Add an option to checkAuth to update the user's latest IP

2026-01-22 18:31:48 -07:00
parent c62d4033d5
commit b4a9d26d0f
9 changed files with 104 additions and 23 deletions
--- a/src/routes/berrydash/account/save/get.ts
+++ b/src/routes/berrydash/account/save/get.ts
@@ -1,5 +1,9 @@
 import { Context } from 'elysia'
-import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
+import {
+  getClientIp,
+  getDatabaseConnection,
+  jsonResponse
+} from '../../../../lib/util'
 import { checkAuthorization } from '../../../../lib/bd/auth'
 import { berryDashUserData, users } from '../../../../lib/tables'
 import { eq } from 'drizzle-orm'
@@ -16,8 +20,14 @@ export async function handler (context: Context) {
  const { connection: connection0, db: db0 } = dbInfo0
  const { connection: connection1, db: db1 } = dbInfo1

+  const ip = getClientIp(context)
  const authorizationToken = context.headers.authorization
-  const authResult = await checkAuthorization(authorizationToken as string, db1)
+  const authResult = await checkAuthorization(
+    authorizationToken as string,
+    db1,
+    db0,
+    ip
+  )
  if (!authResult.valid) {
    connection0.end()
    connection1.end()
--- a/src/routes/berrydash/account/save/post.ts
+++ b/src/routes/berrydash/account/save/post.ts
@@ -1,5 +1,9 @@
 import { Context } from 'elysia'
-import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
+import {
+  getClientIp,
+  getDatabaseConnection,
+  jsonResponse
+} from '../../../../lib/util'
 import { checkAuthorization } from '../../../../lib/bd/auth'
 import { berryDashUserData } from '../../../../lib/tables'
 import { eq } from 'drizzle-orm'
@@ -20,8 +24,14 @@ export async function handler (context: Context) {
  const { connection: connection0, db: db0 } = dbInfo0
  const { connection: connection1, db: db1 } = dbInfo1

+  const ip = getClientIp(context)
  const authorizationToken = context.headers.authorization
-  const authResult = await checkAuthorization(authorizationToken as string, db1)
+  const authResult = await checkAuthorization(
+    authorizationToken as string,
+    db1,
+    db0,
+    ip
+  )
  if (!authResult.valid) {
    connection0.end()
    connection1.end()
--- a/src/routes/berrydash/icon-marketplace/post.ts
+++ b/src/routes/berrydash/icon-marketplace/post.ts
@@ -1,5 +1,9 @@
 import { Context } from 'elysia'
-import { getDatabaseConnection, jsonResponse } from '../../../lib/util'
+import {
+  getClientIp,
+  getDatabaseConnection,
+  jsonResponse
+} from '../../../lib/util'
 import { berryDashMarketplaceIcons, users } from '../../../lib/tables'
 import { and, eq, inArray, or, sql, not } from 'drizzle-orm'
 import { checkAuthorization } from '../../../lib/bd/auth'
@@ -41,8 +45,14 @@ export async function handler (context: Context) {
  const { connection: connection0, db: db0 } = dbInfo0
  const { connection: connection1, db: db1 } = dbInfo1

+  const ip = getClientIp(context)
  const authorizationToken = context.headers.authorization
-  const authResult = await checkAuthorization(authorizationToken as string, db1)
+  const authResult = await checkAuthorization(
+    authorizationToken as string,
+    db1,
+    db0,
+    ip
+  )
  if (!authResult.valid) {
    connection0.end()
    connection1.end()
--- a/src/routes/berrydash/latest-version/get.ts
+++ b/src/routes/berrydash/latest-version/get.ts
@@ -1,9 +1,8 @@
 import { launcherVersionManifest } from '../../../lib/tables'
 import { and, desc, eq } from 'drizzle-orm'
 import { getDatabaseConnection, jsonResponse } from '../../../lib/util'
-import { Context } from 'elysia'

-export async function handler (context: Context) {
+export async function handler () {
  const dbResult = getDatabaseConnection(0)
  if (!dbResult)
    return jsonResponse({ error: 'Failed to connect to database' }, 500)
--- a/src/routes/berrydash/profile/posts/delete.ts
+++ b/src/routes/berrydash/profile/posts/delete.ts
@@ -1,5 +1,9 @@
 import { Context } from 'elysia'
-import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
+import {
+  getClientIp,
+  getDatabaseConnection,
+  jsonResponse
+} from '../../../../lib/util'
 import { berryDashUserPosts } from '../../../../lib/tables'
 import { and, eq } from 'drizzle-orm'
 import { checkAuthorization } from '../../../../lib/bd/auth'
@@ -13,11 +17,19 @@ export async function handler (context: Context) {
      { success: false, message: 'Failed to connect to database', data: null },
      500
    )
+  const { connection: connection0, db: db0 } = dbInfo1
  const { connection: connection1, db: db1 } = dbInfo1

+  const ip = getClientIp(context)
  const authorizationToken = context.headers.authorization
-  const authResult = await checkAuthorization(authorizationToken as string, db1)
+  const authResult = await checkAuthorization(
+    authorizationToken as string,
+    db1,
+    db0,
+    ip
+  )
  if (!authResult.valid) {
+    connection0.end()
    connection1.end()
    return jsonResponse(
      { success: false, message: 'Unauthorized', data: null },
@@ -28,6 +40,7 @@ export async function handler (context: Context) {

  let idQuery = context.query.id ? parseInt(context.query.id, 10) : 0
  if (!idQuery || idQuery < 1) {
+    connection0.end()
    connection1.end()
    return jsonResponse(
      { success: false, message: 'No valid post ID provided', data: null },
@@ -47,6 +60,7 @@ export async function handler (context: Context) {
    )
    .execute()

+  connection0.end()
  connection1.end()

  if (result[0])
--- a/src/routes/berrydash/profile/posts/post.ts
+++ b/src/routes/berrydash/profile/posts/post.ts
@@ -1,5 +1,9 @@
 import { Context } from 'elysia'
-import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
+import {
+  getClientIp,
+  getDatabaseConnection,
+  jsonResponse
+} from '../../../../lib/util'
 import { berryDashUserPosts } from '../../../../lib/tables'
 import { checkAuthorization } from '../../../../lib/bd/auth'

@@ -16,11 +20,19 @@ export async function handler (context: Context) {
      { success: false, message: 'Failed to connect to database', data: null },
      500
    )
+  const { connection: connection0, db: db0 } = dbInfo1
  const { connection: connection1, db: db1 } = dbInfo1

+  const ip = getClientIp(context)
  const authorizationToken = context.headers.authorization
-  const authResult = await checkAuthorization(authorizationToken as string, db1)
+  const authResult = await checkAuthorization(
+    authorizationToken as string,
+    db1,
+    db0,
+    ip
+  )
  if (!authResult.valid) {
+    connection0.end()
    connection1.end()
    return jsonResponse(
      { success: false, message: 'Unauthorized', data: null },
@@ -31,6 +43,7 @@ export async function handler (context: Context) {

  const body = context.body as Body
  if (!body.content) {
+    connection0.end()
    connection1.end()
    return jsonResponse(
      { success: false, message: 'No valid content provided', data: null },
@@ -47,6 +60,7 @@ export async function handler (context: Context) {
    })
    .execute()

+  connection0.end()
  connection1.end()

  return jsonResponse({ success: true, message: null, data: null }, 200)
--- a/src/routes/berrydash/profile/posts/put.ts
+++ b/src/routes/berrydash/profile/posts/put.ts
@@ -1,13 +1,13 @@
 import { Context } from 'elysia'
-import { getDatabaseConnection, jsonResponse } from '../../../../lib/util'
+import {
+  getClientIp,
+  getDatabaseConnection,
+  jsonResponse
+} from '../../../../lib/util'
 import { berryDashUserPosts } from '../../../../lib/tables'
 import { and, eq } from 'drizzle-orm'
 import { checkAuthorization } from '../../../../lib/bd/auth'

-type Body = {
-  liked: string
-}
-
 export async function handler (context: Context) {
  const dbInfo0 = getDatabaseConnection(0)
  const dbInfo1 = getDatabaseConnection(1)
@@ -17,11 +17,19 @@ export async function handler (context: Context) {
      { success: false, message: 'Failed to connect to database', data: null },
      500
    )
+  const { connection: connection0, db: db0 } = dbInfo1
  const { connection: connection1, db: db1 } = dbInfo1

+  const ip = getClientIp(context)
  const authorizationToken = context.headers.authorization
-  const authResult = await checkAuthorization(authorizationToken as string, db1)
+  const authResult = await checkAuthorization(
+    authorizationToken as string,
+    db1,
+    db0,
+    ip
+  )
  if (!authResult.valid) {
+    connection0.end()
    connection1.end()
    return jsonResponse(
      { success: false, message: 'Unauthorized', data: null },
@@ -33,6 +41,7 @@ export async function handler (context: Context) {
  let idQuery = context.query.id ? parseInt(context.query.id, 10) : 0
  let likedQuery = context.query.liked as string
  if (!idQuery || idQuery < 1) {
+    connection0.end()
    connection1.end()
    return jsonResponse(
      { success: false, message: 'No valid post ID provided', data: null },
@@ -43,6 +52,7 @@ export async function handler (context: Context) {
    !likedQuery ||
    (likedQuery.toLowerCase() != 'true' && likedQuery.toLowerCase() != 'false')
  ) {
+    connection0.end()
    connection1.end()
    return jsonResponse(
      {
@@ -65,7 +75,9 @@ export async function handler (context: Context) {
    )
    .limit(1)
    .execute()
-  if (!votesResult[0])
+  if (!votesResult[0]) {
+    connection0.end()
+    connection1.end()
    return jsonResponse(
      {
        success: true,
@@ -74,6 +86,7 @@ export async function handler (context: Context) {
      },
      400
    )
+  }
  const votes = JSON.parse(votesResult[0].votes)
  if (votes[userId.toString()]) {
    let likes = 0
@@ -93,6 +106,7 @@ export async function handler (context: Context) {
    )
    .execute()

+  connection0.end()
  connection1.end()

  let likes = 0
--- a/src/routes/get-verify-code.ts
+++ b/src/routes/get-verify-code.ts
@@ -1,4 +1,3 @@
-import axios from 'axios'
 import { Context } from 'elysia'
 import {
  getClientIp,