From 9f67e66b83d158b99582c2984fc253b6e6abd537 Mon Sep 17 00:00:00 2001 From: Tor Andersson Date: Thu, 1 May 2025 22:04:10 +0200 Subject: Simplify form post actions. Put account management pages under "/account" URL prefix. Set logged in user in res.locals for use in pug templates. Tweak verification flow. Require password to change name and mail. Show user statistics on profile (use pug mixin). Remove "api" prefix on many routes. --- public/style.css | 9 ++ server.js | 229 +++++++++++++++++++------------------- views/account_change_about.pug | 27 +++++ views/account_change_mail.pug | 26 +++++ views/account_change_name.pug | 26 +++++ views/account_change_password.pug | 26 +++++ views/account_delete.pug | 28 +++++ views/account_forgot_password.pug | 25 +++++ views/account_mail_verify.pug | 32 ++++++ views/account_reset_password.pug | 31 ++++++ views/account_webhook.pug | 68 +++++++++++ views/change_about.pug | 27 ----- views/change_mail.pug | 22 ---- views/change_name.pug | 22 ---- views/change_password.pug | 26 ----- views/contacts_search.pug | 31 ++++++ views/create-index.pug | 16 --- views/create.pug | 83 -------------- views/create_index.pug | 16 +++ views/create_title.pug | 83 ++++++++++++++ views/delete_account.pug | 28 ----- views/forgot_password.pug | 25 ----- views/game_stats.pug | 25 ----- views/head.pug | 33 ++++++ views/info.pug | 41 ------- views/login.pug | 4 +- views/profile.pug | 65 +++++++---- views/reset_password.pug | 31 ------ views/search_user.pug | 31 ------ views/signup.pug | 2 +- views/stats_title.pug | 25 +++++ views/stats_user.pug | 53 +++++++++ views/title.pug | 41 +++++++ views/tm_seed.pug | 6 +- views/user.pug | 34 +----- views/user_stats.pug | 53 --------- views/verify_mail.pug | 21 ---- views/webhook.pug | 68 ----------- 38 files changed, 743 insertions(+), 696 deletions(-) create mode 100644 views/account_change_about.pug create mode 100644 views/account_change_mail.pug create mode 100644 views/account_change_name.pug create mode 100644 views/account_change_password.pug create mode 100644 views/account_delete.pug create mode 100644 views/account_forgot_password.pug create mode 100644 views/account_mail_verify.pug create mode 100644 views/account_reset_password.pug create mode 100644 views/account_webhook.pug delete mode 100644 views/change_about.pug delete mode 100644 views/change_mail.pug delete mode 100644 views/change_name.pug delete mode 100644 views/change_password.pug create mode 100644 views/contacts_search.pug delete mode 100644 views/create-index.pug delete mode 100644 views/create.pug create mode 100644 views/create_index.pug create mode 100644 views/create_title.pug delete mode 100644 views/delete_account.pug delete mode 100644 views/forgot_password.pug delete mode 100644 views/game_stats.pug delete mode 100644 views/info.pug delete mode 100644 views/reset_password.pug delete mode 100644 views/search_user.pug create mode 100644 views/stats_title.pug create mode 100644 views/stats_user.pug create mode 100644 views/title.pug delete mode 100644 views/user_stats.pug delete mode 100644 views/verify_mail.pug delete mode 100644 views/webhook.pug diff --git a/public/style.css b/public/style.css index bbbcbbd..7c0c07b 100644 --- a/public/style.css +++ b/public/style.css @@ -226,6 +226,15 @@ div.logo img { border: var(--thin-border); } +p.box { + white-space: pre-wrap; + font-style: italic; + padding: 8px 12px; + border: var(--thin-border); + box-shadow: var(--drop-shadow); + background-color: var(--color-text); +} + /* TABLES */ table { diff --git a/server.js b/server.js index 7165a9b..9ba77f2 100644 --- a/server.js +++ b/server.js @@ -340,6 +340,12 @@ function format_minutes(mins) { return mins + " minutes" } +function is_valid_password(password) { + if (password.length < 4 || password.length > 100) + return false + return true +} + function is_valid_email(email) { return REGEX_MAIL.test(email) } @@ -372,6 +378,14 @@ function hash_password(password, salt) { return hash.digest("hex") } +function verify_password(user, password) { + var user_login = SQL_SELECT_LOGIN.get(user.user_id) + var hash = hash_password(password, user_login.salt) + if (hash !== user_login.password) + return false + return true +} + /* * ALTCHA ANTI-BOT SIGNUP */ @@ -462,6 +476,7 @@ const SQL_SELECT_USER_DYNAMIC = SQL("select * from user_dynamic_view where user_ const SQL_SELECT_USER_ID = SQL("SELECT user_id FROM users WHERE name=?").pluck() const SQL_SELECT_USER_BY_SEARCH = SQL("select name, atime from users left join user_last_seen using(user_id) where name like ? order by name") +const SQL_SELECT_USER_ABOUT = SQL("SELECT about FROM user_about WHERE user_id=?").pluck() const SQL_SELECT_USER_NOTIFY = SQL("SELECT notify FROM users WHERE user_id=?").pluck() const SQL_SELECT_USER_VERIFIED = SQL("SELECT is_verified FROM users WHERE user_id=?").pluck() const SQL_UPDATE_USER_NOTIFY = SQL("UPDATE users SET notify=? WHERE user_id=?") @@ -495,7 +510,7 @@ app.use(function (req, res, next) { let user_id = login_sql_select.get(sid) if (user_id) { login_touch(res, sid) - req.user = SQL_SELECT_USER_DYNAMIC.get(user_id) + req.user = res.locals.user = SQL_SELECT_USER_DYNAMIC.get(user_id) SQL_UPDATE_USER_LAST_SEEN.run(user_id, ip) if (req.user.is_banned) return res.status(403).send("") @@ -524,15 +539,15 @@ function must_be_administrator(req, res, next) { } app.get("/", function (req, res) { - res.render("index.pug", { user: req.user }) + res.render("index.pug") }) app.get("/create", function (req, res) { - res.render("create-index.pug", { user: req.user }) + res.render("create_index.pug") }) app.get("/about", function (req, res) { - res.render("about.pug", { user: req.user }) + res.render("about.pug") }) app.post("/logout", function (req, res) { @@ -599,89 +614,67 @@ app.post("/signup", must_pass_altcha, function (req, res) { res.redirect("/profile") }) -function create_and_mail_verification_token(user) { - if (!SQL_FIND_TOKEN.get(user.user_id)) - mail_verification_token(user, SQL_CREATE_TOKEN.get(user.user_id)) -} - -app.get("/verify-mail", must_be_logged_in, function (req, res) { +app.get("/account/mail/verify", must_be_logged_in, function (req, res) { if (SQL_SELECT_USER_VERIFIED.get(req.user.user_id)) return res.redirect("/profile") - create_and_mail_verification_token(req.user) - res.render("verify_mail.pug", { user: req.user }) + var sent_token = SQL_FIND_TOKEN.get(req.user.user_id) + var input_token = req.query.token + res.render("account_mail_verify.pug", { input_token, sent_token }) }) -app.get("/verify-mail/:token", must_be_logged_in, function (req, res) { - if (SQL_SELECT_USER_VERIFIED.get(req.user.user_id)) - return res.redirect("/profile") - res.render("verify_mail.pug", { user: req.user, token: req.params.token }) +app.post("/account/mail/verify-send", must_be_logged_in, function (req, res) { + if (!SQL_FIND_TOKEN.get(req.user.user_id)) + mail_verification_token(req.user, SQL_CREATE_TOKEN.get(req.user.user_id)) + res.redirect("/account/mail/verify") }) -app.post("/verify-mail", must_be_logged_in, function (req, res) { +app.post("/account/mail/verify", must_be_logged_in, function (req, res) { if (SQL_VERIFY_TOKEN.get(req.user.user_id, req.body.token)) { SQL_UPDATE_USER_VERIFIED.run(1, req.user.user_id) res.redirect("/profile") } else { - create_and_mail_verification_token(req.user) - res.render("verify_mail.pug", { user: req.user, flash: "Invalid or expired token!" }) + var sent_token = SQL_FIND_TOKEN.get(req.user.user_id) + res.render("account_mail_verify.pug", { sent_token, flash: "Invalid or expired token!" }) } }) -app.get("/forgot-password", function (req, res) { +app.get("/account/forgot-password", function (req, res) { if (req.user) return res.redirect("/") - res.render("forgot_password.pug") + res.render("account_forgot_password.pug") }) -app.post("/forgot-password", must_pass_altcha, function (req, res) { +app.post("/account/forgot-password", must_pass_altcha, function (req, res) { let mail = req.body.mail let user = SQL_SELECT_LOGIN_BY_MAIL.get(mail) if (user) { - let token = SQL_FIND_TOKEN.get(user.user_id) - if (!token) { - token = SQL_CREATE_TOKEN.get(user.user_id) - mail_password_reset_token(user, token) - } - return res.redirect("/reset-password/" + mail) + var token = SQL_CREATE_TOKEN.get(user.user_id) + mail_password_reset_token(user, token) + return res.redirect("/account/reset-password?mail=" + mail) } - res.render("forgot_password.pug", { flash: "User not found." }) + res.render("account_forgot_password.pug", { flash: "User not found." }) }) -app.get("/reset-password", function (req, res) { +app.get("/account/reset-password", function (req, res) { if (req.user) return res.redirect("/") - res.render("reset_password.pug", { mail: "", token: "" }) + var mail = req.query.mail + var token = req.query.token + res.render("account_reset_password.pug", { mail, token }) }) -app.get("/reset-password/:mail", function (req, res) { - if (req.user) - return res.redirect("/") - let mail = req.params.mail - res.render("reset_password.pug", { mail: mail, token: "" }) -}) - -app.get("/reset-password/:mail/:token", function (req, res) { - if (req.user) - return res.redirect("/") - let mail = req.params.mail - let token = req.params.token - res.render("reset_password.pug", { mail: mail, token: token }) -}) - -app.post("/reset-password", must_pass_altcha, function (req, res) { +app.post("/account/reset-password", must_pass_altcha, function (req, res) { let mail = req.body.mail let token = req.body.token let password = req.body.password function err(msg) { - res.render("reset_password.pug", { mail: mail, token: token, flash: msg }) + res.render("account_reset_password.pug", { mail: mail, token: token, flash: msg }) } let user = SQL_SELECT_LOGIN_BY_MAIL.get(mail) if (!user) return err("User not found.") - if (password.length < 4) - return err("Password is too short!") - if (password.length > 100) - return err("Password is too long!") + if (!is_valid_password(password)) + return err("New password is invalid!") if (!SQL_VERIFY_TOKEN.get(user.user_id, token)) return err("Invalid or expired token!") let salt = crypto.randomBytes(32).toString("hex") @@ -692,22 +685,19 @@ app.post("/reset-password", must_pass_altcha, function (req, res) { return res.redirect("/profile") }) -app.get("/change-password", must_be_logged_in, function (req, res) { - res.render("change_password.pug", { user: req.user }) +app.get("/account/change-password", must_be_logged_in, function (req, res) { + res.render("account_change_password.pug") }) -app.post("/change-password", must_be_logged_in, function (req, res) { +app.post("/account/change-password", must_be_logged_in, function (req, res) { let oldpass = req.body.password let newpass = req.body.newpass // Get full user record including password and salt let user = SQL_SELECT_LOGIN.get(req.user.user_id) - if (newpass.length < 4) - return res.render("change_password.pug", { user: req.user, flash: "Password is too short!" }) - if (newpass.length > 100) - return res.render("change_password.pug", { user: req.user, flash: "Password is too long!" }) - let oldhash = hash_password(oldpass, user.salt) - if (oldhash !== user.password) - return res.render("change_password.pug", { user: req.user, flash: "Wrong password!" }) + if (!is_valid_password(newpass)) + return res.render("account_change_password.pug", { flash: "New password is invalid!" }) + if (!verify_password(req.user, oldpass)) + return res.render("account_change_password.pug", { flash: "Wrong password!" }) let salt = crypto.randomBytes(32).toString("hex") let hash = hash_password(newpass, salt) SQL_UPDATE_USER_PASSWORD.run(user.user_id, hash, salt) @@ -726,17 +716,17 @@ function may_delete_account(user_id) { return true } -app.get("/delete-account", must_be_logged_in, function (req, res) { +app.get("/account/delete", must_be_logged_in, function (req, res) { if (!may_delete_account(req.user.user_id)) return res.status(401).send("You may not delete your account while you have unfinished games.") - res.render("delete_account.pug", { user: req.user }) + res.render("account_delete.pug") }) const SQL_SELECT_GAME_ROLE_FOR_DELETED_USER = SQL(` select game_id, role from players where user_id = ? and game_id in (select game_id from games where status <= 1) `) -app.post("/delete-account", must_be_logged_in, function (req, res) { +app.post("/account/delete", must_be_logged_in, function (req, res) { if (!may_delete_account(req.user.user_id)) res.status(401).send("You may not delete your account while you have unfinished games.") @@ -745,7 +735,7 @@ app.post("/delete-account", must_be_logged_in, function (req, res) { let user = SQL_SELECT_LOGIN.get(req.user.user_id) let hash = hash_password(password, user.salt) if (hash !== user.password) - return res.render("delete_account.pug", { user: req.user, flash: "Wrong password!" }) + return res.render("account_delete.pug", { flash: "Wrong password!" }) let list = SQL_SELECT_GAME_ROLE_FOR_DELETED_USER.all(req.user.user_id) for (let item of list) @@ -771,27 +761,27 @@ app.get("/admin/unban-user/:who", must_be_administrator, function (req, res) { * USER PROFILE */ -app.get("/subscribe", must_be_logged_in, function (req, res) { +app.get("/account/mail/subscribe", must_be_logged_in, function (req, res) { SQL_UPDATE_USER_NOTIFY.run(1, req.user.user_id) res.redirect("/profile") }) -app.get("/unsubscribe", must_be_logged_in, function (req, res) { +app.get("/account/mail/unsubscribe", must_be_logged_in, function (req, res) { SQL_UPDATE_USER_NOTIFY.run(0, req.user.user_id) res.redirect("/profile") }) -app.get("/webhook", must_be_logged_in, function (req, res) { +app.get("/account/webhook", must_be_logged_in, function (req, res) { let webhook = SQL_SELECT_WEBHOOK.get(req.user.user_id) - res.render("webhook.pug", { user: req.user, webhook: webhook }) + res.render("account_webhook.pug", { webhook: webhook }) }) -app.post("/api/webhook/delete", must_be_logged_in, function (req, res) { +app.post("/account/webhook/delete", must_be_logged_in, function (req, res) { SQL_DELETE_WEBHOOK.run(req.user.user_id) - res.redirect("/webhook") + res.redirect("/account/webhook") }) -app.post("/api/webhook/update", must_be_logged_in, function (req, res) { +app.post("/account/webhook/update", must_be_logged_in, function (req, res) { let url = req.body.url let prefix = req.body.prefix let format = req.body.format @@ -799,45 +789,50 @@ app.post("/api/webhook/update", must_be_logged_in, function (req, res) { const webhook = SQL_SELECT_WEBHOOK_SEND.get(req.user.user_id) if (webhook) send_webhook(req.user.user_id, webhook, "Test message!", 0) - res.setHeader("refresh", "3; url=/webhook") + res.setHeader("refresh", "3; url=/account/webhook") res.send("Testing Webhook. Please wait...") }) -app.get("/change-name", must_be_logged_in, function (req, res) { - res.render("change_name.pug", { user: req.user }) +app.get("/account/change-name", must_be_logged_in, function (req, res) { + res.render("account_change_name.pug") }) -app.post("/change-name", must_be_logged_in, function (req, res) { +app.post("/account/change-name", must_be_logged_in, function (req, res) { let newname = clean_user_name(req.body.newname) if (!is_valid_user_name(newname)) - return res.render("change_name.pug", { user: req.user, flash: "Invalid user name!" }) + return res.render("account_change_name.pug", { flash: "Invalid user name!" }) if (SQL_EXISTS_USER_NAME.get(newname)) - return res.render("change_name.pug", { user: req.user, flash: "That name is already taken!" }) + return res.render("account_change_name.pug", { flash: "That name is already taken!" }) + if (!verify_password(req.user, req.body.password)) + return res.render("account_change_name.pug", { flash: "Wrong password!" }) SQL_UPDATE_USER_NAME.run(newname, req.user.user_id) return res.redirect("/profile") }) -app.get("/change-mail", must_be_logged_in, function (req, res) { - res.render("change_mail.pug", { user: req.user }) +app.get("/account/change-mail", must_be_logged_in, function (req, res) { + res.render("account_change_mail.pug") }) -app.post("/change-mail", must_be_logged_in, function (req, res) { +app.post("/account/change-mail", must_be_logged_in, function (req, res) { let newmail = req.body.newmail if (!is_valid_email(newmail) || is_forbidden_mail(newmail)) - return res.render("change_mail.pug", { user: req.user, flash: "Invalid mail address!" }) + return res.render("account_change_mail.pug", { flash: "Invalid mail address!" }) if (SQL_EXISTS_USER_MAIL.get(newmail)) - return res.render("change_mail.pug", { user: req.user, flash: "That mail address is already taken!" }) + return res.render("account_change_mail.pug", { flash: "That mail address is already taken!" }) + if (!verify_password(req.user, req.body.password)) + return res.render("account_change_mail.pug", { flash: "Wrong password!" }) SQL_UPDATE_USER_MAIL.run(newmail, req.user.user_id) SQL_UPDATE_USER_VERIFIED.run(0, req.user.user_id) + SQL_UPDATE_USER_NOTIFY.run(0, req.user.user_id) return res.redirect("/profile") }) -app.get("/change-about", must_be_logged_in, function (req, res) { - let about = SQL_SELECT_USER_PROFILE.get(req.user.name).about - res.render("change_about.pug", { user: req.user, about: about || "" }) +app.get("/account/change-about", must_be_logged_in, function (req, res) { + let about = SQL_SELECT_USER_ABOUT.get(req.user.user_id) + res.render("account_change_about.pug", { about }) }) -app.post("/change-about", must_be_logged_in, function (req, res) { +app.post("/account/change-about", must_be_logged_in, function (req, res) { SQL_UPDATE_USER_ABOUT.run(req.user.user_id, req.body.about) return res.redirect("/profile") }) @@ -916,13 +911,13 @@ app.get("/contacts/search", must_be_logged_in, function (req, res) { if (!q.includes("%")) q = "%" + q + "%" let results = SQL_SELECT_USER_BY_SEARCH.all(q) - res.render("search_user.pug", { + res.render("contacts_search.pug", { user: req.user, search: req.query.q, results }) } else { - res.render("search_user.pug", { + res.render("contacts_search.pug", { user: req.user, search: null, results: null, @@ -1255,7 +1250,7 @@ app.get("/forum/search", must_be_logged_in, function (req, res) { results = FORUM_SEARCH.all('"' + search.replaceAll('"', '""') + '"') } } - res.render("forum_search.pug", { user: req.user, search, results }) + res.render("forum_search.pug", { search, results }) }) /* @@ -1694,10 +1689,14 @@ function annotate_games(list, user_id, unread, unseen) { } app.get("/profile", must_be_logged_in, function (req, res) { - req.user.notify = SQL_SELECT_USER_NOTIFY.get(req.user.user_id) - req.user.is_verified = SQL_SELECT_USER_VERIFIED.get(req.user.user_id) - req.user.webhook = SQL_SELECT_WEBHOOK.get(req.user.user_id) - res.render("profile.pug", { user: req.user }) + var who = SQL_SELECT_USER_PROFILE.get(req.user.name) + var mail = { + notify: SQL_SELECT_USER_NOTIFY.get(req.user.user_id), + is_verified: SQL_SELECT_USER_VERIFIED.get(req.user.user_id) + } + var webhook = SQL_SELECT_WEBHOOK.get(req.user.user_id) + var ratings = SQL_USER_RATINGS.all(req.user.user_id) + res.render("profile.pug", { who, mail, webhook, ratings }) }) app.get("/games", function (_req, res) { @@ -1725,7 +1724,7 @@ app.get("/games/active", must_be_logged_in, function (req, res) { let active_pools = TM_POOL_LIST_USER_ACTIVE.all(user_id) let finished_pools = TM_POOL_LIST_USER_RECENT_FINISHED.all(user_id) - res.render("games_active.pug", { user: req.user, who: req.user, games, seeds, active_pools, finished_pools }) + res.render("games_active.pug", { who: req.user, games, seeds, active_pools, finished_pools }) }) app.get("/tm/active", must_be_logged_in, function (req, res) { @@ -1733,7 +1732,7 @@ app.get("/tm/active", must_be_logged_in, function (req, res) { let seeds = TM_SEED_LIST_USER.all(user_id) let active_pools = TM_POOL_LIST_USER_ACTIVE.all(user_id) let finished_pools = TM_POOL_LIST_USER_RECENT_FINISHED.all(user_id) - res.render("tm_active.pug", { user: req.user, who: req.user, seeds, active_pools, finished_pools }) + res.render("tm_active.pug", { who: req.user, seeds, active_pools, finished_pools }) }) app.get("/games/finished", must_be_logged_in, function (req, res) { @@ -1741,12 +1740,12 @@ app.get("/games/finished", must_be_logged_in, function (req, res) { let unread = SQL_SELECT_UNREAD_CHAT_GAMES.all(req.user.user_id) let unseen = SQL_SELECT_UNSEEN_GAME_LIST.all(req.user.user_id) annotate_games(games, req.user.user_id, unread, unseen) - res.render("games_finished.pug", { user: req.user, who: req.user, games }) + res.render("games_finished.pug", { who: req.user, games }) }) app.get("/tm/finished", must_be_logged_in, function (req, res) { let pools = TM_POOL_LIST_USER_ALL_FINISHED.all(req.user.user_id) - res.render("tm_finished.pug", { user: req.user, who: req.user, pools }) + res.render("tm_finished.pug", { who: req.user, pools }) }) app.get("/games/finished/:who_name", function (req, res) { @@ -1754,7 +1753,7 @@ app.get("/games/finished/:who_name", function (req, res) { if (who) { let games = QUERY_LIST_FINISHED_GAMES_OF_USER.all({ user_id: who.user_id }) annotate_games(games, 0, null, null) - res.render("games_finished.pug", { user: req.user, who, games }) + res.render("games_finished.pug", { who, games }) } else { return res.status(404).send("Invalid user name.") } @@ -1764,7 +1763,7 @@ app.get("/tm/finished/:who_name", function (req, res) { let who = SQL_SELECT_USER_BY_NAME.get(req.params.who_name) if (who) { let pools = TM_POOL_LIST_USER_ALL_FINISHED.all(who.user_id) - res.render("tm_finished.pug", { user: req.user, who, pools }) + res.render("tm_finished.pug", { who, pools }) } else { return res.status(404).send("Invalid user name.") } @@ -1826,7 +1825,7 @@ function get_title_page(req, res, title_id) { let active_pools = TM_POOL_LIST_TITLE_ACTIVE.all(title_id) let finished_pools = TM_POOL_LIST_TITLE_FINISHED.all(title_id) - res.render("info.pug", { + res.render("title.pug", { user: req.user, title: title, open_games, @@ -1847,7 +1846,7 @@ app.get("/create/:title_id", function (req, res) { let title = TITLE_TABLE[title_id] if (!title) return res.status(404).send("Invalid title.") - res.render("create.pug", { + res.render("create_title.pug", { user: req.user, title: title, limit: req.user ? check_create_game_limit(req.user) : null, @@ -2479,7 +2478,7 @@ function mail_password_reset_token(user, token) { let subject = "Password reset request" let body = "Your password reset token is: " + token + "\n\n" + - SITE_URL + "/reset-password/" + user.mail + "/" + token + "\n" + SITE_URL + "/account/reset-password?mail=" + user.mail + "&token=" + token + "\n" console.log("SENT MAIL:", mail_addr(user), subject) mailer.sendMail({ from: MAIL_FROM, to: mail_addr(user), subject: subject, text: body }, mail_callback) } @@ -2490,7 +2489,7 @@ function mail_verification_token(user, token) { let subject = "Verify mail address" let body = "Your mail verification token is: " + token + "\n\n" + - SITE_URL + "/verify-mail/" + token + "\n" + SITE_URL + "/account/mail/verify?token=" + token + "\n" console.log("SENT MAIL:", mail_addr(user), subject) mailer.sendMail({ from: MAIL_FROM, to: mail_addr(user), subject: subject, text: body }, mail_callback) } @@ -3159,7 +3158,7 @@ const TM_SELECT_SEED_READY_MINI_CUP = SQL(` app.get("/tm/list", function (req, res) { let seeds = TM_SEED_LIST_ALL.all(req.user ? req.user.user_id : 0) - res.render("tm_list.pug", { user: req.user, seeds }) + res.render("tm_list.pug", { seeds }) }) app.get("/tm/seed/:seed_name", function (req, res) { @@ -3188,7 +3187,7 @@ app.get("/tm/seed/:seed_name", function (req, res) { may_register = true } - res.render("tm_seed.pug", { user: req.user, error, may_register, seed, queues, active_pools, finished_pools }) + res.render("tm_seed.pug", { error, may_register, seed, queues, active_pools, finished_pools }) }) app.get("/tm/pool/:pool_name", function (req, res) { @@ -3206,10 +3205,10 @@ app.get("/tm/pool/:pool_name", function (req, res) { players = TM_SELECT_PLAYERS_MP.all(pool_id) let games = TM_SELECT_GAMES.all(pool_id) let games_by_round = object_group_by(games, "round") - res.render("tm_pool.pug", { user: req.user, seed, pool, roles, players, games, games_by_round }) + res.render("tm_pool.pug", { seed, pool, roles, players, games, games_by_round }) }) -app.post("/api/tm/register/:seed_id/:level", must_be_logged_in, function (req, res) { +app.post("/tm/register/:seed_id/:level", must_be_logged_in, function (req, res) { let seed_id = req.params.seed_id | 0 let level = req.params.level | 0 let user_id = req.user.user_id @@ -3225,7 +3224,7 @@ app.post("/api/tm/register/:seed_id/:level", must_be_logged_in, function (req, r return res.redirect(req.headers.referer) }) -app.post("/api/tm/withdraw/:seed_id/:level", must_be_logged_in, function (req, res) { +app.post("/tm/withdraw/:seed_id/:level", must_be_logged_in, function (req, res) { let seed_id = req.params.seed_id | 0 let level = req.params.level | 0 let user_id = req.user.user_id @@ -3233,7 +3232,7 @@ app.post("/api/tm/withdraw/:seed_id/:level", must_be_logged_in, function (req, r return res.redirect(req.headers.referer) }) -app.post("/api/tm/start/:seed_id/:level", must_be_administrator, function (req, res) { +app.post("/tm/start/:seed_id/:level", must_be_administrator, function (req, res) { let seed_id = req.params.seed_id | 0 let level = req.params.level | 0 start_tournament_seed(seed_id, level) @@ -4240,23 +4239,23 @@ const SQL_GAME_RATINGS = SQL(` limit 50 `) -app.get("/user-stats/:who_name", must_be_administrator, function (req, res) { +app.get("/stats/user/:who_name", must_be_administrator, function (req, res) { let who = SQL_SELECT_USER_BY_NAME.get(req.params.who_name) if (who) { let stats = SQL_USER_STATS.all(who.user_id, who.user_id) let ratings = SQL_USER_RATINGS.all(who.user_id) - res.render("user_stats.pug", { user: req.user, who, stats, ratings }) + res.render("stats_user.pug", { who, stats, ratings }) } else { return res.status(404).send("Invalid user name.") } }) -app.get("/game-stats/:title_id", must_be_administrator, function (req, res) { +app.get("/stats/title/:title_id", must_be_administrator, function (req, res) { let title_id = req.params.title_id if (title_id in TITLE_TABLE) { let title_name = TITLE_NAME[title_id] let ratings = SQL_GAME_RATINGS.all(title_id) - res.render("game_stats.pug", { user: req.user, title_name, ratings }) + res.render("stats_title.pug", { title_name, ratings }) } else { return res.status(404).send("Invalid title.") } diff --git a/views/account_change_about.pug b/views/account_change_about.pug new file mode 100644 index 0000000..7a0531e --- /dev/null +++ b/views/account_change_about.pug @@ -0,0 +1,27 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Change profile text + style. + input, textarea { width: min(45rem,100%) } + body + include header + article + h1 Change profile text + form(method="post") + p Name: #{user.name} + p Mail: #{user.mail} + p + textarea( + name="about" + rows=20 + cols=80 + maxlength=32000 + autofocus + ) + | + | #{about} + p + button(type="submit") Submit diff --git a/views/account_change_mail.pug b/views/account_change_mail.pug new file mode 100644 index 0000000..4d0605a --- /dev/null +++ b/views/account_change_mail.pug @@ -0,0 +1,26 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Change mail address + body + include header + article + h1 Change mail address + if flash + p.error= flash + + form(method="post") + p Name: #{user.name} + p Mail: #{user.mail} + p + label New mail address: + br + input(type="text" name="newmail" required) + p + label Password: + br + input(type="password" name="password" required) + p + button(type="submit") Change mail diff --git a/views/account_change_name.pug b/views/account_change_name.pug new file mode 100644 index 0000000..b1845ab --- /dev/null +++ b/views/account_change_name.pug @@ -0,0 +1,26 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Change name + body + include header + article + h1 Change name + if flash + p.error= flash + + form(method="post") + p Name: #{user.name} + p Mail: #{user.mail} + p + label New name: + br + input(type="text" name="newname" required) + p + label Password: + br + input(type="password" name="password" required) + p + button(type="submit") Change name diff --git a/views/account_change_password.pug b/views/account_change_password.pug new file mode 100644 index 0000000..ca8e973 --- /dev/null +++ b/views/account_change_password.pug @@ -0,0 +1,26 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Change password + body + include header + article + h1 Change password + if flash + p.error= flash + + form(method="post") + p Name: #{user.name} + p Mail: #{user.mail} + p + label Old Password: + br + input(type="password" name="password" required) + p + label New Password: + br + input(type="password" name="newpass" required) + p + button(type="submit") Change password diff --git a/views/account_delete.pug b/views/account_delete.pug new file mode 100644 index 0000000..54c3bc4 --- /dev/null +++ b/views/account_delete.pug @@ -0,0 +1,28 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Delete account + body + include header + article + h1 Delete account + if flash + p.error= flash + + form(method="post") + p Name: #{user.name} + p Mail: #{user.mail} + p + label Password: + br + input(type="password" name="password" required) + p + label Type DELETE to confirm: + br + input(type="text" name="confirm" pattern="^DELETE$" required) + p.warning WARNING: Deleting your account is permanent! + p All your games and messages will be lost forever. + p + button(type="submit") Delete! diff --git a/views/account_forgot_password.pug b/views/account_forgot_password.pug new file mode 100644 index 0000000..0913857 --- /dev/null +++ b/views/account_forgot_password.pug @@ -0,0 +1,25 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Forgot password + +altcha_script() + body + include header + article + h1 Forgot password + if flash + p.error= flash + + if user + p You're already logged in! + else + form(method="post") + p + label Mail: + br + input(type="email" name="mail" required) + +altcha_widget() + p + button(type="submit") Forgot password diff --git a/views/account_mail_verify.pug b/views/account_mail_verify.pug new file mode 100644 index 0000000..fddf2fa --- /dev/null +++ b/views/account_mail_verify.pug @@ -0,0 +1,32 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Verify mail + body + include header + article + h1 Verify mail + if flash + p.error= flash + + p Your mail address is #{user.mail} + + p If the above address is wrong, you can change it! + + if sent_token + p Your token is in the mail! + else + form(method="post" action="/account/mail/verify-send") + p + button(type="submit") Send token + + form(method="post") + p + label Enter your mail verification token here: + br + input(type="text" name="token" size=32 value=token style="font-family:monospace" required) + p + button(type="submit") Verify + diff --git a/views/account_reset_password.pug b/views/account_reset_password.pug new file mode 100644 index 0000000..8707ebc --- /dev/null +++ b/views/account_reset_password.pug @@ -0,0 +1,31 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Reset password + body + include header + article + h1 Reset password + if flash + p.error= flash + + p You should have received a password reset token in your mail. + + form(method="post") + p + label Mail: + br + input(type="email" name="mail" size=32 value=mail required) + p + label New Password: + br + input(type="password" name="password" size=32 required) + p + label Token: + br + input(type="text" name="token" size=32 value=token style="font-family:monospace" required) + +altcha_widget() + p + button(type="submit") Reset password diff --git a/views/account_webhook.pug b/views/account_webhook.pug new file mode 100644 index 0000000..b9817ef --- /dev/null +++ b/views/account_webhook.pug @@ -0,0 +1,68 @@ +//- vim:ts=4:sw=4: +doctype html +html(lang="en") + head + include head + title Webhook + body + include header + article + + h1 Webhook + + - var url = webhook && webhook.url || "" + - var format = webhook && webhook.format || "" + - var prefix = webhook && webhook.prefix || "" + + form(action="/account/webhook/update" method="post") + if webhook && webhook.error + p.error ERROR: #{webhook.error} + p Webhook URL: + br + input#url(type="text" name="url" size=120 placeholder="https://discord.com/api/webhooks/..." value=url required) + p Webhook format: + br + input#format(type="text" name="format" size=40 placeholder="content" value=format) + + p Message prefix: + br + input#prefix(type="text" name="prefix" size=40 placeholder="<@123456789>" value=prefix) + + if webhook + button(type="submit") Update + else + button(type="submit") Create + + if webhook + form(action="/account/webhook/delete" method="post") + button(type="submit") Delete + + h2 Discord Notifications + + p You can send notifications to a given channel on a Discord server. + + ol + li Create your own server or use an existing server where you have administrator privileges. + li Get the webhook URL for the Discord channel and enter it into the Webhook URL field. + li Enter "content" into the Webhook format field. + li Find your Discord User ID. This is not your username, it is a number. + li Enter your Discord User ID into the Message prefix field as "<@12345>". + + h2 Slack Notifications + + p You can send notifications to a Slack workspace. + + ol + li Join or set up a Slack workspace with a webhook integration. + li Find the Webhook URL and enter it into the Webhook URL field. + li Enter "text" into the Webhook format field. + li Find your Slack User ID. This is a number with "U" in front of it. + li Enter your Slack User ID into the Message prefix field as "<@U12345>". + + h2 Custom Notifications + + p. + You can integrate with any server that accepts inbound webhooks by setting the webhook URL to the appropriate endpoint. + If the format field is blank, the payload is sent as plain text. + Otherwise, the payload is a JSON object where the format field specifies which JSON property holds the message. + Use "content" for Discord and "text" for Slack. diff --git a/views/change_about.pug b/views/change_about.pug deleted file mode 100644 index b5e2c84..0000000 --- a/views/change_about.pug +++ /dev/null @@ -1,27 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Change profile text - style. - input, textarea { width: min(45rem,100%) } - body - include header - article - h1 Change profile text - form(method="post" action="/change-about") - p Name: #{user.name} - p Mail: #{user.mail} - p - textarea( - name="about" - rows=20 - cols=80 - maxlength=32000 - autofocus - ) - | - | #{about} - p - button(type="submit") Submit diff --git a/views/change_mail.pug b/views/change_mail.pug deleted file mode 100644 index d244e98..0000000 --- a/views/change_mail.pug +++ /dev/null @@ -1,22 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Change mail address - body - include header - article - h1 Change mail address - if flash - p.error= flash - - form(method="post" action="/change-mail") - p Name: #{user.name} - p Mail: #{user.mail} - p - label New mail address: - br - input(type="text" name="newmail" required) - p - button(type="submit") Change mail diff --git a/views/change_name.pug b/views/change_name.pug deleted file mode 100644 index 03763ac..0000000 --- a/views/change_name.pug +++ /dev/null @@ -1,22 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Change name - body - include header - article - h1 Change name - if flash - p.error= flash - - form(method="post" action="/change-name") - p Name: #{user.name} - p Mail: #{user.mail} - p - label New name: - br - input(type="text" name="newname" required) - p - button(type="submit") Change name diff --git a/views/change_password.pug b/views/change_password.pug deleted file mode 100644 index 022a67c..0000000 --- a/views/change_password.pug +++ /dev/null @@ -1,26 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Change password - body - include header - article - h1 Change password - if flash - p.error= flash - - form(method="post" action="/change-password") - p Name: #{user.name} - p Mail: #{user.mail} - p - label Old Password: - br - input(type="password" name="password" required) - p - label New Password: - br - input(type="password" name="newpass" required) - p - button(type="submit") Change password diff --git a/views/contacts_search.pug b/views/contacts_search.pug new file mode 100644 index 0000000..308cc41 --- /dev/null +++ b/views/contacts_search.pug @@ -0,0 +1,31 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title User Search Results + body + include header + article + + h1 User Search Results + + if results && search + if results.length > 0 + table.half.striped + thead + tr + th Name + th Last seen + tbody + each who in results + tr + td + a.black(href="/user/"+who.name)= who.name + td.w= human_date(who.atime) + else + p.error Nobody found matching "#{search}". + + p + form(method="get" action="/contacts/search") + input(type="text" name="q" size=40 placeholder="Find user..." value=search required) diff --git a/views/create-index.pug b/views/create-index.pug deleted file mode 100644 index c508be7..0000000 --- a/views/create-index.pug +++ /dev/null @@ -1,16 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Create game - body - include header - article - h1 Create a new game - - ul - each title in TITLE_LIST - unless title.is_hidden - li - a(href="/create/"+title.title_id)= title.title_name diff --git a/views/create.pug b/views/create.pug deleted file mode 100644 index c4c5c2a..0000000 --- a/views/create.pug +++ /dev/null @@ -1,83 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title= title.title_name - body - include header - article - - h1= title.title_name - - div.logo - +gamecover(title.title_id) - - if limit - p.error= limit - if !user - p.error You are not logged in! - - form(method="post" action="/create/"+title.title_id) - if Array.isArray(rules.scenarios) - if rules.scenarios.length > 1 - p Scenario: - br - select(name="scenario") - each scenario in rules.scenarios - if scenario === rules.default_scenario - option(value=scenario selected)= scenario - else - option(value=scenario)= scenario - else - input(type="hidden" name="scenario" value=rules.scenarios[0]) - else - p Scenario: - br - select(name="scenario") - each list, name in rules.scenarios - if name === "" - each scenario in list - if scenario === rules.default_scenario - option(value=scenario selected)= scenario - else - option(value=scenario)= scenario - else - optgroup(label=name) - each scenario in list - if scenario === rules.default_scenario - option(value=scenario selected)= scenario - else - option(value=scenario)= scenario - - | !{ title.create_html } - - if user - p Notice: - br - input(type="text" autocomplete="off" name="notice" size=45 placeholder="What are you looking for?") - - p Pace: - each text, pace in PACE_TEXT - br - label - input(type="radio" name="pace" value=pace checked=pace===0) - | #{PACE_ICON[pace]} #{text} - - p - label - input(type="checkbox" name="is_random" value="true") - | Random player roles - - p - label - input(type="checkbox" name="is_private" value="true") - | Private - - if !limit - p - button(type="submit") Create - - else - p Login or sign up to play. - diff --git a/views/create_index.pug b/views/create_index.pug new file mode 100644 index 0000000..c508be7 --- /dev/null +++ b/views/create_index.pug @@ -0,0 +1,16 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title Create game + body + include header + article + h1 Create a new game + + ul + each title in TITLE_LIST + unless title.is_hidden + li + a(href="/create/"+title.title_id)= title.title_name diff --git a/views/create_title.pug b/views/create_title.pug new file mode 100644 index 0000000..c4c5c2a --- /dev/null +++ b/views/create_title.pug @@ -0,0 +1,83 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title= title.title_name + body + include header + article + + h1= title.title_name + + div.logo + +gamecover(title.title_id) + + if limit + p.error= limit + if !user + p.error You are not logged in! + + form(method="post" action="/create/"+title.title_id) + if Array.isArray(rules.scenarios) + if rules.scenarios.length > 1 + p Scenario: + br + select(name="scenario") + each scenario in rules.scenarios + if scenario === rules.default_scenario + option(value=scenario selected)= scenario + else + option(value=scenario)= scenario + else + input(type="hidden" name="scenario" value=rules.scenarios[0]) + else + p Scenario: + br + select(name="scenario") + each list, name in rules.scenarios + if name === "" + each scenario in list + if scenario === rules.default_scenario + option(value=scenario selected)= scenario + else + option(value=scenario)= scenario + else + optgroup(label=name) + each scenario in list + if scenario === rules.default_scenario + option(value=scenario selected)= scenario + else + option(value=scenario)= scenario + + | !{ title.create_html } + + if user + p Notice: + br + input(type="text" autocomplete="off" name="notice" size=45 placeholder="What are you looking for?") + + p Pace: + each text, pace in PACE_TEXT + br + label + input(type="radio" name="pace" value=pace checked=pace===0) + | #{PACE_ICON[pace]} #{text} + + p + label + input(type="checkbox" name="is_random" value="true") + | Random player roles + + p + label + input(type="checkbox" name="is_private" value="true") + | Private + + if !limit + p + button(type="submit") Create + + else + p Login or sign up to play. + diff --git a/views/delete_account.pug b/views/delete_account.pug deleted file mode 100644 index e16e1b6..0000000 --- a/views/delete_account.pug +++ /dev/null @@ -1,28 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Delete account - body - include header - article - h1 Delete account - if flash - p.error= flash - - form(method="post" action="/delete-account") - p Name: #{user.name} - p Mail: #{user.mail} - p - label Password: - br - input(type="password" name="password" required) - p - label Type DELETE to confirm: - br - input(type="text" name="confirm" pattern="^DELETE$" required) - p.warning WARNING: Deleting your account is permanent! - p All your games and messages will be lost forever. - p - button(type="submit") Delete! diff --git a/views/forgot_password.pug b/views/forgot_password.pug deleted file mode 100644 index 935cae1..0000000 --- a/views/forgot_password.pug +++ /dev/null @@ -1,25 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Forgot password - +altcha_script() - body - include header - article - h1 Forgot password - if flash - p.error= flash - - if user - p You're already logged in! - else - form(method="post" action="/forgot-password") - p - label Mail: - br - input(type="email" name="mail" required) - +altcha_widget() - p - button(type="submit") Forgot password diff --git a/views/game_stats.pug b/views/game_stats.pug deleted file mode 100644 index 692c30b..0000000 --- a/views/game_stats.pug +++ /dev/null @@ -1,25 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title #{title_name} - Ranking - body - include header - article - h1 #{title_name} - Ranking - - table.striped - thead - tr - th Player - th.r Rating - th.r Plays - th.r Last played - tbody - each row in ratings - tr - td= row.name - td.r= row.rating - td.r= row.count - td.r= row.last diff --git a/views/head.pug b/views/head.pug index eec1299..da73d4e 100644 --- a/views/head.pug +++ b/views/head.pug @@ -212,3 +212,36 @@ mixin tourlist(seeds, pools, fin) +poollist(pools, "Active", TM_ICON_ACTIVE) div +poollist(fin, "Finished", TM_ICON_FINISHED) + +mixin userstats(who, ratings) + if (who.move_time_mean !== null) + h3 Response time + div Average response time: #{format_minutes(who.move_time_mean)} + if (who.move_time_q2 !== null) + div Median response time: #{format_minutes(who.move_time_q2)} + if (who.move_time_q1 !== null && who.move_time_q2 !== null) + div Middle half of response times: #{format_minutes(who.move_time_q1)} to #{format_minutes(who.move_time_q3)} + + h3 Timeouts + div Total number of timeouts: #{who.timeout_total} + div Games completed since last timeout: #{who.games_since_timeout} + + if ratings.length > 0 + h3 Most played games + table + thead + tr + th Title + th Count + th Last played + if user && user.user_id === 1 + th Elo + tbody + each row in ratings + tr + td + a.black(href="/" + row.title_id)= row.title_name + td.r= row.count + td.r= row.last + if user && user.user_id === 1 + td.r= row.rating diff --git a/views/info.pug b/views/info.pug deleted file mode 100644 index 32837e9..0000000 --- a/views/info.pug +++ /dev/null @@ -1,41 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - +social(title.title_name, "Play " + title.title_name + " on the web.", title.title_id) - title= title.title_name - body - include header - article - h1= title.title_name - - div.logo - +gamecover(title.title_id) - - | !{ title.about_html } - - p Read more about the game on #[a(href="https://boardgamegeek.com/boardgame/"+title.bgg) boardgamegeek.com]. - - h2 Open - if open_games.length > 0 - +gamelist(open_games, true) - else - p No open games right now. - - p - a(href="/create/"+title.title_id) Create a new game - - if replacement_games.length > 0 - h2 Open (missing players) - +gamelist(replacement_games, true) - - +tourlist(seeds, active_pools, finished_pools) - - if active_games.length > 0 - h2 Recently active - +gamelist(active_games, true) - - if finished_games.length > 0 - h2 Recently finished - +gamelist(finished_games, true) diff --git a/views/login.pug b/views/login.pug index 9a44b44..ec8be48 100644 --- a/views/login.pug +++ b/views/login.pug @@ -19,7 +19,7 @@ html p You need to be logged in to view this page! p Log in below, or sign up for a free account. - form(method="post" action="/login") + form(method="post") input(type="hidden" name="redirect" value=redirect) p label Name or mail: @@ -33,4 +33,4 @@ html p button(type="submit") Login p - a(href="/forgot-password") Forgot password + a(href="/account/forgot-password") Forgot password diff --git a/views/profile.pug b/views/profile.pug index 4ecf289..fc9a1d3 100644 --- a/views/profile.pug +++ b/views/profile.pug @@ -7,43 +7,60 @@ html body include header article - h1= SITE_NAME + h1 Profile p Welcome, #{user.name}! + + if who.about + p.box= who.about + + p Member since #{human_date(who.ctime)}. + + +userstats(who, ratings) + + h3 Notifications + p Your mail address is #{user.mail} if ENABLE_MAIL - if !user.is_verified - p ⚠ Verify your mail address! + if !mail.is_verified + p ⚠ Verify your mail address! p You must verify your mail address before you can enable notifications. else - if !user.notify - p Enable mail notifications - if user.notify - p Disable mail notifications + if !mail.notify + p Enable mail notifications + if mail.notify + p Disable mail notifications + else + p.error Mail notifications are disabled on this server. + + if ENABLE_WEBHOOKS + if !webhook + p Configure webhook + else if webhook.error + dl + dt Configure webhook + dd.error ERROR: #{webhook.error} + else + dl + dt Configure webhook + dd= new URL(webhook.url).hostname + else + p.error Webhook notifications are disabled on this server. + + h3 Account p - | Change password + | Change password br - | Change mail address + | Change mail address br - | Change user name + | Change user name br - | Change profile text - br - | Delete account + | Change profile text - if ENABLE_WEBHOOKS - if !user.webhook - p Configure webhook - else if user.webhook.error - dl - dt Configure webhook - dd.error ERROR: #{user.webhook.error} - else - dl - dt Configure webhook - dd= new URL(user.webhook.url).hostname + p + | Delete account p form(action="/logout" method="post") diff --git a/views/reset_password.pug b/views/reset_password.pug deleted file mode 100644 index 2fda418..0000000 --- a/views/reset_password.pug +++ /dev/null @@ -1,31 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Reset password - body - include header - article - h1 Reset password - if flash - p.error= flash - - p You should have received a password reset token in your mail. - - form(method="post" action="/reset-password") - p - label Mail: - br - input(type="email" name="mail" size=32 value=mail required) - p - label New Password: - br - input(type="password" name="password" size=32 required) - p - label Token: - br - input(type="text" name="token" size=32 value=token style="font-family:monospace" required) - +altcha_widget() - p - button(type="submit") Reset password diff --git a/views/search_user.pug b/views/search_user.pug deleted file mode 100644 index 308cc41..0000000 --- a/views/search_user.pug +++ /dev/null @@ -1,31 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title User Search Results - body - include header - article - - h1 User Search Results - - if results && search - if results.length > 0 - table.half.striped - thead - tr - th Name - th Last seen - tbody - each who in results - tr - td - a.black(href="/user/"+who.name)= who.name - td.w= human_date(who.atime) - else - p.error Nobody found matching "#{search}". - - p - form(method="get" action="/contacts/search") - input(type="text" name="q" size=40 placeholder="Find user..." value=search required) diff --git a/views/signup.pug b/views/signup.pug index 63b9ab3..5dec458 100644 --- a/views/signup.pug +++ b/views/signup.pug @@ -15,7 +15,7 @@ html if user p You're already logged in! else - form(method="post" action="/signup") + form(method="post") p You need to sign up for a free account to play games on #{SITE_NAME_P} p label Name: diff --git a/views/stats_title.pug b/views/stats_title.pug new file mode 100644 index 0000000..aed6e63 --- /dev/null +++ b/views/stats_title.pug @@ -0,0 +1,25 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + title #{title_name} - Ranking + body + include header + article + h1 #{title_name} - Ranking + + table.striped + thead + tr + th Player + th.r Rating + th.r Plays + th.r Last played + tbody + each row in ratings + tr + td #{row.name} + td.r= row.rating + td.r= row.count + td.r= row.last diff --git a/views/stats_user.pug b/views/stats_user.pug new file mode 100644 index 0000000..3b201ef --- /dev/null +++ b/views/stats_user.pug @@ -0,0 +1,53 @@ +//- vim:ts=4:sw=4: +- let all_won = 0 +- let all_total = 0 +doctype html +html + head + include head + title Statistics for #{who.name} + body + include header + article + h1 Statistics for #{who.name} + + table.striped + thead + tr + th Title + th Scenario + th Role + th.r Played + th.r Won + tbody + each row in stats + tr + - all_won += row.won + - all_total += row.total + td= row.title_name + td= row.scenario + td= row.role + td.r= row.total + td.r= Math.round(row.won*100/row.total) + "%" + tfoot + tr + td Overall + td + td + td.r= all_total + td.r= Math.round(all_won*100/all_total) + "%" + + table.striped + thead + tr + th Title + th.r Rating + th.r Plays + th.r Last played + tbody + each row in ratings + tr + td= row.title_name + td.r= row.rating + td.r= row.count + td.r= row.last diff --git a/views/title.pug b/views/title.pug new file mode 100644 index 0000000..32837e9 --- /dev/null +++ b/views/title.pug @@ -0,0 +1,41 @@ +//- vim:ts=4:sw=4: +doctype html +html + head + include head + +social(title.title_name, "Play " + title.title_name + " on the web.", title.title_id) + title= title.title_name + body + include header + article + h1= title.title_name + + div.logo + +gamecover(title.title_id) + + | !{ title.about_html } + + p Read more about the game on #[a(href="https://boardgamegeek.com/boardgame/"+title.bgg) boardgamegeek.com]. + + h2 Open + if open_games.length > 0 + +gamelist(open_games, true) + else + p No open games right now. + + p + a(href="/create/"+title.title_id) Create a new game + + if replacement_games.length > 0 + h2 Open (missing players) + +gamelist(replacement_games, true) + + +tourlist(seeds, active_pools, finished_pools) + + if active_games.length > 0 + h2 Recently active + +gamelist(active_games, true) + + if finished_games.length > 0 + h2 Recently finished + +gamelist(finished_games, true) diff --git a/views/tm_seed.pug b/views/tm_seed.pug index 45659c5..abf02c1 100644 --- a/views/tm_seed.pug +++ b/views/tm_seed.pug @@ -67,11 +67,11 @@ html if user if queue.find(p => p.user_id === user.user_id) - form(method="post" action="/api/tm/withdraw/" + seed.seed_id + "/" + (ix+1)) + form(method="post" action="/tm/withdraw/" + seed.seed_id + "/" + (ix+1)) button(disabled) Register button(type="submit") Withdraw else if may_register && may_join_seed_level(user.user_id, seed.seed_id, ix+1) - form(method="post" action="/api/tm/register/" + seed.seed_id + "/" + (ix+1)) + form(method="post" action="/tm/register/" + seed.seed_id + "/" + (ix+1)) button(type="submit") Register button(disabled) Withdraw else @@ -81,7 +81,7 @@ html if user.user_id === 1 if queue.length >= seed.pool_size - form(method="post" action="/api/tm/start/" + seed.seed_id + "/" + (ix+1)) + form(method="post" action="/tm/start/" + seed.seed_id + "/" + (ix+1)) button(type="submit") Start else p Login or sign up to register. diff --git a/views/user.pug b/views/user.pug index c3e8925..b5859a2 100644 --- a/views/user.pug +++ b/views/user.pug @@ -24,7 +24,7 @@ html h1= who.name if who.about - p.about= who.about + p.box= who.about p Member since #{human_date(who.ctime)}. p Last seen #{human_date(who.atime)}. @@ -42,37 +42,7 @@ html br a(href="/contacts/add-enemy/"+who.name) Add to blacklist - if (who.move_time_mean !== null) - h3 Response time - div Average response time: #{format_minutes(who.move_time_mean)} - if (who.move_time_q2 !== null) - div Median response time: #{format_minutes(who.move_time_q2)} - if (who.move_time_q1 !== null && who.move_time_q2 !== null) - div Middle half of response times: #{format_minutes(who.move_time_q1)} to #{format_minutes(who.move_time_q3)} - - h3 Timeouts - div Total number of timeouts: #{who.timeout_total} - div Games completed since last timeout: #{who.games_since_timeout} - - if ratings.length > 0 - h3 Most played games - table - thead - tr - th Title - th Count - th Last played - if user && user.user_id === 1 - th Elo - tbody - each row in ratings - tr - td - a.black(href="/" + row.title_id)= row.title_name - td.r= row.count - td.r= row.last - if user && user.user_id === 1 - td.r= row.rating + +userstats(who, ratings) +tourlist(null, active_pools, finished_pools) diff --git a/views/user_stats.pug b/views/user_stats.pug deleted file mode 100644 index 3b201ef..0000000 --- a/views/user_stats.pug +++ /dev/null @@ -1,53 +0,0 @@ -//- vim:ts=4:sw=4: -- let all_won = 0 -- let all_total = 0 -doctype html -html - head - include head - title Statistics for #{who.name} - body - include header - article - h1 Statistics for #{who.name} - - table.striped - thead - tr - th Title - th Scenario - th Role - th.r Played - th.r Won - tbody - each row in stats - tr - - all_won += row.won - - all_total += row.total - td= row.title_name - td= row.scenario - td= row.role - td.r= row.total - td.r= Math.round(row.won*100/row.total) + "%" - tfoot - tr - td Overall - td - td - td.r= all_total - td.r= Math.round(all_won*100/all_total) + "%" - - table.striped - thead - tr - th Title - th.r Rating - th.r Plays - th.r Last played - tbody - each row in ratings - tr - td= row.title_name - td.r= row.rating - td.r= row.count - td.r= row.last diff --git a/views/verify_mail.pug b/views/verify_mail.pug deleted file mode 100644 index 01a2e82..0000000 --- a/views/verify_mail.pug +++ /dev/null @@ -1,21 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html - head - include head - title Verify mail - body - include header - article - h1 Verify mail - if flash - p.error= flash - - form(method="post" action="/verify-mail") - p A token has been sent to #{user.mail}. - p - label Enter the token here: - br - input(type="text" name="token" size=32 value=token style="font-family:monospace" required) - p - button(type="submit") Verify diff --git a/views/webhook.pug b/views/webhook.pug deleted file mode 100644 index 20d20ac..0000000 --- a/views/webhook.pug +++ /dev/null @@ -1,68 +0,0 @@ -//- vim:ts=4:sw=4: -doctype html -html(lang="en") - head - include head - title Webhook - body - include header - article - - h1 Webhook - - - var url = webhook && webhook.url || "" - - var format = webhook && webhook.format || "" - - var prefix = webhook && webhook.prefix || "" - - form(action="/api/webhook/update" method="post") - if webhook && webhook.error - p.error ERROR: #{webhook.error} - p Webhook URL: - br - input#url(type="text" name="url" size=120 placeholder="https://discord.com/api/webhooks/..." value=url required) - p Webhook format: - br - input#format(type="text" name="format" size=40 placeholder="content" value=format) - - p Message prefix: - br - input#prefix(type="text" name="prefix" size=40 placeholder="<@123456789>" value=prefix) - - if webhook - button(type="submit") Update - else - button(type="submit") Create - - if webhook - form(action="/api/webhook/delete" method="post") - button(type="submit") Delete - - h2 Discord Notifications - - p You can send notifications to a given channel on a Discord server. - - ol - li Create your own server or use an existing server where you have administrator privileges. - li Get the webhook URL for the Discord channel and enter it into the Webhook URL field. - li Enter "content" into the Webhook format field. - li Find your Discord User ID. This is not your username, it is a number. - li Enter your Discord User ID into the Message prefix field as "<@12345>". - - h2 Slack Notifications - - p You can send notifications to a Slack workspace. - - ol - li Join or set up a Slack workspace with a webhook integration. - li Find the Webhook URL and enter it into the Webhook URL field. - li Enter "text" into the Webhook format field. - li Find your Slack User ID. This is a number with "U" in front of it. - li Enter your Slack User ID into the Message prefix field as "<@U12345>". - - h2 Custom Notifications - - p. - You can integrate with any server that accepts inbound webhooks by setting the webhook URL to the appropriate endpoint. - If the format field is blank, the payload is sent as plain text. - Otherwise, the payload is a JSON object where the format field specifies which JSON property holds the message. - Use "content" for Discord and "text" for Slack. -- cgit v1.2.3