whitelist if user is admin and code improvements
This commit is contained in:
parent
f37e2ac4f3
commit
fc42da4b99
4 changed files with 1303 additions and 11 deletions
1284
package-lock.json
generated
Normal file
1284
package-lock.json
generated
Normal file
File diff suppressed because it is too large
Load diff
|
|
@ -4,9 +4,8 @@ import {checkadmin} from "../middleware.ts";
|
|||
|
||||
export default function (fastify: FastifyInstance, prisma: PrismaClient) {
|
||||
fastify.post('/api/admin/addwhitelist', async (request, reply) => {
|
||||
console.log("sdkfj")
|
||||
const test = await checkadmin(request)
|
||||
if (!test) return reply.status(401).send('Not Authorized');
|
||||
if (!await checkadmin(request)) return reply.status(401).send('Not Authorized (Admin)');
|
||||
|
||||
const {id} = request.query as { id?: string };
|
||||
if (!id) {
|
||||
reply.status(400).send('Bad Request');
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import {getUser, isTokenValid} from "../authHelper.ts";
|
|||
export default function (fastify: FastifyInstance, prisma: PrismaClient) {
|
||||
fastify.get('/api/token', async (request, reply) => {
|
||||
const token = request.headers.authorization
|
||||
console.log('Token =>', token);
|
||||
if (!await isTokenValid(token)){
|
||||
reply.status(401).send('Not authorized')
|
||||
return
|
||||
|
|
|
|||
24
src/main.ts
24
src/main.ts
|
|
@ -8,7 +8,7 @@ import path from 'path'
|
|||
import dotenv from 'dotenv';
|
||||
import {fileURLToPath} from 'url';
|
||||
import {checkadmin, checkAuthenticatedDiscordToken} from "./middleware.ts";
|
||||
import {getUser} from "./authHelper.ts";
|
||||
import {getUser, isAdmin} from "./authHelper.ts";
|
||||
|
||||
dotenv.config();
|
||||
|
||||
|
|
@ -81,16 +81,23 @@ fastify.register(fastifyOauth2, {
|
|||
fastify.get('/login/callback', async function (request, reply) {
|
||||
// @ts-ignore
|
||||
const {token} = await this.discordOAuth2?.getAccessTokenFromAuthorizationCodeFlow(request)
|
||||
//this is funny
|
||||
console.log('Received token from callback:', token);
|
||||
|
||||
const discordAccount = await getUser(token.access_token)
|
||||
const test = await prisma.whitelistedUsers.findUnique({
|
||||
let user = await prisma.whitelistedUsers.findUnique({
|
||||
where: {discordId: discordAccount.id},
|
||||
});
|
||||
|
||||
console.log(token)
|
||||
|
||||
if (!test) {
|
||||
return reply.status(401).send("Not Authorized");
|
||||
if (!user) {
|
||||
if (isAdmin(token.access_token00)) {
|
||||
user = await prisma.whitelistedUsers.create({
|
||||
data: {
|
||||
discordId: (await getUser(token.access_token)).id,
|
||||
}
|
||||
});
|
||||
} else {
|
||||
return reply.status(401).send("Not Authorized");
|
||||
}
|
||||
}
|
||||
|
||||
// @ts-ignore
|
||||
|
|
@ -122,7 +129,8 @@ fastify.get('/login/callback', async function (request, reply) {
|
|||
maxAge: 31_622_400,
|
||||
});
|
||||
// reply.send({access_token: refreshToken.access_token});
|
||||
return reply.redirect("https://tappo.mono.exhq.dev")
|
||||
// return reply.redirect("https://tappo.mono.exhq.dev")
|
||||
return reply.redirect(process.env.ORIGIN);
|
||||
});
|
||||
|
||||
for (const file of fs.readdirSync(path.resolve(__dirname, "endpoints"))) {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue