diff --git a/assets/components/auth/login.vue b/assets/components/auth/login.vue new file mode 100644 index 000000000..d02ea3d9c --- /dev/null +++ b/assets/components/auth/login.vue @@ -0,0 +1,116 @@ + + + {{ error }} + + Login successful, redirecting + + + + + + + Log in + + Sign up + + + + + + + diff --git a/assets/components/auth/signup.vue b/assets/components/auth/signup.vue new file mode 100644 index 000000000..1ef023916 --- /dev/null +++ b/assets/components/auth/signup.vue @@ -0,0 +1,126 @@ + + + {{ error }} + + Signup successful, redirecting + + + + + + + + + Sign up + + Log in + + + + + + + diff --git a/assets/components/header/header.vue b/assets/components/header/header.vue index 64b76a1ec..4fd221d95 100644 --- a/assets/components/header/header.vue +++ b/assets/components/header/header.vue @@ -95,11 +95,26 @@ - - Sign in + Log in + + + {{ me.username }} + + + Log out Promise.resolve() .inTable('entities') .onDelete('cascade'); + table.date('date'); + table.enum('date_precision', ['year', 'month', 'day', 'hour', 'minute', 'second']) + .defaultTo('year'); + table.text('comment'); table.text('group'); @@ -980,6 +984,69 @@ exports.up = knex => Promise.resolve() table.unique(['tag_id', 'chapter_id']); })) + .then(() => knex.schema.createTable('users_roles', (table) => { + table.string('role') + .primary(); + + table.json('abilities'); + })) + .then(() => knex('users_roles').insert([ + { + role: 'admin', + abilities: JSON.stringify([ // serialization necessary to avoid array being interpreted as a PG array + { subject: 'scene', action: 'create' }, + { subject: 'scene', action: 'update' }, + { subject: 'scene', action: 'delete' }, + { subject: 'actor', action: 'create' }, + { subject: 'actor', action: 'update' }, + { subject: 'actor', action: 'delete' }, + ]), + }, + { + role: 'editor', + abilities: JSON.stringify([ // serialization necessary to avoid array being interpreted as a PG array + { subject: 'scene', action: 'update' }, + { subject: 'actor', action: 'update' }, + ]), + }, + { + role: 'user', + }, + ])) + .then(() => knex.schema.createTable('users', (table) => { + table.increments('id'); + + table.text('username') + .unique() + .notNullable(); + + table.text('email') + .unique() + .notNullable(); + + table.text('password') + .notNullable(); + + table.string('role') + .references('role') + .inTable('users_roles') + .defaultTo('user') + .notNullable(); + + table.json('abilities'); + + table.boolean('email_verified') + .notNullable() + .defaultTo(false); + + table.boolean('identity_verified') + .notNullable() + .defaultTo(false); + + table.datetime('created_at') + .notNullable() + .defaultTo(knex.fn.now()); + })) // SEARCH .then(() => { // eslint-disable-line arrow-body-style // allow vim fold @@ -1173,6 +1240,9 @@ exports.up = knex => Promise.resolve() .then(() => { // eslint-disable-line arrow-body-style // allow vim fold return knex.raw(` + COMMENT ON TABLE users IS E'@omit'; + COMMENT ON TABLE users_roles IS E'@omit'; + COMMENT ON COLUMN actors.height IS E'@omit read,update,create,delete,all,many'; COMMENT ON COLUMN actors.weight IS E'@omit read,update,create,delete,all,many'; COMMENT ON COLUMN actors.penis_length IS E'@omit read,update,create,delete,all,many'; @@ -1249,6 +1319,9 @@ exports.down = (knex) => { // eslint-disable-line arrow-body-style DROP TABLE IF EXISTS entities_types CASCADE; DROP TABLE IF EXISTS entities CASCADE; + DROP TABLE IF EXISTS users CASCADE; + DROP TABLE IF EXISTS users_roles CASCADE; + DROP FUNCTION IF EXISTS search_releases; DROP FUNCTION IF EXISTS search_sites; DROP FUNCTION IF EXISTS search_entities; diff --git a/package-lock.json b/package-lock.json index 29bcf6bbc..a6cdd5e2c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,6 +8,7 @@ "version": "1.184.1", "license": "ISC", "dependencies": { + "@casl/ability": "^5.2.2", "@graphile-contrib/pg-order-by-related": "^1.0.0-beta.6", "@graphile-contrib/pg-simplify-inflector": "^5.0.0-beta.1", "acorn": "^8.0.4", @@ -1262,6 +1263,17 @@ "to-fast-properties": "^2.0.0" } }, + "node_modules/@casl/ability": { + "version": "5.2.2", + "resolved": "https://registry.npmjs.org/@casl/ability/-/ability-5.2.2.tgz", + "integrity": "sha512-A0GTDWojP72Z4HSgS0pfbtGnhQWbquhn9luAr4Uc/HnqWWib0NvmpXC4//7gsiMUiVYCoFozQ+nG1oeZuhT7Jg==", + "dependencies": { + "@ucast/mongo2js": "^1.3.0" + }, + "funding": { + "url": "https://github.com/stalniy/casl/blob/master/BACKERS.md" + } + }, "node_modules/@eslint/eslintrc": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.3.0.tgz", @@ -1492,6 +1504,37 @@ "@types/node": "*" } }, + "node_modules/@ucast/core": { + "version": "1.8.2", + "resolved": "https://registry.npmjs.org/@ucast/core/-/core-1.8.2.tgz", + "integrity": "sha512-pc+XGjJmZkfypJIIRo38el/FUDtBXBlGQbXafWwRwInocXVwNbJ56efECKLgAQSyI7OCJFSaEeqpf3SrR3D6cw==" + }, + "node_modules/@ucast/js": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@ucast/js/-/js-3.0.1.tgz", + "integrity": "sha512-sabiuYsM5VUg4EaCwlDxnqcrHPFvbZcXvBu+P/o4pqK2q046RLTdo0bM7iVCn5Ro4HpCiRv3QzxtW8epcluY1g==", + "dependencies": { + "@ucast/core": "^1.0.0" + } + }, + "node_modules/@ucast/mongo": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/@ucast/mongo/-/mongo-2.4.1.tgz", + "integrity": "sha512-l/hc3TxjWO9inBrgM5iMCAcsIeV2DToppRlabQa5xB/6uHYtCXfm3TPaJgr8TU1OFxqPlaXEnNQhaV0sVHGsoQ==", + "dependencies": { + "@ucast/core": "^1.4.1" + } + }, + "node_modules/@ucast/mongo2js": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@ucast/mongo2js/-/mongo2js-1.3.2.tgz", + "integrity": "sha512-KNOEs61wxo4VJkVGqwP2a03TKuLx9fLMQgW5HD8Th/mrcuP1SspS4W+kUQD+wB1AA5pOn65hzlHUw5wZBwme0Q==", + "dependencies": { + "@ucast/core": "^1.6.1", + "@ucast/js": "^3.0.0", + "@ucast/mongo": "^2.4.0" + } + }, "node_modules/@videojs/http-streaming": { "version": "2.2.4", "resolved": "https://registry.npmjs.org/@videojs/http-streaming/-/http-streaming-2.2.4.tgz", @@ -16603,6 +16646,14 @@ "to-fast-properties": "^2.0.0" } }, + "@casl/ability": { + "version": "5.2.2", + "resolved": "https://registry.npmjs.org/@casl/ability/-/ability-5.2.2.tgz", + "integrity": "sha512-A0GTDWojP72Z4HSgS0pfbtGnhQWbquhn9luAr4Uc/HnqWWib0NvmpXC4//7gsiMUiVYCoFozQ+nG1oeZuhT7Jg==", + "requires": { + "@ucast/mongo2js": "^1.3.0" + } + }, "@eslint/eslintrc": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.3.0.tgz", @@ -16805,6 +16856,37 @@ "@types/node": "*" } }, + "@ucast/core": { + "version": "1.8.2", + "resolved": "https://registry.npmjs.org/@ucast/core/-/core-1.8.2.tgz", + "integrity": "sha512-pc+XGjJmZkfypJIIRo38el/FUDtBXBlGQbXafWwRwInocXVwNbJ56efECKLgAQSyI7OCJFSaEeqpf3SrR3D6cw==" + }, + "@ucast/js": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/@ucast/js/-/js-3.0.1.tgz", + "integrity": "sha512-sabiuYsM5VUg4EaCwlDxnqcrHPFvbZcXvBu+P/o4pqK2q046RLTdo0bM7iVCn5Ro4HpCiRv3QzxtW8epcluY1g==", + "requires": { + "@ucast/core": "^1.0.0" + } + }, + "@ucast/mongo": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/@ucast/mongo/-/mongo-2.4.1.tgz", + "integrity": "sha512-l/hc3TxjWO9inBrgM5iMCAcsIeV2DToppRlabQa5xB/6uHYtCXfm3TPaJgr8TU1OFxqPlaXEnNQhaV0sVHGsoQ==", + "requires": { + "@ucast/core": "^1.4.1" + } + }, + "@ucast/mongo2js": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@ucast/mongo2js/-/mongo2js-1.3.2.tgz", + "integrity": "sha512-KNOEs61wxo4VJkVGqwP2a03TKuLx9fLMQgW5HD8Th/mrcuP1SspS4W+kUQD+wB1AA5pOn65hzlHUw5wZBwme0Q==", + "requires": { + "@ucast/core": "^1.6.1", + "@ucast/js": "^3.0.0", + "@ucast/mongo": "^2.4.0" + } + }, "@videojs/http-streaming": { "version": "2.2.4", "resolved": "https://registry.npmjs.org/@videojs/http-streaming/-/http-streaming-2.2.4.tgz", diff --git a/package.json b/package.json index f7b95f243..4b4fee07e 100644 --- a/package.json +++ b/package.json @@ -69,6 +69,7 @@ "webpack-cli": "^3.3.11" }, "dependencies": { + "@casl/ability": "^5.2.2", "@graphile-contrib/pg-order-by-related": "^1.0.0-beta.6", "@graphile-contrib/pg-simplify-inflector": "^5.0.0-beta.1", "acorn": "^8.0.4", diff --git a/public/img/tags/enhanced-boobs/11.jpeg b/public/img/tags/enhanced-boobs/jessa_rhodes_cali_carter_lesbianx.jpeg similarity index 100% rename from public/img/tags/enhanced-boobs/11.jpeg rename to public/img/tags/enhanced-boobs/jessa_rhodes_cali_carter_lesbianx.jpeg diff --git a/public/img/tags/enhanced-boobs/lazy/jessa_rhodes_cali_carter_lesbianx.jpeg b/public/img/tags/enhanced-boobs/lazy/jessa_rhodes_cali_carter_lesbianx.jpeg new file mode 100644 index 000000000..b8b159abb Binary files /dev/null and b/public/img/tags/enhanced-boobs/lazy/jessa_rhodes_cali_carter_lesbianx.jpeg differ diff --git a/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm.jpeg b/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm.jpeg new file mode 100644 index 000000000..478e95f30 Binary files /dev/null and b/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm.jpeg differ diff --git a/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm_1.jpeg b/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm_1.jpeg new file mode 100644 index 000000000..ae7bca311 Binary files /dev/null and b/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm_1.jpeg differ diff --git a/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm_2.jpeg b/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm_2.jpeg new file mode 100644 index 000000000..c584fe666 Binary files /dev/null and b/public/img/tags/enhanced-boobs/lazy/mareeva_trudy_photodromm_2.jpeg differ diff --git a/public/img/tags/enhanced-boobs/lazy/trudy_photodromm.jpeg b/public/img/tags/enhanced-boobs/lazy/trudy_photodromm.jpeg new file mode 100644 index 000000000..70f980b24 Binary files /dev/null and b/public/img/tags/enhanced-boobs/lazy/trudy_photodromm.jpeg differ diff --git a/public/img/tags/enhanced-boobs/lazy/trudy_photodromm_1.jpeg b/public/img/tags/enhanced-boobs/lazy/trudy_photodromm_1.jpeg new file mode 100644 index 000000000..7d5926e02 Binary files /dev/null and b/public/img/tags/enhanced-boobs/lazy/trudy_photodromm_1.jpeg differ diff --git a/public/img/tags/enhanced-boobs/lazy/trudy_photodromm_2.jpeg b/public/img/tags/enhanced-boobs/lazy/trudy_photodromm_2.jpeg new file mode 100644 index 000000000..f074c7f60 Binary files /dev/null and b/public/img/tags/enhanced-boobs/lazy/trudy_photodromm_2.jpeg differ diff --git a/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm.jpeg b/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm.jpeg new file mode 100644 index 000000000..75af6516e Binary files /dev/null and b/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm.jpeg differ diff --git a/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm_1.jpeg b/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm_1.jpeg new file mode 100644 index 000000000..cbd604d4a Binary files /dev/null and b/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm_1.jpeg differ diff --git a/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm_2.jpeg b/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm_2.jpeg new file mode 100644 index 000000000..c2504debb Binary files /dev/null and b/public/img/tags/enhanced-boobs/mareeva_trudy_photodromm_2.jpeg differ diff --git a/public/img/tags/enhanced-boobs/thumbs/jessa_rhodes_cali_carter_lesbianx.jpeg b/public/img/tags/enhanced-boobs/thumbs/jessa_rhodes_cali_carter_lesbianx.jpeg new file mode 100644 index 000000000..55cfc9716 Binary files /dev/null and b/public/img/tags/enhanced-boobs/thumbs/jessa_rhodes_cali_carter_lesbianx.jpeg differ diff --git a/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm.jpeg b/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm.jpeg new file mode 100644 index 000000000..83f023f78 Binary files /dev/null and b/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm.jpeg differ diff --git a/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm_1.jpeg b/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm_1.jpeg new file mode 100644 index 000000000..97d3ec86e Binary files /dev/null and b/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm_1.jpeg differ diff --git a/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm_2.jpeg b/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm_2.jpeg new file mode 100644 index 000000000..60594b533 Binary files /dev/null and b/public/img/tags/enhanced-boobs/thumbs/mareeva_trudy_photodromm_2.jpeg differ diff --git a/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm.jpeg b/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm.jpeg new file mode 100644 index 000000000..f05870c28 Binary files /dev/null and b/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm.jpeg differ diff --git a/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm_1.jpeg b/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm_1.jpeg new file mode 100644 index 000000000..49e3c83cd Binary files /dev/null and b/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm_1.jpeg differ diff --git a/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm_2.jpeg b/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm_2.jpeg new file mode 100644 index 000000000..80e3ad5cc Binary files /dev/null and b/public/img/tags/enhanced-boobs/thumbs/trudy_photodromm_2.jpeg differ diff --git a/public/img/tags/enhanced-boobs/trudy_photodromm.jpeg b/public/img/tags/enhanced-boobs/trudy_photodromm.jpeg new file mode 100644 index 000000000..922428d56 Binary files /dev/null and b/public/img/tags/enhanced-boobs/trudy_photodromm.jpeg differ diff --git a/public/img/tags/enhanced-boobs/trudy_photodromm_1.jpeg b/public/img/tags/enhanced-boobs/trudy_photodromm_1.jpeg new file mode 100644 index 000000000..6f6ea5bd6 Binary files /dev/null and b/public/img/tags/enhanced-boobs/trudy_photodromm_1.jpeg differ diff --git a/public/img/tags/enhanced-boobs/trudy_photodromm_2.jpeg b/public/img/tags/enhanced-boobs/trudy_photodromm_2.jpeg new file mode 100644 index 000000000..9df7032b2 Binary files /dev/null and b/public/img/tags/enhanced-boobs/trudy_photodromm_2.jpeg differ diff --git a/seeds/04_media.js b/seeds/04_media.js index 7f0689ced..8ed30da39 100644 --- a/seeds/04_media.js +++ b/seeds/04_media.js @@ -770,12 +770,14 @@ const tagMedia = [ ['enhanced-boobs', 1, 'Lela Star in "Thick"', 'julesjordan'], ['enhanced-boobs', 18, 'Ebony Godess', 'actiongirls'], ['enhanced-boobs', 'hunter_bryce_penthouse', 'Hunter Bryce in "On The Bed"', 'Penthouse'], + ['enhanced-boobs', 'trudy_photodromm_1', 'Trudy', 'photodromm'], ['enhanced-boobs', 'kenzie_anne_playboy', 'Miss Kenzie Anne in "Supercharged"', 'playboy'], ['enhanced-boobs', 9, 'Putri Cinta', 'watch4beauty'], ['enhanced-boobs', 3, 'Ashly Anderson', 'passionhd'], ['enhanced-boobs', 'charlie_atwell_photodromm', 'Charley Atwell', 'photodromm'], ['enhanced-boobs', '23d', 'Lulu Sex Bomb in "Tropical Touch"'], ['enhanced-boobs', 22, 'Sakura Sena'], + ['enhanced-boobs', 'mareeva_trudy_photodromm_1', 'Mareeva and Trudy', 'photodromm'], ['enhanced-boobs', 'shawna_lenee_inthecrack_1', 'Shawna Lenee', 'inthecrack'], ['enhanced-boobs', 16, 'Marsha May in "Once You Go Black 7"', 'julesjordan'], ['enhanced-boobs', 'azul_hermosa_pornstarslikeitbig', 'Azul Hermosa in "She Likes Rough Quickies"', 'pornstarslikeitbig'], @@ -783,7 +785,6 @@ const tagMedia = [ ['enhanced-boobs', 10, 'Tia Cyrus in "Titty-Fucked Yoga Goddess"', 'latinasextapes'], ['enhanced-boobs', 24, 'Shalina Devine in "Rumbling in the Ring, Part 2"', 'pornworld'], ['enhanced-boobs', 20, 'Chloe Lamour', 'ddfbusty'], - ['enhanced-boobs', 11, 'Jessa Rhodes and Cali Carter in "Busty Anal Workout"', 'lesbianx'], ['enhanced-boobs', 13, 'Kitana Lure', 'assholefever'], ['enhanced-boobs', 8, 'Amber Alena', 'score'], ['enhanced-boobs', 19, 'Kerrie Lee in "Bricked"', 'studio66tv'], diff --git a/src/auth.js b/src/auth.js new file mode 100644 index 000000000..9314a3d1b --- /dev/null +++ b/src/auth.js @@ -0,0 +1,80 @@ +'use strict'; + +const util = require('util'); +const crypto = require('crypto'); + +const knex = require('./knex'); +const { curateUser } = require('./users'); +const { HttpError } = require('./errors'); + +const scrypt = util.promisify(crypto.scrypt); + +async function verifyPassword(password, storedPassword) { + const [salt, hash] = storedPassword.split('/'); + const hashedPassword = (await scrypt(password, salt, 64)).toString('hex'); + + if (hashedPassword === hash) { + return true; + } + + throw new HttpError('Username or password incorrect', 401); +} + +async function login(credentials) { + const user = await knex('users') + .select('users.*', 'users_roles.abilities as role_abilities') + .where('username', credentials.username) + .orWhere('email', credentials.username) + .leftJoin('users_roles', 'users_roles.role', 'users.role') + .first(); + + if (!user) { + throw new HttpError('Username or password incorrect', 401); + } + + await verifyPassword(credentials.password, user.password); + + return curateUser(user); +} + +async function signup(credentials) { + if (!credentials.username) { + throw new HttpError('Username required', 400); + } + + if (!credentials.email) { + throw new HttpError('E-mail required', 400); + } + + if (credentials.password?.length < 3) { + throw new HttpError('Password must be 3 characters or longer', 400); + } + + const existingUser = await knex('users') + .where('username', credentials.username) + .orWhere('email', credentials.email) + .first(); + + if (existingUser) { + throw new HttpError('Username or e-mail already in use', 409); + } + + const salt = crypto.randomBytes(16).toString('hex'); + const hashedPassword = (await scrypt(credentials.password, salt, 64)).toString('hex'); + const storedPassword = `${salt}/${hashedPassword}`; + + const [user] = await knex('users') + .insert({ + username: credentials.username, + email: credentials.email, + password: storedPassword, + }) + .returning('*'); + + return curateUser(user); +} + +module.exports = { + login, + signup, +}; diff --git a/src/users.js b/src/users.js new file mode 100644 index 000000000..284d4bbb9 --- /dev/null +++ b/src/users.js @@ -0,0 +1,40 @@ +'use strict'; + +const knex = require('./knex'); + +function curateUser(user) { + if (!user) { + return null; + } + + const ability = [...(user.role_abilities || []), ...(user.abilities || [])]; + + const curatedUser = { + id: user.id, + username: user.username, + email: user.email, + emailVerified: user.email_verified, + identityVerified: user.identity_verified, + ability, + createdAt: user.created_at, + }; + + return curatedUser; +} + +async function fetchUser(userId) { + const user = await knex('users') + .select('users.*', 'users_roles.abilities as role_abilities') + .where('id', userId) + .orWhere('username', userId) + .orWhere('email', userId) + .leftJoin('users_roles', 'users_roles.role', 'users.role') + .first(); + + return curateUser(user); +} + +module.exports = { + curateUser, + fetchUser, +}; diff --git a/src/web/auth.js b/src/web/auth.js new file mode 100644 index 000000000..f75384d70 --- /dev/null +++ b/src/web/auth.js @@ -0,0 +1,45 @@ +'use strict'; + +const { login, signup } = require('../auth'); +const { fetchUser } = require('../users'); + +async function loginApi(req, res) { + const user = await login(req.body); + + req.session.user = user; + res.send(user); +} + +async function logoutApi(req, res) { + req.session.destroy((error) => { + if (error) { + res.status(500).send(); + } + + res.status(204).send(); + }); +} + +async function fetchMeApi(req, res) { + if (req.session.user) { + req.session.user = await fetchUser(req.session.user.id, req.session.user); + + res.send(req.session.user); + return; + } + + res.status(401).send(); +} + +async function signupApi(req, res) { + const user = await signup(req.body); + + res.send(user); +} + +module.exports = { + login: loginApi, + logout: logoutApi, + fetchMe: fetchMeApi, + signup: signupApi, +}; diff --git a/src/web/server.js b/src/web/server.js index dc1479d18..fb320e2f4 100644 --- a/src/web/server.js +++ b/src/web/server.js @@ -15,6 +15,13 @@ const errorHandler = require('./error'); const pg = require('./postgraphile'); +const { + login, + logout, + signup, + fetchMe, +} = require('./auth'); + const { fetchScene, fetchScenes, @@ -60,6 +67,12 @@ async function initServer() { next(); }); + router.get('/api/session', fetchMe); + router.post('/api/session', login); + router.delete('/api/session', logout); + + router.post('/api/users', signup); + router.get('/api/scenes', fetchScenes); router.get('/api/scenes/:releaseId', fetchScene); router.get('/api/scenes/:releaseId/poster', fetchScenePoster);