delete api for moderation

5 files changed, 58 insertions, 0 deletions

diff --git a/.env.example b/.env.example
index 7bf7f89..b85437f 100644
--- a/.env.example
+++ b/.env.example
@@ -3,3 +3,6 @@
 
 ## If the database is on the same computer
 # DBSTRING="dbname=chan host=/tmp"
+
+## moderation password, bcrypted
+# MODPASS='$2a$10$XddhgpWF.pk3udraZk1CaOhiogMnOs2NYb24d44W/xxmND88VEy82'
diff --git a/controllers/moderation.go b/controllers/moderation.go
new file mode 100644
index 0000000..0313798
--- /dev/null
+++ b/controllers/moderation.go
@@ -0,0 +1,51 @@
+package controllers
+
+import (
+	"log"
+	"os"
+	"paperchan.club/database"
+	"github.com/gofiber/fiber/v2"
+	"golang.org/x/crypto/bcrypt"
+	"strconv"
+)
+
+// data received by DELETE /api/post
+type DeleteApi struct {
+    Id string `json:"id" xml:"id" form:"id"`
+    Pass string `json:"pass" xml:"pass" form:"pass"` //moderation password defined in .env
+}
+func Delete(c *fiber.Ctx) error {
+	d := new(DeleteApi)
+	if err := c.BodyParser(d); err != nil {
+		log.Println(err)
+		return c.JSON(fiber.Map{
+			"status": "error",
+		})
+   }
+   id, err := strconv.ParseInt(d.Id, 10, 32)
+   if err != nil {
+		log.Println(err)
+		return c.JSON(fiber.Map{
+			"status": "error",
+		})
+   }
+   if bcrypt.CompareHashAndPassword([]byte(os.Getenv("MODPASS")),[]byte(d.Pass)) != nil {
+		log.Println(os.Getenv("MODPASS"))
+		log.Println(err)
+		return c.JSON(fiber.Map{
+			"status": "forbidden",
+		})
+	} else {
+		db := database.DB
+		if _, err := db.Exec("DELETE FROM \"post\" WHERE id = $1", id); err == nil {
+			return c.JSON(fiber.Map{
+				"status": "ok",
+			})
+		} else {
+			log.Println(err)
+			return c.JSON(fiber.Map{
+				"status": "database error",
+			})
+		}
+	}
+}
diff --git a/go.mod b/go.mod
index 2072978..544ac4c 100644
--- a/go.mod
+++ b/go.mod
@@ -8,6 +8,7 @@ require (
 	github.com/jmoiron/sqlx v1.4.0
 	github.com/joho/godotenv v1.5.1
 	github.com/lib/pq v1.10.9
+	golang.org/x/crypto v0.21.0
 	gopkg.in/gographics/imagick.v3 v3.7.0
 )
 
diff --git a/go.sum b/go.sum
index 684c0c9..ef974aa 100644
--- a/go.sum
+++ b/go.sum
@@ -45,6 +45,8 @@ github.com/valyala/fasthttp v1.54.0 h1:cCL+ZZR3z3HPLMVfEYVUMtJqVaui0+gu7Lx63unHw
 github.com/valyala/fasthttp v1.54.0/go.mod h1:6dt4/8olwq9QARP/TDuPmWyWcl4byhpvTJ4AAtcz+QM=
 github.com/valyala/tcplisten v1.0.0 h1:rBHj/Xf+E1tRGZyWIWwJDiRY0zc1Js+CV5DqwacVSA8=
 github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
diff --git a/router/router.go b/router/router.go
index c6e2feb..c53cea4 100644
--- a/router/router.go
+++ b/router/router.go
@@ -9,4 +9,5 @@ func SetRoutes(app *fiber.App) {
 	app.Get("/", controllers.ThreadList)
 	app.Get("/thread/:id", controllers.Thread)
 	app.Post("/api/post", controllers.Publish)
+	app.Delete("/api/post", controllers.Delete)
 }