ether/backend
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

whitelist if user is admin and code improvements

Browse source
This commit is contained in:
Amy 2025-01-02 14:36:38 +01:00
parent f37e2ac4f3
commit fc42da4b99
4 changed files with 1303 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1284
package-lock.json generated Normal file
View file

File diff suppressed because it is too large Load diff

5
src/endpoints/admin.ts
View file

@ -4,9 +4,8 @@ import {checkadmin} from "../middleware.ts";
export default function (fastify: FastifyInstance, prisma: PrismaClient) { export default function (fastify: FastifyInstance, prisma: PrismaClient) {
fastify.post('/api/admin/addwhitelist', async (request, reply) => { fastify.post('/api/admin/addwhitelist', async (request, reply) => {
console.log("sdkfj") if (!await checkadmin(request)) return reply.status(401).send('Not Authorized (Admin)');
const test = await checkadmin(request)
if (!test) return reply.status(401).send('Not Authorized');
const {id} = request.query as { id?: string }; const {id} = request.query as { id?: string };
if (!id) { if (!id) {
reply.status(400).send('Bad Request'); reply.status(400).send('Bad Request');

1
src/endpoints/user.ts
View file

@ -5,6 +5,7 @@ import {getUser, isTokenValid} from "../authHelper.ts";
export default function (fastify: FastifyInstance, prisma: PrismaClient) { export default function (fastify: FastifyInstance, prisma: PrismaClient) {
fastify.get('/api/token', async (request, reply) => { fastify.get('/api/token', async (request, reply) => {
const token = request.headers.authorization const token = request.headers.authorization
console.log('Token =>', token);
if (!await isTokenValid(token)){ if (!await isTokenValid(token)){
reply.status(401).send('Not authorized') reply.status(401).send('Not authorized')
return return

24
src/main.ts
View file

@ -8,7 +8,7 @@ import path from 'path'
import dotenv from 'dotenv'; import dotenv from 'dotenv';
import {fileURLToPath} from 'url'; import {fileURLToPath} from 'url';
import {checkadmin, checkAuthenticatedDiscordToken} from "./middleware.ts"; import {checkadmin, checkAuthenticatedDiscordToken} from "./middleware.ts";
import {getUser} from "./authHelper.ts"; import {getUser, isAdmin} from "./authHelper.ts";
dotenv.config(); dotenv.config();
@ -81,16 +81,23 @@ fastify.register(fastifyOauth2, {
fastify.get('/login/callback', async function (request, reply) { fastify.get('/login/callback', async function (request, reply) {
// @ts-ignore // @ts-ignore
const {token} = await this.discordOAuth2?.getAccessTokenFromAuthorizationCodeFlow(request) const {token} = await this.discordOAuth2?.getAccessTokenFromAuthorizationCodeFlow(request)
//this is funny console.log('Received token from callback:', token);
const discordAccount = await getUser(token.access_token) const discordAccount = await getUser(token.access_token)
const test = await prisma.whitelistedUsers.findUnique({ let user = await prisma.whitelistedUsers.findUnique({
where: {discordId: discordAccount.id}, where: {discordId: discordAccount.id},
}); });
console.log(token) if (!user) {
if (isAdmin(token.access_token00)) {
if (!test) { user = await prisma.whitelistedUsers.create({
return reply.status(401).send("Not Authorized"); data: {
discordId: (await getUser(token.access_token)).id,
}
});
} else {
return reply.status(401).send("Not Authorized");
}
} }
// @ts-ignore // @ts-ignore
@ -122,7 +129,8 @@ fastify.get('/login/callback', async function (request, reply) {
maxAge: 31_622_400, maxAge: 31_622_400,
}); });
// reply.send({access_token: refreshToken.access_token}); // reply.send({access_token: refreshToken.access_token});
return reply.redirect("https://tappo.mono.exhq.dev") // return reply.redirect("https://tappo.mono.exhq.dev")
return reply.redirect(process.env.ORIGIN);
}); });
for (const file of fs.readdirSync(path.resolve(__dirname, "endpoints"))) { for (const file of fs.readdirSync(path.resolve(__dirname, "endpoints"))) {