This commit adds a bunch of features for admins:

* banning IP * see files from other users if you are admin * be able to see details of an uploaded file and it's user * improved display of thumbnails for non-image files
author: Pitu <[email protected]> 2019-10-13 02:53:45 +0900
committer: Pitu <[email protected]> 2019-10-13 02:53:45 +0900
commit: cba7bf8586f59a049f79aba586db201ac6f3530b (patch)
tree: 46aeabe2b5463456ef3eb241a38407a5699e3728 /src/api/structures/Route.js
parent: don't log out on API error (diff)
download: host.fuwn.me-cba7bf8586f59a049f79aba586db201ac6f3530b.tar.xz
host.fuwn.me-cba7bf8586f59a049f79aba586db201ac6f3530b.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/api/structures/Route.js b/src/api/structures/Route.js
index c04c585..2db9bc6 100644
--- a/src/api/structures/Route.js
+++ b/src/api/structures/Route.js
@@ -52,7 +52,10 @@ class Route {
 		this.options = options || {};
 	}
 
-	authorize(req, res) {
+	async authorize(req, res) {
+		const banned = await db.table('bans').where({ ip: req.ip }).first();
+		if (banned) return res.status(401).json({ message: 'This IP has been banned from using the service.' });
+
 		if (this.options.bypassAuth) return this.run(req, res, db);
 		if (req.headers.apiKey) return this.authorizeApiKey(req, res, req.headers.apiKey);
 		if (!req.headers.authorization) return res.status(401).json({ message: 'No authorization header provided' });
author	Pitu <[email protected]>	2019-10-13 02:53:45 +0900
committer	Pitu <[email protected]>	2019-10-13 02:53:45 +0900
commit	cba7bf8586f59a049f79aba586db201ac6f3530b (patch)
tree	46aeabe2b5463456ef3eb241a38407a5699e3728 /src/api/structures/Route.js
parent	don't log out on API error (diff)
download	host.fuwn.me-cba7bf8586f59a049f79aba586db201ac6f3530b.tar.xz host.fuwn.me-cba7bf8586f59a049f79aba586db201ac6f3530b.zip