👌 IMPROVE: API et frontend /admin + API https
This commit is contained in:
parent
bc249f00e4
commit
1ae744d3db
16
api/app.js
16
api/app.js
@ -1,15 +1,18 @@
|
|||||||
/* Modules */
|
/* Modules */
|
||||||
require('dotenv').config();
|
require('dotenv').config();
|
||||||
const path = require('path');
|
const path = require('path');
|
||||||
const express = require('express');
|
const express = require('express');
|
||||||
const helmet = require('helmet');
|
const helmet = require('helmet');
|
||||||
const cors = require('cors');
|
const cors = require('cors');
|
||||||
const morgan = require('morgan');
|
const morgan = require('morgan');
|
||||||
|
const redirectToHTTPS = require('express-http-to-https').redirectToHTTPS;
|
||||||
|
|
||||||
/* Files Imports & Variables */
|
/* Files Imports & Variables */
|
||||||
const sequelize = require('./assets/utils/database');
|
const sequelize = require('./assets/utils/database');
|
||||||
const { PORT } = require('./assets/config/config');
|
const { PORT } = require('./assets/config/config');
|
||||||
const errorHandling = require('./assets/utils/errorHandling');
|
const errorHandling = require('./assets/utils/errorHandling');
|
||||||
|
const isAuth = require('./middlewares/isAuth');
|
||||||
|
const isAdmin = require('./middlewares/isAdmin');
|
||||||
const app = express();
|
const app = express();
|
||||||
|
|
||||||
/* Middlewares */
|
/* Middlewares */
|
||||||
@ -17,13 +20,14 @@ app.use(helmet());
|
|||||||
app.use(cors());
|
app.use(cors());
|
||||||
app.use(morgan('dev'));
|
app.use(morgan('dev'));
|
||||||
app.use(express.json());
|
app.use(express.json());
|
||||||
|
app.use(redirectToHTTPS([/localhost:(\d{4})/]));
|
||||||
|
|
||||||
/* Routes */
|
/* Routes */
|
||||||
app.use('/images', express.static(path.join(__dirname, "assets", "images")));
|
app.use('/images', express.static(path.join(__dirname, "assets", "images")));
|
||||||
app.use('/functions', require('./routes/functions'));
|
app.use('/functions', require('./routes/functions'));
|
||||||
app.use('/categories', require('./routes/categories'));
|
app.use('/categories', require('./routes/categories'));
|
||||||
app.use('/users', require('./routes/users'));
|
app.use('/users', require('./routes/users'));
|
||||||
app.use('/admin', require('./routes/admin'));
|
app.use('/admin', isAuth, isAdmin, require('./routes/admin'));
|
||||||
app.use('/favorites', require('./routes/favorites'));
|
app.use('/favorites', require('./routes/favorites'));
|
||||||
app.use('/comments', require('./routes/comments'));
|
app.use('/comments', require('./routes/comments'));
|
||||||
app.use('/quotes', require('./routes/quotes'));
|
app.use('/quotes', require('./routes/quotes'));
|
||||||
|
8
api/package-lock.json
generated
8
api/package-lock.json
generated
@ -547,6 +547,14 @@
|
|||||||
"busboy": "^0.3.1"
|
"busboy": "^0.3.1"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"express-http-to-https": {
|
||||||
|
"version": "1.1.4",
|
||||||
|
"resolved": "https://registry.npmjs.org/express-http-to-https/-/express-http-to-https-1.1.4.tgz",
|
||||||
|
"integrity": "sha512-jPe7xNKz+KdTYn0uJSBPug/AE5hCIgYrXed0SsmCm5TyydxeSK/U3sVyJyMaQmluJcIS+sbq6E/iB4CBZQIN1g==",
|
||||||
|
"requires": {
|
||||||
|
"express": "^4.15.3"
|
||||||
|
}
|
||||||
|
},
|
||||||
"express-validator": {
|
"express-validator": {
|
||||||
"version": "6.4.0",
|
"version": "6.4.0",
|
||||||
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.4.0.tgz",
|
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.4.0.tgz",
|
||||||
|
@ -16,6 +16,7 @@
|
|||||||
"cors": "^2.8.5",
|
"cors": "^2.8.5",
|
||||||
"express": "^4.17.1",
|
"express": "^4.17.1",
|
||||||
"express-fileupload": "^1.1.6",
|
"express-fileupload": "^1.1.6",
|
||||||
|
"express-http-to-https": "^1.1.4",
|
||||||
"express-validator": "^6.4.0",
|
"express-validator": "^6.4.0",
|
||||||
"helmet": "^3.21.3",
|
"helmet": "^3.21.3",
|
||||||
"jsonwebtoken": "^8.5.1",
|
"jsonwebtoken": "^8.5.1",
|
||||||
|
@ -2,8 +2,6 @@ const { Router } = require('express');
|
|||||||
const fileUpload = require('express-fileupload');
|
const fileUpload = require('express-fileupload');
|
||||||
const { body } = require('express-validator');
|
const { body } = require('express-validator');
|
||||||
const adminController = require('../controllers/admin');
|
const adminController = require('../controllers/admin');
|
||||||
const isAuth = require('../middlewares/isAuth');
|
|
||||||
const isAdmin = require('../middlewares/isAdmin');
|
|
||||||
const Functions = require('../models/functions');
|
const Functions = require('../models/functions');
|
||||||
const Categories = require('../models/categories');
|
const Categories = require('../models/categories');
|
||||||
|
|
||||||
@ -12,11 +10,10 @@ const AdminRouter = Router();
|
|||||||
AdminRouter.route('/functions')
|
AdminRouter.route('/functions')
|
||||||
|
|
||||||
// Récupère les fonctions
|
// Récupère les fonctions
|
||||||
.get(isAuth, isAdmin, adminController.getFunctions)
|
.get(adminController.getFunctions)
|
||||||
|
|
||||||
// Permet de créé une fonction
|
// Permet de créé une fonction
|
||||||
.post(isAuth, isAdmin,
|
.post(fileUpload({
|
||||||
fileUpload({
|
|
||||||
useTempFiles: true,
|
useTempFiles: true,
|
||||||
safeFileNames: true,
|
safeFileNames: true,
|
||||||
preserveExtension: Number,
|
preserveExtension: Number,
|
||||||
@ -98,13 +95,12 @@ AdminRouter.route('/functions')
|
|||||||
AdminRouter.route('/functions/:slug')
|
AdminRouter.route('/functions/:slug')
|
||||||
|
|
||||||
// Récupère les informations d'une fonction
|
// Récupère les informations d'une fonction
|
||||||
.get(isAuth, isAdmin, adminController.getFunctionBySlug);
|
.get(adminController.getFunctionBySlug);
|
||||||
|
|
||||||
AdminRouter.route('/functions/:id')
|
AdminRouter.route('/functions/:id')
|
||||||
|
|
||||||
// Modifie information basique d'une fonction
|
// Modifie information basique d'une fonction
|
||||||
.put(isAuth, isAdmin,
|
.put(fileUpload({
|
||||||
fileUpload({
|
|
||||||
useTempFiles: true,
|
useTempFiles: true,
|
||||||
safeFileNames: true,
|
safeFileNames: true,
|
||||||
preserveExtension: Number,
|
preserveExtension: Number,
|
||||||
@ -173,37 +169,37 @@ AdminRouter.route('/functions/:id')
|
|||||||
], adminController.putFunction)
|
], adminController.putFunction)
|
||||||
|
|
||||||
// Supprime une fonction avec son id
|
// Supprime une fonction avec son id
|
||||||
.delete(isAuth, isAdmin, adminController.deleteFunction);
|
.delete(adminController.deleteFunction);
|
||||||
|
|
||||||
AdminRouter.route('/functions/article/:id')
|
AdminRouter.route('/functions/article/:id')
|
||||||
|
|
||||||
.put(isAuth, isAdmin, adminController.putFunctionArticle);
|
.put(adminController.putFunctionArticle);
|
||||||
|
|
||||||
AdminRouter.route('/functions/form/:id')
|
AdminRouter.route('/functions/form/:id')
|
||||||
|
|
||||||
.put(isAuth, isAdmin, adminController.putFunctionForm);
|
.put(adminController.putFunctionForm);
|
||||||
|
|
||||||
AdminRouter.route('/categories')
|
AdminRouter.route('/categories')
|
||||||
|
|
||||||
// Crée une catégorie
|
// Crée une catégorie
|
||||||
.post(isAuth, isAdmin, adminController.postCategory);
|
.post(adminController.postCategory);
|
||||||
|
|
||||||
AdminRouter.route('/categories/:id')
|
AdminRouter.route('/categories/:id')
|
||||||
|
|
||||||
// Modifier une catégorie avec son id
|
// Modifier une catégorie avec son id
|
||||||
.put(isAuth, isAdmin, adminController.putCategory)
|
.put(adminController.putCategory)
|
||||||
|
|
||||||
// Supprime une catégorie avec son id
|
// Supprime une catégorie avec son id
|
||||||
.delete(isAuth, isAdmin, adminController.deleteCategory);
|
.delete(adminController.deleteCategory);
|
||||||
|
|
||||||
AdminRouter.route('/quotes')
|
AdminRouter.route('/quotes')
|
||||||
|
|
||||||
// Récupère les citations pas encore validées
|
// Récupère les citations pas encore validées
|
||||||
.get(isAuth, isAdmin, adminController.getQuotes);
|
.get(adminController.getQuotes);
|
||||||
|
|
||||||
AdminRouter.route('/quotes/:id')
|
AdminRouter.route('/quotes/:id')
|
||||||
|
|
||||||
// Valide ou supprime une citation
|
// Valide ou supprime une citation
|
||||||
.put(isAuth, isAdmin, adminController.putQuote);
|
.put(adminController.putQuote);
|
||||||
|
|
||||||
module.exports = AdminRouter;
|
module.exports = AdminRouter;
|
@ -16,10 +16,6 @@ const Admin = (props) => {
|
|||||||
|
|
||||||
const toggleModal = () => setIsOpen(!isOpen);
|
const toggleModal = () => setIsOpen(!isOpen);
|
||||||
|
|
||||||
if (!props.user.isAdmin && typeof window != 'undefined') {
|
|
||||||
return redirect({}, '/404');
|
|
||||||
}
|
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<Fragment>
|
<Fragment>
|
||||||
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject." />
|
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject." />
|
||||||
@ -66,12 +62,14 @@ const Admin = (props) => {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function getServerSideProps({ req }) {
|
export async function getServerSideProps(context) {
|
||||||
const cookies = new Cookies(req.headers.cookie);
|
const cookies = new Cookies(context.req.headers.cookie);
|
||||||
|
const user = { ...cookies.get('user') };
|
||||||
|
if (!user.isAdmin) {
|
||||||
|
return redirect(context, '/404');
|
||||||
|
}
|
||||||
return {
|
return {
|
||||||
props: {
|
props: { user }
|
||||||
user: { ...cookies.get('user') }
|
|
||||||
}
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -111,10 +111,6 @@ const manageCategories = (props) => {
|
|||||||
setIsEditing(true);
|
setIsEditing(true);
|
||||||
toggleModal();
|
toggleModal();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!props.user.isAdmin && typeof window != 'undefined') {
|
|
||||||
return redirect({}, '/404');
|
|
||||||
}
|
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<Fragment>
|
<Fragment>
|
||||||
@ -177,12 +173,14 @@ const manageCategories = (props) => {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function getServerSideProps({ req }) {
|
export async function getServerSideProps(context) {
|
||||||
const cookies = new Cookies(req.headers.cookie);
|
const cookies = new Cookies(context.req.headers.cookie);
|
||||||
|
const user = { ...cookies.get('user') };
|
||||||
|
if (!user.isAdmin) {
|
||||||
|
return redirect(context, '/404');
|
||||||
|
}
|
||||||
return {
|
return {
|
||||||
props: {
|
props: { user }
|
||||||
user: { ...cookies.get('user') }
|
|
||||||
}
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -43,10 +43,6 @@ const manageQuotes = (props) => {
|
|||||||
if (node) observer.current.observe(node);
|
if (node) observer.current.observe(node);
|
||||||
}, [isLoadingQuotes, quotesData.hasMore]);
|
}, [isLoadingQuotes, quotesData.hasMore]);
|
||||||
|
|
||||||
if (!props.user.isAdmin && typeof window != 'undefined') {
|
|
||||||
return redirect({}, '/404');
|
|
||||||
}
|
|
||||||
|
|
||||||
const handleValidationQuote = async (id, isValid) => {
|
const handleValidationQuote = async (id, isValid) => {
|
||||||
try {
|
try {
|
||||||
await api.put(`/admin/quotes/${id}`, { isValid }, { headers: { 'Authorization': props.user.token } });
|
await api.put(`/admin/quotes/${id}`, { isValid }, { headers: { 'Authorization': props.user.token } });
|
||||||
@ -112,12 +108,14 @@ const manageQuotes = (props) => {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function getServerSideProps({ req }) {
|
export async function getServerSideProps(context) {
|
||||||
const cookies = new Cookies(req.headers.cookie);
|
const cookies = new Cookies(context.req.headers.cookie);
|
||||||
|
const user = { ...cookies.get('user') };
|
||||||
|
if (!user.isAdmin) {
|
||||||
|
return redirect(context, '/404');
|
||||||
|
}
|
||||||
return {
|
return {
|
||||||
props: {
|
props: { user }
|
||||||
user: { ...cookies.get('user') }
|
|
||||||
}
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user