) api.get('/client/:client_id', isAuth, oauthController.getClient)
api.post('/client', oauthController.createClient) api.post('/client', oauthController.createClient)
}
api.use((req, res) => res.sendStatus(404)) api.use((req, res) => res.sendStatus(404))