API with HTTP Auth 📦

Author: mskian

README.md

@@ -42,7 +42,13 @@ yarn start
 http://localhost:3005/
 ```
 
-- Post via API (SOON)
+- Post via API - it Require Basic HTTP Auth - Update password in `config.js` file
+
+```sh
+http://localhost:3005/api?title=This%20is%20Example%20Post%20title&description=This%20is%20Example%20Post%20Meta%20Description%20-%20post%20via%20HTTP%20Client%20via%20API.&postcontent=This%20is%20Example%20Post%20Meta%20Description%20-%20post%20via%20HTTP%20Client%20via%20API.&tag=Test
+```
+
+- if you want to update HTTP auth username find this line `users: { 'admin':sitedata.password },` in `index.js` - Default username `admin` and password `123456789`
 
 ## Modification
 

config.json

@@ -1,5 +1,6 @@
 {
     "url_data": "example-blog",
     "storage_path": "./posts",
-    "format": "md"
+    "format": "md",
+    "password": "123456789"
 }

index.js

@@ -11,6 +11,7 @@ const {
     check,
     validationResult
 } = require('express-validator');
+const basicAuth = require('express-basic-auth');
 
 const app = express();
 const port = 3005;
@@ -64,7 +65,7 @@ app.post('/post', csrfProtection, [
     }),
     check('description', 'description length should be 100 to 140 characters Good for SEO')
     .isLength({
-        min: 100,
+        min: 60,
         max: 155
     }),
     check('postcontent', 'Fill Some Post Content').not().isEmpty().trim().escape(),
@@ -120,6 +121,74 @@ app.post('/post', csrfProtection, [
     }
 });
 
+app.get('/api', basicAuth({
+    users: { 'admin':sitedata.password },
+    challenge: true,
+    unauthorizedResponse: 'not authorized'
+}), [
+    check('title', 'title length should be 50 to 60 characters Good for SEO')
+    .isLength({
+        min: 10,
+        max: 65
+    }),
+    check('description', 'description length should be 100 to 140 characters Good for SEO')
+    .isLength({
+        min: 60,
+        max: 155
+    }),
+    check('postcontent', 'Fill Some Post Content').not().isEmpty().trim().escape(),
+    check('tag', 'Enter Atleast one Tag for Post').not().isEmpty().trim().escape(),
+], function(req, res) {
+
+    res.header('X-Frame-Options', 'DENY');
+    res.header('X-XSS-Protection', '1; mode=block');
+    res.header('X-Content-Type-Options', 'nosniff');
+    res.header('Strict-Transport-Security', 'max-age=63072000');
+
+    const blog_title = req.query.title
+    const random_id = Math.floor(1000 + Math.random() * 9000)
+    const basename = sitedata.url_data + "-" + random_id
+
+    const errors = validationResult(req);
+
+    if (!errors.isEmpty()) {
+        res.status(400).json(errors);
+    } else {
+
+        const seo_url = slugify(blog_title, {
+            replacement: '-',
+            remove: /[*+~.()'"!:@]/g,
+            lower: true,
+            strict: false
+        });
+
+        var title = blog_title;
+        var description = req.query.description;
+        var date = formattedDate;
+        var tag = req.query.tag;
+        var postcontent = req.query.postcontent;
+        let content = [{
+            title: title || "Example Post title",
+            description: description || "Example Post description",
+            date: date,
+            tag: tag || "Hello World",
+            postcontent: postcontent || "Example Post Content",
+            slug: decodeURIComponent(seo_url)
+        }];
+        let template = fs.readFileSync("./template.md").toString()
+        content.forEach(post_data => {
+            let output = render(template, post_data)
+            const clean_url = basename;
+            fs.writeFileSync(`${sitedata.storage_path}/${clean_url}.${sitedata.format}`, output)
+            console.log(post_data);
+        })
+        res.status(200).json({
+            sucess: 1,
+            message: 'Post Created'
+        });
+    }
+});
+
 app.use('/', function(req, res) {
     res.status(404).json({
         error: 1,

package.json

@@ -28,6 +28,7 @@
     "cookie-parser": "^1.4.5",
     "csurf": "^1.11.0",
     "express": "^4.17.1",
+    "express-basic-auth": "^1.2.0",
     "express-validator": "^6.13.0",
     "hbs": "^4.1.2",
     "mustache": "^4.2.0",

posts/example-blog-3937.md

@@ -0,0 +1,9 @@
+---
+title: "This is Example Post title"
+description: "This is Example Post Meta Description - post via HTTP Client via API."
+date: 2021-11-10
+tags:
+  - "Test"
+---
+
+This is Example Post Meta Description - post via HTTP Client via API.

yarn.lock

@@ -64,6 +64,13 @@ balanced-match@^1.0.0:
   resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee"
   integrity sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==
 
+basic-auth@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-2.0.1.tgz#b998279bf47ce38344b4f3cf916d4679bbf51e3a"
+  integrity sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==
+  dependencies:
+    safe-buffer "5.1.2"
+
 binary-extensions@^2.0.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.2.0.tgz#75f502eeaf9ffde42fc98829645be4ea76bd9e2d"
@@ -350,6 +357,13 @@ etag@~1.8.1:
   resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887"
   integrity sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=
 
+express-basic-auth@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/express-basic-auth/-/express-basic-auth-1.2.0.tgz#a1d40b07721376ba916e73571a60969211224808"
+  integrity sha512-iJ0h1Gk6fZRrFmO7tP9nIbxwNgCUJASfNj5fb0Hy15lGtbqqsxpt7609+wq+0XlByZjXmC/rslWQtnuSTVRIcg==
+  dependencies:
+    basic-auth "^2.0.1"
+
 express-validator@^6.13.0:
   version "6.13.0"
   resolved "https://registry.yarnpkg.com/express-validator/-/express-validator-6.13.0.tgz#270d9e8718386b04b1880b5bb7b2c1c2a91a412b"