Log inSign up
omgwtfbrblolttyl avatar
Public
Express
Fork
1 Like
Readme

TODO:

  • get token from header
  • decode using secret from env
  • look up globs for user with id from token
  • get path from req.body
  • test path against all globs for user
  • if none pass, 403 with message
  • if any pass, write val to db with path as key (overwrite if exists)
  • return new value
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
import { saveFile } from "https://esm.town/v/omgwtfbrblolttyl/saveFile";
import { tokenAllows } from "https://esm.town/v/omgwtfbrblolttyl/tokenAllows";
export const writeFileEndpoint = async (
req: express.Request,
res: express.Response,
) => {
if (req.method !== "POST") {
return res.status(404).json({ msg: "Not found" });
}
const body = req.body;
console.log(body.path, body.data);
if (!body.path || !body.file) {
return res.status(400).json({
msg: "Body must contain path and data fields",
});
}
const token = req.get("token");
if (!token) {
return res.status(401).json({ msg: "No token provided" });
}
const { allowed, error } = await tokenAllows(
token,
body.path,
"write",
);
if (!allowed) {
return res.status(error.code)
.json({ msg: error.msg });
}
const saveRes = await saveFile(body.path, body.file);
return res.status(201).json({ msg: "created" });
};
Val Town is a social website to write and deploy JavaScript.
Build APIs and schedule functions from your browser.
Sign up with GitHub
Comments
Nobody has commented on this val yet: be the first!
omgwtfbrblolttyl-writefileendpoint.express.val.run
October 23, 2023