expressで簡易ブログをつくります。
var bodyParser = require('body-parser'); var logger = require('morgan'); var express = require('express'), app = express() post = require('./routes/post'); app.set('views', __dirname + '/views'); app.set('view engine', 'ejs'); // middleware app.use(bodyParser.json()); app.use(bodyParser.urlencoded({extended: true})); app.use(express.methodOverride()); app.use(logger('dev')); app.use(function(err, req, ers, next){ res.send(err.message); }); // csrf対策 app.use(express.cookieParser()); app.use(express.session({secret: '386424ggrsr'})); app.use(express.csrf()); app.use(function(req, res, next){ res.locals.csrftoken = req.csrfToken(); next(); }); // routing app.get('/', post.index); app.get('/posts/:id([0-9]+)', post.show); app.get('/posts/new', post.new); app.post('/posts/create', post.create); app.get('/posts/:id/edit', post.edit); app.put('/posts/:id', post.update); app.delete('/posts/:id', post.destroy); /* app.get('/new', function(req, res){ res.render('new'); }); */ app.listen(3000); console.log("server starting...");
post.js
var bodyParser = require('body-parser'); var logger = require('morgan'); var express = require('express'), app = express() post = require('./routes/post'); app.set('views', __dirname + '/views'); app.set('view engine', 'ejs'); // middleware app.use(bodyParser.json()); app.use(bodyParser.urlencoded({extended: true})); app.use(express.methodOverride()); app.use(logger('dev')); app.use(function(err, req, ers, next){ res.send(err.message); }); // csrf対策 app.use(express.cookieParser()); app.use(express.session({secret: '386424ggrsr'})); app.use(express.csrf()); app.use(function(req, res, next){ res.locals.csrftoken = req.csrfToken(); next(); }); // routing app.get('/', post.index); app.get('/posts/:id([0-9]+)', post.show); app.get('/posts/new', post.new); app.post('/posts/create', post.create); app.get('/posts/:id/edit', post.edit); app.put('/posts/:id', post.update); app.delete('/posts/:id', post.destroy); /* app.get('/new', function(req, res){ res.render('new'); }); */ app.listen(3000); console.log("server starting...");
index.html
<% include ../header %> <body> <h1>Posts</h1> <ul> <% for (var i = 0; i < posts.length; i++){%> <li><a href="/posts/<%= i %>"><%= posts[i].title %></a></li> <li><a href="/posts/<%= i %>/edit">[Edit]</a></li> <form method="post" action="/posts/<%= i %>"> <input type="submit" value="del"> <input type="hidden" name="_csrf" value="<%= csrftoken %>"> <input type="hidden" name="_method" value="delete"> <input type="hidden" name="id" value="<%= i %>"> </form> </li> <% } %> </ul> <p><a href="/posts/">Add new</a></p> <% include ../footer %>
post
var posts = [ {title: 'title0', body: 'body0'}, {title: 'title1', body: 'body1'}, {title: 'title2', body: 'body2'}, ]; exports.index = function(req, res){ res.render('posts/index', {posts: posts}); }; exports.show = function(req, res){ res.render('posts/show', {post: posts[req.params.id]}); }; exports.update = function(req, res, next){ if (req.body.id !== req.params.id){ next(new Error('ID not valid')); }else { posts[req.body.id] = { title: req.body.title, body: req.body.body }; res.redirect('/'); }; exports.destroy = function(req, res, next){ if (req.body.id !== req.params.id){ next(new Error('ID not valid')); }else { posts.splice(req.body.id, 1); res.redirect('/'); } }; exports.show = function(req, res){ res.render('posts/new'); }; exports.create = function(req, res){ var post = { title: req.body.title, body: req.body.body }; posts.push(post); res.redirect('/'); }; exports.edit = function(req, res){ res.render('posts/edit', {post: posts[req.params.id], id: req.params.id}); };
edit
<% include ../header %> <body> <h1>Edit</h1> <form method="post" action="/posts/<%= id %>"> <input type="text" name="title" value="<%= post.title %>"> <input type="text" name="body" value="<%= post.body %>"> <input type="hidden" name="_csrf" value="<%= csrftoken %>"> <input type="hidden" name="_method" value="Update"> <input type="hidden" name="id" value="<%= id %>"> <input type="submit" value="Update"> </form> <p><a href="/">go back</a></p> <% include ../footer %>
new
<% include ../header %> <body> <h1>Add nnew</h1> <form method="post" action="/posts/create"> <input type="text" name="body"> <input type="hidden" name="_csrf" value="<%= csrftoken %>"> <input type="submit" value="add!"> </form> <p><a href="/">go back</a></p> <% include ../footer %>
show
<% include ../header %> <body> <h1><%= post.title %></h1> <p><%= post.body%></p> <p><a href="/">go back</a></p> <% include ../footer %>
header
<!DOCTYPE html> <html> <head> <meta charset="utf-8"> </head>
footer
</body> </html>