tom/hermes-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added basic validation for requests

Browse Source
This commit is contained in:
Tom
2024-08-25 21:35:46 +00:00
parent 2d40d6fe09
commit 624b3fa63b
42 changed files with 608 additions and 492 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
app/api/settings/groups/users/route.ts
View File

@ -1,22 +1,31 @@
import { db } from "@/lib/db"
import { NextResponse } from "next/server";
import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation";
import axios from "axios";
import { env } from "process";
import { TwitchUpdateAuthorization } from "@/lib/twitch";
import { z } from "zod";
const groupIdSchema = z.string({
required_error: "Group ID should be available.",
invalid_type_error: "Group ID must be a string"
}).regex(/^[\w\-\=]{1,32}$/, "Group ID must contain only letters, numbers, dashes, underscores & equal signs.")
export async function GET(req: Request) {
try {
const user = await fetchUserWithImpersonation(req)
if (!user)
return new NextResponse("Unauthorized", { status: 401 });
return NextResponse.json({ message: 'Unauthorized.', error: null, value: null }, { status: 401 })
const { searchParams } = new URL(req.url)
const groupId = searchParams.get('groupId') as string
if (groupId) {
const groupIdValidation = await groupIdSchema.safeParseAsync(groupId)
if (!groupIdValidation.success)
return NextResponse.json({ message: 'groupId does not meet requirements.', error: JSON.parse(groupIdValidation.error['message'])[0], value: null }, { status: 400 })
}
let chatters: { userId: string, groupId: string, chatterId: bigint, chatterLabel: string }[]
if (!!groupId)
if (groupId)
chatters = await db.chatterGroup.findMany({
where: {
userId: user.id,
@ -31,10 +40,8 @@ export async function GET(req: Request) {
})
return NextResponse.json(chatters.map(u => ({ ...u, chatterId: Number(u.chatterId) }))
.map(({userId, chatterLabel, ...attrs}) => attrs))
.map(({ userId, chatterLabel, ...attrs }) => attrs))
} catch (error) {
console.log("[GROUPS/USERS]", error);
return new NextResponse("Internal Error", { status: 500 });
return NextResponse.json({ message: 'Failed to get groups', error: error, value: null }, { status: 500 })
}
}