DB topics and post must have token

a96ee483 · Muhammad Rafif Elfazri · 7646f023 · a96ee483 · a96ee483
Commit a96ee483 authored Jan 08, 2021 by Muhammad Rafif Elfazri
--- a/diskuy_back/lib/diskuy_web/controllers/post_controller.ex
+++ b/diskuy_back/lib/diskuy_web/controllers/post_controller.ex
@@ -12,7 +12,8 @@ defmodule DiskuyWeb.PostController do
  end

  def create(conn, %{"post" => post_params}) do
-    with {:ok, %Post{} = post} <- Forum.create_post(post_params) do
+    new_params = put_user_id(conn, %{"post" => post_params})
+    with {:ok, %Post{} = post} <- Forum.create_post(new_params) do
      conn
      |> put_status(:created)
      |> put_resp_header("location", Routes.post_path(conn, :show, post))
@@ -40,4 +41,11 @@ defmodule DiskuyWeb.PostController do
      send_resp(conn, :no_content, "")
    end
  end
+
+  defp put_user_id(conn, %{"post" => post_params}) do
+    current_user = Guardian.Plug.current_resource(conn)
+    new_params = Map.put(post_params, "user_id", current_user.id)
+    new_params
+  end
+
 end
--- a/diskuy_back/lib/diskuy_web/router.ex
+++ b/diskuy_back/lib/diskuy_web/router.ex
@@ -14,20 +14,21 @@ defmodule DiskuyWeb.Router do
    pipe_through [:api, :auth]
    get "/current", UserController, :currentuser
    resources "/threads", ThreadController, except: [:new, :edit, :show, :index]
+    resources "/topics", TopicController, except: [:new, :edit, :show, :index]
+    resources "/post", PostController, except: [:new, :edit, :show, :index]
  end

  scope "/api", DiskuyWeb do
    pipe_through :api
-    # resources "/users", UserController, except: [:new, :edit]
    get "/users", UserController, :index
    get "/users/:id", UserController, :show
-    resources "/topics", TopicController, except: [:new, :edit]
+    resources "/topics", TopicController, except: [:new, :edit, :create, :update, :delete]
    options   "/topics", TopicController, :options
    options   "/topics/:id", TopicController, :options
    resources "/threads", ThreadController, except: [:new, :edit, :create, :update, :delete]
    options   "/threads", ThreadController, :options
    options   "/threads/:id", ThreadController, :options
-    resources "/post", PostController, except: [:new, :edit]
+    resources "/post", PostController, except: [:new, :edit, :create, :update, :delete]
    options   "/post", PostController, :options
    options   "/post/:id", PostController, :options
    post "/users/signup", UserController, :create