1 files changed, 25 insertions, 8 deletions

diff --git a/src/routes/api/configuration/+server.ts b/src/routes/api/configuration/+server.ts
index a42d9c54..418742a8 100644
--- a/src/routes/api/configuration/+server.ts
+++ b/src/routes/api/configuration/+server.ts
@@ -1,5 +1,8 @@
+import { userIdentity } from '$lib/Data/AniList/identity';
 import { getUserConfiguration, setUserConfiguration } from '$lib/Database/userConfiguration.js';
 
+const unauthorised = new Response('Unauthorised', { status: 401 });
+
 export const GET = async ({ url }) =>
 	Response.json(await getUserConfiguration(Number(url.searchParams.get('id') || 0)), {
 		headers: {
@@ -7,17 +10,31 @@ export const GET = async ({ url }) =>
 		}
 	});
 
-export const PUT = async ({ url, request }) =>
-	Response.json(
-		await setUserConfiguration(Number(url.searchParams.get('id') || 0), {
-			configuration: await request.json(),
-			updated_at: new Date().toISOString(),
-			user_id: Number(url.searchParams.get('id') || 0),
-			created_at: new Date().toISOString()
-		}),
+export const PUT = async ({ cookies, request }) => {
+	const userCookie = cookies.get('user');
+
+	if (!userCookie) return unauthorised;
+
+	const user = JSON.parse(userCookie);
+
+	return Response.json(
+		await setUserConfiguration(
+			(
+				await userIdentity({
+					tokenType: user['token_type'],
+					expiresIn: user['expires_in'],
+					accessToken: user['access_token'],
+					refreshToken: user['refresh_token']
+				})
+			).id,
+			{
+				configuration: await request.json()
+			}
+		),
 		{
 			headers: {
 				'Access-Control-Allow-Origin': 'https://due.moe'
 			}
 		}
 	);
+};