👌 IMPROVE: API et frontend /admin + API https

This commit is contained in:
Divlo 2020-04-27 18:24:30 +02:00
parent bc249f00e4
commit 1ae744d3db
7 changed files with 52 additions and 49 deletions

View File

@ -5,11 +5,14 @@ const express = require('express');
const helmet = require('helmet');
const cors = require('cors');
const morgan = require('morgan');
const redirectToHTTPS = require('express-http-to-https').redirectToHTTPS;
/* Files Imports & Variables */
const sequelize = require('./assets/utils/database');
const { PORT } = require('./assets/config/config');
const errorHandling = require('./assets/utils/errorHandling');
const isAuth = require('./middlewares/isAuth');
const isAdmin = require('./middlewares/isAdmin');
const app = express();
/* Middlewares */
@ -17,13 +20,14 @@ app.use(helmet());
app.use(cors());
app.use(morgan('dev'));
app.use(express.json());
app.use(redirectToHTTPS([/localhost:(\d{4})/]));
/* Routes */
app.use('/images', express.static(path.join(__dirname, "assets", "images")));
app.use('/functions', require('./routes/functions'));
app.use('/categories', require('./routes/categories'));
app.use('/users', require('./routes/users'));
app.use('/admin', require('./routes/admin'));
app.use('/admin', isAuth, isAdmin, require('./routes/admin'));
app.use('/favorites', require('./routes/favorites'));
app.use('/comments', require('./routes/comments'));
app.use('/quotes', require('./routes/quotes'));

8
api/package-lock.json generated
View File

@ -547,6 +547,14 @@
"busboy": "^0.3.1"
}
},
"express-http-to-https": {
"version": "1.1.4",
"resolved": "https://registry.npmjs.org/express-http-to-https/-/express-http-to-https-1.1.4.tgz",
"integrity": "sha512-jPe7xNKz+KdTYn0uJSBPug/AE5hCIgYrXed0SsmCm5TyydxeSK/U3sVyJyMaQmluJcIS+sbq6E/iB4CBZQIN1g==",
"requires": {
"express": "^4.15.3"
}
},
"express-validator": {
"version": "6.4.0",
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.4.0.tgz",

View File

@ -16,6 +16,7 @@
"cors": "^2.8.5",
"express": "^4.17.1",
"express-fileupload": "^1.1.6",
"express-http-to-https": "^1.1.4",
"express-validator": "^6.4.0",
"helmet": "^3.21.3",
"jsonwebtoken": "^8.5.1",

View File

@ -2,8 +2,6 @@ const { Router } = require('express');
const fileUpload = require('express-fileupload');
const { body } = require('express-validator');
const adminController = require('../controllers/admin');
const isAuth = require('../middlewares/isAuth');
const isAdmin = require('../middlewares/isAdmin');
const Functions = require('../models/functions');
const Categories = require('../models/categories');
@ -12,11 +10,10 @@ const AdminRouter = Router();
AdminRouter.route('/functions')
// Récupère les fonctions
.get(isAuth, isAdmin, adminController.getFunctions)
.get(adminController.getFunctions)
// Permet de créé une fonction
.post(isAuth, isAdmin,
fileUpload({
.post(fileUpload({
useTempFiles: true,
safeFileNames: true,
preserveExtension: Number,
@ -98,13 +95,12 @@ AdminRouter.route('/functions')
AdminRouter.route('/functions/:slug')
// Récupère les informations d'une fonction
.get(isAuth, isAdmin, adminController.getFunctionBySlug);
.get(adminController.getFunctionBySlug);
AdminRouter.route('/functions/:id')
// Modifie information basique d'une fonction
.put(isAuth, isAdmin,
fileUpload({
.put(fileUpload({
useTempFiles: true,
safeFileNames: true,
preserveExtension: Number,
@ -173,37 +169,37 @@ AdminRouter.route('/functions/:id')
], adminController.putFunction)
// Supprime une fonction avec son id
.delete(isAuth, isAdmin, adminController.deleteFunction);
.delete(adminController.deleteFunction);
AdminRouter.route('/functions/article/:id')
.put(isAuth, isAdmin, adminController.putFunctionArticle);
.put(adminController.putFunctionArticle);
AdminRouter.route('/functions/form/:id')
.put(isAuth, isAdmin, adminController.putFunctionForm);
.put(adminController.putFunctionForm);
AdminRouter.route('/categories')
// Crée une catégorie
.post(isAuth, isAdmin, adminController.postCategory);
.post(adminController.postCategory);
AdminRouter.route('/categories/:id')
// Modifier une catégorie avec son id
.put(isAuth, isAdmin, adminController.putCategory)
.put(adminController.putCategory)
// Supprime une catégorie avec son id
.delete(isAuth, isAdmin, adminController.deleteCategory);
.delete(adminController.deleteCategory);
AdminRouter.route('/quotes')
// Récupère les citations pas encore validées
.get(isAuth, isAdmin, adminController.getQuotes);
.get(adminController.getQuotes);
AdminRouter.route('/quotes/:id')
// Valide ou supprime une citation
.put(isAuth, isAdmin, adminController.putQuote);
.put(adminController.putQuote);
module.exports = AdminRouter;

View File

@ -16,10 +16,6 @@ const Admin = (props) => {
const toggleModal = () => setIsOpen(!isOpen);
if (!props.user.isAdmin && typeof window != 'undefined') {
return redirect({}, '/404');
}
return (
<Fragment>
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject." />
@ -66,12 +62,14 @@ const Admin = (props) => {
);
}
export async function getServerSideProps({ req }) {
const cookies = new Cookies(req.headers.cookie);
return {
props: {
user: { ...cookies.get('user') }
export async function getServerSideProps(context) {
const cookies = new Cookies(context.req.headers.cookie);
const user = { ...cookies.get('user') };
if (!user.isAdmin) {
return redirect(context, '/404');
}
return {
props: { user }
};
}

View File

@ -112,10 +112,6 @@ const manageCategories = (props) => {
toggleModal();
}
if (!props.user.isAdmin && typeof window != 'undefined') {
return redirect({}, '/404');
}
return (
<Fragment>
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject. Gérer les catégories." />
@ -177,12 +173,14 @@ const manageCategories = (props) => {
);
}
export async function getServerSideProps({ req }) {
const cookies = new Cookies(req.headers.cookie);
return {
props: {
user: { ...cookies.get('user') }
export async function getServerSideProps(context) {
const cookies = new Cookies(context.req.headers.cookie);
const user = { ...cookies.get('user') };
if (!user.isAdmin) {
return redirect(context, '/404');
}
return {
props: { user }
};
}

View File

@ -43,10 +43,6 @@ const manageQuotes = (props) => {
if (node) observer.current.observe(node);
}, [isLoadingQuotes, quotesData.hasMore]);
if (!props.user.isAdmin && typeof window != 'undefined') {
return redirect({}, '/404');
}
const handleValidationQuote = async (id, isValid) => {
try {
await api.put(`/admin/quotes/${id}`, { isValid }, { headers: { 'Authorization': props.user.token } });
@ -112,12 +108,14 @@ const manageQuotes = (props) => {
);
}
export async function getServerSideProps({ req }) {
const cookies = new Cookies(req.headers.cookie);
return {
props: {
user: { ...cookies.get('user') }
export async function getServerSideProps(context) {
const cookies = new Cookies(context.req.headers.cookie);
const user = { ...cookies.get('user') };
if (!user.isAdmin) {
return redirect(context, '/404');
}
return {
props: { user }
};
}