blek
/
homepage.js
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove access level (have something else in mind)

This commit is contained in:
b1ek 2023-02-28 16:27:41 +10:00
parent 12f4abc6ec
commit 8e3812c9e4
Signed by: blek
GPG Key ID: 14546221E3595D0C
1 changed files with 8 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
routes/admin.js
View File

@ -73,6 +73,10 @@ async function gb_api(req, res) {
} }
} }
async function article_new(req, res) {
res.send(await Helpers.ViewLoader.load('articles/new.pug'))
}
module.exports = (router) => { module.exports = (router) => {
// login // login
@ -80,30 +84,12 @@ module.exports = (router) => {
router.get('/admin/login', handler(login)); router.get('/admin/login', handler(login));
router.post('/admin/login', handler(apiLogin)); router.post('/admin/login', handler(apiLogin));
// level 4 access routes router.post('/gb_api', handler(gb_api));
/** @type {express.Router} */
const l4_router = new express.Router();
l4_router.use(handler(async (req, res, next) => {
const user = await db.User.bySession(req.session);
if (!user) {
res.status(401).send('Forbidden');
return;
}
if (user.accessLevel < 4) {
res.status(401).send('Forbidden');
return;
}
req.user = user;
return next();
}));
l4_router.post('/admin/panel/gb_api', handler(gb_api));
router.use('/admin/panel/*', l4_router);
// panel // panel
router.get('/admin/panel', handler(panel)); router.get('/admin/panel', handler(panel));
// article
router.get('/admin/article/new', handler(article_new));
} }