var path = require('path'), nconf = require('nconf'), async = require('async'), fs = require('fs'), db = require('../database'), user = require('../user'), groups = require('../groups'), auth = require('./authentication'), topics = require('../topics'), ThreadTools = require('../threadTools'), posts = require('../posts'), categories = require('../categories'), categoryTools = require('../categoryTools') meta = require('../meta'), Plugins = require('../plugins'), utils = require('../../public/src/utils'), translator = require('../../public/src/translator'), pkg = require('../../package.json'); (function (Api) { Api.createRoutes = function (app) { app.namespace('/api', function () { app.all('*', function(req, res, next) { if(req.user) { user.updateLastOnlineTime(req.user.uid); } next(); }); app.get('/get_templates_listing', function (req, res) { utils.walk(path.join(__dirname, '../../', 'public/templates'), function (err, data) { res.json(data.concat(app.get_custom_templates()).filter(function(value, index, self) { return self.indexOf(value) === index; })); }); }); app.get('/config', function (req, res, next) { var config = require('../../public/config.json'); config.postDelay = meta.config.postDelay; config.minimumTitleLength = meta.config.minimumTitleLength; config.maximumTitleLength = meta.config.maximumTitleLength; config.minimumPostLength = meta.config.minimumPostLength; config.hasImageUploadPlugin = Plugins.hasListeners('filter:uploadImage'); config.maximumProfileImageSize = meta.config.maximumProfileImageSize; config.minimumUsernameLength = meta.config.minimumUsernameLength; config.maximumUsernameLength = meta.config.maximumUsernameLength; config.minimumPasswordLength = meta.config.minimumPasswordLength; config.maximumSignatureLength = meta.config.maximumSignatureLength; config.useOutgoingLinksPage = parseInt(meta.config.useOutgoingLinksPage, 10) === 1; config.allowGuestPosting = parseInt(meta.config.allowGuestPosting, 10) === 1; config.allowFileUploads = parseInt(meta.config.allowFileUploads, 10) === 1; config.usePagination = parseInt(meta.config.usePagination, 10) === 1; config.topicsPerPage = meta.config.topicsPerPage || 20; config.postsPerPage = meta.config.postsPerPage || 20; config.maximumFileSize = meta.config.maximumFileSize; config.defaultLang = meta.config.defaultLang || 'en_GB'; config.environment = process.env.NODE_ENV; if (!req.user) { return res.json(200, config); } if(req.user) { user.getSettings(req.user.uid, function(err, settings) { if(err) { return next(err); } config.usePagination = settings.usePagination; config.topicsPerPage = settings.topicsPerPage; config.postsPerPage = settings.postsPerPage; res.json(200, config); }); } }); app.get('/home', function (req, res) { var uid = (req.user) ? req.user.uid : 0; categories.getAllCategories(uid, function (err, data) { data.categories = data.categories.filter(function (category) { return !category.disabled; }); function canSee(category, next) { categoryTools.privileges(category.cid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) { next(!err && privileges.read); }); } function getRecentReplies(category, callback) { categories.getRecentReplies(category.cid, uid, parseInt(category.numRecentReplies, 10), function (err, posts) { category.posts = posts; category.post_count = posts.length > 2 ? 2 : posts.length; // this was a hack to make metro work back in the day, post_count should just = length callback(null); }); } async.filter(data.categories, canSee, function(visibleCategories) { data.categories = visibleCategories; async.each(data.categories, getRecentReplies, function (err) { res.json(data); }); }); }); }); app.get('/login', function (req, res) { var data = {}, login_strategies = auth.get_login_strategies(), num_strategies = login_strategies.length, emailersPresent = Plugins.hasListeners('action:email.send'); if (num_strategies == 0) { data = { 'login_window:spansize': 'col-md-12', 'alternate_logins': false }; } else { data = { 'login_window:spansize': 'col-md-6', 'alternate_logins': true } } data.authentication = login_strategies; data.token = res.locals.csrf_token; data.showResetLink = emailersPresent; res.json(data); }); app.get('/register', function (req, res) { var data = {}, login_strategies = auth.get_login_strategies(), num_strategies = login_strategies.length; if (num_strategies == 0) { data = { 'register_window:spansize': 'col-md-12', 'alternate_logins': false }; } else { data = { 'register_window:spansize': 'col-md-6', 'alternate_logins': true } } data.authentication = login_strategies; data.token = res.locals.csrf_token; data.minimumUsernameLength = meta.config.minimumUsernameLength; data.maximumUsernameLength = meta.config.maximumUsernameLength; data.minimumPasswordLength = meta.config.minimumPasswordLength; data.termsOfUse = meta.config.termsOfUse; res.json(data); }); app.get('/topic/:id/:slug?', function (req, res, next) { var uid = (req.user) ? req.user.uid : 0; var page = 1; if(req.query && req.query.page) { page = req.query.page; } if(!utils.isNumber(page) || parseInt(page, 10) < 1) { return res.send(404); } user.getSettings(uid, function(err, settings) { if(err) { return next(err); } var start = (page - 1) * settings.postsPerPage; var end = start + settings.postsPerPage - 1; ThreadTools.privileges(req.params.id, uid, function(err, privileges) { if (privileges.read) { topics.getTopicWithPosts(req.params.id, uid, start, end, false, function (err, data) { if(err) { return next(err); } if(page > data.pageCount) { return res.send(404); } data.currentPage = page; data.privileges = privileges; if (parseInt(data.deleted, 10) === 1 && parseInt(data.expose_tools, 10) === 0) { return res.json(404, {}); } res.json(data); }); } else { res.send(403); } }); }); }); app.get('/category/:id/:slug?', function (req, res, next) { var uid = (req.user) ? req.user.uid : 0; var page = 1; if(req.query && req.query.page) { page = req.query.page; } if(!utils.isNumber(page) || parseInt(page, 10) < 1) { return res.send(404); } user.getSettings(uid, function(err, settings) { if(err) { return next(err); } var start = (page - 1) * settings.topicsPerPage, end = start + settings.topicsPerPage - 1; categoryTools.privileges(req.params.id, uid, function(err, privileges) { if (!err && privileges.read) { categories.getCategoryById(req.params.id, start, end, uid, function (err, data) { if(err) { return next(err); } data.currentPage = page; data.privileges = privileges; if (data && !data.disabled) { res.json(data); } else { next(); } }, req.params.id, uid); } else { res.send(403); } }); }); }); app.get('/recent/:term?', function (req, res, next) { var uid = (req.user) ? req.user.uid : 0; topics.getLatestTopics(uid, 0, 19, req.params.term, function (err, data) { if(err) { return next(err); } res.json(data); }); }); app.get('/popular/:set?', function (req, res, next) { var uid = (req.user) ? req.user.uid : 0; var set = 'topics:' + req.params.set; if(!req.params.set) { set = 'topics:posts'; } topics.getTopicsFromSet(uid, set, 0, 19, function(err, data) { if(err) { return next(err); } res.json(data); }); }); app.get('/unread', function (req, res, next) { var uid = (req.user) ? req.user.uid : 0; topics.getUnreadTopics(uid, 0, 19, function (err, data) { if(err) { return next(err); } res.json(data); }); }); app.get('/unread/total', function (req, res, next) { var uid = (req.user) ? req.user.uid : 0; topics.getTotalUnread(uid, function (err, data) { if(err) { return next(err); } res.json(data); }); }); app.get('/notifications', function(req, res) { if (req.user && req.user.uid) { user.notifications.getAll(req.user.uid, null, null, function(err, notifications) { res.json({ notifications: notifications }); }); } else { res.send(403); } }); app.get('/confirm/:id', function (req, res) { user.email.confirm(req.params.id, function (data) { if (data.status === 'ok') { res.json({ 'alert-class': 'alert-success', title: 'Email Confirmed', text: 'Thank you for vaidating your email. Your account is now fully activated.' }); } else { res.json({ 'alert-class': 'alert-danger', title: 'An error occurred...', text: 'There was a problem validating your email address. Perhaps the code was invalid or has expired.' }); } }); }); app.get('/outgoing', function (req, res) { var url = req.query.url; if (url) { res.json({ url: url, title: meta.config.title }); } else { res.status(404); res.redirect(nconf.get('relative_path') + '/404'); } }); app.get('/search', function (req, res) { if ((req.user && req.user.uid) || meta.config.allowGuestSearching === '1') { return res.json({ show_no_topics: 'hide', show_no_posts: 'hide', show_results: 'hide', search_query: '', posts: [], topics: [] }); } else { res.send(403); } }); app.get('/search/:term', function (req, res, next) { if (!Plugins.hasListeners('filter:search.query')) { return res.redirect('/404'); } var limit = 50; function searchPosts(callback) { Plugins.fireHook('filter:search.query', { index: 'post', query: req.params.terms }, function(err, pids) { if (err) { return callback(err, null); } posts.getPostSummaryByPids(pids, false, callback); }); } function searchTopics(callback) { Plugins.fireHook('filter:search.query', { index: 'topic', query: req.params.terms }, function(err, tids) { if (err) { return callback(err, null); } topics.getTopicsByTids(tids, 0, 0, callback); }); } if ((req.user && req.user.uid) || meta.config.allowGuestSearching === '1') { async.parallel([searchPosts, searchTopics], function (err, results) { if (err) { return next(err); } if(!results) { results = []; results[0] = results[1] = []; } return res.json({ show_no_topics: results[1].length ? 'hide' : '', show_no_posts: results[0].length ? 'hide' : '', show_results: '', search_query: req.params.term, posts: results[0], topics: results[1], post_matches : results[0].length, topic_matches : results[1].length }); }); } else { res.send(403); } }); app.post('/post/upload', function(req, res, next) { if(!req.user) { return res.json(403, {message:'not allowed'}); } var files = req.files.files; if(!Array.isArray(files)) { return res.json(500, {message: 'invalid files'}); } // multiple files if(Array.isArray(files[0])) { files = files[0]; } function deleteTempFiles() { for(var i=0; i