48 lines
1.6 KiB
TypeScript
48 lines
1.6 KiB
TypeScript
import { Router, Response } from 'express';
|
|
import { queryAll, queryOne, execute } from '../db';
|
|
import { authMiddleware, adminOnly, AuthRequest } from '../middleware/auth.js';
|
|
|
|
const router = Router();
|
|
|
|
// All routes require admin
|
|
router.use(authMiddleware, adminOnly);
|
|
|
|
// Get all users
|
|
router.get('/users', (req: AuthRequest, res: Response) => {
|
|
const users = queryAll(
|
|
'SELECT id, username, points, is_admin, created_at FROM users ORDER BY points DESC'
|
|
);
|
|
res.json({ users });
|
|
});
|
|
|
|
// Delete any cat
|
|
router.delete('/cats/:id', (req: AuthRequest, res: Response) => {
|
|
const cat = queryOne('SELECT id FROM cats WHERE id = ?', [req.params.id]);
|
|
if (!cat) {
|
|
res.status(404).json({ error: 'Cat not found' });
|
|
return;
|
|
}
|
|
execute('DELETE FROM likes WHERE cat_id = ?', [req.params.id]);
|
|
execute('DELETE FROM cats WHERE id = ?', [req.params.id]);
|
|
res.json({ ok: true });
|
|
});
|
|
|
|
// Ban user (delete their cats and likes)
|
|
router.delete('/users/:id', (req: AuthRequest, res: Response) => {
|
|
const userId = parseInt(req.params.id);
|
|
const user = queryOne('SELECT id, username, is_admin FROM users WHERE id = ?', [userId]);
|
|
if (!user) {
|
|
res.status(404).json({ error: 'User not found' });
|
|
return;
|
|
}
|
|
if (user.is_admin) {
|
|
res.status(400).json({ error: 'Cannot delete admin' });
|
|
return;
|
|
}
|
|
execute('DELETE FROM likes WHERE cat_id IN (SELECT id FROM cats WHERE user_id = ?)', [userId]);
|
|
execute('DELETE FROM cats WHERE user_id = ?', [userId]);
|
|
execute('DELETE FROM users WHERE id = ?', [userId]);
|
|
res.json({ ok: true });
|
|
});
|
|
|
|
export default router; |