-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.js
More file actions
144 lines (129 loc) · 3.55 KB
/
index.js
File metadata and controls
144 lines (129 loc) · 3.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
import express from "express";
import pkg from "pg";
import path from "path";
const { Pool } = pkg;
const app = express();
const port = 3000;
let currentUser = null;
// DB connection
const pool = new Pool({
connectionString: "postgres://postgres:postgres2026@localhost:5432/blogdb",
});
// server setup
app.use(express.static("public"));
app.set("view engine", "ejs");
app.use(express.urlencoded({ extended: true }));
app.set("views", path.join(process.cwd(), "views"));
// show all blogs
app.get("/", async (req, res) => {
const result = await pool.query(
"SELECT * FROM blogs ORDER BY date_created DESC"
);
res.render("index", { blogs: result.rows, user: currentUser });
});
// sign up form
app.get("/signup", (req, res) => {
res.render("signup", { error: null });
});
// handling sign up
app.post("/signup", async (req, res) => {
const { user_id, password, name } = req.body;
try {
const exists = await pool.query("SELECT * FROM users WHERE user_id=$1", [
user_id,
]);
if (exists.rows.length > 0) {
return res.render("signup", { error: "User already exists!" });
}
await pool.query(
"INSERT INTO users (user_id, password, name) VALUES ($1, $2, $3)",
[user_id, password, name]
);
res.redirect("/signin");
} catch (err) {
console.error(err);
res.send("Error creating user");
}
});
// sign in form
app.get("/signin", (req, res) => {
res.render("signin", { error: null });
});
// handling sign in
app.post("/signin", async (req, res) => {
const { user_id, password } = req.body;
const result = await pool.query(
"SELECT * FROM users WHERE user_id=$1 AND password=$2",
[user_id, password]
);
if (result.rows.length === 0) {
return res.render("signin", { error: "Invalid credentials" });
}
res.redirect("/");
currentUser = {
user_id: result.rows[0].user_id,
name: result.rows[0].name
};
res.redirect("/");
});
// create blog form
app.get("/new", (req, res) => {
res.render("new");
});
// insert new blog into db
app.post("/new", async (req, res) => {
const { creator_name, creator_user_id, title, body } = req.body;
await pool.query(
"INSERT INTO blogs (creator_name, creator_user_id, title, body) VALUES ($1,$2,$3,$4)",
[creator_name, creator_user_id, title, body]
);
res.redirect("/");
});
// edit blog
app.get("/edit/:id", async (req, res) => {
const { id } = req.params;
try {
const result = await pool.query("SELECT * FROM blogs WHERE blog_id = $1", [id]);
if (result.rows.length === 0) {
return res.status(404).send("Post not found");
}
const blog = result.rows[0];
res.render("edit", { blog });
} catch (err) {
console.error(err);
res.send("Error loading edit form");
}
});
// handle editing
app.post("/edit/:id", async (req, res) => {
const { id } = req.params;
const { title, body, creator_user_id } = req.body;
try {
await pool.query(
"UPDATE blogs SET title=$1, body=$2 WHERE blog_id=$3 AND creator_user_id=$4",
[title, body, id, creator_user_id]
);
res.redirect("/");
} catch (err) {
console.error(err);
res.send("Error updating post");
}
});
// delete blog
app.post('/delete/:id', async (req, res) => {
const { id } = req.params;
const { creator_user_id } = req.body;
try {
await pool.query(
'DELETE FROM blogs WHERE blog_id=$1 AND creator_user_id=$2',
[id, creator_user_id]
);
res.redirect('/');
} catch (err) {
console.error(err);
res.send("Error deleting post");
}
});
app.listen(port, () => {
console.log(`Server running on port ${port}.`);
});