2021-05-05 10:13:49 -07:00
---
id: 587d824a367417b2b2512c45
2021-07-16 11:03:16 +05:30
title: 匿名留言板
2021-05-05 10:13:49 -07:00
challengeType: 4
forumTopicId: 301568
dashedName: anonymous-message-board
---
# --description--
2021-07-16 11:03:16 +05:30
構建一個功能上與此相似的全棧式 JavaScript 應用程序:< https: / / anonymous-message-board . freecodecamp . rocks / > 。
2021-05-05 10:13:49 -07:00
2021-07-16 11:03:16 +05:30
在這個項目中,你將使用以下方法之一編寫你的代碼:
2021-05-05 10:13:49 -07:00
2021-07-16 11:03:16 +05:30
- 克隆[這個 GitHub repo ](https://github.com/freeCodeCamp/boilerplate-project-messageboard/ ) 並在本地完成你的項目。
- 使用 [我們的 Replit 啓動項目 ](https://replit.com/github/freeCodeCamp/boilerplate-project-messageboard )來完成你的項目。
- 使用一個你喜歡的站點生成器來完成項目。 需要確定包含了我們 GitHub 倉庫的所有文件。
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
完成本項目後,請將一個正常運行的 demo( ) `Solution Link` 中。 此外,還可以提交一個指向項目源碼的 `GitHub Link` 。
2021-05-05 10:13:49 -07:00
# --instructions--
2021-07-16 11:03:16 +05:30
1. 當準備寫測試和數據庫連接字符串時,設置`NODE_ENV` 爲不帶引號的變量(在`.env` 文件中)。
2. 建議在 `routes/api.js` 中創建控制器/處理器並處理路由。
3. 你將在 `server.js` 中添加任何安全功能。
2021-05-05 10:13:49 -07:00
2021-07-16 11:03:16 +05:30
在 `tests/2_functional-tests.js` 中編寫下以下測試:
2021-05-05 10:13:49 -07:00
2021-07-16 11:03:16 +05:30
- 創建一個新的主題:發送 POST 請求到 `/api/threads/{board}` 。
- 查看最近的 10 個主題,每個主題有 3 個回覆:發送 GET 請求到 `/api/threads/{board}`
- 使用錯誤密碼刪除主題:使用錯誤的`delete_password` 向`/api/threads/{board}` 發出DELETE請求
- 用正確的密碼刪除一個主題:向`/api/threads/{board}` 發出DELETE請求, `delete_password` 。
- 報告一個主題:發送 PUT 請求到 `/api/threads/{board}` 。
- 創建一個新的回覆:發送 POST 請求到 `/api/replies/{board}` 。
- 查看一個帶有所有回覆的主題:發送 GET 請求到`/api/replies/{board}` 。
- 使用錯誤密碼刪除一個回覆:使用無效的`delete_password` 向`/api/replies/{board}` 發出DELETE請求。
- 使用正確密碼刪除一個回覆:使用有效的`delete_password` 向`/api/replies/{board}` 發出DELETE請求。
- 報告一個回覆:發送 PUT 請求到 `/api/replies/{board}` 。
2021-05-05 10:13:49 -07:00
# --hints--
2021-07-16 11:03:16 +05:30
提交自己的項目,而不是示例的 URL。
2021-05-05 10:13:49 -07:00
```js
(getUserInput) => {
assert(
!/.*\/anonymous-message-board\.freecodecamp\.rocks/.test(
getUserInput('url')
)
);
};
```
2021-07-16 11:03:16 +05:30
只允許你的網站在你自己的頁面上以 iFrame 方式加載。
2021-05-05 10:13:49 -07:00
```js
async (getUserInput) => {
const data = await fetch(getUserInput('url') + '/_api/app-info');
const parsed = await data.json();
assert.isTrue(parsed.headers['x-frame-options']?.includes('SAMEORIGIN'));
};
```
2021-07-16 11:03:16 +05:30
不允許 DNS 預取。
2021-05-05 10:13:49 -07:00
```js
async (getUserInput) => {
const data = await fetch(getUserInput('url') + '/_api/app-info');
const parsed = await data.json();
assert.isTrue(parsed.headers['x-dns-prefetch-control']?.includes('off'));
};
```
2021-07-16 11:03:16 +05:30
只允許你的網站爲你自己的頁面發送 referrer 請求頭。
2021-05-05 10:13:49 -07:00
```js
async (getUserInput) => {
const data = await fetch(getUserInput('url') + '/_api/app-info');
const parsed = await data.json();
assert.isTrue(parsed.headers['referrer-policy']?.includes('same-origin'));
};
```
2021-07-16 11:03:16 +05:30
你可以向 `/api/threads/{board}` 發送一個 POST 請求,其中包括 `text` 和 `delete_password` 的表單數據。 保存的數據庫記錄將至少有 `_id` 、`text` 、`created_on` (date & time)、`bumped_on` (date & time, starts same as `created_on` )、`reported` (布爾值)、`delete_password` 、& `replies` (數組)。
2021-05-05 10:13:49 -07:00
```js
2021-07-16 11:03:16 +05:30
async (getUserInput) => {
const date = new Date();
const text = `fcc_test_${date}` ;
const deletePassword = 'delete_me';
const data = { text, delete_password: deletePassword };
const url = getUserInput('url');
const res = await fetch(url + '/api/threads/fcc_test', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
if (res.ok) {
const checkData = await fetch(url + '/api/threads/fcc_test');
const parsed = await checkData.json();
try {
assert.equal(parsed[0].text, text);
assert.isNotNull(parsed[0]._id);
assert.equal(new Date(parsed[0].created_on).toDateString(), date.toDateString());
assert.equal(parsed[0].bumped_on, parsed[0].created_on);
assert.isArray(parsed[0].replies);
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2021-07-16 11:03:16 +05:30
你可以向 `/api/replies/{board}` 發送一個 POST 請求,其中包括字段 `text` 、`delete_password` & `thread_id` 。 這將更新 `bumped_on` 日期到評論日期。 在主題的 `replies` 數組中,將保存一個對象,至少有 `_id` 、`text` 、`created_on` 、`delete_password` 、& `reported` 這些屬性。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const url = getUserInput('url');
const body = await fetch(url + '/api/threads/fcc_test');
const thread = await body.json();
const date = new Date();
const text = `fcc_test_reply_${date}` ;
const delete_password = 'delete_me';
const thread_id = thread[0]._id;
const replyCount = thread[0].replies.length;
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
const data = { text, delete_password, thread_id };
const res = await fetch(url + '/api/replies/fcc_test', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
if (res.ok) {
const checkData = await fetch(`${url}/api/replies/fcc_test?thread_id=${thread_id}` );
const parsed = await checkData.json();
try {
assert.equal(parsed.replies.length, replyCount + 1);
assert.equal(parsed.replies[0].text, text);
assert.equal(parsed._id, thread_id);
assert.equal(parsed.bumped_on, parsed.replies[0].created_on);
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2021-07-16 11:03:16 +05:30
你可以向 `/api/threads/{board}` 發送一個 GET 請求。 返回的將是一個數組,包括論壇上最近的 10 個被回覆的主題,及每個主題最新的 3 個回帖。 `reported` 和 `delete_password` 字段將不會被髮送到客戶端。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const url = getUserInput('url');
const res = await fetch(url + '/api/threads/fcc_test');
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
if (res.ok) {
const threads = await res.json();
try {
assert.equal(res.status, 200);
assert.isAtMost(threads.length, 10);
for (let i = 0; i < threads.length ; i + + ) {
assert.containsAllKeys(threads[i], ["_id", "text", "created_on", "bumped_on", "replies"]);
assert.isAtMost(threads[i].replies.length, 3);
assert.notExists(threads[i].delete_password);
assert.notExists(threads[i].reported);
for (let j = 0; j < threads [ i ] . replies . length ; j + + ) {
assert.notExists(threads[i].replies[j].delete_password);
assert.notExists(threads[i].replies[j].reported);
}
}
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2021-07-16 11:03:16 +05:30
你可以向 `/api/replies/{board}?thread_id={thread_id}` 發送一個 GET 請求。 返回的將是帶有所有的回覆的整個主題,不包括與之前測試相同的客戶端字段。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const url = getUserInput('url');
let res = await fetch(url + '/api/threads/fcc_test');
const threads = await res.json();
const thread_id = threads[0]._id;
res = await fetch(`${url}/api/replies/fcc_test?thread_id=${thread_id}` );
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
if (res.ok) {
const thread = await res.json();
try {
assert.equal(res.status, 200);
assert.isObject(thread);
assert.containsAllKeys(thread, ["_id", "text", "created_on", "bumped_on", "replies"]);
assert.isArray(thread.replies);
assert.notExists(thread.delete_password);
assert.notExists(thread.reported);
for (let i = 0; i < thread.replies.length ; i + + ) {
assert.notExists(thread.replies[i].delete_password);
assert.notExists(thread.replies[i].reported);
}
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2021-07-16 11:03:16 +05:30
你可以向 `/api/threads/{board}` 發送一個 DELETE 請求,並傳遞 `thread_id` & `delete_password` 來刪除該線程。 返回的將是字符串 `incorrect password` 或 `success` 。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const url = getUserInput('url');
let res = await fetch(url + '/api/threads/fcc_test');
const threads = await res.json();
const thread_id = threads[0]._id;
let data = { thread_id, delete_password: "wrong_password" };
const res_invalid = await fetch(url + '/api/threads/fcc_test', {
method: 'DELETE',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
data = { thread_id, delete_password: "delete_me" };
res = await fetch(url + '/api/threads/fcc_test', {
method: 'DELETE',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
if (res.ok) {
const deleted = await res.text();
const not_deleted = await res_invalid.text();
try {
assert.equal(res.status, 200);
assert.equal(deleted, "success");
assert.equal(not_deleted, "incorrect password");
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2021-07-16 11:03:16 +05:30
你可以向 `/api/replies/{board}` 發送一個 DELETE 請求,並傳遞 `thread_id` 、`reply_id` 、& `delete_password` 。 返回的將是字符串 `incorrect password` 或 `success` 。 成功後,`reply_id` 的文本將更改爲 `[deleted]` 。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const url = getUserInput('url');
const thread_data = {
text: "fcc_test_thread",
delete_password: "delete_me",
};
await fetch(`${url}/api/threads/fcc_test` , {
method: "POST",
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(thread_data)
});
let res = await fetch(`${url}/api/threads/fcc_test` );
let threads = await res.json();
const thread_id = threads[0]._id;
const reply_data = { thread_id, text: "fcc_test_reply", delete_password: "delete_me" };
await fetch(`${url}/api/replies/fcc_test` , {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(reply_data)
});
res = await fetch(`${url}/api/threads/fcc_test` );
threads = await res.json();
const reply_id = threads[0].replies[0]._id;
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
const data = { thread_id, reply_id, delete_password: "delete_me" };
res = await fetch(url + '/api/replies/fcc_test', {
method: 'DELETE',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
if (res.ok) {
const deleted = await res.text();
try {
assert.equal(res.status, 200);
assert.equal(deleted, "success");
res = await fetch(`${url}/api/replies/fcc_test?thread_id=${thread_id}` );
const thread = await res.json();
assert.equal(thread._id, thread_id);
assert.equal(thread.replies[0]._id, reply_id);
assert.equal(thread.replies[0].text, "[deleted]");
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2022-03-23 19:52:04 +05:30
你可以向 `/api/threads/{board}` 發送一個 PUT 請求,並傳遞 `thread_id` 。 返回的將是字符串 `reported` 。 `thread_id` 回覆的 `reported` 值將改爲 `true` 。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const url = getUserInput('url');
let res = await fetch(`${url}/api/threads/fcc_test` );
const threads = await res.json();
const report_id = threads[0]._id;
const data = { report_id };
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
res = await fetch(`${url}/api/threads/fcc_test` , {
method: 'PUT',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
if (res.ok) {
const reported = await res.text();
try {
assert.equal(res.status, 200);
assert.equal(reported, "reported");
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2022-03-23 19:52:04 +05:30
你可以通過向 `/api/replies/{board}` 發送 PUT 請求並傳遞 `thread_id` & `reply_id` 。 返回的將是字符串 `reported` 。 `reply_id` 的 `reported` 值將被改變爲 `true` 。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const url = getUserInput('url');
let res = await fetch(`${url}/api/threads/fcc_test` );
const threads = await res.json();
const thread_id = threads[0]._id;
const reply_id = threads[0].replies[0]._id;
const data = { thread_id, reply_id };
res = await fetch(`${url}/api/replies/fcc_test` , {
method: 'PUT',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(data)
});
2021-05-05 10:13:49 -07:00
2022-03-23 19:52:04 +05:30
if (res.ok) {
const reported = await res.text();
try {
assert.equal(res.status, 200);
assert.equal(reported, "reported");
} catch (err) {
throw new Error(err.responseText || err.message);
}
} else {
throw new Error(`${res.status} ${res.statusText}` );
}
};
2021-05-05 10:13:49 -07:00
```
2021-07-16 11:03:16 +05:30
所有 10 項功能測試都已完成並通過。
2021-05-05 10:13:49 -07:00
```js
2022-03-23 19:52:04 +05:30
async (getUserInput) => {
const tests = await fetch(getUserInput('url') + '/_api/get-tests');
const parsed = await tests.json();
assert.isTrue(parsed.length >= 10);
parsed.forEach((test) => {
assert.equal(test.state, 'passed');
assert.isAtLeast(test.assertions.length, 1);
});
};
2021-05-05 10:13:49 -07:00
```
# --solutions--
```js
/**
Backend challenges don't need solutions,
because they would need to be tested against a full working project.
Please check our contributing guidelines to learn more.
*/
```
