diff options
Diffstat (limited to 'src/routes/api/preferences')
| -rw-r--r-- | src/routes/api/preferences/+server.ts | 10 | ||||
| -rw-r--r-- | src/routes/api/preferences/pin/+server.ts | 14 |
2 files changed, 17 insertions, 7 deletions
diff --git a/src/routes/api/preferences/+server.ts b/src/routes/api/preferences/+server.ts index 0537c9bc..47ce442b 100644 --- a/src/routes/api/preferences/+server.ts +++ b/src/routes/api/preferences/+server.ts @@ -1,5 +1,5 @@ import { Schema } from "effect"; -import { userIdentity } from "$lib/Data/AniList/identity"; +import { safeUserIdentity } from "$lib/Data/AniList/identity"; import { getUserPreferences, setBiography, @@ -9,7 +9,7 @@ import { toggleHideMissingBadges, togglePinnedBadgeWallCategory, } from "$lib/Database/SB/User/preferences"; -import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie"; +import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie"; import { decodeRequestJsonOrThrow } from "$lib/Effect/requestBody"; import { appOriginHeaders } from "$lib/Utility/appOrigin"; @@ -22,7 +22,11 @@ const authenticatedUserId = async (cookies: { if (!userCookie) return null; - return (await userIdentity(decodeAuthCookieOrThrow(userCookie))).id; + const user = decodeAuthCookieOrNull(userCookie); + + if (!user) return null; + + return (await safeUserIdentity(user))?.id ?? null; }; export const GET = async ({ url }) => { diff --git a/src/routes/api/preferences/pin/+server.ts b/src/routes/api/preferences/pin/+server.ts index 45a231fd..b69a8142 100644 --- a/src/routes/api/preferences/pin/+server.ts +++ b/src/routes/api/preferences/pin/+server.ts @@ -1,5 +1,5 @@ -import { userIdentity } from "$lib/Data/AniList/identity"; -import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie"; +import { safeUserIdentity } from "$lib/Data/AniList/identity"; +import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie"; import { toggleHololiveStreamPinning } from "$lib/Database/SB/User/preferences"; import { appOriginHeaders } from "$lib/Utility/appOrigin"; @@ -10,11 +10,17 @@ export const PUT = async ({ cookies, url }) => { if (!userCookie) return unauthorised; - const user = decodeAuthCookieOrThrow(userCookie); + const user = decodeAuthCookieOrNull(userCookie); + + if (!user) return unauthorised; + + const identity = await safeUserIdentity(user); + + if (!identity) return unauthorised; return Response.json( await toggleHololiveStreamPinning( - (await userIdentity(user)).id, + identity.id, url.searchParams.get("stream") || "", ), { |