Dateien nach "backend/src/tools/nachrichten" hochladen
This commit is contained in:
@@ -37,10 +37,10 @@ router.get('/users', authenticate, (req, res) => {
|
|||||||
const users = db.prepare(`
|
const users = db.prepare(`
|
||||||
SELECT u.id, u.username, uk.public_key,
|
SELECT u.id, u.username, uk.public_key,
|
||||||
(SELECT COUNT(*) FROM messages
|
(SELECT COUNT(*) FROM messages
|
||||||
WHERE sender_id = u.id AND recipient_id = ? AND read_by_recipient = 0 AND deleted_by_recipient = 0) AS unread,
|
WHERE sender_id = u.id AND recipient_id = ? AND read_by_recipient = 0) AS unread,
|
||||||
(SELECT MAX(created_at) FROM messages
|
(SELECT MAX(created_at) FROM messages
|
||||||
WHERE ((sender_id = u.id AND recipient_id = ? AND deleted_by_recipient = 0)
|
WHERE (sender_id = u.id AND recipient_id = ?)
|
||||||
OR (sender_id = ? AND recipient_id = u.id AND deleted_by_sender = 0))) AS last_message_at
|
OR (sender_id = ? AND recipient_id = u.id)) AS last_message_at
|
||||||
FROM users u
|
FROM users u
|
||||||
LEFT JOIN user_keys uk ON uk.user_id = u.id
|
LEFT JOIN user_keys uk ON uk.user_id = u.id
|
||||||
WHERE u.id != ?
|
WHERE u.id != ?
|
||||||
@@ -52,7 +52,7 @@ router.get('/users', authenticate, (req, res) => {
|
|||||||
// ── Unread Count ──────────────────────────────────────────────────────────────
|
// ── Unread Count ──────────────────────────────────────────────────────────────
|
||||||
router.get('/unread', authenticate, (req, res) => {
|
router.get('/unread', authenticate, (req, res) => {
|
||||||
const row = db.prepare(
|
const row = db.prepare(
|
||||||
'SELECT COUNT(*) AS count FROM messages WHERE recipient_id = ? AND read_by_recipient = 0 AND deleted_by_recipient = 0'
|
'SELECT COUNT(*) AS count FROM messages WHERE recipient_id = ? AND read_by_recipient = 0'
|
||||||
).get(req.user.id);
|
).get(req.user.id);
|
||||||
res.json({ count: row.count });
|
res.json({ count: row.count });
|
||||||
});
|
});
|
||||||
@@ -62,19 +62,18 @@ router.get('/messages/:userId', authenticate, (req, res) => {
|
|||||||
const me = req.user.id;
|
const me = req.user.id;
|
||||||
const other = parseInt(req.params.userId);
|
const other = parseInt(req.params.userId);
|
||||||
|
|
||||||
// Mark incoming as read
|
|
||||||
db.prepare(`
|
db.prepare(`
|
||||||
UPDATE messages SET read_by_recipient = 1
|
UPDATE messages SET read_by_recipient = 1
|
||||||
WHERE recipient_id = ? AND sender_id = ? AND read_by_recipient = 0
|
WHERE recipient_id = ? AND sender_id = ? AND read_by_recipient = 0
|
||||||
`).run(me, other);
|
`).run(me, other);
|
||||||
|
|
||||||
const msgs = db.prepare(`
|
const msgs = db.prepare(`
|
||||||
SELECT m.id, m.sender_id, m.encrypted_content, m.iv, m.created_at,
|
SELECT id, sender_id, encrypted_content, iv, created_at,
|
||||||
(m.sender_id = ?) AS is_mine
|
(sender_id = ?) AS is_mine
|
||||||
FROM messages m
|
FROM messages
|
||||||
WHERE (m.sender_id = ? AND m.recipient_id = ? AND m.deleted_by_sender = 0)
|
WHERE (sender_id = ? AND recipient_id = ?)
|
||||||
OR (m.recipient_id = ? AND m.sender_id = ? AND m.deleted_by_recipient = 0)
|
OR (recipient_id = ? AND sender_id = ?)
|
||||||
ORDER BY m.created_at ASC
|
ORDER BY created_at ASC
|
||||||
`).all(me, me, other, me, other);
|
`).all(me, me, other, me, other);
|
||||||
|
|
||||||
res.json(msgs);
|
res.json(msgs);
|
||||||
@@ -89,12 +88,10 @@ router.post('/messages/:userId', authenticate, async (req, res) => {
|
|||||||
const recipient = db.prepare('SELECT id FROM users WHERE id = ?').get(recipId);
|
const recipient = db.prepare('SELECT id FROM users WHERE id = ?').get(recipId);
|
||||||
if (!recipient) return res.status(404).json({ error: 'Benutzer nicht gefunden' });
|
if (!recipient) return res.status(404).json({ error: 'Benutzer nicht gefunden' });
|
||||||
|
|
||||||
const result = db.prepare(`
|
const result = db.prepare(
|
||||||
INSERT INTO messages (sender_id, recipient_id, encrypted_content, iv)
|
'INSERT INTO messages (sender_id, recipient_id, encrypted_content, iv) VALUES (?, ?, ?, ?)'
|
||||||
VALUES (?, ?, ?, ?)
|
).run(me, recipId, encrypted_content, iv);
|
||||||
`).run(me, recipId, encrypted_content, iv);
|
|
||||||
|
|
||||||
// Pushover notification
|
|
||||||
const senderName = db.prepare('SELECT username FROM users WHERE id = ?').get(me)?.username || 'Jemand';
|
const senderName = db.prepare('SELECT username FROM users WHERE id = ?').get(me)?.username || 'Jemand';
|
||||||
const pushover = db.prepare('SELECT * FROM pushover_settings WHERE user_id = ?').get(recipId);
|
const pushover = db.prepare('SELECT * FROM pushover_settings WHERE user_id = ?').get(recipId);
|
||||||
if (pushover) {
|
if (pushover) {
|
||||||
@@ -104,41 +101,34 @@ router.post('/messages/:userId', authenticate, async (req, res) => {
|
|||||||
res.json({ id: result.lastInsertRowid });
|
res.json({ id: result.lastInsertRowid });
|
||||||
});
|
});
|
||||||
|
|
||||||
// DELETE single message (own side only)
|
// DELETE einzelne Nachricht – hard delete, beide Seiten dürfen löschen
|
||||||
router.delete('/messages/:messageId', authenticate, (req, res) => {
|
router.delete('/messages/:messageId', authenticate, (req, res) => {
|
||||||
const me = req.user.id;
|
const me = req.user.id;
|
||||||
const mid = parseInt(req.params.messageId);
|
const mid = parseInt(req.params.messageId);
|
||||||
const msg = db.prepare('SELECT * FROM messages WHERE id = ?').get(mid);
|
db.prepare(
|
||||||
if (!msg) return res.status(404).json({ error: 'Nicht gefunden' });
|
'DELETE FROM messages WHERE id = ? AND (sender_id = ? OR recipient_id = ?)'
|
||||||
if (msg.sender_id !== me && msg.recipient_id !== me)
|
).run(mid, me, me);
|
||||||
return res.status(403).json({ error: 'Kein Zugriff' });
|
|
||||||
|
|
||||||
if (msg.sender_id === me) {
|
|
||||||
db.prepare('UPDATE messages SET deleted_by_sender = 1 WHERE id = ?').run(mid);
|
|
||||||
} else {
|
|
||||||
db.prepare('UPDATE messages SET deleted_by_recipient = 1 WHERE id = ?').run(mid);
|
|
||||||
}
|
|
||||||
// Physical delete when both sides have deleted
|
|
||||||
db.prepare('DELETE FROM messages WHERE id = ? AND deleted_by_sender = 1 AND deleted_by_recipient = 1').run(mid);
|
|
||||||
res.json({ ok: true });
|
res.json({ ok: true });
|
||||||
});
|
});
|
||||||
|
|
||||||
// DELETE entire conversation (own side)
|
// DELETE gesamte Konversation – hard delete
|
||||||
router.delete('/conversation/:userId', authenticate, (req, res) => {
|
router.delete('/conversation/:userId', authenticate, (req, res) => {
|
||||||
const me = req.user.id;
|
const me = req.user.id;
|
||||||
const other = parseInt(req.params.userId);
|
const other = parseInt(req.params.userId);
|
||||||
|
|
||||||
db.prepare('UPDATE messages SET deleted_by_sender = 1 WHERE sender_id = ? AND recipient_id = ?').run(me, other);
|
|
||||||
db.prepare('UPDATE messages SET deleted_by_recipient = 1 WHERE recipient_id = ? AND sender_id = ?').run(me, other);
|
|
||||||
// Physical cleanup where both deleted
|
|
||||||
db.prepare(`
|
db.prepare(`
|
||||||
DELETE FROM messages
|
DELETE FROM messages
|
||||||
WHERE deleted_by_sender = 1 AND deleted_by_recipient = 1
|
WHERE (sender_id = ? AND recipient_id = ?) OR (sender_id = ? AND recipient_id = ?)
|
||||||
AND ((sender_id = ? AND recipient_id = ?) OR (sender_id = ? AND recipient_id = ?))
|
|
||||||
`).run(me, other, other, me);
|
`).run(me, other, other, me);
|
||||||
res.json({ ok: true });
|
res.json({ ok: true });
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// DELETE alle eigenen Nachrichten (für Schlüssel-Reset)
|
||||||
|
router.delete('/my-messages', authenticate, (req, res) => {
|
||||||
|
db.prepare('DELETE FROM messages WHERE sender_id = ? OR recipient_id = ?')
|
||||||
|
.run(req.user.id, req.user.id);
|
||||||
|
res.json({ ok: true });
|
||||||
|
});
|
||||||
|
|
||||||
// ── Pushover Settings ─────────────────────────────────────────────────────────
|
// ── Pushover Settings ─────────────────────────────────────────────────────────
|
||||||
router.get('/pushover', authenticate, (req, res) => {
|
router.get('/pushover', authenticate, (req, res) => {
|
||||||
const row = db.prepare('SELECT user_key, app_token FROM pushover_settings WHERE user_id = ?').get(req.user.id);
|
const row = db.prepare('SELECT user_key, app_token FROM pushover_settings WHERE user_id = ?').get(req.user.id);
|
||||||
|
|||||||
Reference in New Issue
Block a user