move API routes as cleanup
This commit is contained in:
parent
9c1002bc5e
commit
04827b1a39
@ -1,10 +1 @@
|
||||
<script lang="ts">
|
||||
import Header from "$lib/components/Header.svelte";
|
||||
</script>
|
||||
|
||||
<Header>
|
||||
<ul class=site_header slot=links>
|
||||
<li><a href="/">Home</a></li>
|
||||
</ul>
|
||||
|
||||
</Header>
|
||||
<h1>WIP</h1>
|
||||
|
@ -11,7 +11,7 @@ export const load: PageServerLoad = async ({ locals }) => {
|
||||
export const actions: Actions = {
|
||||
login: async (event) => {
|
||||
const data = await event.request.formData()
|
||||
const res = await event.fetch('/api/login',
|
||||
const res = await event.fetch('/api/user/login',
|
||||
{method: 'POST',
|
||||
body: JSON.stringify({
|
||||
username: data.get('username'),
|
||||
|
@ -10,7 +10,7 @@ export const load: PageServerLoad = async ({ locals }) => {
|
||||
export const actions: Actions = {
|
||||
register: async (event) => {
|
||||
const data = await event.request.formData();
|
||||
const res = await event.fetch('/api/register',
|
||||
const res = await event.fetch('/api/user/register',
|
||||
{method: 'POST',
|
||||
body: JSON.stringify({
|
||||
|
||||
|
@ -15,7 +15,7 @@ export const actions: Actions = {
|
||||
},
|
||||
login: async (event) => {
|
||||
const data = await event.request.formData()
|
||||
const res = await event.fetch('/api/login',
|
||||
const res = await event.fetch('/api/user/login',
|
||||
{method: 'POST',
|
||||
body: JSON.stringify({
|
||||
username: data.get('username'),
|
||||
|
@ -2,8 +2,8 @@ import type { PageServerLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch }) {
|
||||
let current_month = new Date().getMonth() + 1
|
||||
const res_season = await fetch(`/api/items/in_season/` + current_month);
|
||||
const res_all_brief = await fetch(`/api/items/all_brief`);
|
||||
const res_season = await fetch(`/api/rezepte/items/in_season/` + current_month);
|
||||
const res_all_brief = await fetch(`/api/rezepte/items/all_brief`);
|
||||
const item_season = await res_season.json();
|
||||
const item_all_brief = await res_all_brief.json();
|
||||
return {
|
||||
|
@ -1,7 +1,7 @@
|
||||
import { error } from "@sveltejs/kit";
|
||||
|
||||
export async function load({ fetch, params}) {
|
||||
const res = await fetch(`/api/items/${params.name}`);
|
||||
const res = await fetch(`/api/rezepte/items/${params.name}`);
|
||||
let item = await res.json();
|
||||
if(!res.ok){
|
||||
throw error(res.status, item.message)
|
||||
|
@ -86,7 +86,7 @@
|
||||
image: img_local,
|
||||
name: short_name,
|
||||
}
|
||||
await fetch(`/api/img/add`, {
|
||||
await fetch(`/api/rezepte/img/add`, {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
@ -101,7 +101,7 @@
|
||||
|
||||
upload_img()
|
||||
console.log(add_info.total_time)
|
||||
const res = await fetch('/api/add', {
|
||||
const res = await fetch('/api/rezepte/add', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
recipe: {
|
||||
|
@ -1,7 +1,7 @@
|
||||
import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch}) {
|
||||
const res = await fetch(`/api/items/category`);
|
||||
const res = await fetch(`/api/rezepte/items/category`);
|
||||
const categories= await res.json();
|
||||
return {categories}
|
||||
};
|
||||
|
@ -1,7 +1,7 @@
|
||||
import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch, params }) {
|
||||
const res = await fetch(`/api/items/category/${params.category}`);
|
||||
const res = await fetch(`/api/rezepte/items/category/${params.category}`);
|
||||
const items = await res.json();
|
||||
return {
|
||||
category: params.category,
|
||||
|
@ -2,7 +2,7 @@ import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch, params, locals}) {
|
||||
let current_month = new Date().getMonth() + 1
|
||||
const res = await fetch(`/api/items/${params.name}`);
|
||||
const res = await fetch(`/api/rezepte/items/${params.name}`);
|
||||
const recipe = await res.json();
|
||||
return {recipe: recipe,
|
||||
user: locals.user
|
||||
|
@ -96,7 +96,7 @@
|
||||
if(!response){
|
||||
return
|
||||
}
|
||||
const res_img = await fetch('/api/img/delete', {
|
||||
const res_img = await fetch('/api/rezepte/img/delete', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
name: old_short_name,
|
||||
@ -112,7 +112,7 @@
|
||||
return
|
||||
}
|
||||
return
|
||||
const res = await fetch('/api/delete', {
|
||||
const res = await fetch('/api/rezepte/delete', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
old_short_name,
|
||||
@ -141,7 +141,7 @@
|
||||
console.log("img_local", img_local)
|
||||
if(img_local != ""){
|
||||
async function delete_img(){
|
||||
const res = await fetch('/api/img/delete', {
|
||||
const res = await fetch('/api/rezepte/img/delete', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
name: old_short_name,
|
||||
@ -161,7 +161,7 @@
|
||||
image: img_local,
|
||||
name: short_name,
|
||||
}
|
||||
const res = await fetch(`/api/img/add`, {
|
||||
const res = await fetch(`/api/rezepte/img/add`, {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
@ -181,7 +181,7 @@
|
||||
// case new short_name:
|
||||
else if(short_name != old_short_name){
|
||||
console.log("MOVING")
|
||||
const res_img = await fetch('/api/img/mv', {
|
||||
const res_img = await fetch('/api/rezepte/img/mv', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
@ -199,7 +199,7 @@
|
||||
return
|
||||
}
|
||||
}
|
||||
const res = await fetch('/api/edit', {
|
||||
const res = await fetch('/api/rezepte/edit', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
recipe: {
|
||||
|
@ -2,7 +2,7 @@ import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch }) {
|
||||
let current_month = new Date().getMonth() + 1
|
||||
const res_icons = await fetch(`/api/items/icon`);
|
||||
const res_icons = await fetch(`/api/rezepte/items/icon`);
|
||||
const item = await res_icons.json();
|
||||
return {
|
||||
icons: item,
|
||||
|
@ -1,8 +1,8 @@
|
||||
import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch, params }) {
|
||||
const res_season = await fetch(`/api/items/icon/` + params.icon);
|
||||
const res_icons = await fetch(`/api/items/icon`);
|
||||
const res_season = await fetch(`/api/rezepte/items/icon/` + params.icon);
|
||||
const res_icons = await fetch(`/api/rezepte/items/icon`);
|
||||
const icons = await res_icons.json();
|
||||
const item_season = await res_season.json();
|
||||
return {
|
||||
|
@ -2,7 +2,7 @@ import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch }) {
|
||||
let current_month = new Date().getMonth() + 1
|
||||
const res_season = await fetch(`/api/items/in_season/` + current_month);
|
||||
const res_season = await fetch(`/api/rezepte/items/in_season/` + current_month);
|
||||
const item_season = await res_season.json();
|
||||
return {
|
||||
season: item_season,
|
||||
|
@ -1,8 +1,8 @@
|
||||
import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch, params }) {
|
||||
const res_season = await fetch(`/api/items/in_season/` + params.month);
|
||||
const res_all_brief = await fetch(`/api/items/all_brief`);
|
||||
const res_season = await fetch(`/api/rezepte/items/in_season/` + params.month);
|
||||
const res_all_brief = await fetch(`/api/rezepte/items/all_brief`);
|
||||
const item_season = await res_season.json();
|
||||
const item_all_brief = await res_all_brief.json();
|
||||
return {
|
||||
|
@ -1,7 +1,7 @@
|
||||
import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch}) {
|
||||
const res = await fetch(`/api/items/tag`);
|
||||
const res = await fetch(`/api/rezepte/items/tag`);
|
||||
const tags = await res.json();
|
||||
return {tags}
|
||||
};
|
||||
|
@ -1,7 +1,7 @@
|
||||
import type { PageLoad } from "./$types";
|
||||
|
||||
export async function load({ fetch, params }) {
|
||||
const res_tag = await fetch(`/api/items/tag/${params.tag}`);
|
||||
const res_tag = await fetch(`/api/rezepte/items/tag/${params.tag}`);
|
||||
const items_tag = await res_tag.json();
|
||||
return {
|
||||
tag: params.tag,
|
||||
|
30
src/routes/api/rezepte/add/+server.ts
Normal file
30
src/routes/api/rezepte/add/+server.ts
Normal file
@ -0,0 +1,30 @@
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../utils/db';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { authenticateUser } from '$lib/js/authenticate';;
|
||||
// header: use for bearer token for now
|
||||
// recipe json in body
|
||||
export const POST: RequestHandler = async ({request, cookies}) => {
|
||||
let message = await request.json()
|
||||
const recipe_json = message.recipe
|
||||
const user = await authenticateUser(cookies)
|
||||
if(!user){
|
||||
throw error(401, "Not logged in")
|
||||
}
|
||||
if(!user.access.includes("rezepte")){
|
||||
throw error(401, "This user does not have permissions to add recipes")
|
||||
}
|
||||
else{
|
||||
await dbConnect();
|
||||
try{
|
||||
await Recipe.create(recipe_json);
|
||||
} catch(e){
|
||||
throw error(400, e)
|
||||
}
|
||||
await dbDisconnect();
|
||||
return new Response(JSON.stringify({msg: "Added recipe successfully"}),{
|
||||
status: 200,
|
||||
});
|
||||
}
|
||||
};
|
23
src/routes/api/rezepte/delete/+server.ts
Normal file
23
src/routes/api/rezepte/delete/+server.ts
Normal file
@ -0,0 +1,23 @@
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../utils/db';
|
||||
import type {RecipeModelType} from '../../../../types/types';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { authenticateUser } from '$lib/js/authenticate';
|
||||
// header: use for bearer token for now
|
||||
// recipe json in body
|
||||
export const POST: RequestHandler = async ({request, cookies}) => {
|
||||
let message = await request.json()
|
||||
|
||||
const user = await authenticateUser(cookies)
|
||||
if(!user) throw error(401, "Need to be logged in")
|
||||
if(!user.access.includes("rezepte")) throw error(401, "Insufficient permissions")
|
||||
|
||||
const short_name = message.old_short_name
|
||||
await dbConnect();
|
||||
await Recipe.findOneAndDelete({short_name: short_name});
|
||||
await dbDisconnect();
|
||||
return new Response(JSON.stringify({msg: "Deleted recipe successfully"}),{
|
||||
status: 200,
|
||||
});
|
||||
}
|
29
src/routes/api/rezepte/edit/+server.ts
Normal file
29
src/routes/api/rezepte/edit/+server.ts
Normal file
@ -0,0 +1,29 @@
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../utils/db';
|
||||
import type {RecipeModelType} from '../../../../types/types';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { authenticateUser } from '$lib/js/authenticate';
|
||||
// header: use for bearer token for now
|
||||
// recipe json in body
|
||||
export const POST: RequestHandler = async ({request, cookies}) => {
|
||||
let message = await request.json()
|
||||
const recipe_json = message.recipe
|
||||
const user = await authenticateUser(cookies)
|
||||
console.log(user)
|
||||
if(!user){
|
||||
throw error(403, "Not logged in")
|
||||
}
|
||||
else if(!user.access.includes("rezepte")){
|
||||
throw error(403, "This user does not have edit permissions for recipes")
|
||||
}
|
||||
else{
|
||||
await dbConnect();
|
||||
await Recipe.findOneAndUpdate({short_name: message.old_short_name }, recipe_json);
|
||||
await dbDisconnect();
|
||||
return new Response(JSON.stringify({msg: "Edited recipe successfully"}),{
|
||||
status: 200,
|
||||
});
|
||||
|
||||
}
|
||||
};
|
46
src/routes/api/rezepte/img/add/+server.ts
Normal file
46
src/routes/api/rezepte/img/add/+server.ts
Normal file
@ -0,0 +1,46 @@
|
||||
import path from 'path'
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { IMAGE_DIR } from '$env/static/private'
|
||||
import sharp from 'sharp';
|
||||
import { authenticateUser } from '$lib/js/authenticate';
|
||||
|
||||
export const POST = (async ({ request, cookies }) => {
|
||||
const data = await request.json();
|
||||
const user = await authenticateUser(cookies)
|
||||
if (!user) throw error(401, "Need to be logged in")
|
||||
if (!user.access.includes("rezepte")) throw error(401, "You don't have sufficient permissions for this")
|
||||
let full_res = new Buffer.from(data.image, 'base64')
|
||||
// reduce image size if over 500KB
|
||||
const MAX_SIZE_KB = 500
|
||||
//const metadata = await sharp(full_res).metadata()
|
||||
////reduce image size if larger than 500KB
|
||||
//if(metadata.size > MAX_SIZE_KB*1000){
|
||||
// full_res = sharp(full_res).
|
||||
// webp( { quality: 70})
|
||||
// .toBuffer()
|
||||
//}
|
||||
await sharp(full_res)
|
||||
.toFormat('webp')
|
||||
.toFile(path.join(IMAGE_DIR,
|
||||
"rezepte",
|
||||
"full",
|
||||
data.name + ".webp"))
|
||||
await sharp(full_res)
|
||||
.resize({ width: 800})
|
||||
.toFormat('webp')
|
||||
.toFile(path.join(IMAGE_DIR,
|
||||
"rezepte",
|
||||
"thumb",
|
||||
data.name + ".webp"))
|
||||
await sharp(full_res)
|
||||
.resize({ width: 20})
|
||||
.toFormat('webp')
|
||||
.toFile(path.join(IMAGE_DIR,
|
||||
"rezepte",
|
||||
"placeholder",
|
||||
data.name + ".webp"))
|
||||
return new Response(JSON.stringify({msg: "Added image successfully"}),{
|
||||
status: 200,
|
||||
});
|
||||
}) satisfies RequestHandler;
|
21
src/routes/api/rezepte/img/delete/+server.ts
Normal file
21
src/routes/api/rezepte/img/delete/+server.ts
Normal file
@ -0,0 +1,21 @@
|
||||
import path from 'path'
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { IMAGE_DIR } from '$env/static/private'
|
||||
import { unlink } from 'node:fs';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { authenticateUser } from '$lib/js/authenticate';;
|
||||
|
||||
export const POST = (async ({ request, cookies }) => {
|
||||
const data = await request.json();
|
||||
const user = await authenticateUser(cookies)
|
||||
if(!user) throw error(401, "You need to be logged in")
|
||||
if(!user.access.includes("rezepte")) throw error(401, "Your don't have the required permission for this")
|
||||
[ "full", "thumb", "placeholder"].forEach((folder) => {
|
||||
unlink(path.join(IMAGE_DIR, "rezepte", folder, data.name + ".webp"), (e) => {
|
||||
if(e) error(404, "could not delete: " + folder + "/" + data.name + ".webp" + e)
|
||||
})
|
||||
})
|
||||
return new Response(JSON.stringify({msg: "Deleted image successfully"}),{
|
||||
status: 200,
|
||||
});
|
||||
}) satisfies RequestHandler;
|
25
src/routes/api/rezepte/img/mv/+server.ts
Normal file
25
src/routes/api/rezepte/img/mv/+server.ts
Normal file
@ -0,0 +1,25 @@
|
||||
import path from 'path'
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { IMAGE_DIR } from '$env/static/private'
|
||||
import { rename } from 'node:fs';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { authenticateUser } from '$lib/js/authenticate';
|
||||
|
||||
export const POST = (async ({ request, cookies }) => {
|
||||
const data = await request.json();
|
||||
const user = await authenticateUser(cookies)
|
||||
if(!user) throw error(401, "need to be logged in")
|
||||
if(!user.access.includes("rezepte")) throw error(401, "You don't have the required permission to do this")
|
||||
|
||||
[ "full", "thumb", "placeholder"].forEach((folder) => {
|
||||
const old_path = path.join(IMAGE_DIR, "rezepte", folder, data.old_name + ".webp")
|
||||
rename(old_path, path.join(IMAGE_DIR, "rezepte", folder, data.new_name + ".webp"), (e) => {
|
||||
console.log(e)
|
||||
if(e) throw error(500, "could not mv: " + old_path)
|
||||
})
|
||||
});
|
||||
|
||||
return new Response(JSON.stringify({msg: "Deleted image successfully"}),{
|
||||
status: 200,
|
||||
});
|
||||
}) satisfies RequestHandler;
|
17
src/routes/api/rezepte/items/[name]/+server.ts
Normal file
17
src/routes/api/rezepte/items/[name]/+server.ts
Normal file
@ -0,0 +1,17 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
|
||||
import type {RecipeModelType} from '../../../../../types/types';
|
||||
import { error } from '@sveltejs/kit';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let recipe = (await Recipe.findOne({ short_name: params.name}).lean()) as RecipeModelType[];
|
||||
await dbDisconnect();
|
||||
|
||||
recipe = JSON.parse(JSON.stringify(recipe));
|
||||
if(recipe == null){
|
||||
throw error(404, "Recipe not found")
|
||||
}
|
||||
return json(recipe);
|
||||
};
|
12
src/routes/api/rezepte/items/all_brief/+server.ts
Normal file
12
src/routes/api/rezepte/items/all_brief/+server.ts
Normal file
@ -0,0 +1,12 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import type { BriefRecipeType } from '../../../../../types/types';
|
||||
import { Recipe } from '../../../../../models/Recipe'
|
||||
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
|
||||
import { rand_array } from '$lib/js/randomize';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let found_brief = rand_array(await Recipe.find({}, 'name short_name tags category icon description season').lean()) as BriefRecipeType[];
|
||||
await dbDisconnect();
|
||||
return json(JSON.parse(JSON.stringify(found_brief)));
|
||||
};
|
13
src/routes/api/rezepte/items/category/+server.ts
Normal file
13
src/routes/api/rezepte/items/category/+server.ts
Normal file
@ -0,0 +1,13 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
|
||||
import type {BriefRecipeType} from '../../../../../types/types';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let categories = (await Recipe.distinct('category').lean());
|
||||
await dbDisconnect();
|
||||
|
||||
categories= JSON.parse(JSON.stringify(categories));
|
||||
return json(categories);
|
||||
};
|
14
src/routes/api/rezepte/items/category/[category]/+server.ts
Normal file
14
src/routes/api/rezepte/items/category/[category]/+server.ts
Normal file
@ -0,0 +1,14 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../../../utils/db';
|
||||
import type {BriefRecipeType} from '../../../../../../types/types';
|
||||
import { rand_array } from '$lib/js/randomize';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let recipes = rand_array(await Recipe.find({category: params.category}, 'name short_name images tags category icon description season').lean()) as BriefRecipeType[];
|
||||
await dbDisconnect();
|
||||
|
||||
recipes = JSON.parse(JSON.stringify(recipes));
|
||||
return json(recipes);
|
||||
};
|
13
src/routes/api/rezepte/items/icon/+server.ts
Normal file
13
src/routes/api/rezepte/items/icon/+server.ts
Normal file
@ -0,0 +1,13 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
|
||||
import type {BriefRecipeType} from '../../../../../types/types';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let icons = (await Recipe.distinct('icon').lean());
|
||||
await dbDisconnect();
|
||||
|
||||
icons = JSON.parse(JSON.stringify(icons));
|
||||
return json(icons);
|
||||
};
|
14
src/routes/api/rezepte/items/icon/[icon]/+server.ts
Normal file
14
src/routes/api/rezepte/items/icon/[icon]/+server.ts
Normal file
@ -0,0 +1,14 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../../../utils/db';
|
||||
import type {BriefRecipeType} from '../../../../../../types/types';
|
||||
import { rand_array } from '$lib/js/randomize';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let recipes = rand_array(await Recipe.find({icon: params.icon}, 'name short_name images tags category icon description season').lean()) as BriefRecipeType[];
|
||||
await dbDisconnect();
|
||||
|
||||
recipes = JSON.parse(JSON.stringify(recipes));
|
||||
return json(recipes);
|
||||
};
|
13
src/routes/api/rezepte/items/in_season/[month]/+server.ts
Normal file
13
src/routes/api/rezepte/items/in_season/[month]/+server.ts
Normal file
@ -0,0 +1,13 @@
|
||||
import type {rand_array} from '$lib/js/randomize';
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../../models/Recipe'
|
||||
import { dbConnect, dbDisconnect } from '../../../../../../utils/db';
|
||||
import { rand_array } from '$lib/js/randomize';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let found_in_season = rand_array(await Recipe.find({season: params.month}, 'name short_name images tags category icon description season').lean());
|
||||
await dbDisconnect();
|
||||
found_in_season = JSON.parse(JSON.stringify(found_in_season));
|
||||
return json(found_in_season);
|
||||
};
|
13
src/routes/api/rezepte/items/tag/+server.ts
Normal file
13
src/routes/api/rezepte/items/tag/+server.ts
Normal file
@ -0,0 +1,13 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
|
||||
import type {BriefRecipeType} from '../../../../../types/types';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let categories = (await Recipe.distinct('tags').lean());
|
||||
await dbDisconnect();
|
||||
|
||||
categories= JSON.parse(JSON.stringify(categories));
|
||||
return json(categories);
|
||||
};
|
14
src/routes/api/rezepte/items/tag/[tag]/+server.ts
Normal file
14
src/routes/api/rezepte/items/tag/[tag]/+server.ts
Normal file
@ -0,0 +1,14 @@
|
||||
import { json, type RequestHandler } from '@sveltejs/kit';
|
||||
import { Recipe } from '../../../../../../models/Recipe';
|
||||
import { dbConnect, dbDisconnect } from '../../../../../../utils/db';
|
||||
import type {BriefRecipeType} from '../../../../../../types/types';
|
||||
import { rand_array } from '$lib/js/randomize';
|
||||
|
||||
export const GET: RequestHandler = async ({params}) => {
|
||||
await dbConnect();
|
||||
let recipes = rand_array(await Recipe.find({tags: params.tag}, 'name short_name images tags category icon description season').lean()) as BriefRecipeType[];
|
||||
await dbDisconnect();
|
||||
|
||||
recipes = JSON.parse(JSON.stringify(recipes));
|
||||
return json(recipes);
|
||||
};
|
23
src/routes/api/user/admin/users/+server.ts
Normal file
23
src/routes/api/user/admin/users/+server.ts
Normal file
@ -0,0 +1,23 @@
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { error } from '@sveltejs/kit';
|
||||
|
||||
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
|
||||
import { User } from '../../../../../models/User';
|
||||
import { get_username } from '$lib/js/get_username';
|
||||
|
||||
// header: use for bearer token for now
|
||||
// recipe json in body
|
||||
export const POST: RequestHandler = async ({cookies}) => {
|
||||
const requesting_user = await get_username(cookies)
|
||||
await dbConnect()
|
||||
let res = await User.findOne({username: requesting_user}, 'access').lean()
|
||||
if(!res.access.contains("admin")){
|
||||
await dbDisconnect()
|
||||
throw error(401, {message: "Your user does not have the permissions to do this"})
|
||||
}
|
||||
else{
|
||||
let res = await User.find({}, 'username access').lean()
|
||||
await dbDisconnect()
|
||||
return { res }
|
||||
}
|
||||
};
|
40
src/routes/api/user/change_pw/+server.ts
Normal file
40
src/routes/api/user/change_pw/+server.ts
Normal file
@ -0,0 +1,40 @@
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { hash } from 'argon2';
|
||||
|
||||
import { PEPPER } from '$env/static/private';
|
||||
|
||||
import { User } from '../../../../models/User';
|
||||
import { dbConnect, dbDisconnect } from '../../../../utils/db';
|
||||
|
||||
// header: use for bearer token for now
|
||||
// recipe json in body
|
||||
export const POST: RequestHandler = async ({request}) => {
|
||||
const {username, old_password, new_password} = await request.json()
|
||||
await dbConnect();
|
||||
const salt = await User.findOne({username: username}, 'salt');
|
||||
const pass_hash = await hashPassword(old_password + PEPPER, salt)
|
||||
try{
|
||||
await User.updateOne({
|
||||
username: username,
|
||||
pass_hash: pass_hash,
|
||||
})
|
||||
}catch(e){
|
||||
await dbDisconnect();
|
||||
throw error(400, e);
|
||||
}
|
||||
await dbDisconnect();
|
||||
return new Response(JSON.stringify({message: "User added successfully"}),
|
||||
{status: 200}
|
||||
);
|
||||
}
|
||||
};
|
||||
|
||||
async function hashPassword(password, salt) {
|
||||
try {
|
||||
const hashedPassword = await hash(password, salt); // Hash the password with the salt and pepper
|
||||
return hashedPassword;
|
||||
} catch (error) {
|
||||
console.error('Error hashing password:', error);
|
||||
}
|
||||
}
|
46
src/routes/api/user/login/+server.ts
Normal file
46
src/routes/api/user/login/+server.ts
Normal file
@ -0,0 +1,46 @@
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import pkg from 'jsonwebtoken';
|
||||
const { sign } = pkg;
|
||||
import { verify} from 'argon2';
|
||||
import { COOKIE_SECRET } from '$env/static/private'
|
||||
import { PEPPER } from '$env/static/private'
|
||||
|
||||
import { dbConnect, dbDisconnect } from '../../../../utils/db';
|
||||
import { User } from '../../../../models/User';
|
||||
|
||||
// header: use for bearer token for now
|
||||
// recipe json in body
|
||||
export const POST: RequestHandler = async ({request}) => {
|
||||
const {username, password} = await request.json()
|
||||
await dbConnect()
|
||||
let res = await User.findOne({username: username}, 'pass_hash salt').lean()
|
||||
await dbDisconnect()
|
||||
if(!res){
|
||||
console.log("NOT FOUND")
|
||||
throw error(401, {message: "wrong password or user does not exist"})
|
||||
}
|
||||
|
||||
const stored_pw = res.pass_hash
|
||||
const salt = res.salt
|
||||
|
||||
const isMatch = await verify(stored_pw, password + PEPPER, {salt})
|
||||
if(!isMatch){
|
||||
throw error(401, {message: "wrong password or user does not exist"})
|
||||
}
|
||||
|
||||
res = await createJWT(username)
|
||||
return new Response(JSON.stringify(res))
|
||||
};
|
||||
|
||||
async function createJWT(username) {
|
||||
const payload = {
|
||||
username: username,
|
||||
};
|
||||
|
||||
const masterSecret = COOKIE_SECRET;
|
||||
const secretKey = masterSecret;
|
||||
const jwt = sign(payload, secretKey);
|
||||
console.log(jwt)
|
||||
return jwt
|
||||
}
|
50
src/routes/api/user/register/+server.ts
Normal file
50
src/routes/api/user/register/+server.ts
Normal file
@ -0,0 +1,50 @@
|
||||
import type { RequestHandler } from '@sveltejs/kit';
|
||||
import { error } from '@sveltejs/kit';
|
||||
import { hash } from 'argon2';
|
||||
import { randomBytes } from 'crypto';
|
||||
import { ALLOW_REGISTRATION } from '$env/static/private';
|
||||
import { PEPPER } from '$env/static/private';
|
||||
|
||||
import { User } from '../../../../models/User';
|
||||
import { dbConnect, dbDisconnect } from '../../../../utils/db';
|
||||
|
||||
// header: use for bearer token for now
|
||||
// recipe json in body
|
||||
export const POST: RequestHandler = async ({request}) => {
|
||||
if(ALLOW_REGISTRATION){
|
||||
const {username, password} = await request.json()
|
||||
const salt = randomBytes(32).toString('hex'); // Generate a random salt
|
||||
|
||||
const pass_hash = await hashPassword(password + PEPPER, salt)
|
||||
await dbConnect();
|
||||
try{
|
||||
await User.create({
|
||||
username: username,
|
||||
pass_hash: pass_hash,
|
||||
salt: salt,
|
||||
access: [],
|
||||
})
|
||||
}catch(e){
|
||||
await dbDisconnect();
|
||||
throw error(400, e);
|
||||
}
|
||||
await dbDisconnect();
|
||||
return new Response(JSON.stringify({message: "User added successfully"}),
|
||||
{status: 200}
|
||||
);
|
||||
}
|
||||
else{
|
||||
throw error(401, "user registration currently closed")
|
||||
}
|
||||
|
||||
|
||||
};
|
||||
|
||||
async function hashPassword(password, salt) {
|
||||
try {
|
||||
const hashedPassword = await hash(password, salt); // Hash the password with the salt and pepper
|
||||
return hashedPassword;
|
||||
} catch (error) {
|
||||
console.error('Error hashing password:', error);
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user