Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-01 10:55:55 +01:00
Code Issues Packages Projects Releases Activity

auth changes

Browse Source
This commit is contained in:
azivner
2017-12-23 09:57:20 -05:00
parent 215c3a414f
commit c07c18f08a
9 changed files with 22 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
routes/api/notes.js
View File

@@ -32,7 +32,7 @@ router.get('/:noteId', auth.checkApiAuth, async (req, res, next) => {
});
});
router.post('/:parentNoteId/children', async (req, res, next) => {
router.post('/:parentNoteId/children', auth.checkApiAuth, async (req, res, next) => {
const sourceId = req.headers.source_id;
const parentNoteId = req.params.parentNoteId;
const note = req.body;
@@ -45,7 +45,7 @@ router.post('/:parentNoteId/children', async (req, res, next) => {
});
});
router.put('/:noteId', async (req, res, next) => {
router.put('/:noteId', auth.checkApiAuth, async (req, res, next) => {
const note = req.body;
const noteId = req.params.noteId;
const sourceId = req.headers.source_id;
@@ -56,7 +56,7 @@ router.put('/:noteId', async (req, res, next) => {
res.send({});
});
router.delete('/:noteTreeId', async (req, res, next) => {
router.delete('/:noteTreeId', auth.checkApiAuth, async (req, res, next) => {
await sql.doInTransaction(async () => {
await notes.deleteNote(req.params.noteTreeId, req.headers.source_id);
});
@@ -64,7 +64,7 @@ router.delete('/:noteTreeId', async (req, res, next) => {
res.send({});
});
router.get('/', async (req, res, next) => {
router.get('/', auth.checkApiAuth, async (req, res, next) => {
const search = '%' + req.query.search + '%';
const result = await sql.getResults("SELECT note_id FROM notes WHERE note_title liKE ? OR note_text LIKE ?", [search, search]);