aboutsummaryrefslogtreecommitdiff
path: root/src/routes/api
diff options
context:
space:
mode:
Diffstat (limited to 'src/routes/api')
-rw-r--r--src/routes/api/badges/+server.ts22
-rw-r--r--src/routes/api/configuration/+server.ts10
-rw-r--r--src/routes/api/notifications/subscribe/+server.ts11
-rw-r--r--src/routes/api/notifications/unsubscribe/+server.ts11
-rw-r--r--src/routes/api/preferences/+server.ts10
-rw-r--r--src/routes/api/preferences/pin/+server.ts14
6 files changed, 54 insertions, 24 deletions
diff --git a/src/routes/api/badges/+server.ts b/src/routes/api/badges/+server.ts
index 8a86b468..476fb264 100644
--- a/src/routes/api/badges/+server.ts
+++ b/src/routes/api/badges/+server.ts
@@ -1,5 +1,5 @@
-import { userIdentity } from "$lib/Data/AniList/identity";
-import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie";
+import { safeUserIdentity } from "$lib/Data/AniList/identity";
+import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie";
import { decodeRequestJsonOrThrow } from "$lib/Effect/requestBody";
import {
removeAllUserBadges,
@@ -35,8 +35,13 @@ export const DELETE = async ({ url, cookies }) => {
if (!userCookie) return unauthorised;
- const user = decodeAuthCookieOrThrow(userCookie);
- const identity = await userIdentity(user);
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return unauthorised;
+
+ const identity = await safeUserIdentity(user);
+
+ if (!identity) return unauthorised;
if ((url.searchParams.get("prune") || 0) === "true") {
await removeAllUserBadges(identity.id);
@@ -60,8 +65,13 @@ export const PUT = async ({ cookies, url, request }) => {
if (!userCookie) return unauthorised;
- const user = decodeAuthCookieOrThrow(userCookie);
- const identity = await userIdentity(user);
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return unauthorised;
+
+ const identity = await safeUserIdentity(user);
+
+ if (!identity) return unauthorised;
const authorised = privilegedUser(identity.id);
if (url.searchParams.get("shadowHide"))
diff --git a/src/routes/api/configuration/+server.ts b/src/routes/api/configuration/+server.ts
index 786e8333..306e1285 100644
--- a/src/routes/api/configuration/+server.ts
+++ b/src/routes/api/configuration/+server.ts
@@ -1,11 +1,11 @@
import { Schema } from "effect";
-import { userIdentity } from "$lib/Data/AniList/identity";
+import { safeUserIdentity } from "$lib/Data/AniList/identity";
import {
deleteUserConfiguration,
getUserConfiguration,
setUserConfiguration,
} from "$lib/Database/SB/User/configuration";
-import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie";
+import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie";
import { decodeRequestJsonOrThrow } from "$lib/Effect/requestBody";
import { appOriginHeaders } from "$lib/Utility/appOrigin";
@@ -18,7 +18,11 @@ const authenticatedUserId = async (cookies: {
if (!userCookie) return null;
- return (await userIdentity(decodeAuthCookieOrThrow(userCookie))).id;
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return null;
+
+ return (await safeUserIdentity(user))?.id ?? null;
};
export const GET = async ({ cookies, url }) => {
diff --git a/src/routes/api/notifications/subscribe/+server.ts b/src/routes/api/notifications/subscribe/+server.ts
index 806785e4..203470e0 100644
--- a/src/routes/api/notifications/subscribe/+server.ts
+++ b/src/routes/api/notifications/subscribe/+server.ts
@@ -1,6 +1,6 @@
-import { userIdentity } from "$lib/Data/AniList/identity";
+import { safeUserIdentity } from "$lib/Data/AniList/identity";
import { setUserSubscription } from "$lib/Database/SB/User/notifications";
-import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie";
+import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie";
import { decodeRequestJsonOrThrow } from "$lib/Effect/requestBody";
import { Schema } from "effect";
@@ -12,8 +12,11 @@ export const POST = async ({ cookies, request, url }) => {
if (!userCookie || !fingerprint) return unauthorised;
- const user = decodeAuthCookieOrThrow(userCookie);
- const userId = (await userIdentity(user)).id;
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return unauthorised;
+
+ const userId = (await safeUserIdentity(user))?.id;
if (!userId) return unauthorised;
diff --git a/src/routes/api/notifications/unsubscribe/+server.ts b/src/routes/api/notifications/unsubscribe/+server.ts
index 87f8b498..94bbd497 100644
--- a/src/routes/api/notifications/unsubscribe/+server.ts
+++ b/src/routes/api/notifications/unsubscribe/+server.ts
@@ -1,6 +1,6 @@
-import { userIdentity } from "$lib/Data/AniList/identity";
+import { safeUserIdentity } from "$lib/Data/AniList/identity";
import { deleteUserSubscription } from "$lib/Database/SB/User/notifications";
-import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie";
+import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie";
const unauthorised = new Response("Unauthorised", { status: 401 });
@@ -10,8 +10,11 @@ export const POST = async ({ cookies, url }) => {
if (!userCookie || !fingerprint) return unauthorised;
- const user = decodeAuthCookieOrThrow(userCookie);
- const userId = (await userIdentity(user)).id;
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return unauthorised;
+
+ const userId = (await safeUserIdentity(user))?.id;
if (!userId) return unauthorised;
diff --git a/src/routes/api/preferences/+server.ts b/src/routes/api/preferences/+server.ts
index 0537c9bc..47ce442b 100644
--- a/src/routes/api/preferences/+server.ts
+++ b/src/routes/api/preferences/+server.ts
@@ -1,5 +1,5 @@
import { Schema } from "effect";
-import { userIdentity } from "$lib/Data/AniList/identity";
+import { safeUserIdentity } from "$lib/Data/AniList/identity";
import {
getUserPreferences,
setBiography,
@@ -9,7 +9,7 @@ import {
toggleHideMissingBadges,
togglePinnedBadgeWallCategory,
} from "$lib/Database/SB/User/preferences";
-import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie";
+import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie";
import { decodeRequestJsonOrThrow } from "$lib/Effect/requestBody";
import { appOriginHeaders } from "$lib/Utility/appOrigin";
@@ -22,7 +22,11 @@ const authenticatedUserId = async (cookies: {
if (!userCookie) return null;
- return (await userIdentity(decodeAuthCookieOrThrow(userCookie))).id;
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return null;
+
+ return (await safeUserIdentity(user))?.id ?? null;
};
export const GET = async ({ url }) => {
diff --git a/src/routes/api/preferences/pin/+server.ts b/src/routes/api/preferences/pin/+server.ts
index 45a231fd..b69a8142 100644
--- a/src/routes/api/preferences/pin/+server.ts
+++ b/src/routes/api/preferences/pin/+server.ts
@@ -1,5 +1,5 @@
-import { userIdentity } from "$lib/Data/AniList/identity";
-import { decodeAuthCookieOrThrow } from "$lib/Effect/authCookie";
+import { safeUserIdentity } from "$lib/Data/AniList/identity";
+import { decodeAuthCookieOrNull } from "$lib/Effect/authCookie";
import { toggleHololiveStreamPinning } from "$lib/Database/SB/User/preferences";
import { appOriginHeaders } from "$lib/Utility/appOrigin";
@@ -10,11 +10,17 @@ export const PUT = async ({ cookies, url }) => {
if (!userCookie) return unauthorised;
- const user = decodeAuthCookieOrThrow(userCookie);
+ const user = decodeAuthCookieOrNull(userCookie);
+
+ if (!user) return unauthorised;
+
+ const identity = await safeUserIdentity(user);
+
+ if (!identity) return unauthorised;
return Response.json(
await toggleHololiveStreamPinning(
- (await userIdentity(user)).id,
+ identity.id,
url.searchParams.get("stream") || "",
),
{
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-11 10:40:37 +0000