Changeset e903234 for pages/api/postgre/index.js
- Timestamp:
- 07/17/22 09:43:05 (23 months ago)
- Branches:
- main
- Children:
- faff334
- Parents:
- e007fcd
- File:
-
- 1 edited
-
pages/api/postgre/index.js (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
pages/api/postgre/index.js
re007fcd re903234 179 179 /** 180 180 * /---------------------- GET ----------------------/ 181 * /--------------------- ADMIN ----------------------/ 182 * Get complaints from the players and show them to the admin 183 * @action get_complaints_as_admin 184 * @param admin_id 185 */ 186 if (req.query?.action === 'get_complaints_as_admin' && req.query?.admin_id) { 187 const admin_id = req.query.admin_id 188 const adminSession = adminSessions.find(adminSession => adminSession.id === admin_id) 189 190 if (adminSession) { 191 pool.query('SELECT * FROM complaints', (error, results) => { 192 if (error) throw error; 193 194 if (results.rows.length > 0) { 195 res.json({ 196 success: true, 197 complaints: results.rows, 198 }) 199 } 200 else { 201 res.json({ 202 success: false, 203 }) 204 } 205 }); 206 207 return ; 208 } 209 210 res.json({ 211 success: false, 212 }) 213 } 214 215 /** 216 * /---------------------- GET ----------------------/ 181 217 * Get stats for the player, so we can display them in the front end. 182 218 * @action get_stats … … 480 516 /** 481 517 * /---------------------- POST ----------------------/ 518 * /---------------------- ADMIN ----------------------/ 519 * Sends an answer to a complaint. 520 * @action send_complaint_answer_as_admin 521 * @param admin_id 522 * @param complaint 523 */ 524 if (body?.action === 'send_complaint_answer_as_admin') { 525 // checks 526 if (body?.admin_id == "undefined" || body?.admin_id == "null" || body?.admin_id == "") { 527 res.json({ 528 success: false, 529 message: 'You are not logged in. Please log in first.', 530 }); 531 return ; 532 } 533 if (body?.complaint.by == "undefined" || body?.complaint.by == "null" || body?.complaint.by == "") { 534 res.json({ 535 success: false, 536 message: 'You cannot send the answer to noone.', 537 }); 538 return ; 539 } 540 if (body?.complaint.description == "undefined" || body?.complaint.description == "null" || body?.complaint.description == "") { 541 res.json({ 542 success: false, 543 message: 'You cannot answer an empty complaint.', 544 }); 545 return ; 546 } 547 if (body?.complaint.answer == "undefined" || body?.complaint.answer == "null" || body?.complaint.answer == "") { 548 res.json({ 549 success: false, 550 message: 'You cannot submit an empty answer.', 551 }); 552 return ; 553 } 554 555 let adminSession = adminSessions.find(adminSession => adminSession.id === body.admin_id) 556 557 if (adminSession) { 558 pool.query('UPDATE complaints SET answer = $1, answered = $2 WHERE by = $3', [body.complaint.answer, true, body.complaint.by], (error, complaintResults) => { 559 if (error) throw error; 560 561 pool.query('SELECT * FROM complaints', (error, results) => { 562 if (error) throw error; 563 564 res.json({ 565 success: true, 566 complaints: results.rows, 567 }) 568 }); 569 570 sendMailForComplaintAnswered(body.complaint); 571 }); 572 } 573 } 574 575 /** 576 * /---------------------- POST ----------------------/ 482 577 * Sends a complaint. 483 578 * @action complain … … 507 602 // date, by, description, answered 508 603 const date = new Date(); 509 pool.query('INSERT INTO complaints (date, by, description, answered ) VALUES ($1, $2, $3, $4)', [date, session.username, body.description, false], (error, complaintResults) => {604 pool.query('INSERT INTO complaints (date, by, description, answered, answer) VALUES ($1, $2, $3, $4, $5)', [date, session.username, body.description, false, ''], (error, complaintResults) => { 510 605 if (error) throw error; 511 606 … … 730 825 }); 731 826 } 827 828 /** 829 * /---------------------- POST ----------------------/ 830 * /---------------------- ADMIN ----------------------/ 831 * Checks if the entered account info is good, and logs the admin in if so. 832 * @action login_as_admin 833 * @param username 834 * @param password 835 */ 836 if (body?.action === 'login_as_admin') { 837 // checks 838 if (body?.username == "undefined" || body?.username == "null" || body?.username == "") { 839 res.json({ 840 success: false, 841 message: 'Username is required', 842 }); 843 return ; 844 } 845 if (/[^a-zA-Z]/g.test(body?.username)) { 846 res.json({ 847 success: false, 848 message: 'Username must contain only letters', 849 }) 850 return ; 851 } 852 if (body?.password == "undefined" || body?.password == "null" || body?.password == "") { 853 res.json({ 854 success: false, 855 message: 'Password is required', 856 }); 857 return ; 858 } 859 860 // everything's okay 861 body.username = body.username.toLowerCase(); 862 863 // check if user exists 864 pool.query('SELECT * FROM admins WHERE username = $1', [body.username], (error, adminsResults) => { 865 if (error) throw error; 866 867 if (adminsResults.rows.length === 0) { 868 res.json({ 869 success: false, 870 message: 'Admin does not exist.', 871 }); 872 return ; 873 } 874 else { 875 if (adminsResults.rows.length > 0) { 876 const user = adminsResults.rows[0]; 877 878 const salt = user.salt; 879 const hashedPassword = crypto.pbkdf2Sync(body.password, salt, 1000, 64, 'sha512').toString('hex'); 880 881 if (hashedPassword === user.password) { 882 let adminSession = adminSessions.find(session => session.username === adminsResults.rows[0].username) 883 884 if (adminSession) { 885 // Already logged in 886 res.json({ 887 success: true, 888 message: 'Login successful', 889 session: adminSession, 890 }) 891 } 892 else { 893 // create a session 894 adminSession = { 895 id: uuidv4(), 896 username: adminsResults.rows[0].username, 897 } 898 899 adminSessions.push(adminSession); 900 901 res.json({ 902 success: true, 903 message: 'Login successful', 904 session: adminSession, 905 }) 906 } 907 908 return ; 909 } 910 else { 911 res.json({ 912 success: false, 913 message: 'Username and password do not match.', 914 }); 915 } 916 } 917 } 918 }); 919 } 732 920 } 733 921 } … … 813 1001 } 814 1002 1003 function sendMailForComplaintAnswered(complaint) { 1004 pool.query('SELECT * FROM users WHERE username = $1', [complaint.by], (error, results) => { 1005 if (error) throw error; 1006 1007 if (results.rows.length > 0) { 1008 const userEmail = results.rows[0].email; 1009 1010 const message = { 1011 from: process.env.GOOGLE_EMAIL, 1012 to: userEmail, 1013 subject: "Caessino - Your complaint has been answered", 1014 html: ` 1015 <h4>Hello, ${complaint.by}</h4> 1016 <p>You wrote a complaint on ${new Date(complaint.date).toGMTString()}, saying:</p> 1017 <blockquote><em>${complaint.description}</em></blockquote> 1018 <br/> 1019 <p>Your complaint has been listened to, here's what the admin has to say:<p> 1020 <blockquote><em>${complaint.answer}</em></blockquote> 1021 <br/> 1022 <p>We hope this fixes your issue,</p> 1023 <p>The Team ESS</p> 1024 ` 1025 } 1026 1027 transporter.sendMail(message, (err, data) => { 1028 if (err) { 1029 console.log(err); 1030 } 1031 }) 1032 } 1033 }); 1034 } 1035 1036 /** 1037 * Admin session data 1038 */ 1039 export var adminSessions = [] 1040 815 1041 /** 816 1042 * User session data
Note:
See TracChangeset
for help on using the changeset viewer.
