diff --git a/app/Http/Controllers/APIv1/ListController.php b/app/Http/Controllers/APIv1/ListController.php index 1f5f65b..09bbf62 100644 --- a/app/Http/Controllers/APIv1/ListController.php +++ b/app/Http/Controllers/APIv1/ListController.php @@ -23,8 +23,6 @@ class ListController extends Controller { public function mySimpleList() { - $this->middleware('auth'); - $myList = UserList::where('user_id', Auth::user()->id) ->orderBy('id', 'desc') ->get([ @@ -37,8 +35,6 @@ public function mySimpleList() } public function listList() { - $this->middleware('auth'); - $return = [ 'my_list' => [], 'friends_list' => [] @@ -181,9 +177,6 @@ public function customList(UserList $userList) public function modifyCustomList($listId = null) { - $this->middleware('csrf'); - $this->middleware('auth'); - $messages = [ 'required' => 'The :attribute field is required.', 'numeric' => 'The :attribute field is required.', @@ -227,20 +220,45 @@ public function modifyCustomList($listId = null) return ['error' => 'There was an error while trying to save the list.']; } - return $user->UserList() - ->orderBy('id', 'desc') + $myLists = UserList::where('user_list.user_id', $user->id) + ->leftjoin('user_list_profile as ulp_1', 'ulp_1.user_list_id', '=', 'user_list.id') + ->groupBy('user_list.id') + ->orderBy('user_list.id', 'desc') + ->leftJoin('subscription', function($join) + { + $join->on('subscription.user_list_id', '=', 'user_list.id') + ->whereNull('subscription.deleted_at'); + })->whereNull('ulp_1.deleted_at') ->get([ 'user_list.id', 'user_list.title', 'user_list.privacy', + 'user_list.created_at', + + \DB::raw('count(ulp_1.id) as users_in_list'), + \DB::raw('count(distinct subscription.id) as sub_count'), ]); + + $return = []; + + foreach($myLists as $myList) + { + $return[] = [ + 'id' => $myList->id, + 'title' => $myList->title, + 'privacy' => $myList->privacy, + 'created_at' => $myList->created_at->format("M j Y"), + + 'users_in_list' => $myList->users_in_list, + 'sub_count' => $myList->sub_count, + ]; + } + + return $return; } public function deleteCustomList(UserList $userList) { - $this->middleware('csrf'); - $this->middleware('auth'); - $userList->UserListProfile()->delete(); if(!$userList->delete()) { @@ -252,9 +270,6 @@ public function deleteCustomList(UserList $userList) public function listSubscribe(UserList $userList) { - $this->middleware('csrf'); - $this->middleware('auth'); - if(!isset($userList->id)) { return ['error' => '404']; } @@ -279,9 +294,6 @@ public function listSubscribe(UserList $userList) public function listUnsubscribe(UserList $userList) { - $this->middleware('csrf'); - $this->middleware('auth'); - if(!isset($userList->id)) { return ['error' => '404']; } diff --git a/app/Http/Controllers/APIv1/ListUserController.php b/app/Http/Controllers/APIv1/ListUserController.php index 4d58979..a620f38 100644 --- a/app/Http/Controllers/APIv1/ListUserController.php +++ b/app/Http/Controllers/APIv1/ListUserController.php @@ -18,9 +18,6 @@ class ListUserController extends Controller { public function addToList() { - $this->middleware('csrf'); - $this->middleware('auth'); - $messages = [ 'required' => 'The :attribute field is required.', 'numeric' => 'The :attribute field is required.', @@ -72,9 +69,6 @@ public function addToList() public function deleteFromList() { - $this->middleware('csrf'); - $this->middleware('auth'); - $input = Input::all(); $userListProfile = UserListProfile::where('user_list_id', $input['list_id']) diff --git a/app/Http/Controllers/LoginController.php b/app/Http/Controllers/LoginController.php index 9e8617b..0066a38 100644 --- a/app/Http/Controllers/LoginController.php +++ b/app/Http/Controllers/LoginController.php @@ -31,7 +31,7 @@ public function login() $steam64BitId = str_replace("http://steamcommunity.com/openid/id/", "", $steamuser['steamid'] ); // Try to grab user if it exists - $user = User::whereSmallId(Steam::toSmallId($steam64BitId))->first(); + $user = User::whereSmallId((int) Steam::toSmallId($steam64BitId))->first(); $steamAPI = new SteamAPI('info'); $steamAPI->setSteamId($steam64BitId); @@ -50,7 +50,7 @@ public function login() if(!isset($user->id)) { $user = new User; - $user->small_id = (string) Steam::toSmallId($userSteamInfo->steamid); + $user->small_id = (int) Steam::toSmallId($userSteamInfo->steamid); } $user->display_name = (string) $userSteamInfo->personaname; diff --git a/app/Http/Controllers/PagesController.php b/app/Http/Controllers/PagesController.php index 3747283..57bb303 100644 --- a/app/Http/Controllers/PagesController.php +++ b/app/Http/Controllers/PagesController.php @@ -40,8 +40,6 @@ public function profilePage($steam64BitId) public function listListPage() { - $this->middleware('auth'); - return view('pages/listPortal'); } @@ -86,8 +84,6 @@ public function donatePage() public function searchPage() { - $this->middleware('csrf'); - $searchQuery = Input::get('search'); if(!$searchQuery) return redirect()->route('home'); diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index 09a5fd7..4d1ea46 100644 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -10,7 +10,6 @@ class SettingsController extends Controller { public function subscriptionPage() { - $this->middleware('auth'); return view('settings/subscription'); } diff --git a/app/Http/routes.php b/app/Http/routes.php index e65fa20..e61743f 100644 --- a/app/Http/routes.php +++ b/app/Http/routes.php @@ -13,6 +13,7 @@ ]); get('/logout', [ + 'middleware' => 'auth', 'as' => 'auth.logout', 'uses' => 'LoginController@logout' ]); @@ -20,6 +21,7 @@ get('/list', [ 'as' => 'list.list', + 'middleware' => 'auth', 'uses' => 'PagesController@listListPage' ]); @@ -84,6 +86,7 @@ Route::group(['prefix' => 'settings'], function() { get('/', [ + 'middleware' => 'auth', 'as' => 'settings', 'uses' => 'SettingsController@subscriptionPage' ]); @@ -111,6 +114,7 @@ Route::group(['prefix' => 'list'], function() { get('/simple', [ + 'middleware' => 'auth', 'as' => 'api.v1.list.simple', 'uses' => 'ListController@mySimpleList' ]); @@ -125,53 +129,56 @@ 'uses' => 'ListController@latestTracked' ]); - get('/{userList}', [ - 'as' => 'api.v1.tracked.latest', - 'uses' => 'ListController@customList' - ]); - get('/', [ + 'middleware' => 'auth', 'as' => 'api.v1.list.list', 'uses' => 'ListController@listList' ]); - // - // --------------------------------- - // - - post('/add', [ - 'as' => 'api.v1.list.user.add', - 'uses' => 'ListUserController@addToList' - ]); - - post('/{listId?}', [ - 'as' => 'api.v1.list.create', - 'uses' => 'ListController@modifyCustomList' + get('/{userList}', [ + 'as' => 'api.v1.tracked.latest', + 'uses' => 'ListController@customList' ]); - post('/subscribe/{userList}', [ - 'as' => 'api.v1.list.subscribe', - 'uses' => 'ListController@listSubscribe' - ]); - // // --------------------------------- // - - delete('/subscribe/{userList}', [ - 'as' => 'api.v1.list.unsubscribe', - 'uses' => 'ListController@listUnsubscribe' - ]); - - delete('/delete', [ - 'as' => 'api.v1.list.user.delete', - 'uses' => 'ListUserController@deleteFromList' - ]); - - delete('/{userList}', [ - 'as' => 'api.v1.tracked.latest', - 'uses' => 'ListController@deleteCustomList' - ]); + Route::group(['middleware' => 'auth'], function() + { + post('/add', [ + 'as' => 'api.v1.list.user.add', + 'uses' => 'ListUserController@addToList' + ]); + + post('/{listId?}', [ + 'as' => 'api.v1.list.create', + 'uses' => 'ListController@modifyCustomList' + ]); + + post('/subscribe/{userList}', [ + 'as' => 'api.v1.list.subscribe', + 'uses' => 'ListController@listSubscribe' + ]); + + // + // --------------------------------- + // + + delete('/subscribe/{userList}', [ + 'as' => 'api.v1.list.unsubscribe', + 'uses' => 'ListController@listUnsubscribe' + ]); + + delete('/delete', [ + 'as' => 'api.v1.list.user.delete', + 'uses' => 'ListUserController@deleteFromList' + ]); + + delete('/{userList}', [ + 'as' => 'api.v1.tracked.latest', + 'uses' => 'ListController@deleteCustomList' + ]); + }); }); Route::group(['prefix' => 'news'], function() @@ -199,7 +206,7 @@ Route::any('/ipn', array('uses' => 'DonationController@IPN')); }); - Route::group(['prefix' => 'settings'], function() + Route::group(['prefix' => 'settings', 'middleware' => 'auth'], function() { get('/', [ 'as' => 'api.v1.settings', @@ -235,9 +242,9 @@ ]); post('/announcement', [ - 'as' => 'admin.announcement.save', - 'uses' => 'MainController@announcementSave' - ]); + 'as' => 'admin.announcement.save', + 'uses' => 'MainController@announcementSave' + ]); Route::group(['prefix' => 'db'], function() { diff --git a/resources/assets/jsx/listHandler.jsx b/resources/assets/jsx/listHandler.jsx index ff3bfc8..208f3d1 100644 --- a/resources/assets/jsx/listHandler.jsx +++ b/resources/assets/jsx/listHandler.jsx @@ -4,7 +4,6 @@ var auth_check = $('meta[name=auth]').attr("content"); var ListHandler = React.createClass({ submitNewListToServer: function(data) { - console.log(data); $.ajax({ url: '/api/v1/list', dataType: 'json',