aboutsummaryrefslogtreecommitdiff
path: root/mottovote/index.js
diff options
context:
space:
mode:
Diffstat (limited to 'mottovote/index.js')
-rw-r--r--mottovote/index.js23
1 files changed, 16 insertions, 7 deletions
diff --git a/mottovote/index.js b/mottovote/index.js
index 4806e55..e06f23c 100644
--- a/mottovote/index.js
+++ b/mottovote/index.js
@@ -4,18 +4,27 @@ const { checkUser } = require("../auth");
const app = express.Router();
-app.use("/", express.static(__dirname + "/public/"));
+app.use("/", checkUser, express.static(__dirname + "/public/"));
-app.get("/api/list", async (req, res) => {
- const mottos = await db.query("SELECT id, name, description FROM motto_votes ORDER BY name, description");
+app.get("/api/list", checkUser, async (req, res) => {
+ const mottos = await db.query("SELECT id, name, description FROM mottos ORDER BY name, description");
res.json(mottos);
});
-app.put("/api/vote", async (req, res) => {
- for (const mid in req.body) {
- await db.query("UPDATE motto_votes SET votes = votes + ? WHERE id = ?", [req.body[mid], mid]);
+app.put("/api/vote", checkUser, async (req, res) => {
+ await db.query("DELETE FROM motto_votes WHERE user_id = ?", [req.session.uid]);
+ try {
+ for (const mid in req.body) {
+ await db.query(
+ "INSERT INTO motto_votes (user_id, motto_id, votes) VALUES (?, ?, ?)",
+ [req.session.uid, mid, req.body[mid]]
+ );
+ }
+ res.send("ok");
+ } catch (e) {
+ console.error(e);
+ res.send("error");
}
- res.send("ok");
});
module.exports = app; \ No newline at end of file