56 lines
1.6 KiB
JavaScript
56 lines
1.6 KiB
JavaScript
import express from "express";
|
|
|
|
import utils from "./utils.mjs";
|
|
import db from "./db.mjs";
|
|
|
|
// server
|
|
|
|
const router = express.Router();
|
|
|
|
export default router;
|
|
|
|
router.use(express.json());
|
|
|
|
// POST
|
|
|
|
router.post("/:site/*", utils.post_limiter, (req, res) => {
|
|
const site_url = req.params.site;
|
|
const path = req.params[0];
|
|
|
|
if (!req.body.token || !req.body.message) {
|
|
res.status(400).json("הודעה ריקה.");
|
|
return;
|
|
}
|
|
|
|
const comment = {
|
|
user: utils.escapeHtml(req.body.name) || "Anonymous",
|
|
user_website: utils.escapeHtml(req.body.website) || null,
|
|
message: utils.escapeHtml(req.body.message),
|
|
reply_to: req.body.reply_to || null,
|
|
};
|
|
|
|
// validation
|
|
const user_token = req.body.token;
|
|
const site = db.siteInfo(site_url);
|
|
|
|
if (user_token !== site.info.comment_token) {
|
|
res.status(403).json("תשובת סינון שגויה.");
|
|
} else if (comment.user.length > site.max_lengths.user) {
|
|
res.status(400).json("שם משתמש ארוך מדי.");
|
|
} else if (comment.user_website > site.max_lengths.website) {
|
|
res.status(400).json("כתובת אתר ארוכה מדי.");
|
|
} else if (comment.message > site.max_lengths.message) {
|
|
res.status(400).json("הודעה ארוכה מדי.");
|
|
} else {
|
|
res.json(db.insertPageComment(site_url, path, comment));
|
|
}
|
|
});
|
|
|
|
// GET
|
|
router.get("/:site/*", utils.get_limiter, (req, res) => {
|
|
const site = req.params.site;
|
|
const path = req.params[0];
|
|
const comments = db.pageComments(site, path);
|
|
res.json(comments);
|
|
});
|