From 0486f42387e317e479e673c68dc5b5535173cd8c Mon Sep 17 00:00:00 2001
From: alex <alex@alexloehr.net>
Date: Tue, 23 Sep 2025 09:22:33 +0000
Subject: [PATCH] removed route DELETE /api/user
---
app.js | 353 +++++++++++++++++++++++++++++++++++++++++++++++++++-------
1 files changed, 310 insertions(+), 43 deletions(-)
diff --git a/app.js b/app.js
index 8ebc775..e8a2f5b 100644
--- a/app.js
+++ b/app.js
@@ -1,63 +1,329 @@
+const path = require("path")
const fastify = require('fastify')({
- logger: true
+ logger: false,
+ // logger: true
})
+const _ = require("lodash")
+const fs = require("node:fs")
+const dayjs = require("dayjs")
+
+const log = require("./logger")
+log.info("")
+log.info(`--- STARTUP ${dayjs().format("DD.MM.YYYY HH:mm:ss")} ---`)
+
const db = require("./lib/db")
+const libIlias = require("./lib/libIlias")
const settings = require("./settings")
+const search = require("./lib/search.js")
/////////////////////////////////////////////////////////////////////////
+// Compress
+let compress = require('@fastify/compress')
+// fastify.register(compress, { global: true })
+fastify.register(compress)
+
// AUTH
fastify.addHook("onRequest", async (req, res) => {
- const token = req.query.token
- if (token !== settings.authtoken) {
- console.error("# AUTH ERROR #", token)
- await promiseDelay(500) // delay response to avoid denial of service attacks
- res.code(403)
- return res.send({status: "error", error: "access denied"})
- }
- else {}
+ // custom logging
+ log.info(`${req.method} ${req.url}`);
+ // console.log(req.url)
+
+ const token = req.query.token
+ if (token !== settings.authtoken && !req.url.startsWith("/ui/")) {
+ log.error("# AUTH ERROR #", token)
+ await promiseDelay(500) // delay response to avoid denial of service attacks
+ res.code(403)
+ return res.send({status: "error", error: "access denied"})
+ } else {
+ // log.debug("AUTH FOR ", req.url)
+ }
})
+/////// SEARCH ////////////////////////////////////////////////////////////////
+
+const searchLib = require("./lib/search")
+const {setStatus} = require("./lib/db")
+searchLib.doIndex().catch(console.error)
fastify
- .get('/users', async function (req, res) {
- const {offset, limit} = req.query
- const users = await db.getUsers(offset, limit)
- return res.send(users)
- })
- .get("/users/count", async function (req, res) {
- const count = await db.getUserCount()
- return res.send(count)
- })
- .get("/user/login/:login", async function (req, res) {
- const {login} = req.params
- const user = await db.getUserByLogin(login)
- if (user.length) {
- return res.send(user[0])
- }
- else {
- return res.code(404).send({status: "error", msg: "not found"})
- }
- })
- .get("/user/userid/:userid", async function (req, res) {
- const {userid} = req.params
- const user = await db.getUserByUserId(userid)
- if (user.length) {
- return res.send(user[0])
- }
- else {
- return res.code(404).send({status: "error", msg: "not found"})
- }
- })
+ .get("/api/search/user", async function (req, res) {
+ log.info(req.query)
+ const search = req.query?.search
+ if (!search) {
+ return res.code(422).send({status: "error", msg: "no search"})
+ } else {
+ log.info(search)
+ const data = await searchLib.search(search)
+ return res.send(data)
+ }
+ })
+ .post("/api/search/reindex", async function (req, res) {
+ log.info("REINDEX ++++")
+ const start = Date.now()
+ await searchLib.doIndex().catch(console.error)
+ return res.send({
+ status: "ok",
+ msg: `reindexed in ${Date.now() - start} ms`,
+ })
+ })
+
+fastify
+
+ /////// USER ////////////////////////////////////////////////////////////////
+
+ .get('/api/user', async function (req, res) {
+ const {offset, limit, search} = req.query
+ const users = await db.getUsers(offset, limit, search)
+ return res.send(users)
+ })
+ .get("/api/user/count", async function (req, res) {
+ const count = await db.getUserCount()
+ return res.send(count)
+ })
+ .get("/api/user/login/:login", async function (req, res) {
+ const {login} = req.params
+ const user = await db.getUserByLogin(login)
+ if (user) {
+ return res.send(user)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ .get("/api/user/userid/:userid", async function (req, res) {
+ const {userid} = req.params
+ if (!userid || isNaN(Number(userid))) {
+ return res.code(500).send({status: "error", msg: "userid error"})
+ }
+ const user = await db.getUserByUserId(userid)
+ if (user) {
+ return res.send(user)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ .get("/api/user/teilnahmen/:userId", async function (req, res) {
+ let userId = req.params.userId
+ log.debug(`--------${userId}-----------`, typeof userId)
+ if (!userId || isNaN(Number(userId))) {
+ return res.code(500).send({status: "error", msg: "userId error"})
+ }
+ const tn = await db.getUserTeilnahmen(userId)
+ if (tn) {
+ return res.send(tn)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+
+ .post("/api/user", async function (req, res) {
+ const user = req.body
+ const res2 = await libIlias.importIliasUser(user) // TODO import or update if already available
+ return res.send(res2)
+ })
+
+ .delete("/api/user/:usr_id", async function (req, res) {
+ const {usr_id} = req.params
+ if (!usr_id || isNaN(Number(usr_id))) {
+ return res.code(500).send({status: "error", msg: "userId error"})
+ } else {
+ const res2 = await libIlias.deleteUser(usr_id)
+ log.info(res2)
+ return res.send(res2)
+ }
+ })
+
+ /////// ref_id / obj_id ////////////////////////////////////////////////////////////////
+
+ .get("/api/ref_id/:ref_id", async function (req, res) {
+ const {ref_id} = req.params
+ const data = await db.getObjIdFromRefId(ref_id)
+ if (data) {
+ return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ .get("/api/obj_id/:obj_id", async function (req, res) {
+ const {obj_id} = req.params
+ let data = await db.getRefIdFromObjId(obj_id)
+ if (data) {
+ return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+
+ /////// Kurs ////////////////////////////////////////////////////////////////
+
+ .get("/api/kurs", async function (req, res) {
+ let data = await db.getKurse()
+ if (data) {
+ return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ .get("/api/kurs/:refId", async function (req, res) {
+ const {refId} = req.params
+ let data = await db.getKurs(refId)
+ if (data) {
+ return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ .get("/api/kurs/items/:refId", async function (req, res) {
+ const {refId} = req.params
+ let data = await db.getKursItems2(refId)
+ if (data) {
+ return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ .get("/api/kurs/:refId/teilnehmer", async function (req, res) {
+ const {refId} = req.params
+ let data = await db.getKursTeilnehmer(refId)
+ if (data) {
+ return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ .get("/api/kurs/:refId/teilnehmerByRole", async function (req, res) {
+ const {refId} = req.params
+ const {obj_id} = await db.getObjIdFromRefId(refId)
+ let data = await db.getKursTeilnehmerByRole(obj_id)
+ return res.send(data)
+ })
+ .get("/api/kurs/:refId/roles", async function (req, res) {
+ const {refId} = req.params
+ let data = await db.getKursRoles(refId)
+ return res.send(data)
+ })
+ .get("/api/kurs/:refId/teilnehmer/:userId", async function (req, res) {
+ const {refId, userId} = req.params
+ let data = await db.getSingleKursTeilnehmer(refId, userId)
+ if (data) {
+ return res.send(data)
+ } else {
+ return res.code(404).send({status: "error", msg: "not found"})
+ }
+ })
+ // .get("/api/kurs/:refId/teilnehmer/count", async function (req, res) {
+ // const {refId} = req.params
+ // let data = await db.getKursTeilnehmerCount(refId)
+ // if (data) {
+ // return res.send(data)
+ // }
+ // else {
+ // return res.code(404).send({status: "error", msg: "not found"})
+ // }
+ // })
+
+ /** set passed and status for a kurs TN */
+ .post("/api/kurs/:refId/status/:usrId", async function (req, res) {
+ const {refId, usrId} = req.params
+ const {passed, status} = req.body
+ if (!refId || !usrId || _.isNil(passed) || _.isNil(status)) {
+ throw {
+ statusCode: 400,
+ status: "error",
+ msg: "argument error"
+ }
+ }
+ try {
+ const {obj_id: course_id} = await db.getObjIdFromRefId(refId)
+ const data = await setStatus(course_id, usrId, passed, status)
+ return res.send(data)
+ } catch (ex) {
+ console.error(ex)
+ const msg = ex.msg ?? ex.message ?? ex.toString()
+ if (ex.statusCode) {
+ return res.code(ex.statusCode).send({status: "error", msg, statusCode: ex.statusCode})
+ }
+ return res.code(500).send({status: "error", msg})
+ }
+ })
+
+ .get("/api/kurs/:refId/offline", async function (req, res) {
+ const refId = Number(req.params.refId)
+
+ try {
+ const {obj_id} = await db.getObjIdFromRefId(refId)
+ const res2 = await db.getKursOffline(obj_id)
+ return res.send(res2)
+ } catch (err) {
+ console.error(err)
+ log.error(err.message)
+ return res.code(500).send({status: "error", message: err.message})
+ }
+ })
+ .post("/api/kurs/:refId/offline", async function (req, res) {
+ const refId = Number(req.params.refId)
+ const {offline} = req.body
+ // console.dir(req.body, {depth: null, colors: true, maxArrayLength: null})
+
+ try {
+ const {obj_id} = await db.getObjIdFromRefId(refId)
+ const res2 = await db.setKursOffline(offline, obj_id)
+ return res.send(res2)
+ } catch (err) {
+ console.error(err)
+ log.error(err.message)
+ return res.code(500).send({status: "error", message: err.message})
+ }
+ })
+
+ .delete("/api/kurs/:refId/teilnehmer/:usrId", async function (req, res) {
+ const {refId, usrId} = req.params
+ if (!refId || !usrId) throw {status: "error", msg: "refId and usrId requried"}
+ try {
+ const {obj_id: course_id} = await db.getObjIdFromRefId(refId)
+ let data = await libIlias.abmelden(usrId, course_id)
+ // let data = await libIlias.deleteTeilnahme(refId, usrId)
+ if (!data) throw {statusCode: 404, message: "Teilnahme not found"}
+ return res.send(data)
+ } catch (ex) {
+ console.error(ex)
+ const msg = ex.msg ?? ex.message ?? ex.toString()
+ if (ex.statusCode) {
+ return res.code(ex.statusCode).send({status: "error", msg})
+ }
+ return res.code(500).send({status: "error", msg})
+ }
+ })
+
+
+/////// STATIC / SPA ////////////////////////////////////////////////////////////////
+
+
+fastify.register(require('@fastify/static'), {
+ root: path.join(__dirname, 'vue/dist'),
+ prefix: '/ui/', // optional: default '/'
+
+ // constraints: { host: 'example.com' } // optional: default {}
+})
+
+const indexFile = fs.readFileSync(path.join(__dirname, "vue/dist", 'index.html'), 'utf8')
+fastify.setNotFoundHandler(function (req, res) {
+ log.error("!!! Not found")
+ // res.sendFile("vue/dist/index.html")
+ res.type("text/html").send(indexFile)
+})
/////////////////////////////////////////////////////////////////////////
fastify.listen({port: settings.port}, function (err, address) {
- if (err) {
- fastify.log.error(err)
- process.exit(1)
- }
- // Server is now listening on ${address}
+ console.log(address)
+ log.info(`📡 -=> Listening on ${address}`)
+ if (err) {
+ // fastify.log.error(err)
+ log.error(err)
+ process.exit(1)
+ }
+ // Server is now listening on ${address}
})
/////////////////////////////////////////////////////////////////////////
@@ -65,3 +331,4 @@
async function promiseDelay(ms) {
return new Promise(resolve => setTimeout(resolve, ms))
}
+
--
Gitblit v1.8.0