diff --git a/routes/init.js b/routes/init.js index a5457a6..7308a61 100644 --- a/routes/init.js +++ b/routes/init.js @@ -1,6 +1,6 @@ import { importRouters } from "../lib.js"; import multer from "multer"; -import cookieParser from "cookie-parser"; +import cookieParser from "cookie-parser"; import { initDb } from "../db.js"; let db = await initDb(); @@ -18,17 +18,21 @@ const routers = { function doAliases(app) { for (let alias in aliases) { + let aliasV = aliases[alias]; app.all(alias, (req, res, next) => { - res.redirect(aliases[alias]) + res.redirect(aliasV) }) } } async function auther(req, res, next) { - let body = { ...req.cookies, ...req.body }; + let { token } = req.cookies; - let { token } = body; + if (!token) { + res.auth = {}; + return; + } let match = await db.all('SELECT * FROM token WHERE token = ?', [ token || 'blah' @@ -36,14 +40,17 @@ async function auther(req, res, next) { let username = match[0] ? match[0].username : '!nobody'; - let valid = await db.all('SELECT * FROM auth WHERE username = ?', [ - username - ]); + let valid = false; + + if (username != '!nobody') { + valid = await db.all('SELECT * FROM auth WHERE username = ?', [ + username + ]); + } res.auth = { username, - valid: valid[0], - rootUrl: process.env.URL, + valid: valid[0] }; next(); @@ -75,6 +82,8 @@ function initr(req, res, next) { async function doInit(app) { app.use(cookieParser()); + doAliases(app); + app.use(auther) app.use(initr) @@ -82,8 +91,6 @@ async function doInit(app) { app.use('/api/form', upload.none()); app.use('/api/file', upload.single('file')); - doAliases(app); - await importRouters(app, routers); app.use('/api', (req, res, next) => {