forked from ProjectSegfault/website
add auth to form actions
This commit is contained in:
parent
a95b761ce4
commit
061961e26f
@ -4,43 +4,52 @@ import { fail } from "@sveltejs/kit";
|
|||||||
import db from "$lib/db";
|
import db from "$lib/db";
|
||||||
|
|
||||||
export const actions: Actions = {
|
export const actions: Actions = {
|
||||||
add: async ({ request }) => {
|
add: async ({ request, locals }) => {
|
||||||
const Announcements = db.model("Announcements");
|
if (!await locals.getSession()) {
|
||||||
|
return fail(401, { addError: true, addMessage: "You must be logged in to post an announcement." });
|
||||||
const formData = await request.formData();
|
|
||||||
|
|
||||||
const BodyTypeSchema = Joi.object({
|
|
||||||
title: Joi.string().required(),
|
|
||||||
severity: Joi.string().required(),
|
|
||||||
author: Joi.string().required(),
|
|
||||||
link: Joi.string().optional().allow("")
|
|
||||||
});
|
|
||||||
|
|
||||||
if (BodyTypeSchema.validate(Object.fromEntries(formData.entries())).error) {
|
|
||||||
return fail(400, { addError: true, addMessage: String(BodyTypeSchema.validate(Object.fromEntries(formData.entries())).error) });
|
|
||||||
} else {
|
} else {
|
||||||
const now = Math.floor(Date.now() / 1000);
|
const Announcements = db.model("Announcements");
|
||||||
const data = {
|
|
||||||
...Object.fromEntries(formData.entries()),
|
const formData = await request.formData();
|
||||||
created: now
|
|
||||||
};
|
const BodyTypeSchema = Joi.object({
|
||||||
|
title: Joi.string().required(),
|
||||||
|
severity: Joi.string().required(),
|
||||||
|
author: Joi.string().required(),
|
||||||
|
link: Joi.string().optional().allow("")
|
||||||
|
});
|
||||||
|
|
||||||
|
if (BodyTypeSchema.validate(Object.fromEntries(formData.entries())).error) {
|
||||||
|
return fail(400, { addError: true, addMessage: String(BodyTypeSchema.validate(Object.fromEntries(formData.entries())).error) });
|
||||||
|
} else {
|
||||||
|
const now = Math.floor(Date.now() / 1000);
|
||||||
|
const data = {
|
||||||
|
...Object.fromEntries(formData.entries()),
|
||||||
|
created: now
|
||||||
|
};
|
||||||
|
|
||||||
|
await Announcements.sync();
|
||||||
|
|
||||||
|
await Announcements.destroy({ where: {} });
|
||||||
|
|
||||||
|
await Announcements.create(data);
|
||||||
|
|
||||||
|
return { addSuccess: true, addMessage: "Your announcement has been posted." };
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
},
|
||||||
|
delete: async ({ locals }) => {
|
||||||
|
if (!await locals.getSession()) {
|
||||||
|
return fail(401, { deleteError: true, deleteMessage: "You must be logged in to delete an announcement." });
|
||||||
|
} else {
|
||||||
|
const Announcements = db.model("Announcements");
|
||||||
|
|
||||||
await Announcements.sync();
|
await Announcements.sync();
|
||||||
|
|
||||||
await Announcements.destroy({ where: {} });
|
await Announcements.destroy({ where: {} });
|
||||||
|
|
||||||
await Announcements.create(data);
|
return { deleteSuccess: true, deleteMessage: "Your announcement has been deleted." };
|
||||||
|
|
||||||
return { addSuccess: true, addMessage: "Your announcement has been posted." };
|
|
||||||
}
|
}
|
||||||
},
|
|
||||||
delete: async () => {
|
|
||||||
const Announcements = db.model("Announcements");
|
|
||||||
|
|
||||||
await Announcements.sync();
|
|
||||||
|
|
||||||
await Announcements.destroy({ where: {} });
|
|
||||||
|
|
||||||
return { deleteSuccess: true, deleteMessage: "Your announcement has been deleted." };
|
|
||||||
}
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user