ryan/noisedash
1
0
Fork 0
forked from external-repos/noisedash
Code Issues 2 Pull Requests Actions Packages Activity

Add profile deletion, hide admin page to non-admins

Browse Source
This commit is contained in:
Kevin Thomas
2021-08-07 23:46:20 -07:00
parent cb1904ec2f
commit cd6af207be
7 changed files with 137 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
server/routes/auth.js
View File

@@ -1,5 +1,6 @@
const express = require('express')
const passport = require('passport')
const db = require('../db')
const router = express.Router()
router.post('/login/password', passport.authenticate('local'), function (req, res, next) {
@@ -14,6 +15,24 @@ router.get('/auth', function (req, res) {
}
})
router.get('/admin', function (req, res) {
if (!req.user) {
return res.sendStatus(401)
}
db.get('SELECT is_admin FROM users WHERE id = ?', [req.user.id], (err, row) => {
if (err) {
return res.sendStatus(500)
}
if (row.is_admin === 0) {
res.sendStatus(401)
} else {
res.sendStatus(200)
}
})
})
router.get('/logout', function (req, res) {
req.logout()
res.sendStatus(200)

42
server/routes/profiles.js
View File

@@ -27,18 +27,18 @@ router.post('/profiles', function (req, res) {
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`, [
req.body.name,
req.user.id,
req.body.isTimerEnabled,
req.body.isTimerEnabled ? 1 : 0,
req.body.duration,
req.body.volume,
req.body.noiseColor,
req.body.isFilterEnabled,
req.body.isFilterEnabled ? 1 : 0,
req.body.filterType,
req.body.filterCutoff,
req.body.isLFOFilterCutoffEnabled,
req.body.isLFOFilterCutoffEnabled ? 1 : 0,
req.body.lfoFilterCutoffFrequency,
req.body.lfoFilterCutoffLow,
req.body.lfoFilterCutoffHigh,
req.body.isTremoloEnabled,
req.body.isTremoloEnabled ? 1 : 0,
req.body.tremoloFrequency,
req.body.tremoloDepth
],
@@ -105,19 +105,19 @@ router.get('/profiles/:profileId', function (req, res) {
return res.sendStatus(500)
}
// TODO: Should return 'true' or 'false' rather than 1 or 0 for bool values
profile.name = row.name
profile.isTimerEnabled = row.isTimerEnabled
profile.isTimerEnabled = row.isTimerEnabled === 1
profile.duration = row.duration
profile.volume = row.volume
profile.noiseColor = row.noiseColor
profile.isFilterEnabled = row.isFilterEnabled
profile.isFilterEnabled = row.isFilterEnabled === 1
profile.filterType = row.filterType
profile.isLFOFilterCutoffEnabled = row.isLFOFilterCutoffEnabled
profile.filterCutoff = row.filterCutoff
profile.isLFOFilterCutoffEnabled = row.isLFOFilterCutoffEnabled === 1
profile.lfoFilterCutoffFrequency = row.lfoFilterCutoffFrequency
profile.lfoFilterCutoffLow = row.lfoFilterCutoffLow
profile.lfoFilterCutoffHigh = row.lfoFilterCutoffHigh
profile.isTremoloEnabled = row.isTremoloEnabled
profile.isTremoloEnabled = row.isTremoloEnabled === 1
profile.tremoloFrequency = row.tremoloFrequency
profile.tremoloDepth = row.tremoloDepth
@@ -125,4 +125,28 @@ router.get('/profiles/:profileId', function (req, res) {
})
})
router.delete('/profiles/:profileId', function (req, res) {
if (!req.user) {
return res.sendStatus(401)
}
db.get('SELECT user FROM profiles WHERE id = ?', [req.params.profileId], (err, row) => {
if (err) {
return res.sendStatus(500)
}
if (row.user.toString() !== req.user.id) {
return res.sendStatus(401)
}
db.run('DELETE FROM profiles WHERE id = ?', [req.params.profileId], (err) => {
if (err) {
return res.sendStatus(500)
}
})
})
res.sendStatus(200)
})
module.exports = router

21
server/routes/users.js
View File

@@ -3,6 +3,27 @@ const crypto = require('crypto')
const db = require('../db')
const router = express.Router()
router.get('/users/current', function (req, res) {
if (!req.user) {
return res.sendStatus(401)
}
db.get('SELECT is_admin as isAdmin, * FROM users WHERE id = ?', [req.user.id], (err, row) => {
if (err) {
return res.sendStatus(500)
}
const user = {}
user.id = row.id
user.username = row.username
user.name = row.name
user.isAdmin = row.isAdmin === 1
res.json({ user: user })
})
})
router.get('/users', function (req, res) {
if (!req.user) {
return res.sendStatus(401)