Merge pull request #84 from KevinMidboe/api_request

Api request

seasoned_api/.gitignore

@@ -61,4 +61,6 @@ typings/
 # - - - - - 
 # My own gitignore files and folders
 shows.db
-conf/
+conf/development.json
+
+# conf/development-prod.json

seasoned_api/package.json

@@ -4,7 +4,7 @@
     "scripts": {
         "start": "cross-env SEASONED_CONFIG=conf/development.json NODE_PATH=. node src/webserver/server.js",
         "test": "cross-env SEASONED_CONFIG=conf/development.json NODE_PATH=. mocha --recursive test/system",
-        "coverage": "cross-env PLANFLIX_CONFIG=conf/test.json NODE_PATH=. istanbul cover -x script/autogenerate-documentation.js --include-all-sources --dir test/.coverage node_modules/mocha/bin/_mocha --recursive test/**/* -- --report lcovonly && cat test/.coverage/lcov.info | coveralls && rm -rf test/.coverage",
+        "coverage": "cross-env SEASONED_CONFIG=conf/test.json NODE_PATH=. istanbul cover -x script/autogenerate-documentation.js --include-all-sources --dir test/.coverage node_modules/mocha/bin/_mocha --recursive test/**/* -- --report lcovonly && cat test/.coverage/lcov.info | coveralls && rm -rf test/.coverage",
         "lint": "./node_modules/.bin/eslint src/"
     },
     "dependencies": {
@@ -12,7 +12,7 @@
         "body-parser": "~1.0.1",
         "cross-env": "^3.1.3",
         "express": "~4.11.0",
-	"jsonwebtoken": "^8.0.1",
+        "jsonwebtoken": "^8.0.1",
         "mongoose": "^3.6.13",
         "moviedb": "^0.2.10",
         "node-cache": "^4.1.1",
@@ -21,17 +21,15 @@
         "raven": "^2.2.1",
         "request": "^2.81.0",
         "request-promise": "^4.2",
-        "sqlite": "^2.9.0"
+        "sqlite3": "3.1.13"
     },
     "devDependencies": {
-	"eslint": "^4.9.0",
+        "eslint": "^4.9.0",
         "eslint-config-airbnb-base": "^12.1.0",
         "eslint-plugin-import": "^2.8.0",
-        "eslint": "^4.9.0",
         "istanbul": "^0.4.5",
         "mocha": "^3.1.0",
         "supertest": "^2.0.1",
         "supertest-as-promised": "^4.0.1"
-
     }
 }

seasoned_api/src/database/schemas/setup.sql

@@ -2,6 +2,7 @@ CREATE TABLE IF NOT EXISTS user (
     user_name varchar(127) UNIQUE,
     password varchar(127),
     email varchar(127) UNIQUE,
+    admin boolean DEFAULT 0,
     primary key (user_name)
 );
 
@@ -29,7 +30,7 @@ CREATE TABLE IF NOT EXISTS requests(
     background_path TEXT DEFAULT NULL,
     requested_by TEXT,
     ip TEXT,
-    requested_date DATE DEFAULT CURRENT_DATE NOT NULL,
+    date DATE DEFAULT CURRENT_TIMESTAMP,
     status CHAR(25) DEFAULT 'requested' NOT NULL,
     user_agent CHAR(255) DEFAULT NULL,
     type CHAR(50) DEFAULT 'movie'

seasoned_api/src/database/sqliteDatabase.js

@@ -1,12 +1,12 @@
 const fs = require('fs');
 const path = require('path');
-const sqlite = require('sqlite');
+const sqlite3 = require('sqlite3').verbose();
 
 class SqliteDatabase {
 
    constructor(host) {
       this.host = host;
-      this.connection = sqlite;
+      this.connection = this.connect()
       this.schemaDirectory = path.join(__dirname, 'schemas');
    }
 
@@ -15,9 +15,9 @@ class SqliteDatabase {
    * @returns {Promise} succeeds if connection was established
    */
    connect() {
-      return Promise.resolve()
+      let database = new sqlite3.Database(this.host);
-         .then(() => sqlite.open(this.host))
+      this.connection = database;
-         .then(() => sqlite.exec('pragma foreign_keys = on;'));
+      return database;
    }
 
    /**
@@ -27,7 +27,13 @@ class SqliteDatabase {
    * @returns {Promise}
    */
    run(sql, parameters) {
-      return this.connection.run(sql, parameters);
+      return new Promise((resolve, reject) => {
+         this.connection.run(sql, parameters, (error, result) => {
+            if (error)
+               reject(error);
+            resolve(result)
+         });
+      });
    }
 
    /**
@@ -36,8 +42,15 @@ class SqliteDatabase {
    * @param {Array} parameters in the SQL query
    * @returns {Promise}
    */
-   all(sql, parameters) {
+   async all(sql, parameters) {
-      return this.connection.all(sql, parameters);
+      return new Promise((resolve, reject) => {
+         this.connection.all(sql, parameters, (err, rows) => {
+            if (err) {
+               reject(err);
+            }
+            resolve(rows);
+         })
+      })
    }
 
    /**
@@ -46,8 +59,15 @@ class SqliteDatabase {
    * @param {Array} parameters in the SQL query
    * @returns {Promise}
    */
-   get(sql, parameters) {
+   async get(sql, parameters) {
-      return this.connection.get(sql, parameters);
+      return new Promise((resolve, reject) => {
+         this.connection.get(sql, parameters, (err, rows) => {
+            if (err) {
+               reject(err);
+            }
+            resolve(rows);
+         })
+      })
    }
 
    /**
@@ -56,8 +76,10 @@ class SqliteDatabase {
    * @param {Array} parameters in the SQL query
    * @returns {Promise}
    */
-   execute(sql) {
+   async execute(sql) {
-      return this.connection.exec(sql);
+      return new Promise(resolve => {
+         resolve(this.connection.exec(sql));
+      })
    }
 
    /**

seasoned_api/src/pirate/pirateRepository.js

@@ -1,6 +1,22 @@
 const assert = require('assert');
+const http = require('http');
+const { URL } = require('url');
 const PythonShell = require('python-shell');
 
+function getMagnetFromURL(url) {
+   return new Promise((resolve, reject) => {
+      const options = new URL(url);
+      if (options.protocol.includes('magnet'))
+         resolve(url)
+
+      http.get(options, (res) => {
+         if (res.statusCode == 301) {
+            resolve(res.headers.location)
+         }
+      });
+   });
+}
+
 async function find(searchterm, callback) {
    const options = {
       pythonPath: '/usr/bin/python3',
@@ -13,14 +29,21 @@ async function find(searchterm, callback) {
 }
 
 
-async function callPythonAddMagnet(magnet, callback) {
+async function callPythonAddMagnet(url, callback) {
-   const options = {
+   getMagnetFromURL(url)
-      pythonPath: '/usr/bin/python',
+   .then((magnet) => {
-      // pythonPath: '/Library/Frameworks/Python.framework/Versions/3.6/bin/python3',
+      const options = {
-      args: [magnet],
+         pythonPath: '/usr/bin/python',
-   };
+      	 // pythonPath: '/Library/Frameworks/Python.framework/Versions/3.6/bin/python3',
+      	 args: [magnet],
+      };
 
-   PythonShell.run('../app/magnet.py', options, callback);
+      PythonShell.run('../app/magnet.py', options, callback);
+   })
+   .catch((err) => {
+      console.log(err);
+      throw new Error(err);
+   })
 }
 
 async function SearchPiratebay(query) {
@@ -39,13 +62,14 @@ async function SearchPiratebay(query) {
 }
 
 async function AddMagnet(magnet) {
-   return await new Promise(resolve => callPythonAddMagnet(magnet, (err, results) => {
+   return await new Promise((resolve, reject) => callPythonAddMagnet(magnet, (err, results) => {
       if (err) {
          /* eslint-disable no-console */
          console.log(err);
+	 reject(Error('Enable to add torrent', err)) 
       }
       /* eslint-disable no-console */
-      console.log(results);
+      console.log('result/error:', err, results);
       resolve({ success: true });
    }));
 }

seasoned_api/src/plex/plexRepository.js

@@ -6,7 +6,12 @@ class PlexRepository {
    inPlex(tmdbResult) {
       return Promise.resolve()
          .then(() => this.search(tmdbResult.title))
-         .then(plexResult => this.compareTmdbToPlex(tmdbResult, plexResult));
+         .then(plexResult => this.compareTmdbToPlex(tmdbResult, plexResult))
+         .catch((error) => {
+            console.log(error)
+            tmdbResult.matchedInPlex = false;
+            return tmdbResult;
+         });
    }
 
    search(query) {
@@ -19,6 +24,9 @@ class PlexRepository {
       };
 
       return rp(options)
+         .catch((error) => {
+            throw new Error('Unable to search plex.')
+         })
          .then(result => this.mapResults(result))
          .then(([mappedResults, resultCount]) => ({ results: mappedResults, total_results: resultCount }));
    }
@@ -26,10 +34,15 @@ class PlexRepository {
    compareTmdbToPlex(tmdb, plexResult) {
       return Promise.resolve()
          .then(() => {
-            plexResult.results.map((plexItem) => {
+            if (plexResult.results.length === 0) {
-               if (tmdb.title === plexItem.title && tmdb.year === plexItem.year) { tmdb.matchedInPlex = true; }
+               tmdb.matchedInPlex = false
-               return tmdb;
+            } 
-            });
+            else {
+               plexResult.results.map((plexItem) => {
+                  if (tmdb.title === plexItem.title && tmdb.year === plexItem.year) { tmdb.matchedInPlex = true; }
+                  return tmdb;
+               });
+            }
             return tmdb;
          });
    }

seasoned_api/src/plex/requestRepository.js

@@ -16,19 +16,24 @@ class RequestRepository {
    constructor(cache, database) {
       this.database = database || establishedDatabase;
       this.queries = {
-         insertRequest: "INSERT INTO requests VALUES (?, ?, ?, ?, ?, ?, ?, CURRENT_DATE, 'requested', ?, ?)",
+         insertRequest: `INSERT INTO requests(id,title,year,poster_path,background_path,requested_by,ip,user_agent,type)
-         fetchRequstedItems: 'SELECT * FROM requests',
+          VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+         fetchRequestedItems: 'SELECT * FROM requests ORDER BY date DESC',
+         fetchRequestedItemsByStatus: 'SELECT * FROM requests WHERE status IS ? AND type LIKE ?',
          updateRequestedById: 'UPDATE requests SET status = ? WHERE id is ? AND type is ?',
          checkIfIdRequested: 'SELECT * FROM requests WHERE id IS ? AND type IS ?',
+         userRequests: 'SELECT * FROM requests WHERE requested_by IS ?'
+      };
+      this.cacheTags = {
+         search: 'se',
+         lookup: 'i',
       };
    }
 
    search(query, type, page) {
       return Promise.resolve()
          .then(() => tmdb.search(query, type, page))
-      // .then((tmdbResult) => plexRepository.multipleInPlex(tmdbResult))
+         .catch(error => Error(`error in the house${error}`));
-         .then(result => result)
-         .catch(error => `error in the house${error}`);
    }
 
    lookup(identifier, type = 'movie') {
@@ -60,53 +65,33 @@ class RequestRepository {
    * @returns {Promise} If nothing has gone wrong.
    */
    sendRequest(identifier, type, ip, user_agent, user) {
-      tmdb.lookup(identifier, type).then((movie) => {
+   	return Promise.resolve()
-         if (user === 'false') { user = 'NULL'; }
+   	.then(() => tmdb.lookup(identifier, type))
+      .then((movie) => {
+      	const username = user == undefined ? undefined : user.username;
          // Add request to database
-         this.database.run(this.queries.insertRequest, [movie.id, movie.title, movie.year, movie.poster_path, movie.background_path, user, ip, user_agent, movie.type]);
+         return this.database.run(this.queries.insertRequest, [movie.id, movie.title, movie.year, movie.poster_path, movie.background_path, username, ip, user_agent, movie.type]);
-
-
-         // create reusable transporter object using the default SMTP transport
-         const transporter = nodemailer.createTransport({
-            service: 'gmail',
-            auth: {
-               user: configuration.get('mail', 'user_pi'),
-               pass: configuration.get('mail', 'password_pi'),
-            },
-            // host: configuration.get('mail', 'host'),
-            // port: 26,
-            // ignoreTLS: true,
-            // tls :{rejectUnauthorized: false},
-            // secure: false, // secure:true for port 465, secure:false for port 587
-         });
-
-         const mailTemplate = new MailTemplate(movie);
-
-         // setup email data with unicode symbols
-         const mailOptions = {
-            // TODO get the mail adr from global location (easy to add)
-            from: 'MovieRequester <pi.midboe@gmail.com>', // sender address
-            to: 'kevin.midboe@gmail.com', // list of receivers
-            subject: 'Download request', // Subject line
-            text: mailTemplate.toText(),
-            html: mailTemplate.toHTML(),
-         };
-
-         // send mail with defined transport object
-         transporter.sendMail(mailOptions, (error, info) => {
-            if (error) {
-               return console.log(error);
-            }
-            console.log('Message %s sent: %s', info.messageId, info.response);
-         });
       });
-
-      // TODO add better response when done.
-      return Promise.resolve();
    }
 
-   fetchRequested() {
+   fetchRequested(status, type = '%') {
-      return this.database.all(this.queries.fetchRequstedItems);
+   	return Promise.resolve()
+   	.then(() => {
+	      if (status === 'requested' || status === 'downloading' || status === 'downloaded')
+	         return this.database.all(this.queries.fetchRequestedItemsByStatus, [status, type]);
+	      else
+	         return this.database.all(this.queries.fetchRequestedItems);
+   	})
+   }
+
+   userRequests(user) {
+   	return Promise.resolve()
+         .then(() => this.database.all(this.queries.userRequests, user.username))
+         .catch((error) => {
+            if (String(error).includes('no such column')) { throw new Error('Username not found'); }
+            else { throw new Error('Unable to fetch your requests')}
+         })
+         .then((result) => { return result })
    }
 
    updateRequestedById(id, type, status) {

seasoned_api/src/searchHistory/searchHistory.js

@@ -15,8 +15,15 @@ class SearchHistory {
    * @returns {Promise}
    */
    read(user) {
-      return this.database.all(this.queries.read, user)
+      return new Promise((resolve, reject) => this.database.all(this.queries.read, user)
-         .then(rows => rows.map(row => row.search_query));
+         .then((result, error) => {
+            if (error) throw new Error(error);
+            resolve(result.map(row => row.search_query));
+         })
+         .catch((error) => {
+            console.log('Error when fetching history from database:', error)
+            reject('Unable to get history.');
+         }));
    }
 
    /**
@@ -26,7 +33,8 @@ class SearchHistory {
    * @returns {Promise}
    */
    create(user, searchQuery) {
-      return this.database.run(this.queries.create, [searchQuery, user])
+      return Promise.resolve()
+         .then(() => this.database.run(this.queries.create, [searchQuery, user]))
          .catch((error) => {
             if (error.message.includes('FOREIGN')) {
                throw new Error('Could not create search history.');

seasoned_api/src/tmdb/cache.js

@@ -33,7 +33,7 @@ class Cache {
     * @param {Number} timeToLive the number of seconds before entry expires
     * @returns {Object}
     */
-   set(key, value, timeToLive = 172800) {
+   set(key, value, timeToLive = 10800) {
       const json = JSON.stringify(value);
       return Promise.resolve()
          .then(() => this.database.run(this.queries.create, [key, json, timeToLive]))

seasoned_api/src/user/user.js

@@ -1,5 +1,5 @@
 class User {
-   constructor(username, email) {
+   constructor(username, email=undefined) {
       this.username = username;
       this.email = email;
    }

seasoned_api/src/user/userRepository.js

@@ -6,9 +6,10 @@ class UserRepository {
       this.database = database || establishedDatabase;
       this.queries = {
          read: 'select * from user where lower(user_name) = lower(?)',
-         create: 'insert into user (user_name, email) values(?, ?)',
+         create: 'insert into user (user_name) values (?)',
          change: 'update user set password = ? where user_name = ?',
          retrieveHash: 'select * from user where user_name = ?',
+         getAdminStateByUser: 'select admin from user where user_name = ?'
       };
    }
 
@@ -20,13 +21,10 @@ class UserRepository {
    create(user) {
       return Promise.resolve()
          .then(() => this.database.get(this.queries.read, user.username))
-         .then(row => assert.equal(row, undefined))
+         .then(() => this.database.run(this.queries.create, user.username))
-         .then(() => this.database.run(this.queries.create, [user.username, user.email]))
          .catch((error) => {
-            if (error.message.endsWith('email')) {
+            if (error.name === 'AssertionError' || error.message.endsWith('user_name')) {
-               throw new Error('That email is already taken');
+               throw new Error('That username is already registered');
-            } else if (error.name === 'AssertionError' || error.message.endsWith('user_name')) {
-               throw new Error('That username is already taken');
             }
          });
    }
@@ -52,6 +50,12 @@ class UserRepository {
    changePassword(user, password) {
       return this.database.run(this.queries.change, [password, user.username]);
    }
+
+   checkAdmin(user) {
+      return this.database.get(this.queries.getAdminStateByUser, user.username).then((row) => {
+         return row.admin;
+      })
+   }
 }
 
 module.exports = UserRepository;

seasoned_api/src/user/userSecurity.js

@@ -15,8 +15,6 @@ class UserSecurity {
    createNewUser(user, clearPassword) {
       if (user.username.trim() === '') {
          throw new Error('The username is empty.');
-      } else if (user.email.trim() === '') {
-         throw new Error('The email is empty.');
       } else if (clearPassword.trim() === '') {
          throw new Error('The password is empty.');
       } else {

seasoned_api/src/webserver/app.js

@@ -3,6 +3,7 @@ const Raven = require('raven');
 const bodyParser = require('body-parser');
 const tokenToUser = require('./middleware/tokenToUser');
 const mustBeAuthenticated = require('./middleware/mustBeAuthenticated');
+const mustBeAdmin = require('./middleware/mustBeAdmin');
 const configuration = require('src/config/configuration').getInstance();
 
 // TODO: Have our raven router check if there is a value, if not don't enable raven.
@@ -61,7 +62,8 @@ app.use(function onError(err, req, res, next) {
  */
 router.post('/v1/user', require('./controllers/user/register.js'));
 router.post('/v1/user/login', require('./controllers/user/login.js'));
-router.get('/v1/user/history', require('./controllers/user/history.js'));
+router.get('/v1/user/history', mustBeAuthenticated, require('./controllers/user/history.js'));
+router.get('/v1/user/requests', mustBeAuthenticated, require('./controllers/user/requests.js'));
 
 /**
  * Seasoned
@@ -104,6 +106,10 @@ router.get('/v1/tmdb/:mediaId', require('./controllers/tmdb/readMedia.js'));
  */
 router.post('/v1/git/dump', require('./controllers/git/dumpHook.js'));
 
+/**
+ * misc
+ */
+ router.get('/v1/emoji', require('./controllers/misc/emoji.js'));
 
 // REGISTER OUR ROUTES -------------------------------
 // all of our routes will be prefixed with /api

seasoned_api/src/webserver/controllers/pirate/addMagnet.js

@@ -8,7 +8,7 @@
 
 const PirateRepository = require('src/pirate/pirateRepository');
 
-function updateRequested(req, res) {
+function addMagnet(req, res) {
    const magnet = req.body.magnet;
 
    PirateRepository.AddMagnet(magnet)
@@ -16,8 +16,8 @@ function updateRequested(req, res) {
          res.send(result);
       })
       .catch((error) => {
-         res.status(401).send({ success: false, error: error.message });
+         res.status(500).send({ success: false, error: error.message });
       });
 }
 
-module.exports = updateRequested;
+module.exports = addMagnet;

seasoned_api/src/webserver/controllers/pirate/searchTheBay.js

@@ -2,7 +2,7 @@
 * @Author: KevinMidboe
 * @Date:   2017-10-21 09:54:31
 * @Last Modified by:   KevinMidboe
-* @Last Modified time: 2017-10-21 12:12:26
+* @Last Modified time: 2018-02-26 19:56:32
 */
 
 const PirateRepository = require('src/pirate/pirateRepository');
@@ -19,7 +19,7 @@ function updateRequested(req, res) {
 
    PirateRepository.SearchPiratebay(query, page, type)
       .then((result) => {
-         res.send({ success: true, torrents: result });
+         res.send({ success: true, results: result });
       })
       .catch((error) => {
          res.status(401).send({ success: false, error: error.message });

seasoned_api/src/webserver/controllers/plex/fetchRequested.js

@@ -8,10 +8,11 @@ const requestRepository = new RequestRepository();
  * @param {Response} res
  * @returns {Callback}
  */
-function historyController(req, res) {
+function fetchRequestedController(req, res) {
    // const user = req.loggedInUser;
+   const { status } = req.query;
 
-   requestRepository.fetchRequested()
+   requestRepository.fetchRequested(status)
       .then((requestedItems) => {
          res.send({ success: true, results: requestedItems, total_results: requestedItems.length });
       })
@@ -20,4 +21,4 @@ function historyController(req, res) {
       });
 }
 
-module.exports = historyController;
+module.exports = fetchRequestedController;

seasoned_api/src/webserver/controllers/plex/searchRequest.js

@@ -8,17 +8,18 @@ const searchHistory = new SearchHistory();
 
 
 function searchRequestController(req, res) {
-   const user = req.headers.loggedinuser;
+   const user = req.loggedInUser;
    const { query, page, type } = req.query;
+   const username = user == undefined ? undefined : user.username;
 
    Promise.resolve()
-      .then(() => searchHistory.create(user, query))
+      .then(() => searchHistory.create(username, query))
       .then(() => requestRepository.search(query, page, type))
       .then((searchResult) => {
          res.send(searchResult);
       })
       .catch((error) => {
-         res.status(500).send({ success: false, error: error.message });
+         res.status(500).send({ success: false, error: error });
       });
 }
 

seasoned_api/src/webserver/controllers/plex/submitRequest.js

@@ -15,7 +15,7 @@ function submitRequestController(req, res) {
    const type = req.query.type;
    const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
    const user_agent = req.headers['user-agent'];
-   const user = req.headers.loggedinuser;
+   const user = req.loggedInUser;
 
    requestRepository.sendRequest(id, type, ip, user_agent, user)
       .then(() => {

seasoned_api/src/webserver/controllers/user/history.js

@@ -10,13 +10,14 @@ const searchHistory = new SearchHistory();
  */
 function historyController(req, res) {
    const user = req.loggedInUser;
+   const username = user == undefined ? undefined : user.username;
 
-   searchHistory.read(user)
+   searchHistory.read(username)
       .then((searchQueries) => {
          res.send({ success: true, searchQueries });
       })
       .catch((error) => {
-         res.status(401).send({ success: false, error: error.message });
+         res.status(404).send({ success: false, error: error });
       });
 }
 

seasoned_api/src/webserver/controllers/user/login.js

@@ -1,10 +1,12 @@
 const User = require('src/user/user');
 const Token = require('src/user/token');
 const UserSecurity = require('src/user/userSecurity');
+const UserRepository = require('src/user/userRepository');
 const configuration = require('src/config/configuration').getInstance();
 
 const secret = configuration.get('authentication', 'secret');
 const userSecurity = new UserSecurity();
+const userRepository = new UserRepository();
 
 /**
  * Controller: Log in a user provided correct credentials.
@@ -17,9 +19,11 @@ function loginController(req, res) {
    const password = req.body.password;
 
    userSecurity.login(user, password)
-      .then(() => {
+      .then(() => userRepository.checkAdmin(user))
+      .then((checkAdmin) => {
          const token = new Token(user).toString(secret);
-         res.send({ success: true, token });
+         const admin_state = checkAdmin == 1 ? true : false;
+         res.send({ success: true, token, admin: admin_state });
       })
       .catch((error) => {
          res.status(401).send({ success: false, error: error.message });

seasoned_api/src/webserver/controllers/user/register.js

@@ -1,7 +1,12 @@
 const User = require('src/user/user');
+const Token = require('src/user/token');
 const UserSecurity = require('src/user/userSecurity');
+const UserRepository = require('src/user/userRepository');
+const configuration = require('src/config/configuration').getInstance();
 
+const secret = configuration.get('authentication', 'secret');
 const userSecurity = new UserSecurity();
+const userRepository = new UserRepository();
 
 /**
  * Controller: Register a new user
@@ -14,8 +19,11 @@ function registerController(req, res) {
    const password = req.body.password;
 
    userSecurity.createNewUser(user, password)
-      .then(() => {
+      .then(() => userRepository.checkAdmin(user))
-         res.send({ success: true, message: 'Welcome to Seasoned!' });
+      .then((checkAdmin) => {
+         const token = new Token(user).toString(secret);
+         const admin_state = checkAdmin == 1 ? true : false;
+         res.send({ success: true, message: 'Welcome to Seasoned!', token, admin: admin_state });
       })
       .catch((error) => {
          res.status(401).send({ success: false, error: error.message });

seasoned_api/src/webserver/controllers/user/requests.js

@@ -0,0 +1,24 @@
+const RequestRepository = require('src/plex/requestRepository.js');
+
+const requestRepository = new RequestRepository();
+
+/**
+ * Controller: Retrieves requested items of a logged in user
+ * @param {Request} req http request variable
+ * @param {Response} res
+ * @returns {Callback}
+ */
+function requestsController(req, res) {
+   const user = req.loggedInUser;
+
+   requestRepository.userRequests(user)
+      .then((requests) => {
+         res.send({ success: true, results: requests, total_results: requests.length });
+      })
+      .catch((error) => {
+         console.log(error)
+         res.status(500).send({ success: false, error: error });
+      });
+}
+
+module.exports = requestsController;

seasoned_api/src/webserver/middleware/mustBeAdmin.js

@@ -0,0 +1,27 @@
+const establishedDatabase = require('src/database/database');
+
+const mustBeAdmin = (req, res, next) => {
+   let database = establishedDatabase;
+
+   if (req.loggedInUser === undefined) {
+      return res.status(401).send({
+         success: false,
+         error: 'You must be logged in.',
+      });
+   } else {
+      database.get(`SELECT admin FROM user WHERE user_name IS ?`, req.loggedInUser.username)
+      .then((isAdmin) => {
+         console.log(isAdmin, req.loggedInUser)
+         if (isAdmin.admin == 0) {
+            return res.status(401).send({
+               success: false,
+               error: 'You must be logged in as a admin.'
+            })
+         }
+      })
+   }
+
+   return next();
+};
+
+module.exports = mustBeAdmin;