support for bearer tokens
This commit is contained in:
daniel31x13
+19
-19
@@ -1,15 +1,23 @@
|
||||
import type { NextApiRequest, NextApiResponse } from "next";
|
||||
import { getServerSession } from "next-auth/next";
|
||||
import { authOptions } from "@/pages/api/v1/auth/[...nextauth]";
|
||||
import getUserById from "@/lib/api/controllers/users/userId/getUserById";
|
||||
import getPublicUserById from "@/lib/api/controllers/users/userId/getPublicUserById";
|
||||
import updateUserById from "@/lib/api/controllers/users/userId/updateUserById";
|
||||
import deleteUserById from "@/lib/api/controllers/users/userId/deleteUserById";
|
||||
import authenticateUser from "@/lib/api/authenticateUser";
|
||||
import { prisma } from "@/lib/api/db";
|
||||
import { getToken } from "next-auth/jwt";
|
||||
|
||||
export default async function users(req: NextApiRequest, res: NextApiResponse) {
|
||||
const session = await getServerSession(req, res, authOptions);
|
||||
const userId = session?.user.id;
|
||||
const username = session?.user.username;
|
||||
const token = await getToken({ req });
|
||||
const userId = token?.id;
|
||||
|
||||
if (!token?.id)
|
||||
return res.status(400).json({ response: "Invalid parameters." });
|
||||
|
||||
const username = (await prisma.user.findUnique({ where: { id: token.id } }))
|
||||
?.username;
|
||||
|
||||
if (!username) return res.status(404).json({ response: "User not found." });
|
||||
|
||||
const lookupId = req.query.id as string;
|
||||
const isSelf =
|
||||
@@ -23,26 +31,18 @@ export default async function users(req: NextApiRequest, res: NextApiResponse) {
|
||||
return res.status(users.status).json({ response: users.response });
|
||||
}
|
||||
|
||||
if (!userId) {
|
||||
return res.status(401).json({ response: "You must be logged in." });
|
||||
} else if (session?.user?.isSubscriber === false)
|
||||
return res.status(401).json({
|
||||
response:
|
||||
"You are not a subscriber, feel free to reach out to us at support@linkwarden.app in case of any issues.",
|
||||
});
|
||||
const user = await authenticateUser({ req, res });
|
||||
if (!user) return res.status(404).json({ response: "User not found." });
|
||||
|
||||
if (req.method === "GET") {
|
||||
const users = await getUserById(session.user.id);
|
||||
const users = await getUserById(user.id);
|
||||
return res.status(users.status).json({ response: users.response });
|
||||
} else if (req.method === "PUT") {
|
||||
const updated = await updateUserById(session.user, req.body);
|
||||
const updated = await updateUserById(user.id, req.body);
|
||||
return res.status(updated.status).json({ response: updated.response });
|
||||
} else if (
|
||||
req.method === "DELETE" &&
|
||||
session.user.id === Number(req.query.id)
|
||||
) {
|
||||
} else if (req.method === "DELETE" && user.id === Number(req.query.id)) {
|
||||
console.log(req.body);
|
||||
const updated = await deleteUserById(session.user.id, req.body);
|
||||
const updated = await deleteUserById(user.id, req.body);
|
||||
return res.status(updated.status).json({ response: updated.response });
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user