var express = require('express') var router = express.Router() const DB = require("../mongoDB.js"); const Song = require("../def/songs.js"); DB.getDB.then((DB)=>{ const getUserId = function(req){ const user_sid = req.cookies.user_sid || req.query.user_sid || req.body.user_sid; return DB.ObjectID(user_sid); } const getProfileId = (req)=>{ return DB.ObjectID(req.cookies.profile_id || req.query.profile_id || req.body.profile_id); } router.get("/", async (req, res) => { let profileId = req.params.id; let songs = await DB.getSongs(); return res.json({ status: "ok", songs }); }); router.post("/", async (req, res) => { let post = { userid: getUserId(req), ...req.body } let postObj = new Song(post); let dbr = await DB.newSong(postObj); song = postObj.toObj(); song._id = dbr.insertedId; return res.json({ status: "ok", ...song }) }); router.get("/:id", async (req, res) => { let profileId = req.params.id; let profile = await DB.getProfile(profileId); return res.json({ status: "ok", ... profile }); }); async function songBelongsToUser(songId, userid){ // TODO: Verify ownserhip return true; } router.delete("/:id", async (req, res) => { const userid = getUserId(req); const songId = req.params.id; if(!await songBelongsToUser(songId, userid)) return res.json({ status: "This profile is not yours." }); await DB.removeSong(songId); return res.json({ status: "ok" }); }); router.post("/:id", async (req, res) => { const userid = getUserId(req); const songId = req.params.id; const song = await DB.getSong(songId); const newContent = req.body.content; console.log("Updating song", newContent) if(!await songBelongsToUser(songId, userid)) return res.json({ status: "This post is not yours." }); await DB.updateSongContent(songId, newContent, song.content); return res.json({ status: "ok" }); }); }); module.exports = router