From c0225d52a3e532d667ebeeca090a59edb534e638 Mon Sep 17 00:00:00 2001
From: alex <alex@alexloehr.net>
Date: Mon, 02 Jun 2025 16:12:44 +0000
Subject: [PATCH] adding new routes

---
 app.js |   78 ++++++++++++++++++++++++++++++++++++--
 1 files changed, 73 insertions(+), 5 deletions(-)

diff --git a/app.js b/app.js
index c2eef5e..7b58610 100644
--- a/app.js
+++ b/app.js
@@ -1,22 +1,90 @@
 const fastify = require('fastify')({
    logger: true
 })
+const _ = require("lodash")
 const db = require("./lib/db")
 
+const settings = require("./settings")
+
 /////////////////////////////////////////////////////////////////////////
 
-fastify.get('/api/users', async function (req, res) {
-   const {offset, limit} = req.query
-   const users = await db.getUsers(offset, limit)
-   return res.send(users)
+// AUTH
+fastify.addHook("onRequest", async (req, res) => {
+   const token = req.query.token
+   if (token !== settings.authtoken) {
+      console.error("# AUTH ERROR #", token)
+      await promiseDelay(500) // delay response to avoid denial of service attacks
+      res.code(403)
+      return res.send({status: "error", error: "access denied"})
+   }
+   else {}
 })
 
+fastify
+   .get('/users', async function (req, res) {
+      const {offset, limit} = req.query
+      const users = await db.getUsers(offset, limit)
+      return res.send(users)
+   })
+   .get("/users/count", async function (req, res) {
+      const count = await db.getUserCount()
+      return res.send(count)
+   })
+   .get("/user/login/:login", async function (req, res) {
+      const {login} = req.params
+      const user = await db.getUserByLogin(login)
+      if (user.length) {
+         return res.send(user[0])
+      }
+      else {
+         return res.code(404).send({status: "error", msg: "not found"})
+      }
+   })
+   .get("/user/userid/:userid", async function (req, res) {
+      const {userid} = req.params
+      const user = await db.getUserByUserId(userid)
+      if (user) {
+         return res.send(user)
+      }
+      else {
+         return res.code(404).send({status: "error", msg: "not found"})
+      }
+   })
+   .get("/ref_id/:ref_id", async function (req, res) {
+      const {ref_id} = req.params
+      const data = await db.getObjIdFromRefId(ref_id)
+      if (data) {
+         return res.send(data)
+      }
+      else {
+         return res.code(404).send({status: "error", msg: "not found"})
+      }
+   })
+   .get("/obj_id/:obj_id", async function (req, res) {
+      const {obj_id} = req.params
+      let data = await db.getRefIdFromObjId(obj_id)
+      if (data) {
+         return res.send(data)
+      }
+      else {
+         return res.code(404).send({status: "error", msg: "not found"})
+      }
+   })
+
+
 /////////////////////////////////////////////////////////////////////////
 
-fastify.listen({ port: 4101 }, function (err, address) {
+fastify.listen({port: settings.port}, function (err, address) {
+   console.log("📡 -=> Listening on", address)
    if (err) {
       fastify.log.error(err)
       process.exit(1)
    }
    // Server is now listening on ${address}
 })
+
+/////////////////////////////////////////////////////////////////////////
+
+async function promiseDelay (ms) {
+   return new Promise(resolve => setTimeout(resolve, ms))
+}

--
Gitblit v1.8.0