2024-01-20 23:34:31 +01:00
|
|
|
import { Router } from "express";
|
|
|
|
import { ADMIN_KEY } from "../Modules/Constants";
|
2024-01-22 23:04:46 +01:00
|
|
|
import { Song } from "../Schemas/Song";
|
2024-01-20 23:34:31 +01:00
|
|
|
|
|
|
|
const App = Router();
|
|
|
|
|
|
|
|
// ! ANY ENDPOINTS DEFINED IN THIS FILE WILL REQUIRE ADMIN AUTHORIZATION !
|
|
|
|
// ! ANY ENDPOINTS DEFINED IN THIS FILE WILL REQUIRE ADMIN AUTHORIZATION !
|
|
|
|
// ! ANY ENDPOINTS DEFINED IN THIS FILE WILL REQUIRE ADMIN AUTHORIZATION !
|
|
|
|
|
|
|
|
App.use((req, res, next) => {
|
|
|
|
if (req.path === "/key")
|
|
|
|
return res.status(req.body.Key === ADMIN_KEY ? 200 : 403).send(req.body.Key === ADMIN_KEY ? "Login successful!" : "Key doesn't match. Try again.");
|
|
|
|
|
2024-01-22 23:04:46 +01:00
|
|
|
if ((req.cookies["AdminKey"] ?? req.header("Authorization")) !== ADMIN_KEY)
|
2024-01-20 23:34:31 +01:00
|
|
|
return res.status(403).send("You don't have permission to access this endpoint.");
|
|
|
|
|
|
|
|
next();
|
|
|
|
});
|
|
|
|
|
|
|
|
App.get("/test", (_, res) => res.send("Permission check OK"));
|
|
|
|
|
2024-01-22 23:04:46 +01:00
|
|
|
App.get("/tracks", async (_, res) => res.json((await Song.find()).map(x => x.Package())));
|
|
|
|
|
|
|
|
App.post("/create/song", async (req, res) => res.json(await Song.create(req.body).save()));
|
|
|
|
|
2024-01-20 23:34:31 +01:00
|
|
|
export default {
|
|
|
|
App,
|
|
|
|
DefaultAPI: "/admin/api"
|
|
|
|
}
|