implemented searc (useful for next flagstore)

Robert Quander · Robert Quander · commit 735a36e0d42b · 2025-06-21T13:42:35.000+02:00
diff --git a/service/Sources/App/routes.swift b/service/Sources/App/routes.swift
@@ -996,151 +996,236 @@ app.post("register") { req async throws -> Response in
                     body: .init(string: html))
   }
 
-app.get("home-of", ":homeID") { req async throws -> Response in
-    let raw = req.parameters.get("homeID") ?? ""
-    guard
-        let lookupID = UUID(uuidString: raw),
-        let profile = try await Profile.query(on: req.db)
-            .filter(\.$homeID == lookupID)
-            .first()
-    else {
-        return req.redirect(to: "/usernotfound?username=\(raw.htmlEscaped())")
-    }
+    app.get("home-of", ":homeID") { req async throws -> Response in
+        let raw = req.parameters.get("homeID") ?? ""
+        guard
+            let lookupID = UUID(uuidString: raw),
+            let profile = try await Profile.query(on: req.db)
+                .filter(\.$homeID == lookupID)
+                .first()
+        else {
+            return req.redirect(to: "/usernotfound?username=\(raw.htmlEscaped())")
+        }
 
-    // Fetch only public posts
-    let posts = try await Post.query(on: req.db)
-        .filter(\.$profile.$id == profile.id!)
-        .filter(\.$isPrivate == false)
-        .sort(\.$timestamp, .descending)
-        .all()
+        // Fetch only public posts
+        let posts = try await Post.query(on: req.db)
+            .filter(\.$profile.$id == profile.id!)
+            .filter(\.$isPrivate == false)
+            .sort(\.$timestamp, .descending)
+            .all()
 
-    // Build the posts HTML
-    var postHTML = ""
-    for post in posts {
-        let rawText   = String(data: post.encryptedText, encoding: .utf8) ?? ""
-        let text      = rawText.htmlEscaped()
-        let imageTag  = post.imagePath.map { path -> String in
-            let fn = URL(fileURLWithPath: path).lastPathComponent
-            return "<img src='/uploads/\(fn)' style='max-width:300px'><br>"
-        } ?? ""
-        let ts        = post.timestamp.map { "\($0)" } ?? "Unknown"
-        postHTML += """
-        <div class="post">
-          \(imageTag)
-          <p>\(text)</p>
-          <p><em>\(ts)</em> | 🌴 \(post.facepalmCount)</p>
+        // Build the posts HTML
+        var postHTML = ""
+        for post in posts {
+            let rawText   = String(data: post.encryptedText, encoding: .utf8) ?? ""
+            let text      = rawText.htmlEscaped()
+            let imageTag  = post.imagePath.map { path -> String in
+                let fn = URL(fileURLWithPath: path).lastPathComponent
+                return "<img src='/uploads/\(fn)' style='max-width:300px'><br>"
+            } ?? ""
+            let ts        = post.timestamp.map { "\($0)" } ?? "Unknown"
+            postHTML += """
+            <div class="post">
+            \(imageTag)
+            <p>\(text)</p>
+            <p><em>\(ts)</em> | 🌴 \(post.facepalmCount)</p>
+            </div>
+            """
+        }
+
+        // Bio
+        let bioHTML = profile.bio?.htmlEscaped() ?? "<em>This user has no bio.</em>"
+
+        // Profile picture (if any)
+        let profilePicTag: String = {
+            let uploadsDir = req.application.directory.publicDirectory + "uploads"
+            let files = (try? FileManager.default.contentsOfDirectory(atPath: uploadsDir)) ?? []
+            if let pic = files.first(where: { $0.contains(profile.id!.uuidString) }) {
+                return "<img src='/uploads/\(pic)' style='max-width:150px;border-radius:10px'>"
+            } else {
+                return ""
+            }
+        }()
+
+        // Follow / Unfollow form
+        var followForm = ""
+        if
+        let sid = req.session.data["profileID"],
+        let visitorID = UUID(uuidString: sid),
+        visitorID != profile.id,
+        let visitor = try await Profile.find(visitorID, on: req.db)
+        {
+            let attached = try await visitor.$follows.isAttached(to: profile, on: req.db)
+            if attached {
+                followForm = """
+                <form method="POST" action="/settings/unfriend" onsubmit="return confirm('Are you sure?');">
+                <input type="hidden" name="unfollowID" value="\(profile.id!)">
+                <button type="submit" style="background-color:#f88">Unfriend</button>
+                </form>
+                """
+            } else {
+                followForm = """
+                <form method="POST" action="/add-friend">
+                <input type="hidden" name="targetID" value="\(profile.id!)">
+                <button type="submit">Add Friend</button>
+                </form>
+                """
+            }
+        }
+
+        // Assemble the page
+        let contentHTML = """
+        <div class="container">
+        <h2>\(profile.username)'s Public Profile</h2>
+        <div style="display:flex;align-items:center;gap:20px;">
+            \(profilePicTag)
+            \(followForm)
+        </div>
+        <p><strong>Bio:</strong><br>\(bioHTML)</p>
+        <h3>Public Posts</h3>
+        \(postHTML.isEmpty ? "<p>No public posts yet.</p>" : postHTML)
         </div>
         """
+
+        let html = pageHead("\(profile.username)'s Profile")
+                + banner("""
+                    <a href="/feed">Feed</a>
+                    <a href="/logout">Logout</a>
+                    <a href="/profile">My Profile</a>
+                """)
+                + contentHTML
+                + pageFooter()
+
+        return Response(
+        status: .ok,
+        headers: ["Content-Type": "text/html; charset=utf-8"],
+        body: .init(string: html)
+        )
     }
 
-    // Bio
-    let bioHTML = profile.bio?.htmlEscaped() ?? "<em>This user has no bio.</em>"
-
-    // Profile picture (if any)
-    let profilePicTag: String = {
-        let uploadsDir = req.application.directory.publicDirectory + "uploads"
-        let files = (try? FileManager.default.contentsOfDirectory(atPath: uploadsDir)) ?? []
-        if let pic = files.first(where: { $0.contains(profile.id!.uuidString) }) {
-            return "<img src='/uploads/\(pic)' style='max-width:150px;border-radius:10px'>"
-        } else {
-            return ""
-        }
-    }()
-
-    // Follow / Unfollow form
-    var followForm = ""
-    if
-      let sid = req.session.data["profileID"],
-      let visitorID = UUID(uuidString: sid),
-      visitorID != profile.id,
-      let visitor = try await Profile.find(visitorID, on: req.db)
-    {
-        let attached = try await visitor.$follows.isAttached(to: profile, on: req.db)
-        if attached {
-            followForm = """
-            <form method="POST" action="/settings/unfriend" onsubmit="return confirm('Are you sure?');">
-              <input type="hidden" name="unfollowID" value="\(profile.id!)">
-              <button type="submit" style="background-color:#f88">Unfriend</button>
-            </form>
-            """
-        } else {
-            followForm = """
-            <form method="POST" action="/add-friend">
-              <input type="hidden" name="targetID" value="\(profile.id!)">
-              <button type="submit">Add Friend</button>
-            </form>
-            """
+
+  // FRIENDSHIP ACTIONS
+    app.post("add-friend") { req async throws -> Response in
+        struct AF: Content { let targetID: UUID }
+        let d = try req.content.decode(AF.self)
+        guard
+            let sid    = req.session.data["profileID"],
+            let pid    = UUID(uuidString: sid),
+            let source = try await Profile.find(pid, on: req.db),
+            let target = try await Profile.find(d.targetID, on: req.db)
+        else {
+            return req.redirect(to: "/login")
         }
-    }
 
-    // Assemble the page
-    let contentHTML = """
-    <div class="container">
-      <h2>\(profile.username)'s Public Profile</h2>
-      <div style="display:flex;align-items:center;gap:20px;">
-        \(profilePicTag)
-        \(followForm)
-      </div>
-      <p><strong>Bio:</strong><br>\(bioHTML)</p>
-      <h3>Public Posts</h3>
-      \(postHTML.isEmpty ? "<p>No public posts yet.</p>" : postHTML)
-    </div>
-    """
+        if !(try await source.$follows.isAttached(to: target, on: req.db)) {
+            try await source.$follows.attach(target, on: req.db)
+        }
 
-    let html = pageHead("\(profile.username)'s Profile")
-             + banner("""
-                 <a href="/feed">Feed</a>
-                 <a href="/logout">Logout</a>
-                 <a href="/profile">My Profile</a>
-               """)
-             + contentHTML
-             + pageFooter()
+        return req.redirect(to: "/home-of/\(target.homeID.uuidString)")
+    }
 
-    return Response(
-      status: .ok,
-      headers: ["Content-Type": "text/html; charset=utf-8"],
-      body: .init(string: html)
-    )
-}
+    app.post("unfriend") { req async throws -> Response in
+        struct UF: Content { let targetID: UUID }
+        let d = try req.content.decode(UF.self)
+        guard
+            let sid    = req.session.data["profileID"],
+            let pid    = UUID(uuidString: sid),
+            let source = try await Profile.find(pid, on: req.db),
+            let target = try await Profile.find(d.targetID, on: req.db)
+        else {
+            return req.redirect(to: "/login")
+        }
 
+        if try await source.$follows.isAttached(to: target, on: req.db) {
+            try await source.$follows.detach(target, on: req.db)
+        }
 
-  // FRIENDSHIP ACTIONS
-app.post("add-friend") { req async throws -> Response in
-    struct AF: Content { let targetID: UUID }
-    let d = try req.content.decode(AF.self)
-    guard
-        let sid    = req.session.data["profileID"],
-        let pid    = UUID(uuidString: sid),
-        let source = try await Profile.find(pid, on: req.db),
-        let target = try await Profile.find(d.targetID, on: req.db)
-    else {
-        return req.redirect(to: "/login")
+        return req.redirect(to: "/home-of/\(target.homeID.uuidString)")
     }
 
-    if !(try await source.$follows.isAttached(to: target, on: req.db)) {
-        try await source.$follows.attach(target, on: req.db)
-    }
+    app.get("search") { req async throws -> Response in
+        // 1) Guard session like in /feed, /settings, etc.
+        guard let sid = req.session.data["profileID"],
+            UUID(uuidString: sid) != nil
+        else {
+            return req.redirect(to: "/login")
+        }
 
-    return req.redirect(to: "/home-of/\(target.homeID.uuidString)")
-}
+        // 2) Grab & sanitize the query
+        let q = req.query[String.self, at: "q"]?
+                .trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
 
-app.post("unfriend") { req async throws -> Response in
-    struct UF: Content { let targetID: UUID }
-    let d = try req.content.decode(UF.self)
-    guard
-        let sid    = req.session.data["profileID"],
-        let pid    = UUID(uuidString: sid),
-        let source = try await Profile.find(pid, on: req.db),
-        let target = try await Profile.find(d.targetID, on: req.db)
-    else {
-        return req.redirect(to: "/login")
-    }
+        // 3) Build the page head + banner + search form
+        var html = pageHead("Search Profiles – Facepalm")
+        + banner("""
+            <a href="/profile">Profile</a>
+            <a href="/feed">Feed</a>
+            """)
+        + """
+            <main>
+            <div class="container">
+                <h1>Search Profiles</h1>
+                <form method="GET" action="/search" style="margin-bottom:20px;">
+                <input
+                    type="text"
+                    name="q"
+                    value="\(q.htmlEscaped())"
+                    placeholder="Username…"
+                    style="width:70%; padding:8px;"
+                >
+                <button type="submit" class="action-btn">Search</button>
+                </form>
+            """
 
-    if try await source.$follows.isAttached(to: target, on: req.db) {
-        try await source.$follows.detach(target, on: req.db)
-    }
+        // 4) If there's a query, run the DB lookup & render results
+        if !q.isEmpty {
+            let pattern = "%\(q)%"
+            let matches = try await Profile.query(on: req.db)
+                .filter(\.$username, .custom("ILIKE"), pattern)
+                .limit(50)
+                .all()
+
+            html += "<ul style=\"list-style:none; padding:0;\">"
+
+            // reuse the same uploads‐dir lookup as in your settings/friends section
+            let uploadsDir = req.application.directory.publicDirectory + "uploads"
+            let files = (try? FileManager.default.contentsOfDirectory(atPath: uploadsDir)) ?? []
+
+            for p in matches {
+                // pick the profile pic if it exists, otherwise use the Facepalm logo
+                let picFile = files.first { $0.contains(p.id!.uuidString) } ?? ""
+                let picURL = picFile.isEmpty
+                        ? "/facepalm_logo.png"
+                        : "/uploads/\(picFile)"
+                html += """
+                <li style="display:flex;align-items:center;margin-bottom:16px;">
+                    <a href="/home-of/\(p.homeID.uuidString)" style="margin-right:12px;">
+                    <img
+                        src="\(picURL)"
+                        alt="\(p.username.htmlEscaped())"
+                        style="width:48px;height:48px;border-radius:50%;object-fit:cover;"
+                    >
+                    </a>
+                    <a href="/home-of/\(p.homeID.uuidString)" style="font-weight:500;">
+                    \(p.username.htmlEscaped())
+                    </a>
+                </li>
+                """
+            }
+            html += "</ul>"
+        }
 
-    return req.redirect(to: "/home-of/\(target.homeID.uuidString)")
-}
+        // 5) Close tags and footer
+        html += """
+            </div>
+            </main>
+            """ + pageFooter()
 
+        // 6) Return the response
+        return Response(
+        status: .ok,
+        headers: ["Content-Type":"text/html; charset=utf-8"],
+        body: .init(string: html)
+        )
+    }
 }
