atridad/pollo
1
0
Fork 0
Code Activity Actions

Ping + streamlined validation of keys

Browse source
This commit is contained in:
Atridad Lahiji 2023-08-14 01:18:35 -06:00
parent 22d37b8f0a
commit 0975a7aa84
No known key found for this signature in database
GPG key ID: 7CB8245F56BC3880
4 changed files with 56 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/pages/api/external/ping.ts vendored Normal file
View file

@ -0,0 +1,15 @@
import type { NextApiRequest, NextApiResponse } from "next";
import { db } from "~/server/db";
import { validateRequest } from "~/server/unkey";
export default async function handler(
req: NextApiRequest,
res: NextApiResponse
) {
const success = await validateRequest(req, res);
if (success) {
await db.query.votes.findFirst();
res.status(200).json({ result: "Pong!" });
}
}

6
src/pages/api/ping.ts
View file

@ -1,6 +0,0 @@
import type { NextApiRequest, NextApiResponse } from "next";
export default function handler(req: NextApiRequest, res: NextApiResponse) {
res.status(200).json({ result: "Pong!" });
}

19
src/pages/api/webhooks/onUserDelete.ts
View file

@ -2,27 +2,15 @@ import { eq } from "drizzle-orm";
import type { NextApiRequest, NextApiResponse } from "next";
import { db } from "~/server/db";
import { logs, rooms, votes } from "~/server/schema";
import { validateApiKey } from "~/server/unkey";
import { validateApiKey, validateRequest } from "~/server/unkey";
export default async function handler(
req: NextApiRequest,
res: NextApiResponse
) {
let isValidKey: boolean = false;
// Get the auth bearer token if it exists
if (req.headers.authorization) {
const key = req.headers.authorization.split("Bearer ").at(1);
if (key) {
isValidKey = await validateApiKey(key);
}
}
// Error if the key is not valid
if (!isValidKey) {
res.status(403).json({ error: "UNAUTHORIZED" });
}
const success = await validateRequest(req, res);
if (success) {
const requestBody = req.body as {
data: {
deleted: string;
@ -44,3 +32,4 @@ export default async function handler(
res.status(200).json({ result: "USER DELETED" });
}
}

22
src/server/unkey.ts
View file

@ -1,4 +1,5 @@
import { Unkey } from "@unkey/api";
import { NextApiRequest, NextApiResponse } from "next";
import { env } from "~/env.mjs";
export const unkey = new Unkey({ token: env.UNKEY_ROOT_KEY });
@ -13,3 +14,24 @@ export const validateApiKey = async (key: string) => {
return false;
}
};
export const validateRequest = async (
req: NextApiRequest,
res: NextApiResponse
) => {
let isValidKey: boolean = false;
// Get the auth bearer token if it exists
if (req.headers.authorization) {
const key = req.headers.authorization.split("Bearer ").at(1);
if (key) {
isValidKey = await validateApiKey(key);
}
}
// Error if the key is not valid
if (!isValidKey) {
res.status(403).json({ error: "UNAUTHORIZED" });
}
return isValidKey;
};