Fixed impersonation. Added Twitch Redemption API path.

src/index.ts

@@ -39,18 +39,9 @@ passport.use(new JwtStrat({
   jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
   secretOrKey: process.env.JWT_SECRET,
 }, async (jwt_payload: any, done: any) => {
-  console.log('jwt payload', jwt_payload);
   const user = await db.oneOrNone('SELECT id, name, role, "ttsDefaultVoice" FROM "User" WHERE id = $1', jwt_payload.id);
 
-  console.log('jwt user', user);
   if (user) {
-    const impersonationId = await db.oneOrNone('SELECT "targetId" FROM "Impersonation" WHERE "sourceId" = $1', jwt_payload.id);
-    if (impersonationId) {
-      const impersonation = await db.oneOrNone('SELECT id, name, role, "ttsDefaultVoice" FROM "User" WHERE id = $1', impersonationId.targetId);
-      if (impersonation) {
-        user.impersonation = impersonation;
-      }
-    }
     done(null, user);
   } else {
     done(null, false);
@@ -85,15 +76,6 @@ passport.use(new OpenIDConnectStrategy({
       db.none('UPDATE "User" SET name = $1 WHERE id = $2', [profile.username, profile.id]);
       user.name = profile.username;
     }
-    if (user.role == 'ADMIN' && user.impersonation == null) {
-      const impersonationId = await db.oneOrNone('SELECT "targetId" FROM "Impersonation" WHERE "sourceId" = $1', profile.id);
-      if (impersonationId) {
-        const impersonation = await db.oneOrNone('SELECT id, name, role, "ttsDefaultVoice" FROM "User" WHERE id = $1', impersonationId.targetId);
-        if (impersonation) {
-          user.impersonation = impersonation;
-        }
-      }
-    }
     return done(null, user);
   }
   return done(new Error('Account does not exist.'), null);
@@ -114,7 +96,7 @@ app.get('/api/auth', passport.authenticate("openidconnect", { failureRedirect: '
   res.send('');
 });
 
-app.get('/api/auth/validate', [isApiKeyAuthenticated, isJWTAuthenticated], (req: any, res: Response, next: () => void) => {
+app.get('/api/auth/validate', [isApiKeyAuthenticated, isJWTAuthenticated, updateImpersonation], (req: any, res: Response, next: () => void) => {
   const user = req?.user;
   res.send({ authenticated: user != null, user: user });
 });
@@ -196,12 +178,11 @@ app.put('/api/admin/impersonate', apiMiddlewares, async (req: any, res: any, nex
 
   const data = await db.oneOrNone('SELECT "targetId" FROM "Impersonation" where "sourceId" = $1', req.user.id);
   if (!data?.targetId) {
-    const insert = await db.none('INSERT INTO "Impersonation" ("sourceId", "targetId") VALUES ($1, $2)', [req.user.id, req.body.impersonation]);
+    await db.none('INSERT INTO "Impersonation" ("sourceId", "targetId") VALUES ($1, $2)', [req.user.id, req.body.impersonation]);
-    res.send(insert);
   } else {
-    const update = await db.none('UPDATE "Impersonation" SET "targetId" = $2 WHERE "sourceId" = $1', [req.user.id, req.body.impersonation]);
+    await db.none('UPDATE "Impersonation" SET "targetId" = $2 WHERE "sourceId" = $1', [req.user.id, req.body.impersonation]);
-    res.send(update);
   }
+  res.send();
 });
 
 app.delete('/api/admin/impersonate', apiMiddlewares, async (req: any, res: any, next: any) => {
@@ -250,6 +231,26 @@ app.delete('/api/keys', apiMiddlewares, async (req: any, res: any, next: any) =>
   res.send({ key: req.body.key });
 });
 
+app.get('/api/twitch/redemptions', apiMiddlewares, async (req: any, res: any, next: any) => {
+  const userId = req.user.impersonation?.id ?? req.user.id;
+  const account: any = await db.one('SELECT "providerAccountId" FROM "Account" WHERE "userId" = $1', userId);
+  const connection: any = await db.oneOrNone('SELECT "clientId", "accessToken" FROM "Connection" WHERE "userId" = $1 AND "default" = true AND "type" = \'twitch\'', userId);
+  const rest = new httpm.HttpClient(null);
+  const resp = await rest.get('https://api.twitch.tv/helix/channel_points/custom_rewards?broadcaster_id=' + account.providerAccountId, {
+    'Authorization': 'Bearer ' + connection.accessToken,
+    'Client-Id': connection.clientId
+  });
+
+  const twitch = JSON.parse(await resp.readBody());
+  if (!twitch?.data) {
+    console.log('Failed to fetch twitch data:', account, twitch?.data);
+    res.status(401).send({ error: 'Could not fetch Twitch channel redemption data.' });
+    return;
+  }
+
+  res.send(twitch.data);
+});
+
 app.post("/api/auth/twitch/callback", async (req: any, res: any) => {
   const query = `client_id=${process.env.AUTH_CLIENT_ID}&client_secret=${process.env.AUTH_CLIENT_SECRET}&code=${req.body.code}&grant_type=authorization_code&redirect_uri=${process.env.AUTH_REDIRECT_URI}`
   const rest = new httpm.HttpClient(null);