spchcap/speech.capital
1
0
Fork 0
mirror of https://github.com/spchcap/speech.capital.git synced 2026-01-13 16:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feat: Add ban check and expose user_id for mods

Browse Source
This commit is contained in:
multipleof4
2025-10-02 13:46:16 -07:00
parent 3d082d0c54
commit 21df01d81b
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
functions/api/posts/[id].js
View File

@@ -2,15 +2,15 @@ const json=(d,o={},req)=>{const h=new Headers(o.headers);h.set('Content-Type','a
const cookie=c=>(c.match(/auth_user=([^;]+)/)?.[1]||null);
const hash=c=>(c.match(/auth_hash=([^;]+)/)?.[1]||null);
const tsEq=(a,b)=>{if(!a||!b)return!1;let d=a.length^b.length;for(let i=0;i<a.length;i++)d|=a.charCodeAt(i)^b.charCodeAt(i);return d===0};
const auth=async(req,db)=>{const c=req.headers.get('Cookie')||'',u=cookie(c),h=hash(c);if(!u||!h)return null;const user=await db.prepare('SELECT id,username,role,pass_hash FROM users WHERE username=?').bind(u).first();return user&&tsEq(user.pass_hash,h)?user:null};
const auth=async(req,db)=>{const c=req.headers.get('Cookie')||'',u=cookie(c),h=hash(c);if(!u||!h)return null;const user=await db.prepare('SELECT id,username,role,pass_hash,banned_until FROM users WHERE username=?').bind(u).first();if(!user||!tsEq(user.pass_hash,h)||(user.banned_until&&new Date(user.banned_until.replace(' ','T')+'Z')>new Date()))return null;return user};
export async function onRequestGet({request,env,params}){
try{
const id=params.id,user=await auth(request,env.D1_SPCHCAP);
const post=await env.D1_SPCHCAP.prepare(`SELECT p.id,p.title,p.link,p.content,p.score,p.comment_count,p.created_at,u.username${user?',v.direction as voted':''} FROM posts p JOIN users u ON p.user_id=u.id ${user?'LEFT JOIN votes v ON v.post_id=p.id AND v.user_id=?':''} WHERE p.id=?`).bind(...(user?[user.id,id]:[id])).first();
const post=await env.D1_SPCHCAP.prepare(`SELECT p.id,p.user_id,p.title,p.link,p.content,p.score,p.comment_count,p.created_at,u.username${user?',v.direction as voted':''} FROM posts p JOIN users u ON p.user_id=u.id ${user?'LEFT JOIN votes v ON v.post_id=p.id AND v.user_id=?':''} WHERE p.id=?`).bind(...(user?[user.id,id]:[id])).first();
if(!post)return json({error:'Not found'},{status:404},request);
const{results}=await env.D1_SPCHCAP.prepare(`SELECT c.id,c.content,c.score,c.parent_id,c.created_at,u.username${user?',v.direction as voted':''} FROM comments c JOIN users u ON c.user_id=u.id ${user?'LEFT JOIN votes v ON v.comment_id=c.id AND v.user_id=?':''} WHERE c.post_id=? ORDER BY c.created_at ASC`).bind(...(user?[user.id,id]:[id])).all();
const{results}=await env.D1_SPCHCAP.prepare(`SELECT c.id,c.user_id,c.content,c.score,c.parent_id,c.created_at,u.username${user?',v.direction as voted':''} FROM comments c JOIN users u ON c.user_id=u.id ${user?'LEFT JOIN votes v ON v.comment_id=c.id AND v.user_id=?':''} WHERE c.post_id=? ORDER BY c.created_at ASC`).bind(...(user?[user.id,id]:[id])).all();
const tree=[],map={};
results.forEach(c=>{c.replies=[];map[c.id]=c;if(!c.parent_id)tree.push(c);else if(map[c.parent_id])map[c.parent_id].replies.push(c)});