Merge commit 'f8bb37e12f96c86bb44a53ac28d06cc522cf7ab9' as 'backend'

This commit is contained in:
2026-04-27 22:44:05 +02:00
44 changed files with 7444 additions and 0 deletions
+98
View File
@@ -0,0 +1,98 @@
import User from "@schemas/User";
import { Router } from "express"
import { Perms, adminCond, adminPerm } from "@/utility";
import security from "@/helpers/security";
import { Types } from "mongoose";
const accsRouter = Router()
accsRouter.use(adminPerm(Perms.Accs))
accsRouter.get('/', async (req, res)=> {
res.send(await User.find(undefined, {pass: 0}))
})
accsRouter.get('/:id', async (req, res) => {
res.send({
...(await User.findById(req.params.id, {pass: 0})).toJSON(),
lockout: !!security.check(new Types.ObjectId(req.params.id))
})
})
accsRouter.post('/', async (req, res)=> {
if (req.body.uname == "admin") return res.status(400).send("This name is reserved").end()
var createdUser
if (req.body.admin) {
if (adminCond(req.user.admin, Perms.Superadmin)) {
if (adminCond(req.body.admin, Perms.Superadmin)) {
res.status(400).send("Cannot set superadmin")
} else {
createdUser = await User.create({uname: req.body.uname, room: req.body.room, admin: req.body.admin, fname: req.body.fname, surname: req.body.surname})
}
}
} else {
createdUser = await User.create({uname: req.body.uname, room: req.body.room, fname: req.body.fname, surname: req.body.surname})
}
var responseCandidate = createdUser.toJSON()
delete responseCandidate.pass
res.status(201).send(responseCandidate)
})
accsRouter.put('/:id', async (req, res)=> {
let user = await User.findById(req.params.id)
if (!user) {
res.status(404).send("User not found")
return
}
if (req.body.admin) {
if (adminCond(req.user.admin, Perms.Superadmin)) {
if (adminCond(user.admin, Perms.Superadmin)) {
res.status(400).send("Cannot edit superadmins")
} else {
if (adminCond(req.body.admin, Perms.Superadmin)) {
res.status(400).send("Cannot set superadmin")
} else {
await user.set({uname: req.body.uname, room: req.body.room, admin: req.body.admin, fname: req.body.fname, surname: req.body.surname, groups: req.body.groups}).save()
res.send({status: 200})
}
}
} else {
res.sendStatus(403)
}
} else {
await user.set(req.body).save()
res.send({status: 200})
}
})
accsRouter.patch('/:id/reset', async (req, res) => {
let user = await User.findById(req.params.id)
if (!user) {
res.status(404).send("User not found")
return
}
if (await user.set({pass: "$2y$10$miwF6PrsbLpRzFsj8XKjY.0flJWzWDQJ7iT81HuX1ic/1s0mfmvk."}).save()) { // Pass: reset
res.send({status: 200}).end()
return
} else {
res.sendStatus(500)
}
})
accsRouter.delete('/:id', async (req, res) => {
if (await User.findByIdAndDelete(req.params.id)) {
res.send({status: 200}).end()
} else {
res.sendStatus(404)
}
})
accsRouter.delete('/:id/lockout', async (req, res) => {
if (security.clearAcc(req.params.id)) {
res.send({status: 200}).end()
} else {
res.sendStatus(400)
}
})
export {accsRouter};
+98
View File
@@ -0,0 +1,98 @@
import { Router } from "express";
import { Perms, adminPerm } from "@/utility";
import usettings, { Features } from "@/helpers/usettings";
import Grade from "@schemas/Grade";
import User from "@/schemas/User";
import attendence from "@/helpers/attendence";
const cleanRouter = Router()
cleanRouter.use(adminPerm(Perms.Clean))
cleanRouter.use(usettings.mw(Features.Clean))
cleanRouter.get("/:date([0-9]{4}-[0-9]{2}-[0-9]{2})/:room", async (req, res) => {
res.send(await Grade.findOne({
date: new Date(req.params.date),
room: req.params.room
}))
})
cleanRouter.post("/", async (req, res) => {
let obj = {
...req.body,
date: new Date(req.body.date),
gradeDate: new Date(),
}
await Grade.findOneAndReplace({
date: new Date(req.body.date),
room: req.body.room,
}, obj, {upsert: true})
res.send({status: 200})
})
cleanRouter.get("/summary/:start/:stop", async (req, res) => {
var data = await Grade.find({
date: {
$gte: new Date(req.params.start),
$lte: new Date(req.params.stop)
}
})
data = data.map(v => v.toJSON())
var byRoom: {[room: string]: any[]} = {}
data.forEach((v) => {
let roomarray = byRoom[v.room] ? byRoom[v.room] : [];
byRoom[v.room] = [...roomarray, {...v, room: undefined}]
})
var stat: {room: string, avg: number}[] = []
for (let i in byRoom) {
var sum: number = 0
for (let j of byRoom[i]) {
sum += j.grade
}
let avrg = sum/byRoom[i].length
stat.push({room: i, avg: avrg})
}
res.send(stat)
})
cleanRouter.delete("/:id", async (req, res) => {
if (await Grade.findByIdAndDelete(req.params.id)) {
res.send({status: 200})
} else {
res.sendStatus(500)
}
})
cleanRouter.get('/config', (req, res) => {
res.send({
rooms: usettings.value.rooms,
things: usettings.value.cleanThings
})
})
cleanRouter.get('/attendence/:room', async (req, res) => {
res.send({
users: await User.find({room: req.params.room}, {fname: true, surname: true, _id: true}),
attendence: attendence.getRoom(req.params.room)
})
})
cleanRouter.post('/attendence/:room', async (req, res) => {
attendence.setRoom(req.params.room, req.body)
res.send({status: 200})
})
cleanRouter.delete('/attendence/:room', async (req, res) => {
attendence.clearRoom(req.params.room)
res.send({status: 200})
})
cleanRouter.get('/attendenceSummary', async (req, res) => {
var allRooms = usettings.value.rooms
var graded = (await Grade.find({date: new Date().setUTCHours(24,0,0,0)})).map(v => v.room)
var ungraded = allRooms.filter(x => !graded.includes(x))
var summary = attendence.summary()
var unchecked: typeof summary = ungraded.filter(x => !summary.map(v => v.room).includes(x)).map(v => ({room: v, hours: [] as string[], notes: "Nie sprawdzono", auto: true}))
res.send([...summary, ...unchecked])
})
export {cleanRouter}
@@ -0,0 +1,32 @@
import { Router } from "express";
import Menu from "@schemas/Menu";
import Vote from "@/schemas/Vote";
import { voteStats } from "@/pipelines/vote";
const editorRouter = Router()
editorRouter.get('/', async (req, res) => {
if (req.query.start && req.query.end) {
const start = new Date(req.query.start.toString())
const end = new Date(req.query.end.toString())
res.send(await Menu.find({day: {$gte: start, $lte: end}}))
} else {
res.status(400).end()
}
})
editorRouter.get('/stats', async (req, res) => {
if (req.query.date && req.query.item) {
const date = new Date(req.query.date.toString())
const item = req.query.item.toString()
const menu = (await Vote.aggregate(voteStats(date, item)))[0]
res.send({
name: item,
value: menu
})
} else {
res.status(400).end()
}
})
export { editorRouter }
+42
View File
@@ -0,0 +1,42 @@
import Group from "@schemas/Group";
import { Router } from "express"
import { Perms, adminPerm } from "@/utility";
import usettings, { Features } from "@/helpers/usettings";
const groupsRouter = Router()
groupsRouter.use(adminPerm(Perms.Groups))
groupsRouter.use(usettings.mw(Features.Groups))
groupsRouter.get('/', async (req, res)=> {
res.send(await Group.find({}))
})
groupsRouter.post('/', async (req, res)=> {
if (await Group.create({name: req.body.name})) {
res.status(201).send({status: 201})
} else {
res.sendStatus(500)
}
})
groupsRouter.put('/:id', async (req, res) => {
let group = await Group.findById(req.params.id)
if (!group) {
res.status(404).send("Group not found")
return
}
if (await group.set(req.body).save()) {
res.send({status: 200}).end()
return
} else {
res.sendStatus(500)
}
})
groupsRouter.delete('/:id', async (req, res) => {
await Group.findByIdAndRemove(req.params.id)
res.send({status: 200})
})
export {groupsRouter};
+36
View File
@@ -0,0 +1,36 @@
import { Router } from "express";
import { islogged, isadmin} from "@/utility";
import { newsRouter } from "./news";
import { accsRouter } from "./accs";
import { menuRouter } from "./menu";
import { groupsRouter } from "./groups";
import { notifRouter } from "./notif";
import { keysRouter } from "./keys";
import { cleanRouter } from "./clean";
import { settingsRouter } from "./settings";
import User from "@/schemas/User";
import Group from "@/schemas/Group";
import usettings from "@/helpers/usettings";
export const adminRouter = Router()
adminRouter.use(islogged, isadmin)
adminRouter.use('/news', newsRouter)
adminRouter.use('/accs', accsRouter)
adminRouter.use('/menu', menuRouter)
adminRouter.use('/groups', groupsRouter)
adminRouter.use('/notif', notifRouter)
adminRouter.use('/keys', keysRouter)
adminRouter.use('/clean', cleanRouter)
adminRouter.use('/settings', settingsRouter)
adminRouter.get('/usearch', async (req, res) => {
var results = await User.find({$text: {$search: req.query['q'].toString()}}, {uname: 1, surname: 1, fname: 1, room: 1})
res.send(results)
})
adminRouter.get('/sync', async (req, res) => {
res.send({
groups: usettings.value.modules.groups ? await Group.find() : undefined
})
})
+52
View File
@@ -0,0 +1,52 @@
import { Router } from "express";
import Key from "@schemas/Key";
import usettings, { Features } from "@/helpers/usettings";
import User, { IUser } from "@schemas/User";
import { Perms, adminPerm } from "@/utility";
const keysRouter = Router()
keysRouter.use(usettings.mw(Features.Key))
keysRouter.use(adminPerm(Perms.Key))
keysRouter.get("/", async (req, res) => {
var keys = await Key.find({}, undefined, { sort: { borrow: -1 } })
.populate
<Pick<IUser, "uname" | "room" | "fname" | "surname"> & { _id: string }>
({ path: "whom", select: { _id: 1, uname: 1, room: 1, fname: 1, surname: 1 } })
res.send(keys)
})
keysRouter.post("/", async (req, res) => {
var user = await User.findById(req.body.whom._id)
if (!user) {
return res.status(404).send("User not found").end()
}
const newKey = new Key({
room: req.body.room,
whom: user._id
})
if (await newKey.save()) {
res.status(201).send({ status: 201 })
} else {
res.sendStatus(500)
}
})
keysRouter.get("/available", async (req, res) => {
var taken = await Key.find({ tb: { $exists: false } }, {}, { sort: { borrow: -1 } })
var occ = Array.from(new Set(taken.map((v) => v.room)))
var all = Array.from(new Set(usettings.value.keyrooms))
var free = all.filter(x => !occ.includes(x))
res.send(free)
})
keysRouter.put("/:id", async (req, res) => {
if (await Key.findByIdAndUpdate(req.params.id, req.body)) {
res.send({ status: 200 })
} else {
res.sendStatus(500)
}
})
export { keysRouter }
+196
View File
@@ -0,0 +1,196 @@
import { Router } from "express"
import { Perms, adminPerm, project } from "@/utility"
import multer from "multer"
import * as XLSX from "xlsx"
import Menu from "@schemas/Menu"
import { editorRouter } from "./editor"
import usettings, { Features } from "@/helpers/usettings"
const menuRouter = Router()
const storage = multer.memoryStorage()
const upload = multer({storage: storage})
interface sheetObject {
day: string;
sn: string;
sn2: string;
ob: string;
kol: string;
}
menuRouter.use(adminPerm(Perms.Menu))
menuRouter.use(usettings.mw(Features.Menu))
menuRouter.get('/', async (req, res) => {
if (req.query.start && req.query.end) {
const start = new Date(req.query.start.toString())
const end = new Date(req.query.end.toString())
res.send(await Menu.find({day: {$gte: start, $lte: end}}, undefined, {sort: {day: 1}}))
} else {
res.status(400).end()
}
})
function dayName(date: Date) {
switch (date.getDay()) {
case 0:
return "Niedziela"
case 1:
return "Poniedziałek"
case 2:
return "Wtorek"
case 3:
return "Środa"
case 4:
return "Czwartek"
case 5:
return "Piątek"
case 6:
return "Sobota"
default:
break;
}
}
menuRouter.get('/print', async (req, res) => {
if (req.query.start && req.query.end) {
const start = new Date(req.query.start.toString())
const end = new Date(req.query.end.toString())
var meals = await Menu.find({day: {$gte: start, $lte: end}}, undefined, {sort: {day: 1}})
var doc = meals.map(s => `<tr>
<th>${dayName(s.day)}<br>${s.day.getDate()}.${s.day.getMonth()}.${s.day.getFullYear()}r.<br>${s.dayTitle}</th>
<td>${usettings.value.menu.defaultItems.sn.join('<br>')}<br>${s.sn.fancy.join('<br>')}<br>${s.sn.second}</td>
<td>
<b>Z:</b> ${s.ob.soup}<br>
<b>V:</b> ${s.ob.vege}<br>
${s.ob.meal}<br>
${s.ob.condiments.length != 0 ? s.ob.condiments.join('<br>') + "<br>" : ""}
${s.ob.drink}<br>
${s.ob.other.join('<br>')}
</td>
<td>${s.day.getUTCDay() == 5 ? "<b>Kolacja w domu!</b>" : `${usettings.value.menu.defaultItems.kol.join('<br>')}<br>${s.kol}`}</td>
</tr>`)
var html = `<html><head><meta charset="UTF-8"><style>table,th,td{border: 0.4ch solid;}td{line-height: 1;}</style></head><body><table><caption>Jadłospis dekadowy</caption><thead><tr><th>Dzień</th><th>Śniadanie</th><th>Obiad</th><th>Kolacja</th></tr></thead><tbody>${doc.join('\n')}</tbody></table></body></html>`
res.type('html').send(html)
} else {
res.status(400).end()
}
})
menuRouter.get('/opts', async (req, res) => {
var all = await Menu.find()
var g = {
sn: {
fancy: Array.from(new Set(all.flatMap(v => v.sn.fancy).filter(v => v != ""))),
second: Array.from(new Set(all.map(v => v.sn.second).filter(v => v != "")))
},
ob: {
soup: Array.from(new Set(all.map(v => v.ob.soup).filter(v => v != ""))),
vege: Array.from(new Set(all.map(v => v.ob.vege).filter(v => v != ""))),
meal: Array.from(new Set(all.map(v => v.ob.meal).filter(v => v != ""))),
condiments: Array.from(new Set(all.flatMap(v => v.ob.condiments).filter(v => v != ""))),
drink: Array.from(new Set(all.map(v => v.ob.drink).filter(v => v != ""))),
other: Array.from(new Set(all.flatMap(v => v.ob.other).filter(v => v != "")))
},
kol: Array.from(new Set(all.map(v => v.kol).filter(v => v != "")))
}
res.send(g)
})
menuRouter.post('/:date', async (req, res) => {
if (await Menu.create({day: new Date(req.params.date)})) {
res.status(201).send({status: 201})
} else {
res.sendStatus(500);
}
})
menuRouter.post('/:start/:count', async (req, res) => {
var dates: any[] = []
for (let i = 0; i < Number(req.params.count); i++) {
var date = new Date(req.params.start)
dates.push({day: date.setDate(date.getDate() + i)})
}
if (await Menu.create(dates)) {
res.status(201).send({status: 201})
} else {
res.sendStatus(500);
}
})
menuRouter.post('/upload', upload.single('menu'), async (req,res)=> {
if (!req.file) {
res.status(400).send("File required")
return
}
var sheet = XLSX.read(req.file.buffer)
var data: sheetObject[] = XLSX.utils.sheet_to_json(sheet.Sheets[sheet.SheetNames[0]], {raw: true, header: ["day", "sn", "sn2", "ob", "kol"], range: 2})
data = data.map((val, i) => {
var result: any = {}
var dateparts = val.day.match(/(\d{2})\.(\d{2})\.(\d{4})/)
if (dateparts) {
var date = new Date(parseInt(dateparts[3]),parseInt(dateparts[2])-1,parseInt(dateparts[1]))
date.setUTCHours(0,0,0,0)
} else {
res.sendStatus(500)
return
}
result.day = date
result.sn = val.sn.split('\n')
result.sn.push(val.sn2)
//#region ob
var ob = val.ob
ob = ob.replace(/^\s*\n/gm, "")
ob = ob.replace(/ \/ /gm, "\n")
ob = ob.replace(/:(?!\s)/gm, ": ")
result.ob = ob.split('\n')
//#endregion
result.kol = val.kol
if (date.getUTCDay() == 5) {
result.kol = null
}
return result
})
if (await Menu.insertMany(data)) {
res.status(201).send({status: 201})
} else {
res.sendStatus(500)
}
})
menuRouter.put('/:id', async (req, res) => {
let menu = await Menu.findById(req.params.id)
if (!menu) {
res.status(404).send("Menu not found")
return
}
let projField = project(req.body, Menu.schema.obj)
if (projField) {
try {
await menu.set(projField).save()
res.send({status: 200}).end()
} catch (error) {
res.status(500).send(error)
}
} else {
res.status(400).send("No valid fields set")
return
}
})
menuRouter.delete('/:id', async (req, res) => {
if (await Menu.findByIdAndDelete(req.params.id)) {
res.send({status: 200}).end()
} else {
res.sendStatus(404)
}
})
menuRouter.use('/editor', editorRouter)
export {menuRouter};
+32
View File
@@ -0,0 +1,32 @@
import { Router } from "express";
import News from "@schemas/News"
import { Perms, adminPerm } from "@/utility";
import { IUser } from "@/schemas/User";
import usettings, { Features } from "@/helpers/usettings";
const newsRouter = Router()
newsRouter.use(adminPerm(Perms.News))
newsRouter.use(usettings.mw(Features.News))
newsRouter.get('/', async (req, res) => {
var news = await News.find(undefined, undefined, { sort: { pinned: -1, date: -1 } }).populate<{ author: Pick<IUser, "fname" | "surname" | "uname"> }>("author", ["fname", "surname", "uname"])
res.send(news)
})
newsRouter.post('/', async (req, res) => {
await News.create({ title: req.body.title, content: req.body.content, author: req.user._id })
res.status(201).send({ status: 201 })
})
newsRouter.delete('/:id', async (req, res) => {
await News.findByIdAndDelete(req.params.id)
res.send({ status: 200 })
})
newsRouter.put('/:id', async (req, res) => {
await News.findByIdAndUpdate(req.params.id, { ...req.body, author: req.user._id })
res.send({ status: 200 })
})
export { newsRouter };
@@ -0,0 +1,61 @@
import { Request, Response, Router } from "express";
import { Perms, adminPerm } from "@/utility";
import Group from "@schemas/Group";
import { Message } from "@/notif";
import { outboxRouter } from "./outbox";
import usettings, { Features } from "@/helpers/usettings";
const notifRouter = Router()
notifRouter.use(adminPerm(Perms.Notif))
notifRouter.use(usettings.mw(Features.Notif))
type PushSendBody = {
recp:
{ type: "uid", uid: string } |
{ type: "room", room: string } |
{ type: "group", group: string },
title: string,
body: string
}
notifRouter.post("/send", async (req: Request<undefined, undefined, PushSendBody>, res: Response) => {
let recp: string
switch (req.body.recp.type) {
case "uid":
recp = req.body.recp.uid
break;
case "room":
recp = req.body.recp.room
break;
case "group":
if (!usettings.value.modules.groups) return res.sendStatus(406).end()
recp = req.body.recp.group
break;
default:
res.status(400).end()
break;
}
const message = new Message(req.body.title, req.body.body, req.body.recp.type, recp)
let result = await message.send()
if (result === false) {
res.sendStatusMessage(404, "No recepients")
} else {
console.log(`
From: ${req.user.uname} (${req.user._id})
To: ${recp}
Subject: ${req.body.title}
${req.body.body}
`);
res.send(result)
}
})
notifRouter.get("/groups", async (req, res) => {
res.send(await Group.find({}, { name: 1, _id: 1 }))
})
notifRouter.use("/outbox", outboxRouter)
export { notifRouter }
@@ -0,0 +1,35 @@
import Inbox from "@/schemas/Inbox";
import { IUser } from "@/schemas/User";
import { Response, Router } from "express";
export const outboxRouter = Router()
outboxRouter.get("/", async (req, res: Response) => {
var result = await Inbox.find({}, {message: 1, sentDate: 1}, {sort: {sentDate: -1}})
var final = result.map(v => {
return {
_id: v._id,
sentDate: v.sentDate,
title: v.message.title
}
})
res.send(final)
})
outboxRouter.get("/:id/message", async (req, res) => {
var msg = await Inbox.findById(req.params.id, {message: 1})
if (msg) {
res.send(msg.message.body)
} else {
res.status(404).send({message: "ERR: 404 Message id not found"})
}
})
outboxRouter.get("/:id/rcpts", async (req, res) => {
var msg = await Inbox.findById(req.params.id, {rcpt: 1}).populate<{rcpt: Pick<IUser, "uname" | "room" | "fname" | "surname">}>({path: "rcpt", select: ["uname", "room", "fname", "surname"]}).exec()
if (msg) {
res.send(msg.rcpt)
} else {
res.status(404).send({message: "ERR: 404 Message id not found"})
}
})
+21
View File
@@ -0,0 +1,21 @@
import { Router } from "express";
import { adminPerm, Perms } from "@/utility";
import usettings from "@/helpers/usettings";
export const settingsRouter = Router()
settingsRouter.use(adminPerm(Perms.Superadmin))
settingsRouter.get('/', (req, res) => {
res.send(usettings.value)
})
settingsRouter.post('/', (req, res) => {
usettings.value = req.body
res.send({status: 200})
})
settingsRouter.get('/reload', (req, res) => {
usettings.reload()
res.send({status: 200})
})
+108
View File
@@ -0,0 +1,108 @@
import { Request, Router } from "express";
import { islogged } from "@/utility";
import News from "@schemas/News";
import Menu from "@schemas/Menu";
import Vote from "@schemas/Vote";
import Key, { IKey } from "@schemas/Key";
import usettings, { Features } from "@/helpers/usettings";
import Grade from "@schemas/Grade";
import Inbox from "@/schemas/Inbox";
import { IUser } from "@/schemas/User";
import _ from "underscore";
export const appRouter = Router();
appRouter.use(islogged)
appRouter.get("/news", usettings.mw(Features.News), async (req, res) => {
var news = await News.find({"visible": {"$ne": false}}, {_id: 0, visible: 0}, {sort: {pinned: -1 ,date: -1}}).populate<{author: Pick<IUser, "fname" | "surname" | "uname">}>("author", ["fname", "surname", "uname"])
res.send(news)
})
appRouter.get("/menu/:date", usettings.mw(Features.Menu), async (req, res) => {
var final = await Menu.findOne({day: new Date(req.params.date)})
res.send(final)
})
appRouter.get("/menu/:date/stat", usettings.mw(Features.Menu), async (req, res) => {
const data = await Vote.find({dom: new Date(req.params.date), user: req.user._id})
res.send(data);
})
appRouter.post("/menu/:timestamp", usettings.mw(Features.Menu), async (req: Request<{ timestamp: string }, undefined, any[]>, res) => {
req.body.forEach(async v => {
const a = await Vote.findOne({user: req.user._id, name: v.name, dom: new Date(req.params.timestamp)})
if (a) {
if (v.value) {
if (_.isEqual(a.vote, v.value)) return
a.set("timestamp", Date.now())
a.set("vote", v.value)
await a.save()
} else {
await a.deleteOne()
}
} else {
if (!v.value) return;
const newVote = new Vote({
dom: new Date(req.params.timestamp),
name: v.name,
tom: v.type,
timestamp: Date.now(),
user: req.user._id,
vote: {
comment: v.value.comment,
rating: v.value.rating,
tags: v.value.tags
}
})
await newVote.save()
}
})
res.sendStatusMessage(200).end()
})
appRouter.get("/keys", usettings.mw(Features.Key), async (req, res) => {
var keys = await Key.find<Pick<IKey, "room">>({tb: {$exists: false}}, {room: 1}, {sort: {room: 1}})
var occ = keys.map(x=>x.room)
var all = usettings.value.keyrooms
var free = all.filter(x=>!occ.includes(x)).sort().map(x => {
return { room: x }
})
var final = [...keys, ...free]
res.send(final)
})
appRouter.get("/clean/:date", usettings.mw(Features.Clean), async (req, res) => {
res.send(await Grade.findOne({
room: req.user.room,
date: new Date(req.params.date)
}))
})
appRouter.get("/notif/check", usettings.mw(Features.Notif), async (req, res) => {
var result = await Inbox.find({rcpt: req.user._id, $nor: [{ack: req.user._id}]}, {message: 1, sentDate: 1})
if (result) {
res.send(result)
} else {
res.send([])
}
})
appRouter.post("/notif/:id/ack", usettings.mw(Features.Notif), async (req, res) => {
var result = await Inbox.findById(req.params.id)
if (result) {
if (result.rcpt.includes(req.user._id) && !result.ack.includes(req.user._id)) {
result.ack.push(req.user._id)
await result.save({})
res.send({status: 200})
} else {
res.status(403).send({status: 401, message: "User doesn't have access or message already acknowledged"})
}
} else {
res.status(404).send({status: 404, message: "Message not found"})
}
})
+8
View File
@@ -0,0 +1,8 @@
import { Router } from "express";
import { appRouter } from "./app";
import { adminRouter } from "./admin";
export const apiRouter = Router();
apiRouter.use("/app", appRouter)
apiRouter.use("/admin", adminRouter)
+95
View File
@@ -0,0 +1,95 @@
import { Router } from "express";
import passport from "passport";
import User, { userVisibleFields } from "@schemas/User";
import { islogged } from "@/utility";
import bcrypt from "bcryptjs"
import usettings from "@/helpers/usettings";
import vapidKeys from "@/vapidKeys";
import { IVerifyOptions } from "passport-local";
const authRouter = Router()
authRouter.post("/login", (req, res) => {
passport.authenticate('normal', (err: { type: string, message: string } | null, user?: Express.User | false, options?: IVerifyOptions) => {
if (user) {
req.login(user, (error) => {
if (error) {
res.status(500).send(error)
} else {
res.send({ status: 200, admin: req.user.admin || undefined, redirect: req.user.defaultPage })
}
})
} else {
if (err) {
switch (err.type) {
case "unf":
res.sendStatusMessage(404, "Zła nazwa użytkownika lub hasło.")
break;
case "timeout":
case "locked":
res.sendStatusMessage(403, err.message)
break;
default:
res.sendStatusMessage(500, err.message)
break;
}
} else {
res.sendStatusMessage(403, "Brak hasła lub loginu.")
}
}
})(req, res)
})
authRouter.post("/chpass", islogged, async (req, res) => {
var id = req.user._id
if (!await bcrypt.compare(req.body.oldPass, req.user.pass)) {
res.sendStatus(401)
return
}
var newpass = bcrypt.hashSync(req.body.newPass, 10)
const update = await User.findByIdAndUpdate(id, {
pass: newpass
})
if (update) {
} else {
}
req.logOut((err) => {
if (err) {
res.sendStatus(500)
console.error(err)
return
}
})
res.sendStatus(200)
})
authRouter.delete("/logout", (req, res, next) => {
req.logout((err) => {
if (err) { next(err) }
res.send({ "status": 200 })
})
})
authRouter.get("/check", islogged, (req, res, next) => {
if (req.user.locked) {
req.logout((err) => {
if (err) next(err)
res.status(401).send({ status: 401, message: "Your account has been locked." })
})
}
res.send({ "admin": req.user.admin, "features": usettings.value.modules, "user": userVisibleFields(req.user), "menu": { "defaultItems": usettings.value.menu.defaultItems, "tags": usettings.value.menu.tags }, "vapid": vapidKeys.keys.publicKey })
})
authRouter.put("/redirect", islogged, async (req, res) => {
if (["", "/", "/login", "/login/", "login"].find(v => v == req.body.redirect)) return res.status(400).send({ status: 400, message: "Path in blacklist" })
const update = await User.findByIdAndUpdate(req.user._id, { defaultPage: req.body.redirect })
if (update) {
res.send({ status: 200 }).end()
} else {
res.status(500).send({ status: 500 }).end()
}
})
export { authRouter };
+39
View File
@@ -0,0 +1,39 @@
import { Router } from "express";
import Notification from "@schemas/Notification";
import { islogged } from "@/utility";
import { authRouter } from "./auth/index";
import mongoose from "mongoose";
import { apiRouter } from "./api";
import sync from "@/helpers/sync";
import usettings, { Features } from "@/helpers/usettings";
const router = Router();
router.use('/', apiRouter)
router.use('/auth', authRouter)
router.get("/healthcheck", async (req, res) => {
res.status(200).send({
uptime: process.uptime(),
date: new Date(),
db: mongoose.connection.readyState
})
})
router.post("/notif", islogged, usettings.mw(Features.Notif), async (req, res) => {
var obj = { user: req.user._id, ...req.body }
await Notification.findOneAndUpdate(obj, obj, { upsert: true })
res.send({ "status": 200 })
})
router.get("/sync", islogged, async (req, res) => {
const sub = sync.subscribe(req.user._id, v => {
res.send(v)
})
req.once('close', () => {
sub.unsubscribe()
})
})
export default router;