Fakultas Ilmu Komputer UI

Commit 7646f023 authored by Muhammad Rafif Elfazri's avatar Muhammad Rafif Elfazri
Browse files

any thread DB Changes Must have Auth Bearer

parent 35fdaed5
......@@ -3,6 +3,7 @@ defmodule DiskuyWeb.ThreadController do
alias Diskuy.Forum
alias Diskuy.Forum.Thread
alias DiskuyWeb.Auth.Guardian
action_fallback DiskuyWeb.FallbackController
......@@ -12,7 +13,8 @@ defmodule DiskuyWeb.ThreadController do
end
def create(conn, %{"thread" => thread_params}) do
with {:ok, %Thread{} = thread} <- Forum.create_thread(thread_params) do
new_params = put_user_id(conn, %{"thread" => thread_params})
with {:ok, %Thread{} = thread} <- Forum.create_thread(new_params) do
conn
|> put_status(:created)
|> put_resp_header("location", Routes.thread_path(conn, :show, thread))
......@@ -27,7 +29,6 @@ defmodule DiskuyWeb.ThreadController do
def update(conn, %{"id" => id, "thread" => thread_params}) do
thread = Forum.get_thread!(id)
with {:ok, %Thread{} = thread} <- Forum.update_thread(thread, thread_params) do
render(conn, "show.json", thread: thread)
end
......@@ -35,9 +36,14 @@ defmodule DiskuyWeb.ThreadController do
def delete(conn, %{"id" => id}) do
thread = Forum.get_thread!(id)
with {:ok, %Thread{}} <- Forum.delete_thread(thread) do
send_resp(conn, :no_content, "")
end
end
defp put_user_id(conn, %{"thread" => thread_params}) do
current_user = Guardian.Plug.current_resource(conn)
new_params = Map.put(thread_params, "user_id", current_user.id)
new_params
end
end
......@@ -36,6 +36,11 @@ defmodule DiskuyWeb.UserController do
end
end
def currentuser(conn, _params) do
current_user = Guardian.Plug.current_resource(conn)
render(conn, "show.json", user: current_user)
end
def delete(conn, %{"id" => id}) do
user = Account.get_user!(id)
......
......@@ -10,6 +10,12 @@ defmodule DiskuyWeb.Router do
plug :accepts, ["json"]
end
scope "/api", DiskuyWeb do
pipe_through [:api, :auth]
get "/current", UserController, :currentuser
resources "/threads", ThreadController, except: [:new, :edit, :show, :index]
end
scope "/api", DiskuyWeb do
pipe_through :api
# resources "/users", UserController, except: [:new, :edit]
......@@ -18,7 +24,7 @@ defmodule DiskuyWeb.Router do
resources "/topics", TopicController, except: [:new, :edit]
options "/topics", TopicController, :options
options "/topics/:id", TopicController, :options
resources "/threads", ThreadController, except: [:new, :edit]
resources "/threads", ThreadController, except: [:new, :edit, :create, :update, :delete]
options "/threads", ThreadController, :options
options "/threads/:id", ThreadController, :options
resources "/post", PostController, except: [:new, :edit]
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment