Fixed impersonation. Added Twitch Redemption API path.

2025-01-10 14:31:13 +00:00
parent 5988df7d03
commit 4b81150636
1 changed files with 24 additions and 23 deletions
--- a/src/index.ts
+++ b/src/index.ts
@ -39,18 +39,9 @@ passport.use(new JwtStrat({
  jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
  secretOrKey: process.env.JWT_SECRET,
 }, async (jwt_payload: any, done: any) => {
-  console.log('jwt payload', jwt_payload);
  const user = await db.oneOrNone('SELECT id, name, role, "ttsDefaultVoice" FROM "User" WHERE id = $1', jwt_payload.id);

-  console.log('jwt user', user);
  if (user) {
-    const impersonationId = await db.oneOrNone('SELECT "targetId" FROM "Impersonation" WHERE "sourceId" = $1', jwt_payload.id);
-    if (impersonationId) {
-      const impersonation = await db.oneOrNone('SELECT id, name, role, "ttsDefaultVoice" FROM "User" WHERE id = $1', impersonationId.targetId);
-      if (impersonation) {
-        user.impersonation = impersonation;
-      }
-    }
    done(null, user);
  } else {
    done(null, false);
@ -85,15 +76,6 @@ passport.use(new OpenIDConnectStrategy({
      db.none('UPDATE "User" SET name = $1 WHERE id = $2', [profile.username, profile.id]);
      user.name = profile.username;
    }
-    if (user.role == 'ADMIN' && user.impersonation == null) {
-      const impersonationId = await db.oneOrNone('SELECT "targetId" FROM "Impersonation" WHERE "sourceId" = $1', profile.id);
-      if (impersonationId) {
-        const impersonation = await db.oneOrNone('SELECT id, name, role, "ttsDefaultVoice" FROM "User" WHERE id = $1', impersonationId.targetId);
-        if (impersonation) {
-          user.impersonation = impersonation;
-        }
-      }
-    }
    return done(null, user);
  }
  return done(new Error('Account does not exist.'), null);
@ -114,7 +96,7 @@ app.get('/api/auth', passport.authenticate("openidconnect", { failureRedirect: '
  res.send('');
 });

-app.get('/api/auth/validate', [isApiKeyAuthenticated, isJWTAuthenticated], (req: any, res: Response, next: () => void) => {
+app.get('/api/auth/validate', [isApiKeyAuthenticated, isJWTAuthenticated, updateImpersonation], (req: any, res: Response, next: () => void) => {
  const user = req?.user;
  res.send({ authenticated: user != null, user: user });
 });
@ -196,12 +178,11 @@ app.put('/api/admin/impersonate', apiMiddlewares, async (req: any, res: any, nex

  const data = await db.oneOrNone('SELECT "targetId" FROM "Impersonation" where "sourceId" = $1', req.user.id);
  if (!data?.targetId) {
-    const insert = await db.none('INSERT INTO "Impersonation" ("sourceId", "targetId") VALUES ($1, $2)', [req.user.id, req.body.impersonation]);
-    res.send(insert);
+    await db.none('INSERT INTO "Impersonation" ("sourceId", "targetId") VALUES ($1, $2)', [req.user.id, req.body.impersonation]);
  } else {
-    const update = await db.none('UPDATE "Impersonation" SET "targetId" = $2 WHERE "sourceId" = $1', [req.user.id, req.body.impersonation]);
-    res.send(update);
+    await db.none('UPDATE "Impersonation" SET "targetId" = $2 WHERE "sourceId" = $1', [req.user.id, req.body.impersonation]);
  }
+  res.send();
 });

 app.delete('/api/admin/impersonate', apiMiddlewares, async (req: any, res: any, next: any) => {
@ -250,6 +231,26 @@ app.delete('/api/keys', apiMiddlewares, async (req: any, res: any, next: any) =>
  res.send({ key: req.body.key });
 });

+app.get('/api/twitch/redemptions', apiMiddlewares, async (req: any, res: any, next: any) => {
+  const userId = req.user.impersonation?.id ?? req.user.id;
+  const account: any = await db.one('SELECT "providerAccountId" FROM "Account" WHERE "userId" = $1', userId);
+  const connection: any = await db.oneOrNone('SELECT "clientId", "accessToken" FROM "Connection" WHERE "userId" = $1 AND "default" = true AND "type" = \'twitch\'', userId);
+  const rest = new httpm.HttpClient(null);
+  const resp = await rest.get('https://api.twitch.tv/helix/channel_points/custom_rewards?broadcaster_id=' + account.providerAccountId, {
+    'Authorization': 'Bearer ' + connection.accessToken,
+    'Client-Id': connection.clientId
+  });
+
+  const twitch = JSON.parse(await resp.readBody());
+  if (!twitch?.data) {
+    console.log('Failed to fetch twitch data:', account, twitch?.data);
+    res.status(401).send({ error: 'Could not fetch Twitch channel redemption data.' });
+    return;
+  }
+
+  res.send(twitch.data);
+});
+
 app.post("/api/auth/twitch/callback", async (req: any, res: any) => {
  const query = `client_id=${process.env.AUTH_CLIENT_ID}&client_secret=${process.env.AUTH_CLIENT_SECRET}&code=${req.body.code}&grant_type=authorization_code&redirect_uri=${process.env.AUTH_REDIRECT_URI}`
  const rest = new httpm.HttpClient(null);