[vchess.git] / routes / all.js

let express = require('express');
let router = express.Router();
const createError = require('http-errors');
const sqlite3 = require('sqlite3');//.verbose();
const db = new sqlite3.Database('db/vchess.sqlite');
const sanitizeHtml = require('sanitize-html');

const supportedLang = ["fr","en"];
function selectLanguage(req, res)
{
	// If preferred language already set:
	if (!!req.cookies["lang"])
		return req.cookies["lang"];

	// Else: search and set it
	const langString = req.headers["accept-language"];
	let langArray = langString
		.replace(/;q=[0-9.]+/g, "") //priority
		.replace(/-[A-Z]+/g, "") //region (skipped for now...)
		.split(",") //may have some duplicates, but removal is too costly
	let bestLang = "en"; //default: English
	for (let lang of langArray)
	{
		if (supportedLang.includes(lang))
		{
			bestLang = lang;
			break;
		}
	}
	// Cookie expires in 183 days (expressed in milliseconds)
	res.cookie('lang', bestLang, { maxAge: 183*24*3600*1000 });
	return bestLang;
}

// Home
router.get('/', function(req, res, next) {
	db.serialize(function() {
		db.all("SELECT * FROM Variants", (err,variants) => {
			if (!!err)
				return next(err);
			res.render('index', {
				title: 'club',
				variantArray: variants,
				lang: selectLanguage(req, res),
				languages: supportedLang,
			});
		});
	});
});

// Variant
router.get("/:vname([a-zA-Z0-9]+)", (req,res,next) => {
	const vname = req.params["vname"];
	db.serialize(function() {
		db.all("SELECT * FROM Variants WHERE name='" + vname + "'", (err,variant) => {
			if (!!err)
				return next(err);
			if (!variant || variant.length==0)
				return next(createError(404));
			// TODO (later...) get only n=100(?) most recent problems
			db.all("SELECT * FROM Problems WHERE variant='" + vname + "'",
				(err2,problems) => {
					if (!!err2)
						return next(err2);
					res.render('variant', {
						title: vname + ' Variant',
						variant: vname,
						problemArray: problems,
						lang: selectLanguage(req, res),
						languages: supportedLang,
					});
				}
			);
		});
	});
});

// Load a rules page (AJAX)
router.get("/rules/:variant([a-zA-Z0-9]+)", (req,res) => {
	if (!req.xhr)
		return res.json({errmsg: "Unauthorized access"});
	const lang = selectLanguage(req, res);
	res.render("rules/" + req.params["variant"] + "/" + lang);
});

// Fetch 10 previous or next problems (AJAX)
router.get("/problems/:variant([a-zA-Z0-9]+)", (req,res) => {
	if (!req.xhr)
		return res.json({errmsg: "Unauthorized access"});
	// TODO: next or previous: in params + timedate (of current oldest or newest)
	db.serialize(function() {
		//TODO
	});
});

// Upload a problem (AJAX)
router.post("/problems/:variant([a-zA-Z0-9]+)", (req,res) => {
	if (!req.xhr)
		return res.json({errmsg: "Unauthorized access"});
	const vname = req.params["variant"];
	const timestamp = Date.now();
	// Sanitize them
	const fen = req.body["fen"];
	if (!fen.match(/^[a-zA-Z0-9, /-]*$/))
		return res.json({errmsg: "Bad characters in FEN string"});
	const instructions = sanitizeHtml(req.body["instructions"]);
	const solution = sanitizeHtml(req.body["solution"]);
	db.serialize(function() {
		let stmt = db.prepare("INSERT INTO Problems " +
			"(added,variant,fen,instructions,solution) VALUES (?,?,?,?,?)");
		stmt.run(timestamp, vname, fen, instructions, solution);
		stmt.finalize();
	});
  res.json({});
});

module.exports = router;
Commit	Line	Data
da06a6eb BA	1	let express = require('express');
	2	let router = express.Router();
	3	const createError = require('http-errors');
	4	const sqlite3 = require('sqlite3');//.verbose();
	5	const db = new sqlite3.Database('db/vchess.sqlite');
	6	const sanitizeHtml = require('sanitize-html');
1d184b4c	7
9a3c9f79 BA	8	const supportedLang = ["fr","en"];
	9	function selectLanguage(req, res)
	10	{
	11	// If preferred language already set:
	12	if (!!req.cookies["lang"])
	13	return req.cookies["lang"];
	14
	15	// Else: search and set it
	16	const langString = req.headers["accept-language"];
	17	let langArray = langString
	18	.replace(/;q=[0-9.]+/g, "") //priority
	19	.replace(/-[A-Z]+/g, "") //region (skipped for now...)
	20	.split(",") //may have some duplicates, but removal is too costly
	21	let bestLang = "en"; //default: English
	22	for (let lang of langArray)
	23	{
	24	if (supportedLang.includes(lang))
	25	{
	26	bestLang = lang;
	27	break;
	28	}
	29	}
	30	// Cookie expires in 183 days (expressed in milliseconds)
	31	res.cookie('lang', bestLang, { maxAge: 183243600*1000 });
	32	return bestLang;
	33	}
	34
1d184b4c BA	35	// Home
1d184b4c BA	36	router.get('/', function(req, res, next) {
da06a6eb BA	37	db.serialize(function() {
	38	db.all("SELECT * FROM Variants", (err,variants) => {
	39	if (!!err)
	40	return next(err);
	41	res.render('index', {
	42	title: 'club',
9a3c9f79 BA	43	variantArray: variants,
	44	lang: selectLanguage(req, res),
	45	languages: supportedLang,
da06a6eb BA	46	});
da06a6eb BA	47	});
1d184b4c BA	48	});
	49	});
	50
	51	// Variant
15c1295a	52	router.get("/:vname([a-zA-Z0-9]+)", (req,res,next) => {
1d184b4c	53	const vname = req.params["vname"];
da06a6eb BA	54	db.serialize(function() {
	55	db.all("SELECT * FROM Variants WHERE name='" + vname + "'", (err,variant) => {
	56	if (!!err)
	57	return next(err);
	58	if (!variant \|\| variant.length==0)
	59	return next(createError(404));
7931e479	60	// TODO (later...) get only n=100(?) most recent problems
da06a6eb BA	61	db.all("SELECT * FROM Problems WHERE variant='" + vname + "'",
	62	(err2,problems) => {
	63	if (!!err2)
	64	return next(err2);
	65	res.render('variant', {
	66	title: vname + ' Variant',
	67	variant: vname,
	68	problemArray: problems,
e6dcb115 BA	69	lang: selectLanguage(req, res),
e6dcb115 BA	70	languages: supportedLang,
da06a6eb BA	71	});
	72	}
	73	);
	74	});
1d184b4c BA	75	});
	76	});
	77
	78	// Load a rules page (AJAX)
	79	router.get("/rules/:variant([a-zA-Z0-9]+)", (req,res) => {
da06a6eb BA	80	if (!req.xhr)
da06a6eb BA	81	return res.json({errmsg: "Unauthorized access"});
9a3c9f79 BA	82	const lang = selectLanguage(req, res);
9a3c9f79 BA	83	res.render("rules/" + req.params["variant"] + "/" + lang);
da06a6eb BA	84	});
	85
	86	// Fetch 10 previous or next problems (AJAX)
	87	router.get("/problems/:variant([a-zA-Z0-9]+)", (req,res) => {
	88	if (!req.xhr)
	89	return res.json({errmsg: "Unauthorized access"});
	90	// TODO: next or previous: in params + timedate (of current oldest or newest)
7931e479 BA	91	db.serialize(function() {
	92	//TODO
	93	});
1d184b4c BA	94	});
1d184b4c BA	95
da06a6eb BA	96	// Upload a problem (AJAX)
	97	router.post("/problems/:variant([a-zA-Z0-9]+)", (req,res) => {
	98	if (!req.xhr)
	99	return res.json({errmsg: "Unauthorized access"});
	100	const vname = req.params["variant"];
7931e479 BA	101	const timestamp = Date.now();
	102	// Sanitize them
	103	const fen = req.body["fen"];
b5fb8e69	104	if (!fen.match(/^[a-zA-Z0-9, /-]*$/))
7931e479 BA	105	return res.json({errmsg: "Bad characters in FEN string"});
	106	const instructions = sanitizeHtml(req.body["instructions"]);
	107	const solution = sanitizeHtml(req.body["solution"]);
da06a6eb	108	db.serialize(function() {
3a609580 BA	109	let stmt = db.prepare("INSERT INTO Problems " +
3a609580 BA	110	"(added,variant,fen,instructions,solution) VALUES (?,?,?,?,?)");
da06a6eb BA	111	stmt.run(timestamp, vname, fen, instructions, solution);
	112	stmt.finalize();
	113	});
	114	res.json({});
	115	});
	116
1d184b4c	117	module.exports = router;