Commented all the code

src/api/routes/albums/albumDELETE.js

@@ -13,16 +13,22 @@ class albumDELETE extends Route {
 		const { id, purge } = req.params;
 		if (!id) return res.status(400).json({ message: 'Invalid album ID supplied' });
 
-		const album = await db.table('albums').where({
-			id,
-			userId: user.id
-		}).first();
-
+		/*
+			Check fi the album exists
+		*/
+		const album = await db.table('albums').where({ id, userId: user.id }).first();
 		if (!album) return res.status(400).json({ message: 'The file doesn\'t exist or doesn\'t belong to the user' });
+
 		try {
+			/*
+				Should we also delete every file of that album?
+			*/
 			if (purge) {
 				await Util.deleteAllFilesFromAlbum(id);
 			}
+			/*
+				Delete the album
+			*/
 			await db.table('albums').where({ id }).delete();
 			return res.json({ message: 'The album was deleted successfully' });
 		} catch (error) {

src/api/routes/albums/albumGET.js

@@ -12,25 +12,40 @@ class albumGET extends Route {
 		const { identifier } = req.params;
 		if (!identifier) return res.status(400).json({ message: 'Invalid identifier supplied' });
 
-		const link = await db.table('links').where({
-			identifier,
-			enabled: true
-		}).first();
+		/*
+			Make sure it exists and it's enabled
+		*/
+		const link = await db.table('links').where({ identifier, enabled: true }).first();
 		if (!link) return res.status(400).json({ message: 'The identifier supplied could not be found' });
 
+		/*
+			Same with the album, just to make sure is not a deleted album and a leftover link
+		*/
 		const album = await db.table('albums').where('id', link.albumId).first();
 		if (!album) return res.status(400).json({ message: 'Album not found' });
 
-		const fileList = await db.table('albumsFiles').where('albumId', link.albumId);
+		/*
+			Grab the files in a very unoptimized way. (This should be a join between both tables)
+		*/
+		const fileList = await db.table('albumsFiles').where('albumId', link.albumId).select('fileId');
 		const fileIds = fileList.map(el => el.fileId);
 		const files = await db.table('files')
 			.whereIn('id', fileIds)
 			.orderBy('id', 'desc')
 			.select('name');
 
+		/*
+			Create the links for each file
+		*/
 		for (let file of files) {
 			file = Util.constructFilePublicLink(file);
 		}
+
+		/*
+			Add 1 more view to the link
+		*/
+		await db.table('links').where({ identifier }).update('views', Number(link.views) + 1);
+
 		return res.json({
 			message: 'Successfully retrieved files',
 			name: album.name,

src/api/routes/albums/albumPOST.js

@@ -13,25 +13,15 @@ class albumPOST extends Route {
 		const { name } = req.body;
 		if (!name) return res.status(400).json({ message: 'No name provided' });
 
-		const album = await db.table('albums').where({
-			name,
-			// enabled: true,
-			userId: user.id
-		}).first();
-
+		/*
+			Check that an album with that name doesn't exist yet
+		*/
+		const album = await db.table('albums').where({ name, userId: user.id }).first();
 		if (album) return res.status(401).json({ message: 'There\'s already an album with that name' });
 
 		const now = moment.utc().toDate();
-		/*
-		const identifier = await Util.getUniqueAlbumIdentifier();
-		if (!identifier) {
-			console.error('Couldn\'t allocate an identifier for an album');
-			return res.status(500).json({ message: 'There was a problem allocating an identifier to the album' });
-		}
-		*/
 		await db.table('albums').insert({
 			name,
-			// enabled: true,
 			userId: user.id,
 			createdAt: now,
 			editedAt: now

src/api/routes/albums/link/linkEditPOST.js

@@ -13,12 +13,12 @@ class linkEditPOST extends Route {
 		const { identifier, enabled, enableDownload, expiresAt } = req.body;
 		if (!identifier) return res.status(400).json({ message: 'Invalid album identifier supplied' });
 
-		const link = await db.table('links').where({
-			identifier,
-			userId: user.id
-		}).first();
-
+		/*
+			Make sure the link exists
+		*/
+		const link = await db.table('links').where({ identifier, userId: user.id }).first();
 		if (!link) return res.status(400).json({ message: 'The link doesn\'t exist or doesn\'t belong to the user' });
+
 		try {
 			await db.table('links')
 				.where({ identifier })

src/api/routes/albums/link/linkPOST.js

@@ -14,12 +14,21 @@ class linkPOST extends Route {
 		const { albumId } = req.body;
 		if (!albumId) return res.status(400).json({ message: 'No album provided' });
 
+		/*
+			Make sure the album exists
+		*/
 		const exists = await db.table('albums').where('id', albumId).first();
 		if (!exists) return res.status(400).json({ message: 'Album doesn\t exist' });
 
+		/*
+			Count the amount of links created for that album already and error out if max was reached
+		*/
 		const count = await db.table('links').where('albumId', albumId).count({ count: 'id' });
 		if (count[0].count >= config.albums.maxLinksPerAlbum) return res.status(400).json({ message: 'Maximum links per album reached' });
 
+		/*
+			Try to allocate a new identifier on the db
+		*/
 		const identifier = await Util.getUniqueAlbumIdentifier();
 		if (!identifier) return res.status(500).json({ message: 'There was a problem allocating a link for your album' });
 

src/api/routes/auth/loginPOST.js

@@ -15,12 +15,21 @@ class loginPOST extends Route {
 		const { username, password } = req.body;
 		if (!username || !password) return res.status(401).json({ message: 'Invalid body provided' });
 
+		/*
+			Checks if the user exists
+		*/
 		const user = await db.table('users').where('username', username).first();
 		if (!user) return res.status(401).json({ message: 'Invalid authorization' });
 
+		/*
+			Checks if the password is right
+		*/
 		const comparePassword = await bcrypt.compare(password, user.password);
 		if (!comparePassword) return res.status(401).json({ message: 'Invalid authorization.' });
 
+		/*
+			Create the jwt with some data
+		*/
 		const jwt = JWT.sign({
 			iss: 'lolisafe',
 			sub: user.id,

src/api/routes/auth/registerPOST.js

@@ -24,9 +24,15 @@ class registerPOST extends Route {
 			return res.status(400).json({ message: 'Password must have 6-64 characters' });
 		}
 
+		/*
+			Make sure the username doesn't exist yet
+		*/
 		const user = await db.table('users').where('username', username).first();
 		if (user) return res.status(401).json({ message: 'Username already exists' });
 
+		/*
+			Hash the supplied password
+		*/
 		let hash;
 		try {
 			hash = await bcrypt.hash(password, 10);
@@ -36,6 +42,9 @@ class registerPOST extends Route {
 			return res.status(401).json({ message: 'There was a problem processing your account' });
 		}
 
+		/*
+			Create the user
+		*/
 		const now = moment.utc().toDate();
 		await db.table('users').insert({
 			username,

src/api/routes/files/fileDELETE.js

@@ -13,12 +13,15 @@ class fileDELETE extends Route {
 		const { id } = req.params;
 		if (!id) return res.status(400).json({ message: 'Invalid file ID supplied' });
 
-		const file = await db.table('files').where({
-			id,
-			userId: user.id
-		}).first();
-
+		/*
+			Make sure the file exists
+		*/
+		const file = await db.table('files').where({ id, userId: user.id }).first();
 		if (!file) return res.status(400).json({ message: 'The file doesn\'t exist or doesn\'t belong to the user' });
+
+		/*
+			Delete the file
+		*/
 		try {
 			await Util.deleteFile(file.name, true);
 			return res.json({ message: 'The file was deleted successfully' });

src/api/routes/files/filesGET.js

@@ -9,12 +9,20 @@ class filesGET extends Route {
 	}
 
 	async run(req, res, user) {
+		/*
+			Get all the files from the user
+		*/
 		const files = await db.table('files')
 			.where('userId', user.id)
 			.orderBy('id', 'desc');
+
+		/*
+			For each file, create the public link to be able to display the file
+		*/
 		for (let file of files) {
 			file = Util.constructFilePublicLink(file);
 		}
+
 		return res.json({
 			message: 'Successfully retrieved files',
 			files

src/api/structures/Route.js

@@ -2,6 +2,7 @@ const JWT = require('jsonwebtoken');
 const { server } = require('../../../config');
 const db = require('knex')(server.database);
 const moment = require('moment');
+const log = require('../utils/Log');
 
 class Route {
 	constructor(path, method, options) {
@@ -21,7 +22,7 @@ class Route {
 
 		return JWT.verify(token, server.secret, async (error, decoded) => {
 			if (error) {
-				console.log(error);
+				log.error(error);
 				return res.status(401).json({ message: 'Your token appears to be invalid' });
 			}
 			const id = decoded ? decoded.sub : '';