aboutsummaryrefslogtreecommitdiff
path: root/src/routes/api/badges
diff options
context:
space:
mode:
Diffstat (limited to 'src/routes/api/badges')
-rw-r--r--src/routes/api/badges/+server.ts296
1 files changed, 163 insertions, 133 deletions
diff --git a/src/routes/api/badges/+server.ts b/src/routes/api/badges/+server.ts
index 35ed4512..46b98cbc 100644
--- a/src/routes/api/badges/+server.ts
+++ b/src/routes/api/badges/+server.ts
@@ -1,149 +1,179 @@
-import { userIdentity } from '$lib/Data/AniList/identity';
+import { safeUserIdentity } from "$lib/Data/AniList/identity";
+import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie";
+import { decodeRequestJsonOrThrow } from "$lib/Effect/requestBody";
import {
- removeAllUserBadges,
- removeUserBadge,
- updateUserBadge,
- getUserBadges,
- addUserBadge,
- type Badge,
- migrateCategory,
- setShadowHidden,
- setShadowHiddenBadge,
- incrementClickCount
-} from '$lib/Database/SB/User/badges';
-import privilegedUser from '$lib/Utility/privilegedUser';
-
-const unauthorised = new Response('Unauthorised', { status: 401 });
+ removeAllUserBadges,
+ removeUserBadge,
+ updateUserBadge,
+ getUserBadges,
+ addUserBadge,
+ type Badge,
+ type BadgeInput,
+ migrateCategory,
+ setShadowHidden,
+ setShadowHiddenBadge,
+ incrementClickCount,
+} from "$lib/Database/SB/User/badges";
+import { Schema } from "effect";
+import { appOrigin, appOriginHeaders } from "$lib/Utility/appOrigin";
+import privilegedUser from "$lib/Utility/privilegedUser";
+
+const unauthorised = () => new Response("Unauthorised", { status: 401 });
+const importedBadgeSchema = Schema.Record(Schema.String, Schema.Unknown);
const badges = async (id: number) =>
- Response.json(await getUserBadges(id), {
- headers: {
- 'Access-Control-Allow-Origin': 'https://due.moe'
- }
- });
+ Response.json(await getUserBadges(id), {
+ headers: appOriginHeaders(),
+ });
export const GET = async ({ url }) => {
- return await badges(Number(url.searchParams.get('id') || 0));
+ return await badges(Number(url.searchParams.get("id") || 0));
};
export const DELETE = async ({ url, cookies }) => {
- const userCookie = cookies.get('user');
+ const userCookie = cookies.get("user");
- if (!userCookie) return unauthorised;
+ if (!userCookie) return unauthorised();
- const user = JSON.parse(userCookie);
- const identity = await userIdentity({
- tokenType: user['token_type'],
- expiresIn: user['expires_in'],
- accessToken: user['access_token'],
- refreshToken: user['refresh_token']
- });
+ const user = decodeAuthCookieOrNull(userCookie);
- if ((url.searchParams.get('prune') || 0) === 'true') {
- await removeAllUserBadges(identity.id);
- } else {
- await removeUserBadge(identity.id, Number(url.searchParams.get('id')));
- }
+ if (!user) return unauthorised();
- return await badges(identity.id);
+ const identity = await safeUserIdentity(user);
+
+ if (!identity) return unauthorised();
+
+ if ((url.searchParams.get("prune") || 0) === "true") {
+ await removeAllUserBadges(identity.id);
+ } else {
+ await removeUserBadge(identity.id, Number(url.searchParams.get("id")));
+ }
+
+ return await badges(identity.id);
};
export const PUT = async ({ cookies, url, request }) => {
- if (url.searchParams.get('incrementClickCount') || undefined) {
- await incrementClickCount(Number(url.searchParams.get('incrementClickCount')));
-
- return new Response('Incremented', { status: 200 });
- }
-
- const userCookie = cookies.get('user');
-
- if (!userCookie) return unauthorised;
-
- const user = JSON.parse(userCookie);
- const identity = await userIdentity({
- tokenType: user['token_type'],
- expiresIn: user['expires_in'],
- accessToken: user['access_token'],
- refreshToken: user['refresh_token']
- });
- const authorised = privilegedUser(identity.id);
-
- if (url.searchParams.get('shadowHide'))
- setShadowHidden(Number(url.searchParams.get('shadowHide')), authorised);
-
- if (url.searchParams.get('import') || undefined) {
- await Promise.all(
- (await request.json()).map(async (badge: Badge) => await addUserBadge(identity.id, badge))
- );
-
- return await badges(identity.id);
- } else if (url.searchParams.get('migrate') || undefined) {
- await migrateCategory(
- identity.id,
- url.searchParams.get('original') || '',
- url.searchParams.get('new') || ''
- );
-
- return await badges(identity.id);
- }
-
- if (url.searchParams.get('hide') || undefined) {
- const allBadges = await getUserBadges(identity.id);
-
- await Promise.all(
- allBadges
- .filter((badge) => badge.category === (url.searchParams.get('category') || ''))
- .map(async (badge) => {
- await updateUserBadge(identity.id, badge.id as number, {
- ...badge,
- hidden:
- allBadges
- .filter((badge) => badge.category === (url.searchParams.get('category') || ''))
- .filter((badge) => badge.hidden).length >
- allBadges.filter(
- (badge) => badge.category === (url.searchParams.get('category') || '')
- ).length /
- 2
- ? false
- : true
- });
- })
- );
-
- return await badges(identity.id);
- }
-
- if (url.searchParams.get('shadowHideBadge') || undefined) {
- if (!authorised) return unauthorised;
-
- await setShadowHiddenBadge(
- Number(url.searchParams.get('shadowHideBadge')),
- url.searchParams.get('status') == 'true' ? false : true
- );
-
- return await badges(Number(url.searchParams.get('id')));
- }
-
- const badge = {
- post: url.searchParams.get('post') || undefined,
- image: url.searchParams.get('image') || undefined,
- description: url.searchParams.get('description') || null,
- time: url.searchParams.get('time') || undefined,
- category: url.searchParams.get('category') || null,
- hidden: url.searchParams.get('hidden') || false,
- source: url.searchParams.get('source') || null,
- designer: url.searchParams.get('designer') || null
- };
-
- if (
- (await getUserBadges(identity.id)).find(
- (badge) => Number(badge.id) === Number(url.searchParams.get('update'))
- )
- ) {
- await updateUserBadge(identity.id, Number(url.searchParams.get('update')), badge as Badge);
- } else {
- await addUserBadge(identity.id, badge as Badge);
- }
-
- return await badges(identity.id);
+ if (url.searchParams.get("incrementClickCount") || undefined) {
+ if (request.headers.get("origin") !== appOrigin()) return unauthorised();
+
+ await incrementClickCount(
+ Number(url.searchParams.get("incrementClickCount")),
+ );
+
+ return new Response("Incremented", { status: 200 });
+ }
+
+ const userCookie = cookies.get("user");
+
+ if (!userCookie) return unauthorised();
+
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return unauthorised();
+
+ const identity = await safeUserIdentity(user);
+
+ if (!identity) return unauthorised();
+ const authorised = privilegedUser(identity.id);
+
+ if (url.searchParams.get("shadowHide"))
+ await setShadowHidden(
+ Number(url.searchParams.get("shadowHide")),
+ authorised,
+ );
+
+ if (url.searchParams.get("import") || undefined) {
+ const importedBadges = await decodeRequestJsonOrThrow(
+ request,
+ Schema.Array(importedBadgeSchema),
+ );
+
+ await Promise.all(
+ importedBadges.map(
+ async (badge) =>
+ await addUserBadge(identity.id, badge as unknown as BadgeInput),
+ ),
+ );
+
+ return await badges(identity.id);
+ } else if (url.searchParams.get("migrate") || undefined) {
+ await migrateCategory(
+ identity.id,
+ url.searchParams.get("original") || "",
+ url.searchParams.get("new") || "",
+ );
+
+ return await badges(identity.id);
+ }
+
+ if (url.searchParams.get("hide") || undefined) {
+ const allBadges = await getUserBadges(identity.id);
+
+ await Promise.all(
+ allBadges
+ .filter(
+ (badge) =>
+ badge.category === (url.searchParams.get("category") || ""),
+ )
+ .map(async (badge) => {
+ await updateUserBadge(identity.id, badge.id as number, {
+ ...badge,
+ hidden:
+ allBadges
+ .filter(
+ (badge) =>
+ badge.category === (url.searchParams.get("category") || ""),
+ )
+ .filter((badge) => badge.hidden).length >
+ allBadges.filter(
+ (badge) =>
+ badge.category === (url.searchParams.get("category") || ""),
+ ).length /
+ 2
+ ? false
+ : true,
+ });
+ }),
+ );
+
+ return await badges(identity.id);
+ }
+
+ if (url.searchParams.get("shadowHideBadge") || undefined) {
+ if (!authorised) return unauthorised();
+
+ await setShadowHiddenBadge(
+ Number(url.searchParams.get("shadowHideBadge")),
+ url.searchParams.get("status") === "true" ? false : true,
+ );
+
+ return await badges(Number(url.searchParams.get("id")));
+ }
+
+ const badge = {
+ post: url.searchParams.get("post") || undefined,
+ image: url.searchParams.get("image") || undefined,
+ description: url.searchParams.get("description") || null,
+ time: url.searchParams.get("time") || undefined,
+ category: url.searchParams.get("category") || null,
+ hidden: url.searchParams.get("hidden") || false,
+ source: url.searchParams.get("source") || null,
+ designer: url.searchParams.get("designer") || null,
+ };
+
+ if (
+ (await getUserBadges(identity.id)).find(
+ (badge) => Number(badge.id) === Number(url.searchParams.get("update")),
+ )
+ ) {
+ await updateUserBadge(
+ identity.id,
+ Number(url.searchParams.get("update")),
+ badge as Badge,
+ );
+ } else {
+ await addUserBadge(identity.id, badge as Badge);
+ }
+
+ return await badges(identity.id);
};
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-26 11:16:18 +0000