migrate from SQLite to PostgreSQL with Drizzle ORM
- Updated all packages to latest versions (React 19, Next.js 14.2.32) - Replaced sqlite3 with pg and drizzle-orm dependencies - Created complete PostgreSQL schema with relationships and indexes - Migrated all API endpoints from SQLite to Drizzle queries - Added database seeding with sample data - Updated authentication to use bcrypt instead of pbkdf2 - Configured connection pooling for PostgreSQL - Updated app version to 1.0.0 - All endpoints tested and working correctly
This commit is contained in:
@@ -1,24 +1,23 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next"
|
||||
import sqlite3 from "sqlite3"
|
||||
import path from "path"
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { desc, eq } from 'drizzle-orm'
|
||||
import { generateApiKey, hashApiKey } from "../../../lib/api-auth"
|
||||
|
||||
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
const dbPath = path.join(process.cwd(), "database", "antihoax.db")
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
if (req.method === "GET") {
|
||||
const keys = await new Promise<any[]>((resolve, reject) => {
|
||||
db.all(
|
||||
`SELECT id, name, permissions, rate_limit, is_active, last_used, created_at
|
||||
FROM api_keys ORDER BY created_at DESC`,
|
||||
(err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
}
|
||||
)
|
||||
})
|
||||
const keys = await db
|
||||
.select({
|
||||
id: schema.apiKeys.id,
|
||||
name: schema.apiKeys.name,
|
||||
permissions: schema.apiKeys.permissions,
|
||||
rateLimit: schema.apiKeys.rateLimit,
|
||||
isActive: schema.apiKeys.isActive,
|
||||
lastUsed: schema.apiKeys.lastUsed,
|
||||
createdAt: schema.apiKeys.createdAt
|
||||
})
|
||||
.from(schema.apiKeys)
|
||||
.orderBy(desc(schema.apiKeys.createdAt))
|
||||
|
||||
res.json({
|
||||
keys: keys.map(key => ({
|
||||
@@ -38,17 +37,16 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
const apiKey = generateApiKey()
|
||||
const keyHash = hashApiKey(apiKey)
|
||||
|
||||
const result = await new Promise<any>((resolve, reject) => {
|
||||
db.run(
|
||||
`INSERT INTO api_keys (key_hash, name, permissions, rate_limit, is_active, created_at)
|
||||
VALUES (?, ?, ?, ?, 1, datetime('now'))`,
|
||||
[keyHash, name, JSON.stringify(permissions), rate_limit],
|
||||
function(err) {
|
||||
if (err) reject(err)
|
||||
else resolve({ id: this.lastID })
|
||||
}
|
||||
)
|
||||
})
|
||||
const [result] = await db
|
||||
.insert(schema.apiKeys)
|
||||
.values({
|
||||
keyHash: keyHash,
|
||||
name: name,
|
||||
permissions: JSON.stringify(permissions),
|
||||
rateLimit: rate_limit,
|
||||
isActive: true
|
||||
})
|
||||
.returning({ id: schema.apiKeys.id })
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
@@ -62,16 +60,10 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
} else if (req.method === "DELETE") {
|
||||
const { id } = req.query
|
||||
|
||||
await new Promise<void>((resolve, reject) => {
|
||||
db.run(
|
||||
'UPDATE api_keys SET is_active = 0 WHERE id = ?',
|
||||
[id],
|
||||
(err) => {
|
||||
if (err) reject(err)
|
||||
else resolve()
|
||||
}
|
||||
)
|
||||
})
|
||||
await db
|
||||
.update(schema.apiKeys)
|
||||
.set({ isActive: false })
|
||||
.where(eq(schema.apiKeys.id, parseInt(id as string)))
|
||||
|
||||
res.json({ success: true })
|
||||
|
||||
@@ -82,7 +74,5 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
} catch (error) {
|
||||
console.error('API keys error:', error)
|
||||
res.status(500).json({ error: "Operation failed" })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,76 +1,74 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next"
|
||||
import sqlite3 from "sqlite3"
|
||||
import path from "path"
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { eq, and, desc, count } from 'drizzle-orm'
|
||||
|
||||
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (req.method !== "GET") return res.status(405).json({ error: "Method not allowed" })
|
||||
|
||||
const { page = '1', limit = '50', action, resource_type, user_id } = req.query
|
||||
|
||||
const dbPath = path.join(process.cwd(), "database", "antihoax.db")
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
let whereConditions: string[] = []
|
||||
let params: any[] = []
|
||||
let whereConditions = []
|
||||
|
||||
if (action) {
|
||||
whereConditions.push("a.action = ?")
|
||||
params.push(action)
|
||||
whereConditions.push(eq(schema.auditLogs.action, action as string))
|
||||
}
|
||||
|
||||
if (resource_type) {
|
||||
whereConditions.push("a.resource_type = ?")
|
||||
params.push(resource_type)
|
||||
whereConditions.push(eq(schema.auditLogs.resourceType, resource_type as string))
|
||||
}
|
||||
|
||||
if (user_id) {
|
||||
whereConditions.push("a.user_id = ?")
|
||||
params.push(parseInt(user_id as string))
|
||||
whereConditions.push(eq(schema.auditLogs.userId, parseInt(user_id as string)))
|
||||
}
|
||||
|
||||
const whereClause = whereConditions.length > 0 ? `WHERE ${whereConditions.join(' AND ')}` : ''
|
||||
const offset = (parseInt(page as string) - 1) * parseInt(limit as string)
|
||||
const limitInt = parseInt(limit as string)
|
||||
|
||||
const query = `
|
||||
SELECT
|
||||
a.*,
|
||||
u.email as user_email,
|
||||
COUNT(*) OVER() as total_count
|
||||
FROM audit_logs a
|
||||
LEFT JOIN users u ON a.user_id = u.id
|
||||
${whereClause}
|
||||
ORDER BY a.created_at DESC
|
||||
LIMIT ? OFFSET ?
|
||||
`
|
||||
|
||||
params.push(parseInt(limit as string), offset)
|
||||
|
||||
const logs = await new Promise<any[]>((resolve, reject) => {
|
||||
db.all(query, params, (err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
// Get logs with user info
|
||||
const logs = await db
|
||||
.select({
|
||||
id: schema.auditLogs.id,
|
||||
userId: schema.auditLogs.userId,
|
||||
userEmail: schema.users.email,
|
||||
action: schema.auditLogs.action,
|
||||
resourceType: schema.auditLogs.resourceType,
|
||||
resourceId: schema.auditLogs.resourceId,
|
||||
details: schema.auditLogs.details,
|
||||
ipAddress: schema.auditLogs.ipAddress,
|
||||
createdAt: schema.auditLogs.createdAt
|
||||
})
|
||||
})
|
||||
.from(schema.auditLogs)
|
||||
.leftJoin(schema.users, eq(schema.auditLogs.userId, schema.users.id))
|
||||
.where(whereConditions.length > 0 ? and(...whereConditions) : undefined)
|
||||
.orderBy(desc(schema.auditLogs.createdAt))
|
||||
.limit(limitInt)
|
||||
.offset(offset)
|
||||
|
||||
const total = logs.length > 0 ? logs[0].total_count : 0
|
||||
const totalPages = Math.ceil(total / parseInt(limit as string))
|
||||
// Get total count for pagination
|
||||
const [totalResult] = await db
|
||||
.select({ count: count() })
|
||||
.from(schema.auditLogs)
|
||||
.where(whereConditions.length > 0 ? and(...whereConditions) : undefined)
|
||||
|
||||
const total = totalResult.count
|
||||
const totalPages = Math.ceil(total / limitInt)
|
||||
|
||||
res.json({
|
||||
logs: logs.map(log => ({
|
||||
id: log.id,
|
||||
user_id: log.user_id,
|
||||
user_email: log.user_email,
|
||||
user_id: log.userId,
|
||||
user_email: log.userEmail,
|
||||
action: log.action,
|
||||
resource_type: log.resource_type,
|
||||
resource_id: log.resource_id,
|
||||
resource_type: log.resourceType,
|
||||
resource_id: log.resourceId,
|
||||
details: log.details ? JSON.parse(log.details) : null,
|
||||
ip_address: log.ip_address,
|
||||
created_at: log.created_at
|
||||
ip_address: log.ipAddress,
|
||||
created_at: log.createdAt
|
||||
})),
|
||||
pagination: {
|
||||
page: parseInt(page as string),
|
||||
limit: parseInt(limit as string),
|
||||
limit: limitInt,
|
||||
total,
|
||||
totalPages
|
||||
}
|
||||
@@ -79,7 +77,5 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
} catch (error) {
|
||||
console.error('Audit logs error:', error)
|
||||
res.status(500).json({ error: "Failed to fetch audit logs" })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,10 +1,10 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next"
|
||||
import sqlite3 from "sqlite3"
|
||||
import path from "path"
|
||||
import { db, schema } from "../../../lib/db/connection"
|
||||
import { eq } from "drizzle-orm"
|
||||
|
||||
interface BulkImportItem {
|
||||
domain: string
|
||||
risk_level: number
|
||||
riskLevel: number
|
||||
categories: string[]
|
||||
description?: string
|
||||
}
|
||||
@@ -18,63 +18,57 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
return res.status(400).json({ error: "Sources array required" })
|
||||
}
|
||||
|
||||
const dbPath = path.join(process.cwd(), "database", "antihoax.db")
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
let imported = 0
|
||||
let skipped = 0
|
||||
|
||||
for (const source of sources) {
|
||||
if (!source.domain || !source.risk_level) {
|
||||
if (!source.domain || !source.riskLevel) {
|
||||
skipped++
|
||||
continue
|
||||
}
|
||||
|
||||
// Check if domain already exists
|
||||
const existing = await new Promise<any>((resolve, reject) => {
|
||||
db.get(
|
||||
"SELECT id FROM sources WHERE domain = ?",
|
||||
[source.domain],
|
||||
(err, row) => {
|
||||
if (err) reject(err)
|
||||
else resolve(row)
|
||||
}
|
||||
)
|
||||
})
|
||||
// Check if source already exists
|
||||
const existing = await db.select()
|
||||
.from(schema.sources)
|
||||
.where(eq(schema.sources.domain, source.domain))
|
||||
.limit(1)
|
||||
|
||||
if (existing) {
|
||||
if (existing.length > 0) {
|
||||
skipped++
|
||||
continue
|
||||
}
|
||||
|
||||
// Insert new source
|
||||
await new Promise<void>((resolve, reject) => {
|
||||
db.run(
|
||||
`INSERT INTO sources (domain, title, risk_level, status, description, created_at)
|
||||
VALUES (?, ?, ?, 'verified', ?, datetime('now'))`,
|
||||
[source.domain, source.domain, source.risk_level, source.description || ''],
|
||||
function(err) {
|
||||
if (err) reject(err)
|
||||
else resolve()
|
||||
}
|
||||
)
|
||||
})
|
||||
|
||||
imported++
|
||||
try {
|
||||
const url = `https://${source.domain}`
|
||||
await db.insert(schema.sources).values({
|
||||
url,
|
||||
domain: source.domain,
|
||||
title: source.domain,
|
||||
description: source.description || `Imported source: ${source.domain}`,
|
||||
type: 'website',
|
||||
status: 'pending',
|
||||
riskLevel: source.riskLevel,
|
||||
language: 'sk',
|
||||
reportedBy: 'bulk-import'
|
||||
})
|
||||
imported++
|
||||
} catch (error) {
|
||||
console.error('Failed to import source:', source.domain, error)
|
||||
skipped++
|
||||
}
|
||||
}
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
success: true,
|
||||
imported,
|
||||
skipped,
|
||||
total: sources.length
|
||||
message: `Imported ${imported} sources, skipped ${skipped}`
|
||||
})
|
||||
|
||||
} catch (error) {
|
||||
} catch (error: any) {
|
||||
console.error('Bulk import error:', error)
|
||||
res.status(500).json({ error: "Import failed" })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../../../lib/db/connection'
|
||||
import { desc, asc } from 'drizzle-orm'
|
||||
|
||||
export default async function handler(
|
||||
req: NextApiRequest,
|
||||
@@ -10,26 +10,16 @@ export default async function handler(
|
||||
return res.status(405).json({ error: 'Method not allowed' })
|
||||
}
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const categories = await new Promise<any[]>((resolve, reject) => {
|
||||
db.all(
|
||||
'SELECT * FROM categories ORDER BY priority DESC, name ASC',
|
||||
(err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
}
|
||||
)
|
||||
})
|
||||
const categories = await db
|
||||
.select()
|
||||
.from(schema.categories)
|
||||
.orderBy(desc(schema.categories.priority), asc(schema.categories.name))
|
||||
|
||||
return res.status(200).json(categories)
|
||||
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { eq, and, gte, count } from 'drizzle-orm'
|
||||
|
||||
interface DashboardStats {
|
||||
total_sources: number
|
||||
@@ -19,54 +19,65 @@ export default async function handler(
|
||||
return res.status(405).json({ error: 'Method not allowed' })
|
||||
}
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const stats = await new Promise<DashboardStats>((resolve, reject) => {
|
||||
const queries = [
|
||||
"SELECT COUNT(*) as total_sources FROM sources WHERE status = 'verified'",
|
||||
"SELECT COUNT(*) as pending_sources FROM sources WHERE status = 'pending'",
|
||||
"SELECT COUNT(*) as pending_reports FROM reports WHERE status = 'pending'",
|
||||
"SELECT COUNT(*) as high_risk_sources FROM sources WHERE status = 'verified' AND risk_level >= 4",
|
||||
"SELECT COUNT(*) as sources_added_week FROM sources WHERE created_at > datetime('now', '-7 days')",
|
||||
"SELECT COUNT(*) as reports_today FROM reports WHERE created_at > datetime('now', '-1 day')"
|
||||
]
|
||||
|
||||
const results: any = {}
|
||||
let completed = 0
|
||||
|
||||
queries.forEach((query, index) => {
|
||||
db.get(query, (err, row: any) => {
|
||||
if (err) {
|
||||
reject(err)
|
||||
return
|
||||
}
|
||||
|
||||
const key = Object.keys(row)[0]
|
||||
results[key] = row[key]
|
||||
completed++
|
||||
|
||||
if (completed === queries.length) {
|
||||
resolve({
|
||||
total_sources: results.total_sources || 0,
|
||||
pending_sources: results.pending_sources || 0,
|
||||
pending_reports: results.pending_reports || 0,
|
||||
high_risk_sources: results.high_risk_sources || 0,
|
||||
sources_added_week: results.sources_added_week || 0,
|
||||
reports_today: results.reports_today || 0
|
||||
})
|
||||
}
|
||||
})
|
||||
})
|
||||
})
|
||||
// Get all stats in parallel
|
||||
const weekAgo = new Date()
|
||||
weekAgo.setDate(weekAgo.getDate() - 7)
|
||||
|
||||
const dayAgo = new Date()
|
||||
dayAgo.setDate(dayAgo.getDate() - 1)
|
||||
|
||||
const [
|
||||
totalSources,
|
||||
pendingSources,
|
||||
pendingReports,
|
||||
highRiskSources,
|
||||
sourcesAddedWeek,
|
||||
reportsToday
|
||||
] = await Promise.all([
|
||||
db.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(eq(schema.sources.status, 'verified')),
|
||||
|
||||
db.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(eq(schema.sources.status, 'pending')),
|
||||
|
||||
db.select({ count: count() })
|
||||
.from(schema.reports)
|
||||
.where(eq(schema.reports.status, 'pending')),
|
||||
|
||||
db.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(
|
||||
and(
|
||||
eq(schema.sources.status, 'verified'),
|
||||
gte(schema.sources.riskLevel, 4)
|
||||
)
|
||||
),
|
||||
|
||||
db.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(gte(schema.sources.createdAt, weekAgo)),
|
||||
|
||||
db.select({ count: count() })
|
||||
.from(schema.reports)
|
||||
.where(gte(schema.reports.createdAt, dayAgo))
|
||||
])
|
||||
|
||||
const stats: DashboardStats = {
|
||||
total_sources: totalSources[0].count,
|
||||
pending_sources: pendingSources[0].count,
|
||||
pending_reports: pendingReports[0].count,
|
||||
high_risk_sources: highRiskSources[0].count,
|
||||
sources_added_week: sourcesAddedWeek[0].count,
|
||||
reports_today: reportsToday[0].count
|
||||
}
|
||||
|
||||
return res.status(200).json(stats)
|
||||
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../../../lib/db/connection'
|
||||
import { eq, desc } from 'drizzle-orm'
|
||||
|
||||
export default async function handler(
|
||||
req: NextApiRequest,
|
||||
@@ -12,44 +12,29 @@ export default async function handler(
|
||||
|
||||
const { status = 'pending', page = '1', limit = '20' } = req.query
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const reports = await new Promise<any[]>((resolve, reject) => {
|
||||
const offset = (parseInt(page as string) - 1) * parseInt(limit as string)
|
||||
|
||||
db.all(
|
||||
`SELECT *,
|
||||
CASE
|
||||
WHEN category_suggestions IS NOT NULL
|
||||
THEN json_extract(category_suggestions, '$')
|
||||
ELSE '[]'
|
||||
END as category_suggestions
|
||||
FROM reports
|
||||
WHERE status = ?
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ? OFFSET ?`,
|
||||
[status, parseInt(limit as string), offset],
|
||||
(err, rows: any[]) => {
|
||||
if (err) reject(err)
|
||||
else {
|
||||
const processedRows = rows.map(row => ({
|
||||
...row,
|
||||
category_suggestions: row.category_suggestions ? JSON.parse(row.category_suggestions) : []
|
||||
}))
|
||||
resolve(processedRows)
|
||||
}
|
||||
}
|
||||
)
|
||||
})
|
||||
const offset = (parseInt(page as string) - 1) * parseInt(limit as string)
|
||||
const limitInt = parseInt(limit as string)
|
||||
|
||||
const reports = await db
|
||||
.select()
|
||||
.from(schema.reports)
|
||||
.where(eq(schema.reports.status, status as any))
|
||||
.orderBy(desc(schema.reports.createdAt))
|
||||
.limit(limitInt)
|
||||
.offset(offset)
|
||||
|
||||
return res.status(200).json(reports)
|
||||
// Process the reports to parse JSON fields
|
||||
const processedReports = reports.map(report => ({
|
||||
...report,
|
||||
categorySuggestions: report.categorySuggestions ? JSON.parse(report.categorySuggestions) : [],
|
||||
evidenceUrls: report.evidenceUrls ? JSON.parse(report.evidenceUrls) : []
|
||||
}))
|
||||
|
||||
return res.status(200).json(processedReports)
|
||||
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../../../lib/db/connection'
|
||||
import { eq, desc } from 'drizzle-orm'
|
||||
|
||||
export default async function handler(
|
||||
req: NextApiRequest,
|
||||
@@ -12,32 +12,22 @@ export default async function handler(
|
||||
|
||||
const { status = 'pending', page = '1', limit = '20' } = req.query
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const sources = await new Promise<any[]>((resolve, reject) => {
|
||||
const offset = (parseInt(page as string) - 1) * parseInt(limit as string)
|
||||
|
||||
db.all(
|
||||
`SELECT * FROM sources
|
||||
WHERE status = ?
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ? OFFSET ?`,
|
||||
[status, parseInt(limit as string), offset],
|
||||
(err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
}
|
||||
)
|
||||
})
|
||||
const offset = (parseInt(page as string) - 1) * parseInt(limit as string)
|
||||
const limitInt = parseInt(limit as string)
|
||||
|
||||
const sources = await db
|
||||
.select()
|
||||
.from(schema.sources)
|
||||
.where(eq(schema.sources.status, status as any))
|
||||
.orderBy(desc(schema.sources.createdAt))
|
||||
.limit(limitInt)
|
||||
.offset(offset)
|
||||
|
||||
return res.status(200).json(sources)
|
||||
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,31 +1,26 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next"
|
||||
import sqlite3 from "sqlite3"
|
||||
import path from "path"
|
||||
import crypto from "crypto"
|
||||
import { db, schema } from "../../../lib/db/connection"
|
||||
import { eq, count, sql } from "drizzle-orm"
|
||||
import * as bcrypt from "bcryptjs"
|
||||
|
||||
function hashPassword(password: string): { hash: string, salt: string } {
|
||||
const salt = crypto.randomBytes(32).toString('hex')
|
||||
const hash = crypto.pbkdf2Sync(password, salt, 10000, 64, 'sha256').toString('hex')
|
||||
return { hash, salt }
|
||||
async function hashPassword(password: string): Promise<string> {
|
||||
return await bcrypt.hash(password, 12)
|
||||
}
|
||||
|
||||
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
const dbPath = path.join(process.cwd(), "database", "antihoax.db")
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
if (req.method === "GET") {
|
||||
const users = await new Promise<any[]>((resolve, reject) => {
|
||||
db.all(
|
||||
`SELECT id, email, role, is_active, created_at, last_login,
|
||||
(SELECT COUNT(*) FROM sources WHERE moderator_id = users.id) as sources_moderated
|
||||
FROM users ORDER BY created_at DESC`,
|
||||
(err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
}
|
||||
)
|
||||
const users = await db.select({
|
||||
id: schema.users.id,
|
||||
email: schema.users.email,
|
||||
role: schema.users.role,
|
||||
isActive: schema.users.isActive,
|
||||
createdAt: schema.users.createdAt,
|
||||
lastLogin: schema.users.lastLogin,
|
||||
sourcesModerated: sql<number>`(SELECT COUNT(*) FROM ${schema.sources} WHERE verified_by = ${schema.users.id})`
|
||||
})
|
||||
.from(schema.users)
|
||||
.orderBy(schema.users.createdAt)
|
||||
|
||||
res.json({ users })
|
||||
|
||||
@@ -40,27 +35,25 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
return res.status(400).json({ error: "Invalid role" })
|
||||
}
|
||||
|
||||
const { hash, salt } = hashPassword(password)
|
||||
const passwordHash = await hashPassword(password)
|
||||
|
||||
const result = await new Promise<any>((resolve, reject) => {
|
||||
db.run(
|
||||
`INSERT INTO users (email, password_hash, salt, role, is_active, created_at)
|
||||
VALUES (?, ?, ?, ?, 1, datetime('now'))`,
|
||||
[email, hash, salt, role],
|
||||
function(err) {
|
||||
if (err) reject(err)
|
||||
else resolve({ id: this.lastID })
|
||||
}
|
||||
)
|
||||
})
|
||||
const result = await db.insert(schema.users)
|
||||
.values({
|
||||
email,
|
||||
passwordHash,
|
||||
name: email.split('@')[0], // Use email username as name
|
||||
role: role as 'admin' | 'moderator',
|
||||
isActive: true
|
||||
})
|
||||
.returning({ id: schema.users.id })
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
user: {
|
||||
id: result.id,
|
||||
id: result[0].id,
|
||||
email,
|
||||
role,
|
||||
is_active: true
|
||||
isActive: true
|
||||
}
|
||||
})
|
||||
|
||||
@@ -70,12 +63,10 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
|
||||
} catch (error: any) {
|
||||
console.error('Users API error:', error)
|
||||
if (error?.code === 'SQLITE_CONSTRAINT_UNIQUE') {
|
||||
if (error?.code === '23505') {
|
||||
res.status(400).json({ error: "User already exists" })
|
||||
} else {
|
||||
res.status(500).json({ error: "Operation failed" })
|
||||
}
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,11 +1,7 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next"
|
||||
import sqlite3 from "sqlite3"
|
||||
import path from "path"
|
||||
import crypto from "crypto"
|
||||
|
||||
function hashPassword(password: string, salt: string): string {
|
||||
return crypto.pbkdf2Sync(password, salt, 10000, 64, 'sha256').toString('hex')
|
||||
}
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { eq } from 'drizzle-orm'
|
||||
import bcrypt from 'bcryptjs'
|
||||
|
||||
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (req.method !== "POST") return res.status(405).json({ error: "Method not allowed" })
|
||||
@@ -16,45 +12,31 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
return res.status(400).json({ error: "Email and password required" })
|
||||
}
|
||||
|
||||
const dbPath = path.join(process.cwd(), "database", "antihoax.db")
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const user = await new Promise<any>((resolve, reject) => {
|
||||
db.get(
|
||||
"SELECT id, email, password_hash, salt, role, is_active FROM users WHERE email = ?",
|
||||
[email],
|
||||
(err, row) => {
|
||||
if (err) reject(err)
|
||||
else resolve(row)
|
||||
}
|
||||
)
|
||||
})
|
||||
const users = await db.select()
|
||||
.from(schema.users)
|
||||
.where(eq(schema.users.email, email))
|
||||
.limit(1)
|
||||
|
||||
if (!user) {
|
||||
if (users.length === 0) {
|
||||
return res.status(401).json({ error: "Invalid credentials" })
|
||||
}
|
||||
|
||||
if (!user.is_active) {
|
||||
const user = users[0]
|
||||
|
||||
if (!user.isActive) {
|
||||
return res.status(401).json({ error: "Account is disabled" })
|
||||
}
|
||||
|
||||
const hashedPassword = hashPassword(password, user.salt)
|
||||
if (hashedPassword !== user.password_hash) {
|
||||
const isValidPassword = await bcrypt.compare(password, user.passwordHash)
|
||||
if (!isValidPassword) {
|
||||
return res.status(401).json({ error: "Invalid credentials" })
|
||||
}
|
||||
|
||||
// Update last login
|
||||
await new Promise<void>((resolve, reject) => {
|
||||
db.run(
|
||||
"UPDATE users SET last_login = datetime('now') WHERE id = ?",
|
||||
[user.id],
|
||||
(err) => {
|
||||
if (err) reject(err)
|
||||
else resolve()
|
||||
}
|
||||
)
|
||||
})
|
||||
await db.update(schema.users)
|
||||
.set({ lastLogin: new Date() })
|
||||
.where(eq(schema.users.id, user.id))
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
@@ -69,7 +51,5 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
} catch (error) {
|
||||
console.error('Login error:', error)
|
||||
res.status(500).json({ error: "Login failed" })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { eq, gte, desc, count, sql } from 'drizzle-orm'
|
||||
|
||||
interface RiskyDomain {
|
||||
domain: string
|
||||
@@ -20,49 +20,36 @@ export default async function handler(
|
||||
|
||||
const { limit = '20' } = req.query
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const riskyDomains = await new Promise<RiskyDomain[]>((resolve, reject) => {
|
||||
db.all(
|
||||
`SELECT
|
||||
s.domain,
|
||||
COUNT(*) as source_count,
|
||||
AVG(s.risk_level) as avg_risk_level,
|
||||
MAX(s.risk_level) as max_risk_level,
|
||||
GROUP_CONCAT(DISTINCT c.name) as categories
|
||||
FROM sources s
|
||||
LEFT JOIN source_categories sc ON s.id = sc.source_id
|
||||
LEFT JOIN categories c ON sc.category_id = c.id
|
||||
WHERE s.status = 'verified'
|
||||
GROUP BY s.domain
|
||||
HAVING AVG(s.risk_level) >= 3
|
||||
ORDER BY avg_risk_level DESC, source_count DESC
|
||||
LIMIT ?`,
|
||||
[parseInt(limit as string)],
|
||||
(err, rows: any[]) => {
|
||||
if (err) reject(err)
|
||||
else {
|
||||
const domains = rows.map(row => ({
|
||||
domain: row.domain,
|
||||
source_count: row.source_count,
|
||||
avg_risk_level: Math.round(row.avg_risk_level * 10) / 10,
|
||||
max_risk_level: row.max_risk_level,
|
||||
categories: row.categories ? row.categories.split(',') : []
|
||||
}))
|
||||
resolve(domains)
|
||||
}
|
||||
}
|
||||
)
|
||||
})
|
||||
const riskyDomainsResult = await db
|
||||
.select({
|
||||
domain: schema.sources.domain,
|
||||
sourceCount: count(),
|
||||
avgRiskLevel: sql<number>`AVG(${schema.sources.riskLevel})`,
|
||||
maxRiskLevel: sql<number>`MAX(${schema.sources.riskLevel})`,
|
||||
categories: sql<string>`string_agg(DISTINCT ${schema.categories.name}, ',')`
|
||||
})
|
||||
.from(schema.sources)
|
||||
.leftJoin(schema.sourceCategories, eq(schema.sources.id, schema.sourceCategories.sourceId))
|
||||
.leftJoin(schema.categories, eq(schema.sourceCategories.categoryId, schema.categories.id))
|
||||
.where(eq(schema.sources.status, 'verified'))
|
||||
.groupBy(schema.sources.domain)
|
||||
.having(gte(sql`AVG(${schema.sources.riskLevel})`, 3))
|
||||
.orderBy(desc(sql`AVG(${schema.sources.riskLevel})`), desc(count()))
|
||||
.limit(parseInt(limit as string))
|
||||
|
||||
const riskyDomains: RiskyDomain[] = riskyDomainsResult.map(row => ({
|
||||
domain: row.domain,
|
||||
source_count: row.sourceCount,
|
||||
avg_risk_level: Math.round(row.avgRiskLevel * 10) / 10,
|
||||
max_risk_level: row.maxRiskLevel,
|
||||
categories: row.categories ? row.categories.split(',').filter(Boolean) : []
|
||||
}))
|
||||
|
||||
return res.status(200).json(riskyDomains)
|
||||
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,5 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../lib/db/connection'
|
||||
|
||||
function extractDomain(url: string): string {
|
||||
try {
|
||||
@@ -30,31 +29,16 @@ export default async function handler(
|
||||
return res.status(400).json({ error: 'Invalid URL format' })
|
||||
}
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
await new Promise<void>((resolve, reject) => {
|
||||
db.run(
|
||||
`INSERT INTO reports (
|
||||
source_url, source_domain, reporter_email, reporter_name,
|
||||
category_suggestions, description, ip_address, user_agent
|
||||
) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
|
||||
[
|
||||
source_url,
|
||||
domain,
|
||||
reporter_email || null,
|
||||
reporter_name || null,
|
||||
JSON.stringify(categories || []),
|
||||
description,
|
||||
req.headers['x-forwarded-for'] || req.connection.remoteAddress,
|
||||
req.headers['user-agent']
|
||||
],
|
||||
function(err) {
|
||||
if (err) reject(err)
|
||||
else resolve()
|
||||
}
|
||||
)
|
||||
await db.insert(schema.reports).values({
|
||||
sourceUrl: source_url,
|
||||
sourceDomain: domain,
|
||||
reporterEmail: reporter_email || null,
|
||||
reporterName: reporter_name || null,
|
||||
categorySuggestions: JSON.stringify(categories || []),
|
||||
description: description,
|
||||
ipAddress: (req.headers['x-forwarded-for'] as string) || (req.socket?.remoteAddress),
|
||||
userAgent: req.headers['user-agent'] || null
|
||||
})
|
||||
|
||||
return res.status(200).json({ success: true, message: 'Report submitted successfully' })
|
||||
@@ -62,7 +46,5 @@ export default async function handler(
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next"
|
||||
import sqlite3 from "sqlite3"
|
||||
import path from "path"
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { eq, and, or, like, gte, lte, desc, count, sql } from 'drizzle-orm'
|
||||
|
||||
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (req.method !== "GET") return res.status(405).json({ error: "Method not allowed" })
|
||||
@@ -15,80 +15,113 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
limit = '20'
|
||||
} = req.query
|
||||
|
||||
const dbPath = path.join(process.cwd(), "database", "antihoax.db")
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
let whereConditions = ["s.status = ?"]
|
||||
let params: any[] = [status]
|
||||
let whereConditions = [eq(schema.sources.status, status as string)]
|
||||
|
||||
if (q) {
|
||||
whereConditions.push("(s.domain LIKE ? OR s.title LIKE ? OR s.description LIKE ?)")
|
||||
params.push(`%${q}%`, `%${q}%`, `%${q}%`)
|
||||
}
|
||||
|
||||
if (category) {
|
||||
whereConditions.push("EXISTS (SELECT 1 FROM source_categories sc JOIN categories c ON sc.category_id = c.id WHERE sc.source_id = s.id AND c.name = ?)")
|
||||
params.push(category)
|
||||
whereConditions.push(
|
||||
or(
|
||||
like(schema.sources.domain, `%${q}%`),
|
||||
like(schema.sources.title, `%${q}%`),
|
||||
like(schema.sources.description, `%${q}%`)
|
||||
)
|
||||
)
|
||||
}
|
||||
|
||||
if (risk_level_min) {
|
||||
whereConditions.push("s.risk_level >= ?")
|
||||
params.push(parseInt(risk_level_min as string))
|
||||
whereConditions.push(gte(schema.sources.riskLevel, parseInt(risk_level_min as string)))
|
||||
}
|
||||
|
||||
if (risk_level_max) {
|
||||
whereConditions.push("s.risk_level <= ?")
|
||||
params.push(parseInt(risk_level_max as string))
|
||||
whereConditions.push(lte(schema.sources.riskLevel, parseInt(risk_level_max as string)))
|
||||
}
|
||||
|
||||
const offset = (parseInt(page as string) - 1) * parseInt(limit as string)
|
||||
const limitInt = parseInt(limit as string)
|
||||
|
||||
const query = `
|
||||
SELECT s.*, GROUP_CONCAT(c.name) as categories,
|
||||
COUNT(*) OVER() as total_count
|
||||
FROM sources s
|
||||
LEFT JOIN source_categories sc ON s.id = sc.source_id
|
||||
LEFT JOIN categories c ON sc.category_id = c.id
|
||||
WHERE ${whereConditions.join(' AND ')}
|
||||
GROUP BY s.id
|
||||
ORDER BY s.risk_level DESC, s.created_at DESC
|
||||
LIMIT ? OFFSET ?
|
||||
`
|
||||
|
||||
params.push(parseInt(limit as string), offset)
|
||||
|
||||
const results = await new Promise<any[]>((resolve, reject) => {
|
||||
db.all(query, params, (err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
// Build the base query
|
||||
let query = db
|
||||
.select({
|
||||
id: schema.sources.id,
|
||||
domain: schema.sources.domain,
|
||||
title: schema.sources.title,
|
||||
riskLevel: schema.sources.riskLevel,
|
||||
description: schema.sources.description,
|
||||
createdAt: schema.sources.createdAt,
|
||||
categories: sql<string>`string_agg(${schema.categories.name}, ',')`
|
||||
})
|
||||
})
|
||||
.from(schema.sources)
|
||||
.leftJoin(schema.sourceCategories, eq(schema.sources.id, schema.sourceCategories.sourceId))
|
||||
.leftJoin(schema.categories, eq(schema.sourceCategories.categoryId, schema.categories.id))
|
||||
.where(and(...whereConditions))
|
||||
.groupBy(schema.sources.id, schema.sources.domain, schema.sources.title, schema.sources.riskLevel, schema.sources.description, schema.sources.createdAt)
|
||||
.orderBy(desc(schema.sources.riskLevel), desc(schema.sources.createdAt))
|
||||
.limit(limitInt)
|
||||
.offset(offset)
|
||||
|
||||
const total = results.length > 0 ? results[0].total_count : 0
|
||||
const totalPages = Math.ceil(total / parseInt(limit as string))
|
||||
// Apply category filter if provided
|
||||
if (category) {
|
||||
query = db
|
||||
.select({
|
||||
id: schema.sources.id,
|
||||
domain: schema.sources.domain,
|
||||
title: schema.sources.title,
|
||||
riskLevel: schema.sources.riskLevel,
|
||||
description: schema.sources.description,
|
||||
createdAt: schema.sources.createdAt,
|
||||
categories: sql<string>`string_agg(${schema.categories.name}, ',')`
|
||||
})
|
||||
.from(schema.sources)
|
||||
.innerJoin(schema.sourceCategories, eq(schema.sources.id, schema.sourceCategories.sourceId))
|
||||
.innerJoin(schema.categories, eq(schema.sourceCategories.categoryId, schema.categories.id))
|
||||
.where(and(...whereConditions, eq(schema.categories.name, category as string)))
|
||||
.groupBy(schema.sources.id, schema.sources.domain, schema.sources.title, schema.sources.riskLevel, schema.sources.description, schema.sources.createdAt)
|
||||
.orderBy(desc(schema.sources.riskLevel), desc(schema.sources.createdAt))
|
||||
.limit(limitInt)
|
||||
.offset(offset)
|
||||
}
|
||||
|
||||
const results = await query
|
||||
|
||||
// Get total count for pagination
|
||||
let countQuery = db
|
||||
.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(and(...whereConditions))
|
||||
|
||||
if (category) {
|
||||
countQuery = db
|
||||
.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.innerJoin(schema.sourceCategories, eq(schema.sources.id, schema.sourceCategories.sourceId))
|
||||
.innerJoin(schema.categories, eq(schema.sourceCategories.categoryId, schema.categories.id))
|
||||
.where(and(...whereConditions, eq(schema.categories.name, category as string)))
|
||||
}
|
||||
|
||||
const [totalResult] = await countQuery
|
||||
const total = totalResult.count
|
||||
const totalPages = Math.ceil(total / limitInt)
|
||||
|
||||
res.json({
|
||||
results: results.map(row => ({
|
||||
id: row.id,
|
||||
domain: row.domain,
|
||||
title: row.title,
|
||||
risk_level: row.risk_level,
|
||||
categories: row.categories ? row.categories.split(',') : [],
|
||||
risk_level: row.riskLevel,
|
||||
categories: row.categories ? row.categories.split(',').filter(Boolean) : [],
|
||||
description: row.description,
|
||||
created_at: row.created_at
|
||||
created_at: row.createdAt
|
||||
})),
|
||||
pagination: {
|
||||
page: parseInt(page as string),
|
||||
limit: parseInt(limit as string),
|
||||
limit: limitInt,
|
||||
total,
|
||||
totalPages
|
||||
}
|
||||
})
|
||||
|
||||
} catch (error) {
|
||||
console.error('Search error:', error)
|
||||
res.status(500).json({ error: "Search failed" })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next"
|
||||
import sqlite3 from "sqlite3"
|
||||
import path from "path"
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { or, like } from 'drizzle-orm'
|
||||
|
||||
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (req.method !== "GET") return res.status(405).json({ error: "Method not allowed" })
|
||||
@@ -8,24 +8,21 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
const { q } = req.query
|
||||
if (!q) return res.status(400).json({ error: "Query required" })
|
||||
|
||||
const dbPath = path.join(process.cwd(), "database", "antihoax.db")
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const results = await new Promise<any[]>((resolve, reject) => {
|
||||
db.all(
|
||||
"SELECT * FROM sources WHERE domain LIKE ? OR title LIKE ? LIMIT 20",
|
||||
[`%${q}%`, `%${q}%`],
|
||||
(err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
}
|
||||
const results = await db
|
||||
.select()
|
||||
.from(schema.sources)
|
||||
.where(
|
||||
or(
|
||||
like(schema.sources.domain, `%${q}%`),
|
||||
like(schema.sources.title, `%${q}%`)
|
||||
)
|
||||
)
|
||||
})
|
||||
.limit(20)
|
||||
|
||||
res.json(results)
|
||||
} catch (error) {
|
||||
console.error('Search error:', error)
|
||||
res.status(500).json({ error: "Database error" })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../../lib/db/connection'
|
||||
import { eq, and, sql } from 'drizzle-orm'
|
||||
import { rateLimit, getRateLimitHeaders } from '../../../lib/rate-limiter'
|
||||
import { cache, getCacheKey } from '../../../lib/cache'
|
||||
|
||||
@@ -88,25 +88,23 @@ export default async function handler(
|
||||
return res.status(200).json(cachedResult)
|
||||
}
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
const sources = await new Promise<any[]>((resolve, reject) => {
|
||||
db.all(
|
||||
`SELECT s.*, GROUP_CONCAT(c.name) as categories
|
||||
FROM sources s
|
||||
LEFT JOIN source_categories sc ON s.id = sc.source_id
|
||||
LEFT JOIN categories c ON sc.category_id = c.id
|
||||
WHERE s.domain = ? AND s.status = 'verified'
|
||||
GROUP BY s.id`,
|
||||
[domain],
|
||||
(err, rows) => {
|
||||
if (err) reject(err)
|
||||
else resolve(rows)
|
||||
}
|
||||
const sources = await db
|
||||
.select({
|
||||
id: schema.sources.id,
|
||||
riskLevel: schema.sources.riskLevel,
|
||||
categories: sql<string>`string_agg(${schema.categories.name}, ',')`
|
||||
})
|
||||
.from(schema.sources)
|
||||
.leftJoin(schema.sourceCategories, eq(schema.sources.id, schema.sourceCategories.sourceId))
|
||||
.leftJoin(schema.categories, eq(schema.sourceCategories.categoryId, schema.categories.id))
|
||||
.where(
|
||||
and(
|
||||
eq(schema.sources.domain, domain),
|
||||
eq(schema.sources.status, 'verified')
|
||||
)
|
||||
)
|
||||
})
|
||||
.groupBy(schema.sources.id, schema.sources.riskLevel)
|
||||
|
||||
let result: CheckResponse
|
||||
|
||||
@@ -119,7 +117,7 @@ export default async function handler(
|
||||
source_count: 0
|
||||
}
|
||||
} else {
|
||||
const maxRiskLevel = Math.max(...sources.map(s => s.risk_level))
|
||||
const maxRiskLevel = Math.max(...sources.map(s => s.riskLevel))
|
||||
const allCategories = sources
|
||||
.map(s => s.categories)
|
||||
.filter(Boolean)
|
||||
@@ -156,7 +154,5 @@ export default async function handler(
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next'
|
||||
import sqlite3 from 'sqlite3'
|
||||
import path from 'path'
|
||||
import { db, schema } from '../../lib/db/connection'
|
||||
import { eq, gte, count, desc, sql } from 'drizzle-orm'
|
||||
|
||||
interface PublicStats {
|
||||
total_sources: number
|
||||
@@ -18,91 +18,69 @@ export default async function handler(
|
||||
return res.status(405).json({ error: 'Method not allowed' })
|
||||
}
|
||||
|
||||
const dbPath = path.join(process.cwd(), 'database', 'antihoax.db')
|
||||
const db = new sqlite3.Database(dbPath)
|
||||
|
||||
try {
|
||||
// Get basic counts
|
||||
const totalSources = await new Promise<number>((resolve, reject) => {
|
||||
db.get(
|
||||
"SELECT COUNT(*) as count FROM sources WHERE status = 'verified'",
|
||||
(err, row: any) => {
|
||||
if (err) reject(err)
|
||||
else resolve(row.count)
|
||||
}
|
||||
)
|
||||
})
|
||||
const [totalSourcesResult] = await db
|
||||
.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(eq(schema.sources.status, 'verified'))
|
||||
|
||||
const highRiskSources = await new Promise<number>((resolve, reject) => {
|
||||
db.get(
|
||||
"SELECT COUNT(*) as count FROM sources WHERE status = 'verified' AND risk_level >= 4",
|
||||
(err, row: any) => {
|
||||
if (err) reject(err)
|
||||
else resolve(row.count)
|
||||
}
|
||||
const [highRiskSourcesResult] = await db
|
||||
.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(
|
||||
sql`${schema.sources.status} = 'verified' AND ${schema.sources.riskLevel} >= 4`
|
||||
)
|
||||
})
|
||||
|
||||
const recentAdditions = await new Promise<number>((resolve, reject) => {
|
||||
db.get(
|
||||
"SELECT COUNT(*) as count FROM sources WHERE created_at > datetime('now', '-30 days')",
|
||||
(err, row: any) => {
|
||||
if (err) reject(err)
|
||||
else resolve(row.count)
|
||||
}
|
||||
)
|
||||
})
|
||||
const thirtyDaysAgo = new Date()
|
||||
thirtyDaysAgo.setDate(thirtyDaysAgo.getDate() - 30)
|
||||
|
||||
const [recentAdditionsResult] = await db
|
||||
.select({ count: count() })
|
||||
.from(schema.sources)
|
||||
.where(gte(schema.sources.createdAt, thirtyDaysAgo))
|
||||
|
||||
// Get categories breakdown
|
||||
const categoriesBreakdown = await new Promise<{ [key: string]: number }>((resolve, reject) => {
|
||||
db.all(
|
||||
`SELECT c.name, COUNT(*) as count
|
||||
FROM categories c
|
||||
JOIN source_categories sc ON c.id = sc.category_id
|
||||
JOIN sources s ON sc.source_id = s.id
|
||||
WHERE s.status = 'verified'
|
||||
GROUP BY c.id, c.name`,
|
||||
(err, rows: any[]) => {
|
||||
if (err) reject(err)
|
||||
else {
|
||||
const breakdown: { [key: string]: number } = {}
|
||||
rows.forEach(row => {
|
||||
breakdown[row.name] = row.count
|
||||
})
|
||||
resolve(breakdown)
|
||||
}
|
||||
}
|
||||
)
|
||||
const categoriesBreakdownResult = await db
|
||||
.select({
|
||||
name: schema.categories.name,
|
||||
count: count()
|
||||
})
|
||||
.from(schema.categories)
|
||||
.innerJoin(schema.sourceCategories, eq(schema.categories.id, schema.sourceCategories.categoryId))
|
||||
.innerJoin(schema.sources, eq(schema.sourceCategories.sourceId, schema.sources.id))
|
||||
.where(eq(schema.sources.status, 'verified'))
|
||||
.groupBy(schema.categories.id, schema.categories.name)
|
||||
|
||||
const categoriesBreakdown: { [key: string]: number } = {}
|
||||
categoriesBreakdownResult.forEach(row => {
|
||||
categoriesBreakdown[row.name] = row.count
|
||||
})
|
||||
|
||||
// Get top risky domains
|
||||
const topDomains = await new Promise<{ domain: string; count: number; risk_level: number }[]>((resolve, reject) => {
|
||||
db.all(
|
||||
`SELECT domain, COUNT(*) as count, AVG(risk_level) as avg_risk
|
||||
FROM sources
|
||||
WHERE status = 'verified'
|
||||
GROUP BY domain
|
||||
ORDER BY avg_risk DESC, count DESC
|
||||
LIMIT 10`,
|
||||
(err, rows: any[]) => {
|
||||
if (err) reject(err)
|
||||
else {
|
||||
const domains = rows.map(row => ({
|
||||
domain: row.domain,
|
||||
count: row.count,
|
||||
risk_level: Math.round(row.avg_risk * 10) / 10
|
||||
}))
|
||||
resolve(domains)
|
||||
}
|
||||
}
|
||||
)
|
||||
})
|
||||
const topDomainsResult = await db
|
||||
.select({
|
||||
domain: schema.sources.domain,
|
||||
count: count(),
|
||||
avgRisk: sql<number>`AVG(${schema.sources.riskLevel})`
|
||||
})
|
||||
.from(schema.sources)
|
||||
.where(eq(schema.sources.status, 'verified'))
|
||||
.groupBy(schema.sources.domain)
|
||||
.orderBy(desc(sql`AVG(${schema.sources.riskLevel})`), desc(count()))
|
||||
.limit(10)
|
||||
|
||||
const topDomains = topDomainsResult.map(row => ({
|
||||
domain: row.domain,
|
||||
count: row.count,
|
||||
risk_level: Math.round(row.avgRisk * 10) / 10
|
||||
}))
|
||||
|
||||
const stats: PublicStats = {
|
||||
total_sources: totalSources,
|
||||
high_risk_sources: highRiskSources,
|
||||
total_sources: totalSourcesResult.count,
|
||||
high_risk_sources: highRiskSourcesResult.count,
|
||||
categories_breakdown: categoriesBreakdown,
|
||||
recent_additions: recentAdditions,
|
||||
recent_additions: recentAdditionsResult.count,
|
||||
top_domains: topDomains
|
||||
}
|
||||
|
||||
@@ -111,7 +89,5 @@ export default async function handler(
|
||||
} catch (error) {
|
||||
console.error('Database error:', error)
|
||||
return res.status(500).json({ error: 'Internal server error' })
|
||||
} finally {
|
||||
db.close()
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user