egutierrez/linkwarden
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added the ability for the users to hide there profile

Browse Source
This commit is contained in:
Daniel
2023-05-23 07:38:16 +03:30
parent e774f41d37
commit 240d92aeae
10 changed files with 94 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pages/api/avatar/[id].ts
+24 -6
View File
@@ -6,23 +6,41 @@
import type { NextApiRequest, NextApiResponse } from "next";
import { getServerSession } from "next-auth/next";
import { authOptions } from "pages/api/auth/[...nextauth]";
import { prisma } from "@/lib/api/db";
import path from "path";
import fs from "fs";
export default async function (req: NextApiRequest, res: NextApiResponse) {
if (!req.query.id)
return res.status(401).json({ response: "Invalid parameters." });
const session = await getServerSession(req, res, authOptions);
if (!session?.user?.email)
const userId = session?.user.id;
const userEmail = session?.user.email;
const queryId = Number(req.query.id);
if (!queryId)
return res.status(401).json({ response: "Invalid parameters." });
if (!userId || !userEmail)
return res.status(401).json({ response: "You must be logged in." });
// TODO: If profile is private, hide it to other users...
if (userId !== queryId) {
const targetUser = await prisma.user.findUnique({
where: {
id: queryId,
},
});
if (
targetUser?.isPrivate &&
!targetUser.whitelistedUsers.includes(userEmail)
) {
return res.status(401).json({ response: "This profile is private." });
}
}
const filePath = path.join(
process.cwd(),
`data/uploads/avatar/${req.query.id}.jpg`
`data/uploads/avatar/${queryId}.jpg`
);
console.log(filePath);
pages/api/routes/users/index.ts
+1 -1
View File
@@ -20,7 +20,7 @@ export default async function (req: NextApiRequest, res: NextApiResponse) {
const isSelf = session.user.email === lookupEmail ? true : false;
if (req.method === "GET") {
const users = await getUsers(lookupEmail, isSelf);
const users = await getUsers(lookupEmail, isSelf, session.user.email);
return res.status(users.status).json({ response: users.response });
} else if (req.method === "PUT" && !req.body.password) {
const updated = await updateUser(req.body, session.user.id);