aboutsummaryrefslogtreecommitdiff
path: root/quotes/index.js
diff options
context:
space:
mode:
Diffstat (limited to 'quotes/index.js')
-rw-r--r--quotes/index.js9
1 files changed, 5 insertions, 4 deletions
diff --git a/quotes/index.js b/quotes/index.js
index 31ea2a5..c125548 100644
--- a/quotes/index.js
+++ b/quotes/index.js
@@ -1,14 +1,15 @@
const express = require("express");
const db = require("../db");
const app = express.Router();
+const { checkUser } = require("../auth");
-app.use("/", express.static(__dirname + "/public"));
+app.use("/", checkUser, express.static(__dirname + "/public"));
-app.post("/api/add", async (req, res) => {
+app.post("/api/add", checkUser, async (req, res) => {
if (!req.body.author || !req.body.quote) return res.send("error");
try {
await db.query("INSERT INTO quotes (user_id, author_id, quote) VALUE (?,?,?)", [
- 72, // TODO: Add actual user identification
+ req.session.uid, // TODO: Add actual user identification
parseInt(req.body.author),
req.body.quote,
]);
@@ -19,7 +20,7 @@ app.post("/api/add", async (req, res) => {
}
});
-app.get("/api/list", async (req, res) => {
+app.get("/api/list", checkUser, async (req, res) => {
const quotes = await db.query(
"SELECT quotes.id, name, middlename, surname, quote FROM quotes INNER JOIN users AS a ON author_id = a.id ORDER BY name"
);