diff options
| author | LarsVomMars | 2020-10-12 10:14:14 +0200 |
|---|---|---|
| committer | LarsVomMars | 2020-10-12 10:14:14 +0200 |
| commit | b18e55e9004d0497aeb5a77fd85ef02571cb7311 (patch) | |
| tree | c36d097939989d1d63e7d381fac44860d9748243 | |
| parent | 64463cf511fe2b60081ecd20072627c1553bfbe6 (diff) | |
Minor improvments
| -rw-r--r-- | auth/index.js | 15 | ||||
| -rw-r--r-- | db.js | 1 | ||||
| -rw-r--r-- | drop.sql | 1 | ||||
| -rw-r--r-- | mottovote/index.js | 2 | ||||
| -rw-r--r-- | mottovote/public/style.css | 1 |
5 files changed, 8 insertions, 12 deletions
diff --git a/auth/index.js b/auth/index.js index 45b26f3..6b7f97a 100644 --- a/auth/index.js +++ b/auth/index.js @@ -10,16 +10,8 @@ function checkUser(req, res, next) { } function checkAdmin(req, res, next) { - if (!req.session.loggedIn) return res.redirect("/auth"); - - try { - db.query("SELECT is_admin FROM users WHERE id = ?", [req.session.uid]).then((ret) => { - if (ret[0].is_admin == 1) next(); - else res.redirect("/"); - }); - } catch (e) { - res.redirect("/"); - } + if (!(req.session.loggedIn && req.session.isAdmin)) return res.redirect("/" + (req.session.isAdmin ? "auth" : "")); + else next(); } app.use( @@ -37,11 +29,12 @@ app.post("/api/login", async (req, res) => { const { username, password } = req.body; if (!(username && password)) return res.redirect("/auth"); - const user = (await db.query("SELECT id, password FROM users WHERE username = ?", [username]))[0]; + const user = (await db.query("SELECT id, password, is_admin FROM users WHERE username = ?", [username]))[0]; if (!user || !user.password) return res.redirect("/auth"); const loggedIn = await bcrypt.compare(password, user.password); if (loggedIn) { req.session.loggedIn = true; + req.session.isAdmin = user.is_admin; req.session.uid = user.id; } res.redirect("/auth"); @@ -94,6 +94,7 @@ class DB { async resetMottovote() { const tables = await this.getTables(); await this.query("DROP TABLE IF EXISTS motto_votes"); + await this.query("DROP TABLE IF EXISTS mottos"); await this.query(tables[6]); await this.query(tables[7]); await this.initMottovote(); @@ -1,4 +1,5 @@ DROP TABLE IF EXISTS motto_votes; +DROP TABLE IF EXISTS mottos; DROP TABLE IF EXISTS quotes; DROP TABLE IF EXISTS ranking_questions; DROP TABLE IF EXISTS ranking_answers; diff --git a/mottovote/index.js b/mottovote/index.js index 2df985d..eb553e8 100644 --- a/mottovote/index.js +++ b/mottovote/index.js @@ -6,7 +6,7 @@ const app = express.Router(); app.use("/", checkUser, express.static(__dirname + "/public/")); app.get("/api/list", checkUser, async (req, res) => { - const mottos = await db.query("SELECT id, name, description FROM mottos"); + const mottos = await db.query("SELECT id, name, description FROM mottos ORDER BY name, description"); const votes = await db.query("SELECT motto_id, votes FROM motto_votes WHERE user_id = ?", [req.session.uid]); for (const vote of votes) { diff --git a/mottovote/public/style.css b/mottovote/public/style.css index 01c368f..1c993f1 100644 --- a/mottovote/public/style.css +++ b/mottovote/public/style.css @@ -32,6 +32,7 @@ main { #voteButton { height: 10%; + margin-bottom: 10px; } #vote { |