diff options
| author | Dhravya <[email protected]> | 2024-07-16 23:51:22 -0500 |
|---|---|---|
| committer | Dhravya <[email protected]> | 2024-07-16 23:51:22 -0500 |
| commit | 8652405fbd4212709ff3c7f9eace79ea67e7aaed (patch) | |
| tree | 39cc35d582de0129e247b7f26daedbb204c873a7 /apps/web/app/api | |
| parent | use tabs (diff) | |
| download | supermemory-8652405fbd4212709ff3c7f9eace79ea67e7aaed.tar.xz supermemory-8652405fbd4212709ff3c7f9eace79ea67e7aaed.zip | |
stuff
Diffstat (limited to 'apps/web/app/api')
| -rw-r--r-- | apps/web/app/api/ensureAuth.ts | 76 | ||||
| -rw-r--r-- | apps/web/app/api/mobile/newUser/route.ts | 13 |
2 files changed, 74 insertions, 15 deletions
diff --git a/apps/web/app/api/ensureAuth.ts b/apps/web/app/api/ensureAuth.ts index a8c43cdc..1fcd2914 100644 --- a/apps/web/app/api/ensureAuth.ts +++ b/apps/web/app/api/ensureAuth.ts @@ -1,6 +1,6 @@ import { NextRequest } from "next/server"; import { db } from "../../server/db"; -import { sessions, users } from "../../server/db/schema"; +import { accounts, sessions, users } from "../../server/db/schema"; import { eq } from "drizzle-orm"; export async function ensureAuth(req: NextRequest) { @@ -16,12 +16,84 @@ export async function ensureAuth(req: NextRequest) { return undefined; } - const sessionData = await db + let sessionData = await db .select() .from(sessions) .innerJoin(users, eq(users.id, sessions.userId)) .where(eq(sessions.sessionToken, token!)); + const isMobile = + token.split("?") && token.split("?")[1] === `source="mobile"`; + + if (isMobile) { + // remove everything after ? in token + const newToken = token.split("?").slice(0, -1).join("?"); + + console.log(token, newToken); + + const authUserFetch = await fetch( + `https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=${newToken}`, + ); + + if (!authUserFetch.ok) { + console.error( + "Error fetching Google user,", + authUserFetch.statusText, + await authUserFetch.text(), + ); + console.log("Google user not found or error."); + return undefined; + } + + const authUserData = (await authUserFetch.json()) as { + email: string; + audience: string; + issued_to: string; + }; + + console.log(authUserData); + + if ( + !( + authUserData.audience.split("-")[0] === + process.env.GOOGLE_CLIENT_ID.split("-")[0] && + authUserData.issued_to.split("-")[0] === + process.env.GOOGLE_CLIENT_ID.split("-")[0] + ) + ) { + console.log( + "Google user not authorized because of audience or issued_to mismatch", + ); + return undefined; + } + + const authUserEmail = authUserData.email; + + let user = await db + .select() + .from(users) + .where(eq(users.email, authUserEmail)) + .limit(1); + + if (!user || user.length === 0) { + // create the user + user = await db + .insert(users) + .values({ + email: authUserEmail, + name: authUserEmail.split("@")[0], + }) + .returning(); + } + + sessionData = [ + { + ...sessionData[0]!, + user: user[0]!, + }, + ]; + } + if (!sessionData || sessionData.length === 0) { return undefined; } diff --git a/apps/web/app/api/mobile/newUser/route.ts b/apps/web/app/api/mobile/newUser/route.ts deleted file mode 100644 index ed7cbdf3..00000000 --- a/apps/web/app/api/mobile/newUser/route.ts +++ /dev/null @@ -1,13 +0,0 @@ -import { NextRequest } from "next/server"; -import { z } from "zod"; - -export const runtime = "edge"; - -const newMobileUserBody = z.object({ - // this is a string in the format - encodedUserString: z.string(), -}); - -export async function POST(req: NextRequest) { - const body = await req.json(); -} |