2020-10-01 10:52:05 -04:00
|
|
|
'use strict';
|
|
|
|
|
|
2020-03-31 17:06:13 -04:00
|
|
|
const router = require('express').Router();
|
2020-10-01 10:52:05 -04:00
|
|
|
const middleware = require('../../middleware');
|
2020-03-30 13:16:29 -04:00
|
|
|
const controllers = require('../../controllers');
|
2020-03-31 17:06:13 -04:00
|
|
|
const routeHelpers = require('../helpers');
|
|
|
|
|
|
|
|
|
|
const setupApiRoute = routeHelpers.setupApiRoute;
|
2020-10-01 10:52:05 -04:00
|
|
|
|
2020-03-31 17:06:13 -04:00
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
function guestRoutes() {
|
|
|
|
|
// like registration, login...
|
|
|
|
|
}
|
2020-10-01 10:52:05 -04:00
|
|
|
|
2020-03-31 17:06:13 -04:00
|
|
|
function authenticatedRoutes() {
|
|
|
|
|
const middlewares = [middleware.authenticate];
|
2020-10-01 10:52:05 -04:00
|
|
|
|
2020-10-15 23:12:19 -04:00
|
|
|
setupApiRoute(router, 'post', '/', [...middlewares, middleware.checkRequired.bind(null, ['username']), middleware.isAdmin], controllers.write.users.create);
|
|
|
|
|
setupApiRoute(router, 'delete', '/', [...middlewares, middleware.checkRequired.bind(null, ['uids']), middleware.isAdmin, middleware.exposePrivileges], controllers.write.users.deleteMany);
|
2020-03-31 19:26:03 -04:00
|
|
|
|
2020-10-15 23:12:19 -04:00
|
|
|
setupApiRoute(router, 'put', '/:uid', [...middlewares, middleware.assert.user], controllers.write.users.update);
|
|
|
|
|
setupApiRoute(router, 'delete', '/:uid', [...middlewares, middleware.assert.user, middleware.exposePrivileges], controllers.write.users.delete);
|
2020-10-01 10:52:05 -04:00
|
|
|
|
2020-10-22 14:07:45 -04:00
|
|
|
setupApiRoute(router, 'put', '/:uid/settings', [...middlewares, middleware.checkRequired.bind(null, ['settings'])], controllers.write.users.updateSettings);
|
|
|
|
|
setupApiRoute(router, 'put', '/:uid/settings/:setting', [...middlewares, middleware.checkRequired.bind(null, ['value'])], controllers.write.users.updateSetting);
|
|
|
|
|
|
2020-10-15 23:12:19 -04:00
|
|
|
setupApiRoute(router, 'put', '/:uid/password', [...middlewares, middleware.checkRequired.bind(null, ['newPassword']), middleware.assert.user], controllers.write.users.changePassword);
|
2020-10-01 10:52:05 -04:00
|
|
|
|
2020-10-15 23:12:19 -04:00
|
|
|
setupApiRoute(router, 'put', '/:uid/follow', [...middlewares, middleware.assert.user], controllers.write.users.follow);
|
|
|
|
|
setupApiRoute(router, 'delete', '/:uid/follow', [...middlewares, middleware.assert.user], controllers.write.users.unfollow);
|
2020-03-31 20:54:10 -04:00
|
|
|
|
2020-10-15 23:12:19 -04:00
|
|
|
setupApiRoute(router, 'put', '/:uid/ban', [...middlewares, middleware.assert.user, middleware.exposePrivileges], controllers.write.users.ban);
|
|
|
|
|
setupApiRoute(router, 'delete', '/:uid/ban', [...middlewares, middleware.assert.user, middleware.exposePrivileges], controllers.write.users.unban);
|
2020-10-01 10:52:05 -04:00
|
|
|
|
2020-10-15 23:12:19 -04:00
|
|
|
setupApiRoute(router, 'post', '/:uid/tokens', [...middlewares, middleware.assert.user, middleware.exposePrivilegeSet], controllers.write.users.generateToken);
|
|
|
|
|
setupApiRoute(router, 'delete', '/:uid/tokens/:token', [...middlewares, middleware.assert.user, middleware.exposePrivilegeSet], controllers.write.users.deleteToken);
|
2020-03-31 17:06:13 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module.exports = function () {
|
|
|
|
|
authenticatedRoutes();
|
2020-10-01 10:52:05 -04:00
|
|
|
|
2020-03-30 13:16:29 -04:00
|
|
|
return router;
|
2020-10-01 10:52:05 -04:00
|
|
|
};
|
