diff --git a/nitro.config.ts b/nitro.config.ts index c38806f..33974a8 100644 --- a/nitro.config.ts +++ b/nitro.config.ts @@ -5,6 +5,9 @@ import { version } from "./server/utils/config"; export default defineNitroConfig({ srcDir: "server", compatibilityDate: "2025-03-05", + experimental: { + asyncContext: true, + }, runtimeConfig: { public: { meta: { diff --git a/server/routes/sessions/[sid]/index.ts b/server/routes/sessions/[sid]/index.ts index 3a06cd3..ddef5e4 100644 --- a/server/routes/sessions/[sid]/index.ts +++ b/server/routes/sessions/[sid]/index.ts @@ -8,32 +8,7 @@ const updateSessionSchema = z.object({ export default defineEventHandler(async (event) => { const sessionId = getRouterParam(event, 'sid'); - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const currentSession = await auth.getSessionAndBump(payload.sid); - if (!currentSession) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } + const currentSession = await useAuth().getCurrentSession(); const targetedSession = await prisma.sessions.findUnique({ where: { id: sessionId } @@ -97,7 +72,7 @@ export default defineEventHandler(async (event) => { if (!sessionExists) { return { success: true }; } - const session = await auth.getSessionAndBump(sid); + const session = await useAuth().getSessionAndBump(sid); await prisma.sessions.delete({ where: { id: sessionId } diff --git a/server/routes/users/@me.ts b/server/routes/users/@me.ts index d010de9..448ae56 100644 --- a/server/routes/users/@me.ts +++ b/server/routes/users/@me.ts @@ -1,32 +1,7 @@ import { useAuth } from '~/utils/auth'; export default defineEventHandler(async (event) => { - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } + const session = await useAuth().getCurrentSession() const user = await prisma.users.findUnique({ where: { id: session.user } diff --git a/server/routes/users/[id]/bookmarks.ts b/server/routes/users/[id]/bookmarks.ts index 04d257e..5e83c0a 100644 --- a/server/routes/users/[id]/bookmarks.ts +++ b/server/routes/users/[id]/bookmarks.ts @@ -17,32 +17,7 @@ export default defineEventHandler(async (event) => { const userId = event.context.params?.id; const method = event.method; - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } + const session = await useAuth().getCurrentSession(); if (session.user !== userId) { throw createError({ diff --git a/server/routes/users/[id]/bookmarks/[tmdbid]/index.ts b/server/routes/users/[id]/bookmarks/[tmdbid]/index.ts index 1d3d902..b721643 100644 --- a/server/routes/users/[id]/bookmarks/[tmdbid]/index.ts +++ b/server/routes/users/[id]/bookmarks/[tmdbid]/index.ts @@ -2,32 +2,7 @@ export default defineEventHandler(async (event) => { const userId = getRouterParam(event, 'id') const tmdbId = getRouterParam(event, 'tmdbid') - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } + const session = await useAuth().getCurrentSession(); if (session.user !== userId) { throw createError({ diff --git a/server/routes/users/[id]/progress.ts b/server/routes/users/[id]/progress.ts index 0aca9eb..6783164 100644 --- a/server/routes/users/[id]/progress.ts +++ b/server/routes/users/[id]/progress.ts @@ -34,26 +34,7 @@ export default defineEventHandler(async (event) => { const userId = event.context.params?.id; const method = event.method; - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); + const session = await useAuth().getCurrentSession(); if (!session) { throw createError({ statusCode: 401, diff --git a/server/routes/users/[id]/progress/[tmdb_id]/index.ts b/server/routes/users/[id]/progress/[tmdb_id]/index.ts index 2ca231b..6d45839 100644 --- a/server/routes/users/[id]/progress/[tmdb_id]/index.ts +++ b/server/routes/users/[id]/progress/[tmdb_id]/index.ts @@ -35,32 +35,7 @@ export default defineEventHandler(async (event) => { const tmdbId = event.context.params?.tmdb_id; const method = event.method; - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found' - }); - } + const session = await useAuth().getCurrentSession(); if (session.user !== userId) { throw createError({ diff --git a/server/routes/users/[id]/progress/import.ts b/server/routes/users/[id]/progress/import.ts index 622da2a..d55cbff 100644 --- a/server/routes/users/[id]/progress/import.ts +++ b/server/routes/users/[id]/progress/import.ts @@ -33,33 +33,8 @@ function defaultAndCoerceDateTime(dateTime: string | undefined) { export default defineEventHandler(async (event) => { const userId = event.context.params?.id; - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); + const session = await useAuth().getCurrentSession(); - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } - if (session.user !== userId) { throw createError({ statusCode: 403, diff --git a/server/routes/users/[id]/ratings.ts b/server/routes/users/[id]/ratings.ts index b876a60..8f8e9f0 100644 --- a/server/routes/users/[id]/ratings.ts +++ b/server/routes/users/[id]/ratings.ts @@ -10,32 +10,7 @@ const userRatingsSchema = z.object({ export default defineEventHandler(async (event) => { const userId = event.context.params?.id; - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } + const session = await useAuth().getCurrentSession(); if (session.user !== userId) { throw createError({ diff --git a/server/routes/users/[id]/sessions.ts b/server/routes/users/[id]/sessions.ts index 6d928e1..a24423e 100644 --- a/server/routes/users/[id]/sessions.ts +++ b/server/routes/users/[id]/sessions.ts @@ -3,32 +3,7 @@ import { useAuth } from '~/utils/auth'; export default defineEventHandler(async (event) => { const userId = getRouterParam(event, 'id'); - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } + const session = await useAuth().getCurrentSession(); if (session.user !== userId) { throw createError({ diff --git a/server/routes/users/[id]/settings.ts b/server/routes/users/[id]/settings.ts index ea39ca0..8be1ab3 100644 --- a/server/routes/users/[id]/settings.ts +++ b/server/routes/users/[id]/settings.ts @@ -13,32 +13,7 @@ const userSettingsSchema = z.object({ export default defineEventHandler(async (event) => { const userId = event.context.params?.id; - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } + const session = await useAuth().getCurrentSession(); if (session.user !== userId) { throw createError({ diff --git a/server/routes/users/me.ts b/server/routes/users/me.ts deleted file mode 100644 index fa473ce..0000000 --- a/server/routes/users/me.ts +++ /dev/null @@ -1,51 +0,0 @@ -import { useAuth } from '~/utils/auth'; - -export default defineEventHandler(async (event) => { - const authHeader = getRequestHeader(event, 'authorization'); - if (!authHeader || !authHeader.startsWith('Bearer ')) { - throw createError({ - statusCode: 401, - message: 'Unauthorized' - }); - } - - const token = authHeader.split(' ')[1]; - const auth = useAuth(); - - const payload = auth.verifySessionToken(token); - if (!payload) { - throw createError({ - statusCode: 401, - message: 'Invalid token' - }); - } - - const session = await auth.getSessionAndBump(payload.sid); - if (!session) { - throw createError({ - statusCode: 401, - message: 'Session not found or expired' - }); - } - - const user = await prisma.users.findUnique({ - where: { id: session.user } - }); - - if (!user) { - throw createError({ - statusCode: 404, - message: 'User not found' - }); - } - - return { - user: { - id: user.id, - publicKey: user.public_key, - namespace: user.namespace, - profile: user.profile, - permissions: user.permissions - } - }; -}); \ No newline at end of file diff --git a/server/utils/auth.ts b/server/utils/auth.ts index 2510d81..fd784c1 100644 --- a/server/utils/auth.ts +++ b/server/utils/auth.ts @@ -73,12 +73,43 @@ export function useAuth() { return null; } }; + + const getCurrentSession = async () => { + const event = useEvent(); + const authHeader = getRequestHeader(event, 'authorization'); + if (!authHeader || !authHeader.startsWith('Bearer ')) { + throw createError({ + statusCode: 401, + message: 'Unauthorized' + }); + } + + const token = authHeader.split(' ')[1]; + const payload = verifySessionToken(token); + if (!payload) { + throw createError({ + statusCode: 401, + message: 'Invalid token' + }); + } + + const session = await getSessionAndBump(payload.sid); + if (!session) { + throw createError({ + statusCode: 401, + message: 'Session not found or expired' + }); + } + + return session; + }; return { getSession, getSessionAndBump, makeSession, makeSessionToken, - verifySessionToken + verifySessionToken, + getCurrentSession }; } \ No newline at end of file