gancio-upstream/server/api/index.js

const express = require('express')
const multer = require('multer')
const cookieParser = require('cookie-parser')
const bodyParser = require('body-parser')
const expressJwt = require('express-jwt')
const config = require('config')

const { fillUser, isAuth, isAdmin } = require('./auth')
const eventController = require('./controller/event')
const exportController = require('./controller/export')
const userController = require('./controller/user')
const settingsController = require('./controller/settings')

const storage = require('./storage')

const upload = multer({ storage })
const api = express.Router()
api.use(cookieParser())
api.use(bodyParser.urlencoded({ extended: false }))
api.use(bodyParser.json())
// api.use(settingsController.init)

const jwt = expressJwt({
  secret: config.secret,
  credentialsRequired: false,
  getToken: function fromHeaderOrQuerystring (req) {
    if (req.headers.authorization && req.headers.authorization.split(' ')[0] === 'Bearer') {
        return req.headers.authorization.split(' ')[1];
    } else if (req.cookies && req.cookies['auth._token.local']) {
      const [ prefix, token ] = req.cookies['auth._token.local'].split(' ')
      if (prefix === 'Bearer') return token
    }
    return null
  }
})

// AUTH
api.post('/auth/login', userController.login)
api.post('/auth/logout', userController.logout)
api.get('/auth/user', jwt, fillUser, userController.current)

api.post('/user/recover', userController.forgotPassword)
api.post('/user/check_recover_code', userController.checkRecoverCode)
api.post('/user/recover_password', userController.updatePasswordWithRecoverCode)

// register and add users
api.post('/user/register', userController.register)
api.post('/user', jwt, isAuth, isAdmin, userController.create)

// update user (disable/)
api.put('/user', jwt, isAuth, isAdmin, userController.update)

//delete user
api.delete('/user/:id', jwt, isAuth, isAdmin, userController.remove)

// 
// api.delete('/user', userController.remove)

// get all users
api.get('/users', jwt, isAuth, isAdmin, userController.getAll)

// update a tag (modify color)
api.put('/tag', jwt, isAuth, isAdmin, eventController.updateTag)

// update a place (modify address..)
api.put('/place', jwt, isAuth, isAdmin, eventController.updatePlace)

// add event
api.post('/user/event', jwt, fillUser, upload.single('image'), userController.addEvent)
  
// update event
api.put('/user/event', jwt, isAuth, upload.single('image'), userController.updateEvent)

// remove event
api.delete('/user/event/:id', jwt, isAuth, userController.delEvent)

// get tags/places
api.get('/event/meta', eventController.getMeta)

// get unconfirmed events
api.get('/event/unconfirmed', jwt, isAuth, isAdmin, eventController.getUnconfirmed)

// add event notification
api.post('/event/notification', eventController.addNotification)
api.delete('/event/notification/:code', eventController.delNotification)

api.get('/settings', settingsController.getAllRequest)
api.post('/settings', jwt, fillUser, isAdmin, settingsController.setRequest)

// get event
api.get('/event/:event_id', eventController.get)

// confirm event
api.get('/event/confirm/:event_id', jwt, isAuth, isAdmin, eventController.confirm)
api.get('/event/unconfirm/:event_id', jwt, isAuth, isAdmin, eventController.unconfirm)

// export events (rss/ics)
api.get('/export/:type', exportController.export)

// get events in this range
api.get('/event/:month/:year', eventController.getAll)
// api.get('/event/:month/:year', eventController.getAfter)

// mastodon oauth auth
api.post('/settings/getauthurl', jwt, isAuth, isAdmin, settingsController.getAuthURL)
api.get('/settings/oauth', jwt, isAuth, isAdmin, settingsController.code)

module.exports = api
start with nuxt 2019-04-03 00:25:12 +02:00			`const express = require('express')`
			`const multer = require('multer')`
. 2019-06-06 23:54:32 +02:00			`const cookieParser = require('cookie-parser')`
			`const bodyParser = require('body-parser')`
			`const expressJwt = require('express-jwt')`
better config / install from cli / allow_registration 2019-06-21 23:52:18 +02:00			`const config = require('config')`
. 2019-06-06 23:54:32 +02:00
start with nuxt 2019-04-03 00:25:12 +02:00			`const { fillUser, isAuth, isAdmin } = require('./auth')`
			`const eventController = require('./controller/event')`
			`const exportController = require('./controller/export')`
			`const userController = require('./controller/user')`
			`const settingsController = require('./controller/settings')`
. 2019-05-30 12:04:14 +02:00
fix #10 choose upload path in config.js 2019-06-11 17:44:11 +02:00			`const storage = require('./storage')`
start with nuxt 2019-04-03 00:25:12 +02:00
			`const upload = multer({ storage })`
			`const api = express.Router()`
. 2019-05-30 12:04:14 +02:00			`api.use(cookieParser())`
. 2019-06-06 23:54:32 +02:00			`api.use(bodyParser.urlencoded({ extended: false }))`
			`api.use(bodyParser.json())`
allow_anon_event, comment via mastodon 2019-06-25 01:05:38 +02:00			`// api.use(settingsController.init)`
. 2019-06-06 23:54:32 +02:00
			`const jwt = expressJwt({`
could listen to unix socket, better conf 2019-06-10 00:40:37 +02:00			`secret: config.secret,`
better config / install from cli / allow_registration 2019-06-21 23:52:18 +02:00			`credentialsRequired: false,`
			`getToken: function fromHeaderOrQuerystring (req) {`
			`if (req.headers.authorization && req.headers.authorization.split(' ')[0] === 'Bearer') {`
			`return req.headers.authorization.split(' ')[1];`
			`} else if (req.cookies && req.cookies['auth._token.local']) {`
			`const [ prefix, token ] = req.cookies['auth._token.local'].split(' ')`
			`if (prefix === 'Bearer') return token`
			`}`
			`return null`
			`}`
. 2019-06-06 23:54:32 +02:00			`})`

auth.nuxt.js plugin 2019-04-26 23:14:43 +02:00			`// AUTH`
			`api.post('/auth/login', userController.login)`
			`api.post('/auth/logout', userController.logout)`
mille storie commenti da mastodon, widget con custom widget test... 2019-04-29 00:27:29 +02:00			`api.get('/auth/user', jwt, fillUser, userController.current)`
auth.nuxt.js plugin 2019-04-26 23:14:43 +02:00
start with nuxt 2019-04-03 00:25:12 +02:00			`api.post('/user/recover', userController.forgotPassword)`
			`api.post('/user/check_recover_code', userController.checkRecoverCode)`
			`api.post('/user/recover_password', userController.updatePasswordWithRecoverCode)`

admin could add user, fix #14 2019-06-18 14:45:04 +02:00			`// register and add users`
			`api.post('/user/register', userController.register)`
			`api.post('/user', jwt, isAuth, isAdmin, userController.create)`

			`// update user (disable/)`
			`api.put('/user', jwt, isAuth, isAdmin, userController.update)`
start with nuxt 2019-04-03 00:25:12 +02:00
admin could remove user 2019-06-18 15:13:13 +02:00			`//delete user`
			`api.delete('/user/:id', jwt, isAuth, isAdmin, userController.remove)`

			`//`
			`// api.delete('/user', userController.remove)`

start with nuxt 2019-04-03 00:25:12 +02:00			`// get all users`
mille storie commenti da mastodon, widget con custom widget test... 2019-04-29 00:27:29 +02:00			`api.get('/users', jwt, isAuth, isAdmin, userController.getAll)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// update a tag (modify color)`
mille storie commenti da mastodon, widget con custom widget test... 2019-04-29 00:27:29 +02:00			`api.put('/tag', jwt, isAuth, isAdmin, eventController.updateTag)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// update a place (modify address..)`
mille storie commenti da mastodon, widget con custom widget test... 2019-04-29 00:27:29 +02:00			`api.put('/place', jwt, isAuth, isAdmin, eventController.updatePlace)`
start with nuxt 2019-04-03 00:25:12 +02:00
admin could add user, fix #14 2019-06-18 14:45:04 +02:00			`// add event`
			`api.post('/user/event', jwt, fillUser, upload.single('image'), userController.addEvent)`

			`// update event`
			`api.put('/user/event', jwt, isAuth, upload.single('image'), userController.updateEvent)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// remove event`
mille storie commenti da mastodon, widget con custom widget test... 2019-04-29 00:27:29 +02:00			`api.delete('/user/event/:id', jwt, isAuth, userController.delEvent)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// get tags/places`
			`api.get('/event/meta', eventController.getMeta)`

			`// get unconfirmed events`
mille storie commenti da mastodon, widget con custom widget test... 2019-04-29 00:27:29 +02:00			`api.get('/event/unconfirmed', jwt, isAuth, isAdmin, eventController.getUnconfirmed)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// add event notification`
			`api.post('/event/notification', eventController.addNotification)`
			`api.delete('/event/notification/:code', eventController.delNotification)`

better config / install from cli / allow_registration 2019-06-21 23:52:18 +02:00			`api.get('/settings', settingsController.getAllRequest)`
			`api.post('/settings', jwt, fillUser, isAdmin, settingsController.setRequest)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// get event`
			`api.get('/event/:event_id', eventController.get)`

			`// confirm event`
mille storie commenti da mastodon, widget con custom widget test... 2019-04-29 00:27:29 +02:00			`api.get('/event/confirm/:event_id', jwt, isAuth, isAdmin, eventController.confirm)`
			`api.get('/event/unconfirm/:event_id', jwt, isAuth, isAdmin, eventController.unconfirm)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// export events (rss/ics)`
			`api.get('/export/:type', exportController.export)`

			`// get events in this range`
admin could add user, fix #14 2019-06-18 14:45:04 +02:00			`api.get('/event/:month/:year', eventController.getAll)`
			`// api.get('/event/:month/:year', eventController.getAfter)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`// mastodon oauth auth`
. 2019-05-30 12:04:14 +02:00			`api.post('/settings/getauthurl', jwt, isAuth, isAdmin, settingsController.getAuthURL)`
			`api.get('/settings/oauth', jwt, isAuth, isAdmin, settingsController.code)`
start with nuxt 2019-04-03 00:25:12 +02:00
			`module.exports = api`