From b4a9d26d0fa327c4d16a810d0a6f6af9e371a6cc Mon Sep 17 00:00:00 2001 From: Lncvrt Date: Thu, 22 Jan 2026 18:31:48 -0700 Subject: [PATCH] Add an option to checkAuth to update the user's latest IP --- src/lib/bd/auth.ts | 17 +++++++++-- src/routes/berrydash/account/save/get.ts | 14 ++++++++-- src/routes/berrydash/account/save/post.ts | 14 ++++++++-- src/routes/berrydash/icon-marketplace/post.ts | 14 ++++++++-- src/routes/berrydash/latest-version/get.ts | 3 +- src/routes/berrydash/profile/posts/delete.ts | 18 ++++++++++-- src/routes/berrydash/profile/posts/post.ts | 18 ++++++++++-- src/routes/berrydash/profile/posts/put.ts | 28 ++++++++++++++----- src/routes/get-verify-code.ts | 1 - 9 files changed, 104 insertions(+), 23 deletions(-) diff --git a/src/lib/bd/auth.ts b/src/lib/bd/auth.ts index 7718d68..111d131 100644 --- a/src/lib/bd/auth.ts +++ b/src/lib/bd/auth.ts @@ -1,10 +1,12 @@ import { MySql2Database } from 'drizzle-orm/mysql2' -import { berryDashUserData } from '../tables' +import { berryDashUserData, users } from '../tables' import { eq } from 'drizzle-orm' export async function checkAuthorization ( authorizationToken: string, - db1: MySql2Database + db1: MySql2Database, + db0?: MySql2Database, + updateIp?: string | null ) { if (!authorizationToken) return { valid: false, id: 0 } @@ -15,5 +17,14 @@ export async function checkAuthorization ( .execute() if (!userData[0]) return { valid: false, id: 0 } - else return { valid: true, id: userData[0].id } + else { + if (updateIp != undefined && updateIp != null && db0 != undefined) + db0 + .update(users) + .set({ latestIp: updateIp }) + .where(eq(users.id, userData[0].id)) + .execute() + + return { valid: true, id: userData[0].id } + } } diff --git a/src/routes/berrydash/account/save/get.ts b/src/routes/berrydash/account/save/get.ts index 4f4b459..3e91961 100644 --- a/src/routes/berrydash/account/save/get.ts +++ b/src/routes/berrydash/account/save/get.ts @@ -1,5 +1,9 @@ import { Context } from 'elysia' -import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' +import { + getClientIp, + getDatabaseConnection, + jsonResponse +} from '../../../../lib/util' import { checkAuthorization } from '../../../../lib/bd/auth' import { berryDashUserData, users } from '../../../../lib/tables' import { eq } from 'drizzle-orm' @@ -16,8 +20,14 @@ export async function handler (context: Context) { const { connection: connection0, db: db0 } = dbInfo0 const { connection: connection1, db: db1 } = dbInfo1 + const ip = getClientIp(context) const authorizationToken = context.headers.authorization - const authResult = await checkAuthorization(authorizationToken as string, db1) + const authResult = await checkAuthorization( + authorizationToken as string, + db1, + db0, + ip + ) if (!authResult.valid) { connection0.end() connection1.end() diff --git a/src/routes/berrydash/account/save/post.ts b/src/routes/berrydash/account/save/post.ts index aed320b..2fc8433 100644 --- a/src/routes/berrydash/account/save/post.ts +++ b/src/routes/berrydash/account/save/post.ts @@ -1,5 +1,9 @@ import { Context } from 'elysia' -import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' +import { + getClientIp, + getDatabaseConnection, + jsonResponse +} from '../../../../lib/util' import { checkAuthorization } from '../../../../lib/bd/auth' import { berryDashUserData } from '../../../../lib/tables' import { eq } from 'drizzle-orm' @@ -20,8 +24,14 @@ export async function handler (context: Context) { const { connection: connection0, db: db0 } = dbInfo0 const { connection: connection1, db: db1 } = dbInfo1 + const ip = getClientIp(context) const authorizationToken = context.headers.authorization - const authResult = await checkAuthorization(authorizationToken as string, db1) + const authResult = await checkAuthorization( + authorizationToken as string, + db1, + db0, + ip + ) if (!authResult.valid) { connection0.end() connection1.end() diff --git a/src/routes/berrydash/icon-marketplace/post.ts b/src/routes/berrydash/icon-marketplace/post.ts index d1b8a2c..34c8fb5 100644 --- a/src/routes/berrydash/icon-marketplace/post.ts +++ b/src/routes/berrydash/icon-marketplace/post.ts @@ -1,5 +1,9 @@ import { Context } from 'elysia' -import { getDatabaseConnection, jsonResponse } from '../../../lib/util' +import { + getClientIp, + getDatabaseConnection, + jsonResponse +} from '../../../lib/util' import { berryDashMarketplaceIcons, users } from '../../../lib/tables' import { and, eq, inArray, or, sql, not } from 'drizzle-orm' import { checkAuthorization } from '../../../lib/bd/auth' @@ -41,8 +45,14 @@ export async function handler (context: Context) { const { connection: connection0, db: db0 } = dbInfo0 const { connection: connection1, db: db1 } = dbInfo1 + const ip = getClientIp(context) const authorizationToken = context.headers.authorization - const authResult = await checkAuthorization(authorizationToken as string, db1) + const authResult = await checkAuthorization( + authorizationToken as string, + db1, + db0, + ip + ) if (!authResult.valid) { connection0.end() connection1.end() diff --git a/src/routes/berrydash/latest-version/get.ts b/src/routes/berrydash/latest-version/get.ts index 1a1f6e7..fce0838 100644 --- a/src/routes/berrydash/latest-version/get.ts +++ b/src/routes/berrydash/latest-version/get.ts @@ -1,9 +1,8 @@ import { launcherVersionManifest } from '../../../lib/tables' import { and, desc, eq } from 'drizzle-orm' import { getDatabaseConnection, jsonResponse } from '../../../lib/util' -import { Context } from 'elysia' -export async function handler (context: Context) { +export async function handler () { const dbResult = getDatabaseConnection(0) if (!dbResult) return jsonResponse({ error: 'Failed to connect to database' }, 500) diff --git a/src/routes/berrydash/profile/posts/delete.ts b/src/routes/berrydash/profile/posts/delete.ts index 142c33e..95b699c 100644 --- a/src/routes/berrydash/profile/posts/delete.ts +++ b/src/routes/berrydash/profile/posts/delete.ts @@ -1,5 +1,9 @@ import { Context } from 'elysia' -import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' +import { + getClientIp, + getDatabaseConnection, + jsonResponse +} from '../../../../lib/util' import { berryDashUserPosts } from '../../../../lib/tables' import { and, eq } from 'drizzle-orm' import { checkAuthorization } from '../../../../lib/bd/auth' @@ -13,11 +17,19 @@ export async function handler (context: Context) { { success: false, message: 'Failed to connect to database', data: null }, 500 ) + const { connection: connection0, db: db0 } = dbInfo1 const { connection: connection1, db: db1 } = dbInfo1 + const ip = getClientIp(context) const authorizationToken = context.headers.authorization - const authResult = await checkAuthorization(authorizationToken as string, db1) + const authResult = await checkAuthorization( + authorizationToken as string, + db1, + db0, + ip + ) if (!authResult.valid) { + connection0.end() connection1.end() return jsonResponse( { success: false, message: 'Unauthorized', data: null }, @@ -28,6 +40,7 @@ export async function handler (context: Context) { let idQuery = context.query.id ? parseInt(context.query.id, 10) : 0 if (!idQuery || idQuery < 1) { + connection0.end() connection1.end() return jsonResponse( { success: false, message: 'No valid post ID provided', data: null }, @@ -47,6 +60,7 @@ export async function handler (context: Context) { ) .execute() + connection0.end() connection1.end() if (result[0]) diff --git a/src/routes/berrydash/profile/posts/post.ts b/src/routes/berrydash/profile/posts/post.ts index 81f4dd0..d11d10e 100644 --- a/src/routes/berrydash/profile/posts/post.ts +++ b/src/routes/berrydash/profile/posts/post.ts @@ -1,5 +1,9 @@ import { Context } from 'elysia' -import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' +import { + getClientIp, + getDatabaseConnection, + jsonResponse +} from '../../../../lib/util' import { berryDashUserPosts } from '../../../../lib/tables' import { checkAuthorization } from '../../../../lib/bd/auth' @@ -16,11 +20,19 @@ export async function handler (context: Context) { { success: false, message: 'Failed to connect to database', data: null }, 500 ) + const { connection: connection0, db: db0 } = dbInfo1 const { connection: connection1, db: db1 } = dbInfo1 + const ip = getClientIp(context) const authorizationToken = context.headers.authorization - const authResult = await checkAuthorization(authorizationToken as string, db1) + const authResult = await checkAuthorization( + authorizationToken as string, + db1, + db0, + ip + ) if (!authResult.valid) { + connection0.end() connection1.end() return jsonResponse( { success: false, message: 'Unauthorized', data: null }, @@ -31,6 +43,7 @@ export async function handler (context: Context) { const body = context.body as Body if (!body.content) { + connection0.end() connection1.end() return jsonResponse( { success: false, message: 'No valid content provided', data: null }, @@ -47,6 +60,7 @@ export async function handler (context: Context) { }) .execute() + connection0.end() connection1.end() return jsonResponse({ success: true, message: null, data: null }, 200) diff --git a/src/routes/berrydash/profile/posts/put.ts b/src/routes/berrydash/profile/posts/put.ts index 6cad21e..69da8fa 100644 --- a/src/routes/berrydash/profile/posts/put.ts +++ b/src/routes/berrydash/profile/posts/put.ts @@ -1,13 +1,13 @@ import { Context } from 'elysia' -import { getDatabaseConnection, jsonResponse } from '../../../../lib/util' +import { + getClientIp, + getDatabaseConnection, + jsonResponse +} from '../../../../lib/util' import { berryDashUserPosts } from '../../../../lib/tables' import { and, eq } from 'drizzle-orm' import { checkAuthorization } from '../../../../lib/bd/auth' -type Body = { - liked: string -} - export async function handler (context: Context) { const dbInfo0 = getDatabaseConnection(0) const dbInfo1 = getDatabaseConnection(1) @@ -17,11 +17,19 @@ export async function handler (context: Context) { { success: false, message: 'Failed to connect to database', data: null }, 500 ) + const { connection: connection0, db: db0 } = dbInfo1 const { connection: connection1, db: db1 } = dbInfo1 + const ip = getClientIp(context) const authorizationToken = context.headers.authorization - const authResult = await checkAuthorization(authorizationToken as string, db1) + const authResult = await checkAuthorization( + authorizationToken as string, + db1, + db0, + ip + ) if (!authResult.valid) { + connection0.end() connection1.end() return jsonResponse( { success: false, message: 'Unauthorized', data: null }, @@ -33,6 +41,7 @@ export async function handler (context: Context) { let idQuery = context.query.id ? parseInt(context.query.id, 10) : 0 let likedQuery = context.query.liked as string if (!idQuery || idQuery < 1) { + connection0.end() connection1.end() return jsonResponse( { success: false, message: 'No valid post ID provided', data: null }, @@ -43,6 +52,7 @@ export async function handler (context: Context) { !likedQuery || (likedQuery.toLowerCase() != 'true' && likedQuery.toLowerCase() != 'false') ) { + connection0.end() connection1.end() return jsonResponse( { @@ -65,7 +75,9 @@ export async function handler (context: Context) { ) .limit(1) .execute() - if (!votesResult[0]) + if (!votesResult[0]) { + connection0.end() + connection1.end() return jsonResponse( { success: true, @@ -74,6 +86,7 @@ export async function handler (context: Context) { }, 400 ) + } const votes = JSON.parse(votesResult[0].votes) if (votes[userId.toString()]) { let likes = 0 @@ -93,6 +106,7 @@ export async function handler (context: Context) { ) .execute() + connection0.end() connection1.end() let likes = 0 diff --git a/src/routes/get-verify-code.ts b/src/routes/get-verify-code.ts index cb70f1b..aebe1ed 100644 --- a/src/routes/get-verify-code.ts +++ b/src/routes/get-verify-code.ts @@ -1,4 +1,3 @@ -import axios from 'axios' import { Context } from 'elysia' import { getClientIp,