17th-Ranger-Battalion-ORG/milsim-site-v4
8
1
Fork 0
Code Issues 38 Pull Requests 1 Actions 3 Packages Projects 1 Releases 14 Wiki Activity

Implemented login requirement for most of the API

Browse Source
This commit is contained in:
ajdj100
2025-12-13 14:25:39 -05:00
parent 2ea355d9d8
commit 7c4e8d7db8
10 changed files with 56 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
api/src/routes/applications.ts
View File

@@ -9,6 +9,7 @@ import { ApplicationFull, CommentRow } from "@app/shared/types/application"
import { assignUserToStatus } from '../services/statusService';
import { Request, response, Response } from 'express';
import { getUserRoles } from '../services/rolesService';
import { requireLogin } from '../middleware/auth';
//get CoC
router.get('/coc', async (req: Request, res: Response) => {
@@ -29,7 +30,7 @@ router.get('/coc', async (req: Request, res: Response) => {
// POST /application
router.post('/', async (req, res) => {
router.post('/', [requireLogin], async (req, res) => {
try {
const App = req.body?.App || {};
const memberID = req.user.id;
@@ -47,7 +48,7 @@ router.post('/', async (req, res) => {
});
// GET /application/all
router.get('/all', async (req, res) => {
router.get('/all', [requireLogin], async (req, res) => {
try {
const rows = await getApplicationList();
res.status(200).json(rows);
@@ -71,7 +72,7 @@ router.get('/meList', async (req, res) => {
}
})
router.get('/me', async (req, res) => {
router.get('/me', [requireLogin], async (req, res) => {
let userID = req.user.id;
@@ -96,7 +97,7 @@ router.get('/me', async (req, res) => {
})
// GET /application/:id
router.get('/me/:id', async (req: Request, res: Response) => {
router.get('/me/:id', [requireLogin], async (req: Request, res: Response) => {
let appID = Number(req.params.id);
let member = req.user.id;
try {
@@ -123,7 +124,7 @@ router.get('/me/:id', async (req: Request, res: Response) => {
});
// GET /application/:id
router.get('/:id', async (req: Request, res: Response) => {
router.get('/:id', [requireLogin], async (req: Request, res: Response) => {
let appID = Number(req.params.id);
let asAdmin = !!req.query.admin || false;
let user = req.user.id;
@@ -159,7 +160,7 @@ router.get('/:id', async (req: Request, res: Response) => {
});
// POST /application/approve/:id
router.post('/approve/:id', async (req: Request, res: Response) => {
router.post('/approve/:id', [requireLogin], async (req: Request, res: Response) => {
const appID = Number(req.params.id);
const approved_by = req.user.id;
@@ -188,7 +189,7 @@ router.post('/approve/:id', async (req: Request, res: Response) => {
});
// POST /application/deny/:id
router.post('/deny/:id', async (req, res) => {
router.post('/deny/:id', [requireLogin], async (req, res) => {
const appID = req.params.id;
try {
@@ -203,7 +204,7 @@ router.post('/deny/:id', async (req, res) => {
});
// POST /application/:id/comment
router.post('/:id/comment', async (req: Request, res: Response) => {
router.post('/:id/comment', [requireLogin], async (req: Request, res: Response) => {
const appID = req.params.id;
const data = req.body.message;
const user = req.user;
@@ -246,7 +247,7 @@ VALUES(?, ?, ?);`
});
// POST /application/:id/comment
router.post('/:id/adminComment', async (req: Request, res: Response) => {
router.post('/:id/adminComment', [requireLogin], async (req: Request, res: Response) => {
const appID = req.params.id;
const data = req.body.message;
const user = req.user;