10 files changed, 140 insertions, 26 deletions

diff --git a/bucky/app/bucky.js b/bucky/app/bucky.js
index e7455ad..ab30e85 100644
--- a/bucky/app/bucky.js
+++ b/bucky/app/bucky.js
@@ -324,6 +324,24 @@ var bucky = module.exports = {
     })
   },
 
+  /* PROFILE */
+  
+  ensureUser: function (req, res, next){
+    var username = util.sanitizeName(req.params.username)
+    if (! username) {
+      return res.sendStatus(404)
+    }
+    db.getUserByUsername(username).then(function(user){
+      if (user) {
+        res.user = util.sanitizeUser(user)
+        next()
+      }
+      else {
+        res.sendStatus(404)
+      }
+    })
+  },
+
   /* MAIL */
 
   ensureMailboxes: function (req, res, next){
diff --git a/bucky/app/router.js b/bucky/app/router.js
index ac176bc..1dfb0bd 100644
--- a/bucky/app/router.js
+++ b/bucky/app/router.js
@@ -47,6 +47,19 @@ module.exports = function(app){
     res.render("pages/editcomment", {title: "Edit comment"})
   })
 
+  app.get("/profile",
+    middleware.ensureAuthenticated,
+    function(req, res){
+      res.render("pages/profile", {title: "profile: " + util.sanitize(req.user.get('username'))})
+    }
+  )
+  app.get("/profile/:username",
+    middleware.ensureAuthenticated,
+    function(req, res){
+      res.render("pages/profile", {title: "profile: " + util.sanitize(req.params.username)})
+    }
+  )
+
   app.get("/api/index",
     bucky.ensureLastlog,
     middleware.ensureAuthenticated,
@@ -63,6 +76,13 @@ module.exports = function(app){
       })
     })
 
+  app.get("/api/user/:username",
+    middleware.ensureAuthenticated,
+    bucky.ensureUser,
+    function(req, res) {
+      res.json(res.user)
+    }
+  )
   app.get("/api/keyword/:keyword",
     bucky.ensureLastlog,
     middleware.ensureAuthenticated,
diff --git a/bucky/util/auth.js b/bucky/util/auth.js
index 41cd155..32d77e8 100644
--- a/bucky/util/auth.js
+++ b/bucky/util/auth.js
@@ -82,13 +82,6 @@ var auth = module.exports = {
 		})
 	},
 	
-  sanitizeUser: function (req_user) {
-    // sanitize user object
-    var user = JSON.parse(JSON.stringify(req_user))
-    delete user.password
-    return user
-  },
-  
   checkin: function (req, res) {
     var user = auth.sanitizeUser(req.user)
     res.json(user)
diff --git a/bucky/util/util.js b/bucky/util/util.js
index d4b6b8a..9e0f5a4 100644
--- a/bucky/util/util.js
+++ b/bucky/util/util.js
@@ -3,4 +3,11 @@ var util = module.exports = {}
 util.sanitizeName = function (s){ return (s || "").replace(new RegExp("[^-_a-zA-Z0-9]", 'g'), "") }
 util.sanitize = function (s){ return (s || "").replace(/<>&/g, "") }
 
+util.sanitizeUser = function (req_user) {
+  // sanitize user object
+  var user = JSON.parse(JSON.stringify(req_user))
+  delete user.password
+  return user
+}
+
 util.now = function(){ return Math.floor( (+ new Date()) / 1000 ) }
diff --git a/public/assets/css/bucky.css b/public/assets/css/bucky.css
index e96c0aa..a0ad54e 100644
--- a/public/assets/css/bucky.css
+++ b/public/assets/css/bucky.css
@@ -683,6 +683,23 @@ header .search_form {
   display: none;
 }
 
+/* PROFILE */
+
+#profile img {
+  max-width: 300px;
+  max-height: 300px;
+}
+#profile td {
+  padding: 4px;
+  font-size: 13px;
+  color: #211;
+}
+#profile td:first-child {
+  font-weight: bold;
+  padding-right: 20px;
+  color: #322;
+}
+
 /* LOGIN */
 
 #login div,
diff --git a/public/assets/js/lib/router.js b/public/assets/js/lib/router.js
index 27c8617..5862503 100644
--- a/public/assets/js/lib/router.js
+++ b/public/assets/js/lib/router.js
@@ -3,19 +3,21 @@ var SiteRouter = Router.extend({
 	el: "body",
 	
 	routes: {
-		"/":                 'login',
-		"/index/:keyword":   'index',
-		"/index":            'index',
-		"/login":            'login',
-		"/details/:id":      'details',
-		"/post":             'post',
-		"/post/:keyword":    'post',
-		"/search":           'search',
-		"/mail":             'mailbox',
-		"/mail/:mailbox":    'mailbox',
-		"/mail/compose":     'compose',
-		"/message/:id":      'message',
-		"/comment/:id/edit": 'editComment',
+		"/":                  'login',
+		"/index/:keyword":    'index',
+		"/index":             'index',
+		"/login":             'login',
+		"/details/:id":       'details',
+		"/post":              'post',
+		"/post/:keyword":     'post',
+		"/search":            'search',
+		"/mail":              'mailbox',
+		"/mail/:mailbox":     'mailbox',
+		"/mail/compose":      'compose',
+		"/message/:id":       'message',
+		"/comment/:id/edit":  'editComment',
+		"/profile":           'profile',
+		"/profile/:username": 'profile',
 	},
 	
 	initialize: function(){
@@ -55,6 +57,11 @@ var SiteRouter = Router.extend({
     app.view.load(keyword || "")
   },
   
+  profile: function(username){
+    app.view = new ProfileView ()
+    app.view.load(username || auth.user.username)
+  },
+  
   compose: function(){
     app.view = new ComposeView ()
   },
diff --git a/public/assets/js/lib/views/profile/profile.js b/public/assets/js/lib/views/profile/profile.js
new file mode 100644
index 0000000..2180532
--- /dev/null
+++ b/public/assets/js/lib/views/profile/profile.js
@@ -0,0 +1,37 @@
+var ProfileView = View.extend({
+
+  el: "#profile",
+  
+  events: {
+  },
+  
+  action: "/api/user/",
+  
+  initialize: function(opt){
+    this.template = this.$(".template").html()
+  },
+  
+  load: function(username){
+    $.get(this.action + username, this.populate.bind(this))
+  },
+  
+  populate: function(user){
+    $("body").removeClass('loading')
+    var $table = this.$("table")
+    this.$("img").attr("src", "/data/profile/" + sanitize(user.username) + ".jpg")
+    var fields = "username realname phone location".split(" ").map((key) => {
+      if (! user[key]) return;
+      var t = this.template.replace(/{{key}}/, sanitize(key))
+                           .replace(/{{value}}/, sanitize(user[key]))
+      $table.append(t)
+    })
+    var fields = "firstseen lastseen".split(" ").map((key) => {
+      if (! user[key]) return;
+      var date = verbose_date(user[key])
+      var t = this.template.replace(/{{key}}/, sanitize(key))
+                           .replace(/{{value}}/, date[0] + ' <small>' + date[1] + '</small>')
+      $table.append(t)
+    })
+  },
+
+})
diff --git a/views/pages/profile.ejs b/views/pages/profile.ejs
new file mode 100644
index 0000000..79260e9
--- /dev/null
+++ b/views/pages/profile.ejs
@@ -0,0 +1,19 @@
+<% include ../partials/header %>
+
+<div class="subtitle">
+  <a href="/">&lt; Home</a>
+</div>
+
+<div id="profile">
+  <img>
+  <table>
+    <script type="text/html" class="template">
+      <tr>
+        <td>{{key}}</td>
+        <td>{{value}}</td>
+      </tr>
+    </script>
+  </table>
+</div>
+
+<% include ../partials/footer %>
diff --git a/views/pages/search.ejs b/views/pages/search.ejs
index 6994876..b942621 100644
--- a/views/pages/search.ejs
+++ b/views/pages/search.ejs
@@ -1,11 +1,6 @@
 <% include ../partials/header %>
 <div class="subtitle">
-  <a href="/">&lt; Home</a> |
-  <a href="/post">New</a> |
-  <a href="/mail">Inbox</a> |
-  <a href="/message">Message</a> |
-  <a href="/profile">Profile</a> |
-  <a href="/logout">Logout</a>
+  <a href="/">&lt; Home</a>
 </div>
 
 <div id="content">
diff --git a/views/partials/scripts.ejs b/views/partials/scripts.ejs
index 7fda30e..92870f8 100644
--- a/views/partials/scripts.ejs
+++ b/views/partials/scripts.ejs
@@ -24,6 +24,7 @@
 <script src="/assets/js/lib/views/index/threadform.js"></script>
 
 <script src="/assets/js/lib/views/search/results.js"></script>
+<script src="/assets/js/lib/views/profile/profile.js"></script>
 
 <script src="/assets/js/lib/views/details/index.js"></script>
 <script src="/assets/js/lib/views/details/audio.js"></script>