Add initial admin page with update feature

2021-08-05 23:39:07 -07:00
parent 790c1fda22
commit d0fa884d83
8 changed files with 197 additions and 6 deletions
--- a/server/boot/db.js
+++ b/server/boot/db.js
@@ -7,7 +7,8 @@ module.exports = function () {
      username TEXT UNIQUE,
      hashed_password BLOB,
      salt BLOB,
-      name TEXT)`
+      name TEXT,
+      is_admin INTEGER)`
    )

    db.run(`CREATE TABLE IF NOT EXISTS profiles (
--- a/server/routes/profiles.js
+++ b/server/routes/profiles.js
@@ -84,6 +84,7 @@ router.get('/profiles/:profileId', function (req, res, next) {
    return res.sendStatus(401)
  }

+  // TODO: I'm guessing there's a better way to marshal this data
  const profile = {
    name: null,
    isTimerEnabled: null,
--- a/server/routes/users.js
+++ b/server/routes/users.js
@@ -3,6 +3,39 @@ const crypto = require('crypto')
 const db = require('../db')
 const router = express.Router()

+router.get('/users', function (req, res, next) {
+  if (!req.user) {
+    return res.sendStatus(401)
+  }
+
+  // TODO: I'm guessing there's a better way to marshal this data
+  const users = []
+
+  db.all('SELECT username, name, is_admin as isAdmin FROM users', (err, rows) => {
+    if (err) {
+      console.log('Error getting profiles')
+      console.log(err)
+      return res.sendStatus(500)
+    }
+
+    rows.forEach((row) => {
+      const user = {
+        username: null,
+        name: null,
+        isAdmin: null
+      }
+
+      user.username = row.username
+      user.name = row.name
+      user.isAdmin = row.isAdmin === 1
+
+      users.push(user)
+    })
+
+    res.json({ users: users })
+  })
+})
+
 router.post('/users', function (req, res, next) {
  const salt = crypto.randomBytes(16)
  crypto.pbkdf2(req.body.password, salt, 10000, 32, 'sha256', function (err, hashedPassword) {
@@ -11,11 +44,12 @@ router.post('/users', function (req, res, next) {
      res.sendStatus(500)
    }

-    db.run('INSERT INTO users (username, hashed_password, salt, name) VALUES (?, ?, ?, ?)', [
+    db.run('INSERT INTO users (username, hashed_password, salt, name, is_admin) VALUES (?, ?, ?, ?, ?)', [
      req.body.username,
      hashedPassword,
      salt,
-      req.body.name
+      req.body.name,
+      req.body.isAdmin
    ], function (err) {
      if (err) {
        console.log(err)
@@ -38,4 +72,22 @@ router.post('/users', function (req, res, next) {
  res.sendStatus(200)
 })

+router.put('/users', function (req, res, next) {
+  if (!req.user) {
+    return res.sendStatus(401)
+  }
+
+  db.run('UPDATE users SET is_admin = ? WHERE username = ?', [req.body.isAdmin, req.body.username], (err) => {
+    if (err) {
+      console.log('Error getting profiles')
+      console.log(err)
+      return res.sendStatus(500)
+    }
+
+    console.log(`Row(s) updated: ${this.changes}`)
+  })
+
+  res.sendStatus(200)
+})
+
 module.exports = router