theoludwig/FunctionProject
theoludwig/FunctionProject
Archived
1
1
Fork 0
Code Pull Requests Actions Releases Activity

👌 IMPROVE: API et frontend /admin + API https

Browse Source
This commit is contained in:
Divlo 2020-04-27 18:24:30 +02:00
parent bc249f00e4
commit 1ae744d3db
7 changed files with 52 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
api/app.js
View File

@ -1,15 +1,18 @@
/* Modules */ /* Modules */
require('dotenv').config(); require('dotenv').config();
const path = require('path'); const path = require('path');
const express = require('express'); const express = require('express');
const helmet = require('helmet'); const helmet = require('helmet');
const cors = require('cors'); const cors = require('cors');
const morgan = require('morgan'); const morgan = require('morgan');
const redirectToHTTPS = require('express-http-to-https').redirectToHTTPS;
/* Files Imports & Variables */ /* Files Imports & Variables */
const sequelize = require('./assets/utils/database'); const sequelize = require('./assets/utils/database');
const { PORT } = require('./assets/config/config'); const { PORT } = require('./assets/config/config');
const errorHandling = require('./assets/utils/errorHandling'); const errorHandling = require('./assets/utils/errorHandling');
const isAuth = require('./middlewares/isAuth');
const isAdmin = require('./middlewares/isAdmin');
const app = express(); const app = express();
/* Middlewares */ /* Middlewares */
@ -17,13 +20,14 @@ app.use(helmet());
app.use(cors()); app.use(cors());
app.use(morgan('dev')); app.use(morgan('dev'));
app.use(express.json()); app.use(express.json());
app.use(redirectToHTTPS([/localhost:(\d{4})/]));
/* Routes */ /* Routes */
app.use('/images', express.static(path.join(__dirname, "assets", "images"))); app.use('/images', express.static(path.join(__dirname, "assets", "images")));
app.use('/functions', require('./routes/functions')); app.use('/functions', require('./routes/functions'));
app.use('/categories', require('./routes/categories')); app.use('/categories', require('./routes/categories'));
app.use('/users', require('./routes/users')); app.use('/users', require('./routes/users'));
app.use('/admin', require('./routes/admin')); app.use('/admin', isAuth, isAdmin, require('./routes/admin'));
app.use('/favorites', require('./routes/favorites')); app.use('/favorites', require('./routes/favorites'));
app.use('/comments', require('./routes/comments')); app.use('/comments', require('./routes/comments'));
app.use('/quotes', require('./routes/quotes')); app.use('/quotes', require('./routes/quotes'));

8
api/package-lock.json generated
View File

@ -547,6 +547,14 @@
"busboy": "^0.3.1" "busboy": "^0.3.1"
} }
}, },
"express-http-to-https": {
"version": "1.1.4",
"resolved": "https://registry.npmjs.org/express-http-to-https/-/express-http-to-https-1.1.4.tgz",
"integrity": "sha512-jPe7xNKz+KdTYn0uJSBPug/AE5hCIgYrXed0SsmCm5TyydxeSK/U3sVyJyMaQmluJcIS+sbq6E/iB4CBZQIN1g==",
"requires": {
"express": "^4.15.3"
}
},
"express-validator": { "express-validator": {
"version": "6.4.0", "version": "6.4.0",
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.4.0.tgz", "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.4.0.tgz",

1
api/package.json
View File

@ -16,6 +16,7 @@
"cors": "^2.8.5", "cors": "^2.8.5",
"express": "^4.17.1", "express": "^4.17.1",
"express-fileupload": "^1.1.6", "express-fileupload": "^1.1.6",
"express-http-to-https": "^1.1.4",
"express-validator": "^6.4.0", "express-validator": "^6.4.0",
"helmet": "^3.21.3", "helmet": "^3.21.3",
"jsonwebtoken": "^8.5.1", "jsonwebtoken": "^8.5.1",

28
api/routes/admin.js
View File

@ -2,8 +2,6 @@ const { Router } = require('express');
const fileUpload = require('express-fileupload'); const fileUpload = require('express-fileupload');
const { body } = require('express-validator'); const { body } = require('express-validator');
const adminController = require('../controllers/admin'); const adminController = require('../controllers/admin');
const isAuth = require('../middlewares/isAuth');
const isAdmin = require('../middlewares/isAdmin');
const Functions = require('../models/functions'); const Functions = require('../models/functions');
const Categories = require('../models/categories'); const Categories = require('../models/categories');
@ -12,11 +10,10 @@ const AdminRouter = Router();
AdminRouter.route('/functions') AdminRouter.route('/functions')
// Récupère les fonctions // Récupère les fonctions
.get(isAuth, isAdmin, adminController.getFunctions) .get(adminController.getFunctions)
// Permet de créé une fonction // Permet de créé une fonction
.post(isAuth, isAdmin, .post(fileUpload({
fileUpload({
useTempFiles: true, useTempFiles: true,
safeFileNames: true, safeFileNames: true,
preserveExtension: Number, preserveExtension: Number,
@ -98,13 +95,12 @@ AdminRouter.route('/functions')
AdminRouter.route('/functions/:slug') AdminRouter.route('/functions/:slug')
// Récupère les informations d'une fonction // Récupère les informations d'une fonction
.get(isAuth, isAdmin, adminController.getFunctionBySlug); .get(adminController.getFunctionBySlug);
AdminRouter.route('/functions/:id') AdminRouter.route('/functions/:id')
// Modifie information basique d'une fonction // Modifie information basique d'une fonction
.put(isAuth, isAdmin, .put(fileUpload({
fileUpload({
useTempFiles: true, useTempFiles: true,
safeFileNames: true, safeFileNames: true,
preserveExtension: Number, preserveExtension: Number,
@ -173,37 +169,37 @@ AdminRouter.route('/functions/:id')
], adminController.putFunction) ], adminController.putFunction)
// Supprime une fonction avec son id // Supprime une fonction avec son id
.delete(isAuth, isAdmin, adminController.deleteFunction); .delete(adminController.deleteFunction);
AdminRouter.route('/functions/article/:id') AdminRouter.route('/functions/article/:id')
.put(isAuth, isAdmin, adminController.putFunctionArticle); .put(adminController.putFunctionArticle);
AdminRouter.route('/functions/form/:id') AdminRouter.route('/functions/form/:id')
.put(isAuth, isAdmin, adminController.putFunctionForm); .put(adminController.putFunctionForm);
AdminRouter.route('/categories') AdminRouter.route('/categories')
// Crée une catégorie // Crée une catégorie
.post(isAuth, isAdmin, adminController.postCategory); .post(adminController.postCategory);
AdminRouter.route('/categories/:id') AdminRouter.route('/categories/:id')
// Modifier une catégorie avec son id // Modifier une catégorie avec son id
.put(isAuth, isAdmin, adminController.putCategory) .put(adminController.putCategory)
// Supprime une catégorie avec son id // Supprime une catégorie avec son id
.delete(isAuth, isAdmin, adminController.deleteCategory); .delete(adminController.deleteCategory);
AdminRouter.route('/quotes') AdminRouter.route('/quotes')
// Récupère les citations pas encore validées // Récupère les citations pas encore validées
.get(isAuth, isAdmin, adminController.getQuotes); .get(adminController.getQuotes);
AdminRouter.route('/quotes/:id') AdminRouter.route('/quotes/:id')
// Valide ou supprime une citation // Valide ou supprime une citation
.put(isAuth, isAdmin, adminController.putQuote); .put(adminController.putQuote);
module.exports = AdminRouter; module.exports = AdminRouter;

16
website/pages/admin/index.js
View File

@ -16,10 +16,6 @@ const Admin = (props) => {
const toggleModal = () => setIsOpen(!isOpen); const toggleModal = () => setIsOpen(!isOpen);
if (!props.user.isAdmin && typeof window != 'undefined') {
return redirect({}, '/404');
}
return ( return (
<Fragment> <Fragment>
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject." /> <HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject." />
@ -66,12 +62,14 @@ const Admin = (props) => {
); );
} }
export async function getServerSideProps({ req }) { export async function getServerSideProps(context) {
const cookies = new Cookies(req.headers.cookie); const cookies = new Cookies(context.req.headers.cookie);
const user = { ...cookies.get('user') };
if (!user.isAdmin) {
return redirect(context, '/404');
}
return { return {
props: { props: { user }
user: { ...cookies.get('user') }
}
}; };
} }

16
website/pages/admin/manageCategories.js
View File

@ -112,10 +112,6 @@ const manageCategories = (props) => {
toggleModal(); toggleModal();
} }
if (!props.user.isAdmin && typeof window != 'undefined') {
return redirect({}, '/404');
}
return ( return (
<Fragment> <Fragment>
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject. Gérer les catégories." /> <HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject. Gérer les catégories." />
@ -177,12 +173,14 @@ const manageCategories = (props) => {
); );
} }
export async function getServerSideProps({ req }) { export async function getServerSideProps(context) {
const cookies = new Cookies(req.headers.cookie); const cookies = new Cookies(context.req.headers.cookie);
const user = { ...cookies.get('user') };
if (!user.isAdmin) {
return redirect(context, '/404');
}
return { return {
props: { props: { user }
user: { ...cookies.get('user') }
}
}; };
} }

16
website/pages/admin/manageQuotes.js
View File

@ -43,10 +43,6 @@ const manageQuotes = (props) => {
if (node) observer.current.observe(node); if (node) observer.current.observe(node);
}, [isLoadingQuotes, quotesData.hasMore]); }, [isLoadingQuotes, quotesData.hasMore]);
if (!props.user.isAdmin && typeof window != 'undefined') {
return redirect({}, '/404');
}
const handleValidationQuote = async (id, isValid) => { const handleValidationQuote = async (id, isValid) => {
try { try {
await api.put(`/admin/quotes/${id}`, { isValid }, { headers: { 'Authorization': props.user.token } }); await api.put(`/admin/quotes/${id}`, { isValid }, { headers: { 'Authorization': props.user.token } });
@ -112,12 +108,14 @@ const manageQuotes = (props) => {
); );
} }
export async function getServerSideProps({ req }) { export async function getServerSideProps(context) {
const cookies = new Cookies(req.headers.cookie); const cookies = new Cookies(context.req.headers.cookie);
const user = { ...cookies.get('user') };
if (!user.isAdmin) {
return redirect(context, '/404');
}
return { return {
props: { props: { user }
user: { ...cookies.get('user') }
}
}; };
} }