From 8e1b3eaec97cadb44f7838a406f53d8251fe7e59 Mon Sep 17 00:00:00 2001 From: Arzumify Date: Thu, 27 Jun 2024 17:46:50 +0100 Subject: [PATCH] Add /api/purgenotes --- APIDOCS.md | 7 +++++-- main.go | 30 ++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/APIDOCS.md b/APIDOCS.md index ecd3949..7519f28 100644 --- a/APIDOCS.md +++ b/APIDOCS.md @@ -72,13 +72,16 @@ POST - /api/editnote - edit notes, provide "secretKey", "noteId", "title", and " POST - /api/removenote - remove notes, provide "secretKey" and "noteId" -## ⚙️ Account managment +POST - /api/purgenotes - remove all notes, provide "secretKey" +### Please display a warning before this action + +## ⚙️ Account management POST - /api/changepassword - change account password, provide "secretKey", "newPassword" encrypt the same way as /api/login POST - /api/deleteaccount - delete account, provide "secretKey" -please display a warning before this action +### Please display a warning before this action POST - /api/exportnotes - export notes, provide "secretKey" note content and title will have to be decrypted diff --git a/main.go b/main.go index 9f5421f..e703f66 100644 --- a/main.go +++ b/main.go @@ -1004,6 +1004,36 @@ func main() { } }) + router.POST("/api/purgenotes", func(c *gin.Context) { + var data map[string]interface{} + err := c.ShouldBindJSON(&data) + if err != nil { + c.JSON(400, gin.H{"error": "Invalid JSON"}) + return + } + + token, ok := data["secretKey"].(string) + if !ok { + c.JSON(400, gin.H{"error": "Invalid JSON"}) + return + } + + _, userid, err := getSession(token) + if err != nil { + c.JSON(401, gin.H{"error": "Invalid session"}) + return + } + + _, err = conn.Exec("DELETE FROM notes WHERE creator = ?", userid) + if err != nil { + log.Println("[ERROR] Unknown in /api/purgenotes Exec() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) + c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-PURGENOTES-DBDELETE"}) + return + } else { + c.JSON(200, gin.H{"success": true}) + } + }) + router.POST("/api/editnote", func(c *gin.Context) { var data map[string]interface{} err := c.ShouldBindJSON(&data)