59 lines
1.9 KiB
JavaScript
59 lines
1.9 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const db = require('../db');
|
|
const { requireAuth } = require('../middleware/auth');
|
|
|
|
// ── Ghosts (public read) ──────────────────────────────
|
|
|
|
// Alle Geister laden
|
|
router.get('/ghosts', async (req, res) => {
|
|
try {
|
|
const rows = await db.query('SELECT * FROM ghosts ORDER BY name ASC');
|
|
const ghosts = rows.map(row => ({
|
|
...row,
|
|
evidence: typeof row.evidence === 'string' ? JSON.parse(row.evidence) : row.evidence,
|
|
tells: typeof row.tells === 'string' ? JSON.parse(row.tells) : row.tells,
|
|
}));
|
|
res.json(ghosts);
|
|
} catch (e) {
|
|
console.error(e);
|
|
res.status(500).json({ error: 'DB-Fehler' });
|
|
}
|
|
});
|
|
|
|
// ── Submissions (auth required) ───────────────────────
|
|
|
|
// Eigene Submissions laden
|
|
router.get('/submissions/mine', requireAuth, async (req, res) => {
|
|
try {
|
|
const rows = await db.query(
|
|
'SELECT * FROM submissions WHERE discord_id = ? ORDER BY created_at DESC',
|
|
[req.user.id]
|
|
);
|
|
res.json(rows);
|
|
} catch (e) {
|
|
res.status(500).json({ error: 'DB-Fehler' });
|
|
}
|
|
});
|
|
|
|
// Neue Submission einreichen
|
|
router.post('/submissions', requireAuth, async (req, res) => {
|
|
const { ghost_name, type, content } = req.body;
|
|
if (!content?.trim()) return res.status(400).json({ error: 'Inhalt fehlt' });
|
|
if (!['tip','edit','new'].includes(type)) return res.status(400).json({ error: 'Ungültiger Typ' });
|
|
|
|
try {
|
|
await db.query(
|
|
`INSERT INTO submissions (ghost_name, type, username, discord_id, content)
|
|
VALUES (?, ?, ?, ?, ?)`,
|
|
[ghost_name || '', type, req.user.username, req.user.id, content.trim()]
|
|
);
|
|
res.json({ ok: true });
|
|
} catch (e) {
|
|
console.error(e);
|
|
res.status(500).json({ error: 'DB-Fehler' });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|