From 9825676adc445f6b91235f05abdc28be38a1abae Mon Sep 17 00:00:00 2001 From: ashley Date: Tue, 2 Sep 2025 00:49:27 +0200 Subject: [PATCH] Update src/libpoketube/init/pages-account.js --- src/libpoketube/init/pages-account.js | 198 +++++++++++++++----------- 1 file changed, 113 insertions(+), 85 deletions(-) diff --git a/src/libpoketube/init/pages-account.js b/src/libpoketube/init/pages-account.js index 90795041..17d9a398 100644 --- a/src/libpoketube/init/pages-account.js +++ b/src/libpoketube/init/pages-account.js @@ -1,103 +1,131 @@ -const { modules } = require("../libpoketube-initsys.js"); - - -var http = require("https"); -var ping = require("ping"); - -const sha384 = modules.hash; - -function getJson(str) { - try { - return JSON.parse(str); - } catch { - return null; - } -} +const QuickDB = require("quick.db"); +/** + * Initializes subscription-related API routes and account pages. + * + * @param {import("express").Express} app - Express application instance + * @param {object} config - Application configuration + * @param {Function} renderTemplate - Function to render templates + */ module.exports = function (app, config, renderTemplate) { -const db = require("quick.db"); - -app.get("/api/get-channel-subs", async function (req, res) { - var userid = req.query.ID + const db = QuickDB; - if(db.get(`user.${userid}`)) await res.json(db.get(`user.${userid}.subs`)) - if(!db.get(`user.${userid}`)) await res.json("no user found") + /** + * Get a user's subscriptions. + * + * @route GET /api/get-channel-subs + * @query {string} ID - User ID + * @returns {object} JSON response with subscription data or error + */ + app.get("/api/get-channel-subs", async (req, res) => { + const userId = String(req.query.ID || "").trim(); + if (!userId) return res.status(400).json({ ok: false, message: "missing ID" }); -}); - - app.get("/api/remove-channel-sub", async function (req, res) { - const userid = req.query.ID; - const channelToRemove = req.query.channelID; + const subs = db.get(`user.${userId}.subs`); + if (!subs) return res.status(404).json({ ok: false, message: "no user found" }); - // Check if the user has a 'subs' object in the database - if (db.get(`user.${userid}.subs.${channelToRemove}`)) { - // If the subscription exists, remove it from the database - db.delete(`user.${userid}.subs.${channelToRemove}`); - res.json("Subscription removed"); - } else { - // If the subscription doesn't exist, send a message indicating so - res.json("Subscription not found"); - } -}); - -app.get("/api/set-channel-subs", async function (req, res) { - var userid = req.query.ID; - var channelToSub = req.query.channelID; - var channelToSubName = req.query.channelName; - var avatar = req.query.avatar; // Add avatar query parameter + res.json({ ok: true, data: subs }); + }); - // Check if the user has a 'subs' object in the database - if (!db.get(`user.${userid}.subs`)) { - // If not, create it and add the subscription - db.set(`user.${userid}.subs.${channelToSub}`, { - channelName: channelToSubName, - avatar: avatar, // Store the avatar URL along with the subscription - }); - res.redirect("/account-create") - } else if (!db.get(`user.${userid}.subs.${channelToSub}`)) { - // If the user has 'subs' but not this particular subscription, add it - db.set(`user.${userid}.subs.${channelToSub}`, { - channelName: channelToSubName, - avatar: avatar, // Store the avatar URL along with the subscription - }); - res.redirect("/account-create") - } else { - // If the user is already subscribed to this channel, send a message indicating so - res.json("ur already subscribed"); - } -}); + /** + * Get all subscriptions for a user. + * + * @route GET /api/get-all-subs + * @query {string} ID - User ID + * @returns {object} JSON response with all subscriptions + */ + app.get("/api/get-all-subs", async (req, res) => { + const userId = String(req.query.ID || "").trim(); + if (!userId) return res.status(400).json({ ok: false, message: "missing ID" }); + const subs = db.get(`user.${userId}.subs`) || {}; + res.json({ ok: true, data: subs }); + }); - -app.get("/account-create", async function (req, res) { - renderTemplate(res, req, "account-create.ejs", {db:db}); + /** + * Add a subscription for a user. + * + * @route GET /api/set-channel-subs + * @query {string} ID - User ID + * @query {string} channelID - Channel ID + * @query {string} channelName - Channel name + * @query {string} avatar - Avatar URL + * @returns {object|Redirect} Redirects to /account-create or error JSON + */ + app.get("/api/set-channel-subs", async (req, res) => { + const userId = String(req.query.ID || "").trim(); + const channelId = String(req.query.channelID || "").trim(); + const channelName = String(req.query.channelName || "").trim(); + const avatar = String(req.query.avatar || "").trim(); -}); - - app.get("/api/get-all-subs", async function (req, res) { - var userid = req.query.ID; + if (!userId || !channelId || !channelName || !avatar) + return res.status(400).json({ ok: false, message: "missing fields" }); - // Check if the user has a 'subs' object in the database - const userSubs = db.get(`user.${userid}.subs`); + if (userId.length > 7) return res.status(400).json({ ok: false, message: "IDs can be 7 characters max :3" }); + if (["__proto__", "prototype", "constructor"].includes(channelId)) + return res.status(400).json({ ok: false, message: "invalid channel id" }); - if (userSubs) { - res.json(userSubs); // Return all subscriptions as JSON - } else { - res.json({}); // Return an empty object if the user has no subscriptions - } -}); + const path = `user.${userId}.subs.${channelId}`; + if (db.get(path)) return res.json({ ok: false, message: "already subscribed" }); -app.get("/my-acc", async function (req, res) { - var userid = req.query.ID; + if (!db.get(`user.${userId}.subs`)) db.set(`user.${userId}.subs`, {}); + db.set(path, { channelName, avatar }); - // Check if userid is more than 7 characters - if (userid.length > 7) { - return res.status(400).json({ error: "IDs can be 7 characters max silly :3" }); + res.redirect("/account-create"); + }); + + /** + * Remove a subscription (or all subscriptions) for a user. + * + * @route GET /api/remove-channel-sub + * @query {string} ID - User ID + * @query {string} channelID - Channel ID or "ALL" + * @returns {object} JSON response with status and remaining subs count + */ + app.get("/api/remove-channel-sub", async (req, res) => { + const userId = String(req.query.ID || "").trim(); + const channelId = String(req.query.channelID || "").trim(); + + if (!userId || !channelId) return res.status(400).json({ ok: false, message: "missing fields" }); + if (!db.get(`user.${userId}.subs`)) return res.status(404).json({ ok: false, message: "no user or subs" }); + + if (channelId === "ALL") { + db.delete(`user.${userId}.subs`); + db.set(`user.${userId}.subs`, {}); + return res.json({ ok: true, message: "all subscriptions removed", remaining: 0 }); } - var userSubs = db.get(`user.${userid}.subs`); + if (!db.get(`user.${userId}.subs.${channelId}`)) + return res.status(404).json({ ok: false, message: "subscription not found" }); - renderTemplate(res, req, "account-me.ejs", { userid, userSubs }); -}); + db.delete(`user.${userId}.subs.${channelId}`); + const remaining = Object.keys(db.get(`user.${userId}.subs`) || {}).length; + res.json({ ok: true, message: "subscription removed", remaining }); + }); + /** + * Render account creation page. + * + * @route GET /account-create + * @returns {HTML} Renders account-create.ejs + */ + app.get("/account-create", async (req, res) => { + renderTemplate(res, req, "account-create.ejs", { db }); + }); + + /** + * Render user's account page. + * + * @route GET /my-acc + * @query {string} ID - User ID + * @returns {HTML|object} Renders account-me.ejs or JSON error + */ + app.get("/my-acc", async (req, res) => { + const userId = String(req.query.ID || "").trim(); + if (!userId) return res.status(400).json({ error: "missing ID" }); + if (userId.length > 7) return res.status(400).json({ error: "IDs can be 7 characters max silly :3" }); + + const userSubs = db.get(`user.${userId}.subs`) || {}; + renderTemplate(res, req, "account-me.ejs", { userid: userId, userSubs }); + }); };