Fakultas Ilmu Komputer UI

Commit 7646f023 authored by Muhammad Rafif Elfazri's avatar Muhammad Rafif Elfazri
Browse files

any thread DB Changes Must have Auth Bearer

parent 35fdaed5
...@@ -3,6 +3,7 @@ defmodule DiskuyWeb.ThreadController do ...@@ -3,6 +3,7 @@ defmodule DiskuyWeb.ThreadController do
alias Diskuy.Forum alias Diskuy.Forum
alias Diskuy.Forum.Thread alias Diskuy.Forum.Thread
alias DiskuyWeb.Auth.Guardian
action_fallback DiskuyWeb.FallbackController action_fallback DiskuyWeb.FallbackController
...@@ -12,7 +13,8 @@ defmodule DiskuyWeb.ThreadController do ...@@ -12,7 +13,8 @@ defmodule DiskuyWeb.ThreadController do
end end
def create(conn, %{"thread" => thread_params}) do def create(conn, %{"thread" => thread_params}) do
with {:ok, %Thread{} = thread} <- Forum.create_thread(thread_params) do new_params = put_user_id(conn, %{"thread" => thread_params})
with {:ok, %Thread{} = thread} <- Forum.create_thread(new_params) do
conn conn
|> put_status(:created) |> put_status(:created)
|> put_resp_header("location", Routes.thread_path(conn, :show, thread)) |> put_resp_header("location", Routes.thread_path(conn, :show, thread))
...@@ -27,7 +29,6 @@ defmodule DiskuyWeb.ThreadController do ...@@ -27,7 +29,6 @@ defmodule DiskuyWeb.ThreadController do
def update(conn, %{"id" => id, "thread" => thread_params}) do def update(conn, %{"id" => id, "thread" => thread_params}) do
thread = Forum.get_thread!(id) thread = Forum.get_thread!(id)
with {:ok, %Thread{} = thread} <- Forum.update_thread(thread, thread_params) do with {:ok, %Thread{} = thread} <- Forum.update_thread(thread, thread_params) do
render(conn, "show.json", thread: thread) render(conn, "show.json", thread: thread)
end end
...@@ -35,9 +36,14 @@ defmodule DiskuyWeb.ThreadController do ...@@ -35,9 +36,14 @@ defmodule DiskuyWeb.ThreadController do
def delete(conn, %{"id" => id}) do def delete(conn, %{"id" => id}) do
thread = Forum.get_thread!(id) thread = Forum.get_thread!(id)
with {:ok, %Thread{}} <- Forum.delete_thread(thread) do with {:ok, %Thread{}} <- Forum.delete_thread(thread) do
send_resp(conn, :no_content, "") send_resp(conn, :no_content, "")
end end
end end
defp put_user_id(conn, %{"thread" => thread_params}) do
current_user = Guardian.Plug.current_resource(conn)
new_params = Map.put(thread_params, "user_id", current_user.id)
new_params
end
end end
...@@ -36,6 +36,11 @@ defmodule DiskuyWeb.UserController do ...@@ -36,6 +36,11 @@ defmodule DiskuyWeb.UserController do
end end
end end
def currentuser(conn, _params) do
current_user = Guardian.Plug.current_resource(conn)
render(conn, "show.json", user: current_user)
end
def delete(conn, %{"id" => id}) do def delete(conn, %{"id" => id}) do
user = Account.get_user!(id) user = Account.get_user!(id)
......
...@@ -10,6 +10,12 @@ defmodule DiskuyWeb.Router do ...@@ -10,6 +10,12 @@ defmodule DiskuyWeb.Router do
plug :accepts, ["json"] plug :accepts, ["json"]
end end
scope "/api", DiskuyWeb do
pipe_through [:api, :auth]
get "/current", UserController, :currentuser
resources "/threads", ThreadController, except: [:new, :edit, :show, :index]
end
scope "/api", DiskuyWeb do scope "/api", DiskuyWeb do
pipe_through :api pipe_through :api
# resources "/users", UserController, except: [:new, :edit] # resources "/users", UserController, except: [:new, :edit]
...@@ -18,7 +24,7 @@ defmodule DiskuyWeb.Router do ...@@ -18,7 +24,7 @@ defmodule DiskuyWeb.Router do
resources "/topics", TopicController, except: [:new, :edit] resources "/topics", TopicController, except: [:new, :edit]
options "/topics", TopicController, :options options "/topics", TopicController, :options
options "/topics/:id", TopicController, :options options "/topics/:id", TopicController, :options
resources "/threads", ThreadController, except: [:new, :edit] resources "/threads", ThreadController, except: [:new, :edit, :create, :update, :delete]
options "/threads", ThreadController, :options options "/threads", ThreadController, :options
options "/threads/:id", ThreadController, :options options "/threads/:id", ThreadController, :options
resources "/post", PostController, except: [:new, :edit] resources "/post", PostController, except: [:new, :edit]
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment