👌 IMPROVE: API et frontend /admin + API https
This commit is contained in:
parent
bc249f00e4
commit
1ae744d3db
16
api/app.js
16
api/app.js
@ -1,15 +1,18 @@
|
||||
/* Modules */
|
||||
require('dotenv').config();
|
||||
const path = require('path');
|
||||
const express = require('express');
|
||||
const helmet = require('helmet');
|
||||
const cors = require('cors');
|
||||
const morgan = require('morgan');
|
||||
const path = require('path');
|
||||
const express = require('express');
|
||||
const helmet = require('helmet');
|
||||
const cors = require('cors');
|
||||
const morgan = require('morgan');
|
||||
const redirectToHTTPS = require('express-http-to-https').redirectToHTTPS;
|
||||
|
||||
/* Files Imports & Variables */
|
||||
const sequelize = require('./assets/utils/database');
|
||||
const { PORT } = require('./assets/config/config');
|
||||
const errorHandling = require('./assets/utils/errorHandling');
|
||||
const isAuth = require('./middlewares/isAuth');
|
||||
const isAdmin = require('./middlewares/isAdmin');
|
||||
const app = express();
|
||||
|
||||
/* Middlewares */
|
||||
@ -17,13 +20,14 @@ app.use(helmet());
|
||||
app.use(cors());
|
||||
app.use(morgan('dev'));
|
||||
app.use(express.json());
|
||||
app.use(redirectToHTTPS([/localhost:(\d{4})/]));
|
||||
|
||||
/* Routes */
|
||||
app.use('/images', express.static(path.join(__dirname, "assets", "images")));
|
||||
app.use('/functions', require('./routes/functions'));
|
||||
app.use('/categories', require('./routes/categories'));
|
||||
app.use('/users', require('./routes/users'));
|
||||
app.use('/admin', require('./routes/admin'));
|
||||
app.use('/admin', isAuth, isAdmin, require('./routes/admin'));
|
||||
app.use('/favorites', require('./routes/favorites'));
|
||||
app.use('/comments', require('./routes/comments'));
|
||||
app.use('/quotes', require('./routes/quotes'));
|
||||
|
8
api/package-lock.json
generated
8
api/package-lock.json
generated
@ -547,6 +547,14 @@
|
||||
"busboy": "^0.3.1"
|
||||
}
|
||||
},
|
||||
"express-http-to-https": {
|
||||
"version": "1.1.4",
|
||||
"resolved": "https://registry.npmjs.org/express-http-to-https/-/express-http-to-https-1.1.4.tgz",
|
||||
"integrity": "sha512-jPe7xNKz+KdTYn0uJSBPug/AE5hCIgYrXed0SsmCm5TyydxeSK/U3sVyJyMaQmluJcIS+sbq6E/iB4CBZQIN1g==",
|
||||
"requires": {
|
||||
"express": "^4.15.3"
|
||||
}
|
||||
},
|
||||
"express-validator": {
|
||||
"version": "6.4.0",
|
||||
"resolved": "https://registry.npmjs.org/express-validator/-/express-validator-6.4.0.tgz",
|
||||
|
@ -16,6 +16,7 @@
|
||||
"cors": "^2.8.5",
|
||||
"express": "^4.17.1",
|
||||
"express-fileupload": "^1.1.6",
|
||||
"express-http-to-https": "^1.1.4",
|
||||
"express-validator": "^6.4.0",
|
||||
"helmet": "^3.21.3",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
|
@ -2,8 +2,6 @@ const { Router } = require('express');
|
||||
const fileUpload = require('express-fileupload');
|
||||
const { body } = require('express-validator');
|
||||
const adminController = require('../controllers/admin');
|
||||
const isAuth = require('../middlewares/isAuth');
|
||||
const isAdmin = require('../middlewares/isAdmin');
|
||||
const Functions = require('../models/functions');
|
||||
const Categories = require('../models/categories');
|
||||
|
||||
@ -12,11 +10,10 @@ const AdminRouter = Router();
|
||||
AdminRouter.route('/functions')
|
||||
|
||||
// Récupère les fonctions
|
||||
.get(isAuth, isAdmin, adminController.getFunctions)
|
||||
.get(adminController.getFunctions)
|
||||
|
||||
// Permet de créé une fonction
|
||||
.post(isAuth, isAdmin,
|
||||
fileUpload({
|
||||
.post(fileUpload({
|
||||
useTempFiles: true,
|
||||
safeFileNames: true,
|
||||
preserveExtension: Number,
|
||||
@ -98,13 +95,12 @@ AdminRouter.route('/functions')
|
||||
AdminRouter.route('/functions/:slug')
|
||||
|
||||
// Récupère les informations d'une fonction
|
||||
.get(isAuth, isAdmin, adminController.getFunctionBySlug);
|
||||
.get(adminController.getFunctionBySlug);
|
||||
|
||||
AdminRouter.route('/functions/:id')
|
||||
|
||||
// Modifie information basique d'une fonction
|
||||
.put(isAuth, isAdmin,
|
||||
fileUpload({
|
||||
.put(fileUpload({
|
||||
useTempFiles: true,
|
||||
safeFileNames: true,
|
||||
preserveExtension: Number,
|
||||
@ -173,37 +169,37 @@ AdminRouter.route('/functions/:id')
|
||||
], adminController.putFunction)
|
||||
|
||||
// Supprime une fonction avec son id
|
||||
.delete(isAuth, isAdmin, adminController.deleteFunction);
|
||||
.delete(adminController.deleteFunction);
|
||||
|
||||
AdminRouter.route('/functions/article/:id')
|
||||
|
||||
.put(isAuth, isAdmin, adminController.putFunctionArticle);
|
||||
.put(adminController.putFunctionArticle);
|
||||
|
||||
AdminRouter.route('/functions/form/:id')
|
||||
|
||||
.put(isAuth, isAdmin, adminController.putFunctionForm);
|
||||
.put(adminController.putFunctionForm);
|
||||
|
||||
AdminRouter.route('/categories')
|
||||
|
||||
// Crée une catégorie
|
||||
.post(isAuth, isAdmin, adminController.postCategory);
|
||||
.post(adminController.postCategory);
|
||||
|
||||
AdminRouter.route('/categories/:id')
|
||||
|
||||
// Modifier une catégorie avec son id
|
||||
.put(isAuth, isAdmin, adminController.putCategory)
|
||||
.put(adminController.putCategory)
|
||||
|
||||
// Supprime une catégorie avec son id
|
||||
.delete(isAuth, isAdmin, adminController.deleteCategory);
|
||||
.delete(adminController.deleteCategory);
|
||||
|
||||
AdminRouter.route('/quotes')
|
||||
|
||||
// Récupère les citations pas encore validées
|
||||
.get(isAuth, isAdmin, adminController.getQuotes);
|
||||
.get(adminController.getQuotes);
|
||||
|
||||
AdminRouter.route('/quotes/:id')
|
||||
|
||||
// Valide ou supprime une citation
|
||||
.put(isAuth, isAdmin, adminController.putQuote);
|
||||
.put(adminController.putQuote);
|
||||
|
||||
module.exports = AdminRouter;
|
@ -16,10 +16,6 @@ const Admin = (props) => {
|
||||
|
||||
const toggleModal = () => setIsOpen(!isOpen);
|
||||
|
||||
if (!props.user.isAdmin && typeof window != 'undefined') {
|
||||
return redirect({}, '/404');
|
||||
}
|
||||
|
||||
return (
|
||||
<Fragment>
|
||||
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject." />
|
||||
@ -66,12 +62,14 @@ const Admin = (props) => {
|
||||
);
|
||||
}
|
||||
|
||||
export async function getServerSideProps({ req }) {
|
||||
const cookies = new Cookies(req.headers.cookie);
|
||||
export async function getServerSideProps(context) {
|
||||
const cookies = new Cookies(context.req.headers.cookie);
|
||||
const user = { ...cookies.get('user') };
|
||||
if (!user.isAdmin) {
|
||||
return redirect(context, '/404');
|
||||
}
|
||||
return {
|
||||
props: {
|
||||
user: { ...cookies.get('user') }
|
||||
}
|
||||
props: { user }
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -112,10 +112,6 @@ const manageCategories = (props) => {
|
||||
toggleModal();
|
||||
}
|
||||
|
||||
if (!props.user.isAdmin && typeof window != 'undefined') {
|
||||
return redirect({}, '/404');
|
||||
}
|
||||
|
||||
return (
|
||||
<Fragment>
|
||||
<HeadTag title="Admin - FunctionProject" description="Page d'administration de FunctionProject. Gérer les catégories." />
|
||||
@ -177,12 +173,14 @@ const manageCategories = (props) => {
|
||||
);
|
||||
}
|
||||
|
||||
export async function getServerSideProps({ req }) {
|
||||
const cookies = new Cookies(req.headers.cookie);
|
||||
export async function getServerSideProps(context) {
|
||||
const cookies = new Cookies(context.req.headers.cookie);
|
||||
const user = { ...cookies.get('user') };
|
||||
if (!user.isAdmin) {
|
||||
return redirect(context, '/404');
|
||||
}
|
||||
return {
|
||||
props: {
|
||||
user: { ...cookies.get('user') }
|
||||
}
|
||||
props: { user }
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -43,10 +43,6 @@ const manageQuotes = (props) => {
|
||||
if (node) observer.current.observe(node);
|
||||
}, [isLoadingQuotes, quotesData.hasMore]);
|
||||
|
||||
if (!props.user.isAdmin && typeof window != 'undefined') {
|
||||
return redirect({}, '/404');
|
||||
}
|
||||
|
||||
const handleValidationQuote = async (id, isValid) => {
|
||||
try {
|
||||
await api.put(`/admin/quotes/${id}`, { isValid }, { headers: { 'Authorization': props.user.token } });
|
||||
@ -112,12 +108,14 @@ const manageQuotes = (props) => {
|
||||
);
|
||||
}
|
||||
|
||||
export async function getServerSideProps({ req }) {
|
||||
const cookies = new Cookies(req.headers.cookie);
|
||||
export async function getServerSideProps(context) {
|
||||
const cookies = new Cookies(context.req.headers.cookie);
|
||||
const user = { ...cookies.get('user') };
|
||||
if (!user.isAdmin) {
|
||||
return redirect(context, '/404');
|
||||
}
|
||||
return {
|
||||
props: {
|
||||
user: { ...cookies.get('user') }
|
||||
}
|
||||
props: { user }
|
||||
};
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user