jerryliao
/
postdown


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
							import { Head } from "fresh/runtime";
import { HttpError } from "fresh";
import { page, type PageProps } from "fresh";
import { define } from "utils/state.ts";
import { checkToken, getCryptoString } from "utils/server.ts";
import { find } from "utils/db.ts";
import { getCookies } from "@std/http";
import TopBar from "../islands/TopBar.tsx";
import Editor, { EditorMode } from "../islands/Editor.tsx";
import SharePasswordFrame from "../islands/SharePasswordFrame.tsx";
import PageContainer from "../components/layout/PageContainer.tsx";

interface PostProps {
  id: string;
  title: string;
  content: string;
  shared: boolean;
  isLogined: boolean;
  allowMode: EditorMode;
  passwordRequired: boolean;
}

export const handler = define.handlers({
  async GET(ctx) {
    const tokenUserId = checkToken(ctx.req);
    const postId = ctx.params.id;
    const post = find(
      "Post",
      tokenUserId
        ? { id: postId, user_id: tokenUserId }
        : { id: postId, shared: 1 },
      ["title", "content", "shared", "share_password"],
    );
    if (post.length > 0) {
      const sharePassword = post[0]["share_password"] as string;

      // Non-owner accessing a password-protected shared post
      if (!tokenUserId && sharePassword) {
        const cookies = getCookies(ctx.req.headers);
        const shareCookie = cookies[`pd-share-${postId}`] || "";
        const expectedToken = await getCryptoString(
          postId + sharePassword,
          "MD5",
        );
        if (shareCookie !== expectedToken) {
          return page({
            id: postId,
            isLogined: false,
            allowMode: EditorMode.Read,
            title: post[0]["title"] as string,
            content: "",
            shared: true,
            passwordRequired: true,
          });
        }
      }

      return page({
        id: postId,
        isLogined: Boolean(tokenUserId),
        allowMode: tokenUserId ? EditorMode.Both : EditorMode.Read,
        title: post[0]["title"] as string,
        content: post[0]["content"] as string,
        shared: post[0]["shared"] === 1,
        passwordRequired: false,
      });
    }
    throw new HttpError(404);
  },
});

export default function Post(props: PageProps<PostProps>) {
  if (props.data.passwordRequired) {
    return (
      <>
        <Head>
          <title>{props.data.title}</title>
        </Head>
        <PageContainer>
          <SharePasswordFrame id={props.data.id} title={props.data.title} />
        </PageContainer>
      </>
    );
  }

  return (
    <>
      <Head>
        <title>{props.data.title}</title>
      </Head>
      <PageContainer>
        <TopBar
          id={props.data.id}
          title={props.data.title}
          shared={props.data.shared}
          allowMode={props.data.allowMode}
          isLogined={props.data.isLogined}
        />
        <Editor
          id={props.data.id}
          content={props.data.content}
          allowMode={props.data.allowMode}
        />
      </PageContainer>
    </>
  );
}