remove old api routes;

This commit is contained in:
Alexander Bocken 2023-07-22 13:09:28 +02:00
parent 04827b1a39
commit 516ce43025
Signed by: Alexander
GPG Key ID: 1D237BE83F9B05E8
18 changed files with 0 additions and 456 deletions

View File

@ -1,30 +0,0 @@
import type { RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../utils/db';
import { error } from '@sveltejs/kit';
import { authenticateUser } from '$lib/js/authenticate';;
// header: use for bearer token for now
// recipe json in body
export const POST: RequestHandler = async ({request, cookies}) => {
let message = await request.json()
const recipe_json = message.recipe
const user = await authenticateUser(cookies)
if(!user){
throw error(401, "Not logged in")
}
if(!user.access.includes("rezepte")){
throw error(401, "This user does not have permissions to add recipes")
}
else{
await dbConnect();
try{
await Recipe.create(recipe_json);
} catch(e){
throw error(400, e)
}
await dbDisconnect();
return new Response(JSON.stringify({msg: "Added recipe successfully"}),{
status: 200,
});
}
};

View File

@ -1,23 +0,0 @@
import type { RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../utils/db';
import type {RecipeModelType} from '../../../types/types';
import { error } from '@sveltejs/kit';
import { authenticateUser } from '$lib/js/authenticate';
// header: use for bearer token for now
// recipe json in body
export const POST: RequestHandler = async ({request, cookies}) => {
let message = await request.json()
const user = await authenticateUser(cookies)
if(!user) throw error(401, "Need to be logged in")
if(!user.access.includes("rezepte")) throw error(401, "Insufficient permissions")
const short_name = message.old_short_name
await dbConnect();
await Recipe.findOneAndDelete({short_name: short_name});
await dbDisconnect();
return new Response(JSON.stringify({msg: "Deleted recipe successfully"}),{
status: 200,
});
}

View File

@ -1,29 +0,0 @@
import type { RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../utils/db';
import type {RecipeModelType} from '../../../types/types';
import { error } from '@sveltejs/kit';
import { authenticateUser } from '$lib/js/authenticate';
// header: use for bearer token for now
// recipe json in body
export const POST: RequestHandler = async ({request, cookies}) => {
let message = await request.json()
const recipe_json = message.recipe
const user = await authenticateUser(cookies)
console.log(user)
if(!user){
throw error(403, "Not logged in")
}
else if(!user.access.includes("rezepte")){
throw error(403, "This user does not have edit permissions for recipes")
}
else{
await dbConnect();
await Recipe.findOneAndUpdate({short_name: message.old_short_name }, recipe_json);
await dbDisconnect();
return new Response(JSON.stringify({msg: "Edited recipe successfully"}),{
status: 200,
});
}
};

View File

@ -1,46 +0,0 @@
import path from 'path'
import type { RequestHandler } from '@sveltejs/kit';
import { error } from '@sveltejs/kit';
import { IMAGE_DIR } from '$env/static/private'
import sharp from 'sharp';
import { authenticateUser } from '$lib/js/authenticate';
export const POST = (async ({ request, cookies }) => {
const data = await request.json();
const user = await authenticateUser(cookies)
if (!user) throw error(401, "Need to be logged in")
if (!user.access.includes("rezepte")) throw error(401, "You don't have sufficient permissions for this")
let full_res = new Buffer.from(data.image, 'base64')
// reduce image size if over 500KB
const MAX_SIZE_KB = 500
//const metadata = await sharp(full_res).metadata()
////reduce image size if larger than 500KB
//if(metadata.size > MAX_SIZE_KB*1000){
// full_res = sharp(full_res).
// webp( { quality: 70})
// .toBuffer()
//}
await sharp(full_res)
.toFormat('webp')
.toFile(path.join(IMAGE_DIR,
"rezepte",
"full",
data.name + ".webp"))
await sharp(full_res)
.resize({ width: 800})
.toFormat('webp')
.toFile(path.join(IMAGE_DIR,
"rezepte",
"thumb",
data.name + ".webp"))
await sharp(full_res)
.resize({ width: 20})
.toFormat('webp')
.toFile(path.join(IMAGE_DIR,
"rezepte",
"placeholder",
data.name + ".webp"))
return new Response(JSON.stringify({msg: "Added image successfully"}),{
status: 200,
});
}) satisfies RequestHandler;

View File

@ -1,21 +0,0 @@
import path from 'path'
import type { RequestHandler } from '@sveltejs/kit';
import { IMAGE_DIR } from '$env/static/private'
import { unlink } from 'node:fs';
import { error } from '@sveltejs/kit';
import { authenticateUser } from '$lib/js/authenticate';;
export const POST = (async ({ request, cookies }) => {
const data = await request.json();
const user = await authenticateUser(cookies)
if(!user) throw error(401, "You need to be logged in")
if(!user.access.includes("rezepte")) throw error(401, "Your don't have the required permission for this")
[ "full", "thumb", "placeholder"].forEach((folder) => {
unlink(path.join(IMAGE_DIR, "rezepte", folder, data.name + ".webp"), (e) => {
if(e) error(404, "could not delete: " + folder + "/" + data.name + ".webp" + e)
})
})
return new Response(JSON.stringify({msg: "Deleted image successfully"}),{
status: 200,
});
}) satisfies RequestHandler;

View File

@ -1,25 +0,0 @@
import path from 'path'
import type { RequestHandler } from '@sveltejs/kit';
import { IMAGE_DIR } from '$env/static/private'
import { rename } from 'node:fs';
import { error } from '@sveltejs/kit';
import { authenticateUser } from '$lib/js/authenticate';
export const POST = (async ({ request, cookies }) => {
const data = await request.json();
const user = await authenticateUser(cookies)
if(!user) throw error(401, "need to be logged in")
if(!user.access.includes("rezepte")) throw error(401, "You don't have the required permission to do this")
[ "full", "thumb", "placeholder"].forEach((folder) => {
const old_path = path.join(IMAGE_DIR, "rezepte", folder, data.old_name + ".webp")
rename(old_path, path.join(IMAGE_DIR, "rezepte", folder, data.new_name + ".webp"), (e) => {
console.log(e)
if(e) throw error(500, "could not mv: " + old_path)
})
});
return new Response(JSON.stringify({msg: "Deleted image successfully"}),{
status: 200,
});
}) satisfies RequestHandler;

View File

@ -1,17 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../utils/db';
import type {RecipeModelType} from '../../../../types/types';
import { error } from '@sveltejs/kit';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let recipe = (await Recipe.findOne({ short_name: params.name}).lean()) as RecipeModelType[];
await dbDisconnect();
recipe = JSON.parse(JSON.stringify(recipe));
if(recipe == null){
throw error(404, "Recipe not found")
}
return json(recipe);
};

View File

@ -1,12 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import type { BriefRecipeType } from '../../../../types/types';
import { Recipe } from '../../../../models/Recipe'
import { dbConnect, dbDisconnect } from '../../../../utils/db';
import { rand_array } from '$lib/js/randomize';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let found_brief = rand_array(await Recipe.find({}, 'name short_name tags category icon description season').lean()) as BriefRecipeType[];
await dbDisconnect();
return json(JSON.parse(JSON.stringify(found_brief)));
};

View File

@ -1,13 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../utils/db';
import type {BriefRecipeType} from '../../../../types/types';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let categories = (await Recipe.distinct('category').lean());
await dbDisconnect();
categories= JSON.parse(JSON.stringify(categories));
return json(categories);
};

View File

@ -1,14 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
import type {BriefRecipeType} from '../../../../../types/types';
import { rand_array } from '$lib/js/randomize';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let recipes = rand_array(await Recipe.find({category: params.category}, 'name short_name images tags category icon description season').lean()) as BriefRecipeType[];
await dbDisconnect();
recipes = JSON.parse(JSON.stringify(recipes));
return json(recipes);
};

View File

@ -1,13 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../utils/db';
import type {BriefRecipeType} from '../../../../types/types';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let icons = (await Recipe.distinct('icon').lean());
await dbDisconnect();
icons = JSON.parse(JSON.stringify(icons));
return json(icons);
};

View File

@ -1,14 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
import type {BriefRecipeType} from '../../../../../types/types';
import { rand_array } from '$lib/js/randomize';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let recipes = rand_array(await Recipe.find({icon: params.icon}, 'name short_name images tags category icon description season').lean()) as BriefRecipeType[];
await dbDisconnect();
recipes = JSON.parse(JSON.stringify(recipes));
return json(recipes);
};

View File

@ -1,13 +0,0 @@
import type {rand_array} from '$lib/js/randomize';
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../../models/Recipe'
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
import { rand_array } from '$lib/js/randomize';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let found_in_season = rand_array(await Recipe.find({season: params.month}, 'name short_name images tags category icon description season').lean());
await dbDisconnect();
found_in_season = JSON.parse(JSON.stringify(found_in_season));
return json(found_in_season);
};

View File

@ -1,13 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../utils/db';
import type {BriefRecipeType} from '../../../../types/types';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let categories = (await Recipe.distinct('tags').lean());
await dbDisconnect();
categories= JSON.parse(JSON.stringify(categories));
return json(categories);
};

View File

@ -1,14 +0,0 @@
import { json, type RequestHandler } from '@sveltejs/kit';
import { Recipe } from '../../../../../models/Recipe';
import { dbConnect, dbDisconnect } from '../../../../../utils/db';
import type {BriefRecipeType} from '../../../../../types/types';
import { rand_array } from '$lib/js/randomize';
export const GET: RequestHandler = async ({params}) => {
await dbConnect();
let recipes = rand_array(await Recipe.find({tags: params.tag}, 'name short_name images tags category icon description season').lean()) as BriefRecipeType[];
await dbDisconnect();
recipes = JSON.parse(JSON.stringify(recipes));
return json(recipes);
};

View File

@ -1,46 +0,0 @@
import type { RequestHandler } from '@sveltejs/kit';
import { error } from '@sveltejs/kit';
import pkg from 'jsonwebtoken';
const { sign } = pkg;
import { verify} from 'argon2';
import { COOKIE_SECRET } from '$env/static/private'
import { PEPPER } from '$env/static/private'
import { dbConnect, dbDisconnect } from '../../../utils/db';
import { User } from '../../../models/User';
// header: use for bearer token for now
// recipe json in body
export const POST: RequestHandler = async ({request}) => {
const {username, password} = await request.json()
await dbConnect()
let res = await User.findOne({username: username}, 'pass_hash salt').lean()
await dbDisconnect()
if(!res){
console.log("NOT FOUND")
throw error(401, {message: "wrong password or user does not exist"})
}
const stored_pw = res.pass_hash
const salt = res.salt
const isMatch = await verify(stored_pw, password + PEPPER, {salt})
if(!isMatch){
throw error(401, {message: "wrong password or user does not exist"})
}
res = await createJWT(username)
return new Response(JSON.stringify(res))
};
async function createJWT(username) {
const payload = {
username: username,
};
const masterSecret = COOKIE_SECRET;
const secretKey = masterSecret;
const jwt = sign(payload, secretKey);
console.log(jwt)
return jwt
}

View File

@ -1,50 +0,0 @@
import type { RequestHandler } from '@sveltejs/kit';
import { error } from '@sveltejs/kit';
import { hash } from 'argon2';
import { randomBytes } from 'crypto';
import { ALLOW_REGISTRATION } from '$env/static/private';
import { PEPPER } from '$env/static/private';
import { User } from '../../../models/User';
import { dbConnect, dbDisconnect } from '../../../utils/db';
// header: use for bearer token for now
// recipe json in body
export const POST: RequestHandler = async ({request}) => {
if(ALLOW_REGISTRATION){
const {username, password, access} = await request.json()
const salt = randomBytes(32).toString('hex'); // Generate a random salt
const pass_hash = await hashPassword(password + PEPPER, salt)
await dbConnect();
try{
await User.create({
username: username,
pass_hash: pass_hash,
salt: salt,
access: access,
})
}catch(e){
await dbDisconnect();
throw error(400, e);
}
await dbDisconnect();
return new Response(JSON.stringify({message: "User added successfully"}),
{status: 200}
);
}
else{
throw error(401, "user registration currently closed")
}
};
async function hashPassword(password, salt) {
try {
const hashedPassword = await hash(password, salt); // Hash the password with the salt and pepper
return hashedPassword;
} catch (error) {
console.error('Error hashing password:', error);
}
}

View File

@ -1,63 +0,0 @@
import type { RequestHandler } from '@sveltejs/kit';
import { error } from '@sveltejs/kit';
import pkg from 'jsonwebtoken';
const { verify } = pkg;
import { hash} from 'argon2';
import { randomBytes } from 'crypto';
import { COOKIE_SECRET } from '$env/static/private'
import { ALLOW_REGISTRATION } from '$env/static/private'
import { User } from '../../../models/User';
import { dbConnect, dbDisconnect } from '../../../utils/db';
import { getJWTFromRequest } from '../../../utils/cookie';
// header: use for bearer token for now
// recipe json in body
export const GET: RequestHandler = async ({request}) => {
const jwt = getJWTFromRequest(request)
// Set your master secret key (replace with your own secret)
const masterSecret = COOKIE_SECRET;
const secretKey = masterSecret
let decoded
try{
decoded = await verify(jwt, secretKey);
}
catch(e){
throw error(401, "Cookies have changed, please log in again")
}
await dbConnect()
let res = await User.findOne({username: decoded.username}, 'access').lean();
await dbDisconnect()
if(!res){
throw error(404, "User for this Cookie does no longer exist")
}
return new Response(JSON.stringify({
username: decoded.username,
access: res.access
}), {status: 200})
};
async function hashPassword(password, salt) {
try {
const hashedPassword = await hash(password, salt); // Hash the password with the salt
return hashedPassword;
} catch (error) {
console.error('Error hashing password:', error);
}
}
async function createJWT(username, userSalt) {
const payload = {
username: username,
};
const masterSecret = COOKIE_SECRET;
const secretKey = masterSecret + userSalt;
const jwt = sign(payload, secretKey);
return jwt
}