Files
cats/server/src/routes/admin.ts

48 lines
1.6 KiB
TypeScript

import { Router, Response } from 'express';
import { queryAll, queryOne, execute } from '../db';
import { authMiddleware, adminOnly, AuthRequest } from '../middleware/auth.js';
const router = Router();
// All routes require admin
router.use(authMiddleware, adminOnly);
// Get all users
router.get('/users', (req: AuthRequest, res: Response) => {
const users = queryAll(
'SELECT id, username, points, is_admin, created_at FROM users ORDER BY points DESC'
);
res.json({ users });
});
// Delete any cat
router.delete('/cats/:id', (req: AuthRequest, res: Response) => {
const cat = queryOne('SELECT id FROM cats WHERE id = ?', [req.params.id]);
if (!cat) {
res.status(404).json({ error: 'Cat not found' });
return;
}
execute('DELETE FROM likes WHERE cat_id = ?', [req.params.id]);
execute('DELETE FROM cats WHERE id = ?', [req.params.id]);
res.json({ ok: true });
});
// Ban user (delete their cats and likes)
router.delete('/users/:id', (req: AuthRequest, res: Response) => {
const userId = parseInt(req.params.id);
const user = queryOne('SELECT id, username, is_admin FROM users WHERE id = ?', [userId]);
if (!user) {
res.status(404).json({ error: 'User not found' });
return;
}
if (user.is_admin) {
res.status(400).json({ error: 'Cannot delete admin' });
return;
}
execute('DELETE FROM likes WHERE cat_id IN (SELECT id FROM cats WHERE user_id = ?)', [userId]);
execute('DELETE FROM cats WHERE user_id = ?', [userId]);
execute('DELETE FROM users WHERE id = ?', [userId]);
res.json({ ok: true });
});
export default router;