2017-04-11 21:55:36 +00:00
|
|
|
'use strict'
|
|
|
|
|
2018-05-26 00:53:21 +00:00
|
|
|
const archiver = require('archiver')
|
|
|
|
const async = require('async')
|
2017-04-11 21:55:36 +00:00
|
|
|
const Router = require('express').Router
|
|
|
|
|
|
|
|
const response = require('../response')
|
2018-05-25 13:20:38 +00:00
|
|
|
const config = require('../config')
|
2017-04-11 21:55:36 +00:00
|
|
|
const models = require('../models')
|
|
|
|
const logger = require('../logger')
|
2019-04-12 09:57:07 +00:00
|
|
|
const { generateAvatar } = require('../letter-avatars')
|
2017-04-11 21:55:36 +00:00
|
|
|
|
|
|
|
const UserRouter = module.exports = Router()
|
|
|
|
|
|
|
|
// get me info
|
|
|
|
UserRouter.get('/me', function (req, res) {
|
|
|
|
if (req.isAuthenticated()) {
|
|
|
|
models.User.findOne({
|
|
|
|
where: {
|
|
|
|
id: req.user.id
|
|
|
|
}
|
|
|
|
}).then(function (user) {
|
|
|
|
if (!user) { return response.errorNotFound(res) }
|
|
|
|
var profile = models.User.getProfile(user)
|
|
|
|
res.send({
|
|
|
|
status: 'ok',
|
|
|
|
id: req.user.id,
|
|
|
|
name: profile.name,
|
|
|
|
photo: profile.photo
|
|
|
|
})
|
|
|
|
}).catch(function (err) {
|
|
|
|
logger.error('read me failed: ' + err)
|
|
|
|
return response.errorInternalError(res)
|
|
|
|
})
|
|
|
|
} else {
|
2019-05-03 22:03:59 +00:00
|
|
|
res.status(401).send({
|
2017-04-11 21:55:36 +00:00
|
|
|
status: 'forbidden'
|
|
|
|
})
|
|
|
|
}
|
|
|
|
})
|
2018-04-12 11:14:42 +00:00
|
|
|
|
2018-05-25 13:20:38 +00:00
|
|
|
// delete the currently authenticated user
|
2018-05-25 16:19:31 +00:00
|
|
|
UserRouter.get('/me/delete/:token?', function (req, res) {
|
2018-05-25 13:20:38 +00:00
|
|
|
if (req.isAuthenticated()) {
|
|
|
|
models.User.findOne({
|
|
|
|
where: {
|
|
|
|
id: req.user.id
|
|
|
|
}
|
|
|
|
}).then(function (user) {
|
2018-05-25 16:19:31 +00:00
|
|
|
if (!user) {
|
|
|
|
return response.errorNotFound(res)
|
|
|
|
}
|
|
|
|
if (user.deleteToken === req.params.token) {
|
|
|
|
user.destroy().then(function () {
|
|
|
|
res.redirect(config.serverURL + '/')
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
return response.errorForbidden(res)
|
|
|
|
}
|
2018-05-25 13:20:38 +00:00
|
|
|
}).catch(function (err) {
|
|
|
|
logger.error('delete user failed: ' + err)
|
|
|
|
return response.errorInternalError(res)
|
|
|
|
})
|
|
|
|
} else {
|
2018-05-25 16:19:31 +00:00
|
|
|
return response.errorForbidden(res)
|
2018-05-25 13:20:38 +00:00
|
|
|
}
|
|
|
|
})
|
|
|
|
|
2018-05-26 00:53:21 +00:00
|
|
|
// export the data of the authenticated user
|
|
|
|
UserRouter.get('/me/export', function (req, res) {
|
|
|
|
if (req.isAuthenticated()) {
|
2019-08-01 17:00:46 +00:00
|
|
|
const archive = archiver('zip', {
|
2018-05-26 00:53:21 +00:00
|
|
|
zlib: { level: 3 } // Sets the compression level.
|
|
|
|
})
|
|
|
|
res.setHeader('Content-Type', 'application/zip')
|
|
|
|
res.attachment('archive.zip')
|
|
|
|
archive.pipe(res)
|
|
|
|
archive.on('error', function (err) {
|
|
|
|
logger.error('export user data failed: ' + err)
|
|
|
|
return response.errorInternalError(res)
|
|
|
|
})
|
|
|
|
models.User.findOne({
|
|
|
|
where: {
|
|
|
|
id: req.user.id
|
|
|
|
}
|
|
|
|
}).then(function (user) {
|
|
|
|
models.Note.findAll({
|
|
|
|
where: {
|
|
|
|
ownerId: user.id
|
|
|
|
}
|
|
|
|
}).then(function (notes) {
|
2019-08-01 17:00:46 +00:00
|
|
|
const filenames = {}
|
2018-05-26 00:53:21 +00:00
|
|
|
async.each(notes, function (note, callback) {
|
2019-08-04 15:52:06 +00:00
|
|
|
const basename = note.title.replace(/\//g, '-') // Prevent subdirectories
|
2018-11-27 21:56:53 +00:00
|
|
|
let filename
|
2019-08-01 17:00:46 +00:00
|
|
|
let suffix = 0
|
2018-05-26 00:53:21 +00:00
|
|
|
do {
|
2019-08-01 17:00:46 +00:00
|
|
|
const separator = suffix === 0 ? '' : '-'
|
|
|
|
filename = basename + separator + suffix + '.md'
|
2018-11-27 21:56:53 +00:00
|
|
|
suffix++
|
|
|
|
} while (filenames[filename])
|
|
|
|
filenames[filename] = true
|
2018-05-26 00:53:21 +00:00
|
|
|
|
2018-11-27 21:56:53 +00:00
|
|
|
logger.debug('Write: ' + filename)
|
|
|
|
archive.append(Buffer.from(note.content), { name: filename, date: note.lastchangeAt })
|
2018-05-26 00:53:21 +00:00
|
|
|
callback(null, null)
|
|
|
|
}, function (err) {
|
|
|
|
if (err) {
|
|
|
|
return response.errorInternalError(res)
|
|
|
|
}
|
|
|
|
|
|
|
|
archive.finalize()
|
|
|
|
})
|
|
|
|
})
|
|
|
|
}).catch(function (err) {
|
|
|
|
logger.error('export user data failed: ' + err)
|
|
|
|
return response.errorInternalError(res)
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
return response.errorForbidden(res)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
2018-04-12 11:14:42 +00:00
|
|
|
UserRouter.get('/user/:username/avatar.svg', function (req, res, next) {
|
|
|
|
res.setHeader('Content-Type', 'image/svg+xml')
|
|
|
|
res.setHeader('Cache-Control', 'public, max-age=86400')
|
|
|
|
res.send(generateAvatar(req.params.username))
|
|
|
|
})
|