mipilin r9... Fimally

Signed-off-by: roxwize <rae@roxwize.xyz>
2025-05-11 15:53:07 +00:00 · 2025-01-28 17:05:54 -05:00 · 2025-01-28 17:05:54 -05:00 · fa8fae4638
commit fa8fae4638
parent 961d963677
9 changed files with 217 additions and 150 deletions
--- a/routes/updates.ts
+++ b/routes/updates.ts
@ -112,6 +112,12 @@ export default async function (app: Express, db: NodePgDatabase) {
                )
        )[0];

+        const followed = await db
+            .select({ uname: users.name })
+            .from(follows)
+            .where(eq(follows.followerId, req.session["uid"]))
+            .innerJoin(users, eq(follows.userId, users.id));
+
        render(db, "dashboard", "dashboard", res, req, {
            user,
            moods,
@ -120,6 +126,8 @@ export default async function (app: Express, db: NodePgDatabase) {
            recentUpdates,
            codes,
            codesUsed,
+            followed,
+            isTrusted: req.session["status"] & (UserStatus.MODERATOR | UserStatus.TRUSTED),
            feed: []
        });
    });
@ -128,6 +136,15 @@ export default async function (app: Express, db: NodePgDatabase) {
            res.redirect("/login");
            return;
        }
+        // make sure the user isnt updating too fast
+        //! TODO: also do this for journal entries
+        const lastUpdate = (await db.select({ date: updates.date }).from(updates).where(eq(updates.user, req.session["uid"])).orderBy(desc(updates.date)).limit(1))?.[0];
+        if (Date.now() < lastUpdate?.date?.getTime() + 10 * 1000) {
+            req.flash("error", "You're updating your mood too fast! Wait ten seconds between updates.");
+            res.redirect(req.get("Referrer") || "/");
+            return;
+        }
+
        const moodIndex = moods.indexOf(req.body.mood.trim());
        if (moodIndex === -1) {
            req.flash(
@ -205,7 +222,8 @@ export default async function (app: Express, db: NodePgDatabase) {
        if (
            !entry ||
            (entry.visibility === 0 &&
-                entry.uname !== req.session["user"] && !isMod)
+                entry.uname !== req.session["user"] &&
+                !isMod)
        ) {
            render404(db, res, req);
            return;
@ -247,16 +265,19 @@ export default async function (app: Express, db: NodePgDatabase) {
        )[0];

        const isMod = req.session["status"] & UserStatus.MODERATOR;
-        if (
-            !entry ||
-            (entry?.uid !== req.session["uid"] &&
-                !isMod)
-        ) {
+        if (!entry || (entry?.uid !== req.session["uid"] && !isMod)) {
            render404(db, res, req);
            return;
        }
-        if (isMod && entry.uid !== req.session["uid"] && req.body.action !== "delete") {
-            req.flash("error", "Moderators can only delete other users' posts.");
+        if (
+            isMod &&
+            entry.uid !== req.session["uid"] &&
+            req.body.action !== "delete"
+        ) {
+            req.flash(
+                "error",
+                "Moderators can only delete other users' posts."
+            );
            res.redirect(`/journal/${req.params.id}`);
            return;
        }