Make a auth lib for Berry Dash
This commit is contained in:
19
src/lib/bd/auth.ts
Normal file
19
src/lib/bd/auth.ts
Normal file
@@ -0,0 +1,19 @@
|
||||
import { MySql2Database } from 'drizzle-orm/mysql2'
|
||||
import { berryDashUserData } from '../tables'
|
||||
import { eq } from 'drizzle-orm'
|
||||
|
||||
export async function checkAuthorization (
|
||||
authorizationToken: string,
|
||||
db1: MySql2Database
|
||||
) {
|
||||
if (!authorizationToken) return { valid: false, id: 0 }
|
||||
|
||||
const userData = await db1
|
||||
.select({ id: berryDashUserData.id })
|
||||
.from(berryDashUserData)
|
||||
.where(eq(berryDashUserData.token, authorizationToken))
|
||||
.execute()
|
||||
|
||||
if (!userData[0]) return { valid: false, id: 0 }
|
||||
else return { valid: true, id: userData[0].id }
|
||||
}
|
||||
@@ -1,11 +1,8 @@
|
||||
import { Context } from 'elysia'
|
||||
import { getDatabaseConnection, jsonResponse } from '../../../lib/util'
|
||||
import {
|
||||
berryDashMarketplaceIcons,
|
||||
berryDashUserData,
|
||||
users
|
||||
} from '../../../lib/tables'
|
||||
import { and, eq, inArray, or, sql, not, like } from 'drizzle-orm'
|
||||
import { berryDashMarketplaceIcons, users } from '../../../lib/tables'
|
||||
import { and, eq, inArray, or, sql, not } from 'drizzle-orm'
|
||||
import { checkAuthorization } from '../../../lib/bd/auth'
|
||||
|
||||
type Body = {
|
||||
sortBy: number
|
||||
@@ -44,6 +41,17 @@ export async function handler (context: Context) {
|
||||
const { connection: connection0, db: db0 } = dbInfo0
|
||||
const { connection: connection1, db: db1 } = dbInfo1
|
||||
|
||||
const authorizationToken = context.headers.authorizationToken
|
||||
const authResult = await checkAuthorization(authorizationToken as string, db1)
|
||||
if (!authResult.valid) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
const userId = authResult.id
|
||||
|
||||
const body: { [key: string]: any } = context.body as any
|
||||
|
||||
for (const key of requiredKeys) {
|
||||
@@ -67,33 +75,6 @@ export async function handler (context: Context) {
|
||||
body2.currentIcons = JSON.parse(atob(body.currentIcons))
|
||||
const body3: Body = body2 as Body
|
||||
|
||||
const authorizationToken = context.headers.authorization
|
||||
if (!authorizationToken) {
|
||||
connection0.end()
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
const userData = await db1
|
||||
.select({ id: berryDashUserData.id })
|
||||
.from(berryDashUserData)
|
||||
.where(eq(berryDashUserData.token, authorizationToken))
|
||||
.execute()
|
||||
|
||||
if (!userData[0]) {
|
||||
connection0.end()
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
const userId = userData[0].id
|
||||
|
||||
const filters: any[] = [
|
||||
or(
|
||||
eq(berryDashMarketplaceIcons.state, 1),
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import { Context } from 'elysia'
|
||||
import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
|
||||
import { berryDashUserData, berryDashUserPosts } from '../../../../lib/tables'
|
||||
import { berryDashUserPosts } from '../../../../lib/tables'
|
||||
import { and, eq } from 'drizzle-orm'
|
||||
import { checkAuthorization } from '../../../../lib/bd/auth'
|
||||
|
||||
export async function handler (context: Context) {
|
||||
const dbInfo0 = getDatabaseConnection(0)
|
||||
@@ -14,7 +15,17 @@ export async function handler (context: Context) {
|
||||
)
|
||||
const { connection: connection1, db: db1 } = dbInfo1
|
||||
|
||||
let authorizationToken = context.headers.authorization
|
||||
const authorizationToken = context.headers.authorizationToken
|
||||
const authResult = await checkAuthorization(authorizationToken as string, db1)
|
||||
if (!authResult.valid) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
const userId = authResult.id
|
||||
|
||||
let idQuery = context.query.id ? parseInt(context.query.id, 10) : 0
|
||||
if (!idQuery || idQuery < 1) {
|
||||
connection1.end()
|
||||
@@ -23,27 +34,6 @@ export async function handler (context: Context) {
|
||||
400
|
||||
)
|
||||
}
|
||||
if (!authorizationToken) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
const userData = await db1
|
||||
.select({ id: berryDashUserData.id })
|
||||
.from(berryDashUserData)
|
||||
.where(eq(berryDashUserData.token, authorizationToken))
|
||||
.execute()
|
||||
|
||||
if (!userData[0]) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
const result = await db1
|
||||
.update(berryDashUserPosts)
|
||||
@@ -51,7 +41,7 @@ export async function handler (context: Context) {
|
||||
.where(
|
||||
and(
|
||||
eq(berryDashUserPosts.id, idQuery),
|
||||
eq(berryDashUserPosts.userId, userData[0].id),
|
||||
eq(berryDashUserPosts.userId, userId),
|
||||
eq(berryDashUserPosts.deletedAt, 0)
|
||||
)
|
||||
)
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import { Context } from 'elysia'
|
||||
import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
|
||||
import { berryDashUserData, berryDashUserPosts } from '../../../../lib/tables'
|
||||
import { eq } from 'drizzle-orm'
|
||||
import { berryDashUserPosts } from '../../../../lib/tables'
|
||||
import { checkAuthorization } from '../../../../lib/bd/auth'
|
||||
|
||||
type Body = {
|
||||
content: string
|
||||
@@ -18,7 +18,17 @@ export async function handler (context: Context) {
|
||||
)
|
||||
const { connection: connection1, db: db1 } = dbInfo1
|
||||
|
||||
let authorizationToken = context.headers.authorization
|
||||
const authorizationToken = context.headers.authorizationToken
|
||||
const authResult = await checkAuthorization(authorizationToken as string, db1)
|
||||
if (!authResult.valid) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
const userId = authResult.id
|
||||
|
||||
const body = context.body as Body
|
||||
if (!body.content) {
|
||||
connection1.end()
|
||||
@@ -27,32 +37,11 @@ export async function handler (context: Context) {
|
||||
400
|
||||
)
|
||||
}
|
||||
if (!authorizationToken) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
const userData = await db1
|
||||
.select({ id: berryDashUserData.id })
|
||||
.from(berryDashUserData)
|
||||
.where(eq(berryDashUserData.token, authorizationToken))
|
||||
.execute()
|
||||
|
||||
if (!userData[0]) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
await db1
|
||||
.insert(berryDashUserPosts)
|
||||
.values({
|
||||
userId: userData[0].id,
|
||||
userId: userId,
|
||||
content: btoa(body.content),
|
||||
timestamp: Math.floor(Date.now() / 1000)
|
||||
})
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import { Context } from 'elysia'
|
||||
import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
|
||||
import { berryDashUserData, berryDashUserPosts } from '../../../../lib/tables'
|
||||
import { berryDashUserPosts } from '../../../../lib/tables'
|
||||
import { and, eq } from 'drizzle-orm'
|
||||
import { checkAuthorization } from '../../../../lib/bd/auth'
|
||||
|
||||
type Body = {
|
||||
liked: string
|
||||
@@ -18,7 +19,17 @@ export async function handler (context: Context) {
|
||||
)
|
||||
const { connection: connection1, db: db1 } = dbInfo1
|
||||
|
||||
let authorizationToken = context.headers.authorization
|
||||
const authorizationToken = context.headers.authorizationToken
|
||||
const authResult = await checkAuthorization(authorizationToken as string, db1)
|
||||
if (!authResult.valid) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
const userId = authResult.id
|
||||
|
||||
let idQuery = context.query.id ? parseInt(context.query.id, 10) : 0
|
||||
let likedQuery = context.query.liked as string
|
||||
if (!idQuery || idQuery < 1) {
|
||||
@@ -42,27 +53,6 @@ export async function handler (context: Context) {
|
||||
400
|
||||
)
|
||||
}
|
||||
if (!authorizationToken) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
const userData = await db1
|
||||
.select({ id: berryDashUserData.id })
|
||||
.from(berryDashUserData)
|
||||
.where(eq(berryDashUserData.token, authorizationToken))
|
||||
.execute()
|
||||
|
||||
if (!userData[0]) {
|
||||
connection1.end()
|
||||
return jsonResponse(
|
||||
{ success: false, message: 'Unauthorized', data: null },
|
||||
401
|
||||
)
|
||||
}
|
||||
|
||||
const votesResult = await db1
|
||||
.select({ votes: berryDashUserPosts.votes })
|
||||
@@ -85,12 +75,12 @@ export async function handler (context: Context) {
|
||||
400
|
||||
)
|
||||
const votes = JSON.parse(votesResult[0].votes)
|
||||
if (votes[userData[0].id.toString()]) {
|
||||
if (votes[userId.toString()]) {
|
||||
let likes = 0
|
||||
for (const vote of Object.values(votes) as boolean[]) likes += vote ? 1 : -1
|
||||
return jsonResponse({ success: true, message: null, data: { likes } }, 200)
|
||||
}
|
||||
votes[userData[0].id.toString()] = likedQuery.toLowerCase() == 'true'
|
||||
votes[userId.toString()] = likedQuery.toLowerCase() == 'true'
|
||||
|
||||
await db1
|
||||
.update(berryDashUserPosts)
|
||||
|
||||
Reference in New Issue
Block a user