commit
3211f74387
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "backend",
|
||||
"version": "1.1.3",
|
||||
"version": "1.1.4",
|
||||
"private": true,
|
||||
"homepage": "https://github.com/movie-web/backend",
|
||||
"engines": {
|
||||
|
|
|
@ -2,7 +2,7 @@ import { loginAuthRouter } from '@/routes/auth/login';
|
|||
import { manageAuthRouter } from '@/routes/auth/manage';
|
||||
import { metaRouter } from '@/routes/meta';
|
||||
import { metricsRouter } from '@/routes/metrics';
|
||||
import { sessionsRouter } from '@/routes/sessions';
|
||||
import { sessionsRouter } from '@/routes/sessions/sessions';
|
||||
import { userBookmarkRouter } from '@/routes/users/bookmark';
|
||||
import { userDeleteRouter } from '@/routes/users/delete';
|
||||
import { userEditRouter } from '@/routes/users/edit';
|
||||
|
|
|
@ -1,63 +0,0 @@
|
|||
import { Session, formatSession } from '@/db/models/Session';
|
||||
import { StatusError } from '@/services/error';
|
||||
import { handle } from '@/services/handler';
|
||||
import { makeRouter } from '@/services/router';
|
||||
import { z } from 'zod';
|
||||
|
||||
export const sessionRouter = makeRouter((app) => {
|
||||
app.delete(
|
||||
'/sessions/:sid',
|
||||
{
|
||||
schema: {
|
||||
params: z.object({
|
||||
sid: z.string(),
|
||||
}),
|
||||
},
|
||||
},
|
||||
handle(async ({ auth, params, em }) => {
|
||||
await auth.assert();
|
||||
|
||||
const targetedSession = await em.findOne(Session, { id: params.sid });
|
||||
if (!targetedSession)
|
||||
return {
|
||||
id: params.sid,
|
||||
};
|
||||
|
||||
if (targetedSession.user !== auth.user.id)
|
||||
throw new StatusError('Cannot delete sessions you do not own', 401);
|
||||
|
||||
await em.removeAndFlush(targetedSession);
|
||||
return {
|
||||
id: params.sid,
|
||||
};
|
||||
}),
|
||||
);
|
||||
|
||||
app.patch(
|
||||
'/sessions/:sid',
|
||||
{
|
||||
schema: {
|
||||
params: z.object({
|
||||
sid: z.string(),
|
||||
}),
|
||||
body: z.object({
|
||||
deviceName: z.string().min(1).optional(),
|
||||
}),
|
||||
},
|
||||
},
|
||||
handle(async ({ auth, params, body, em }) => {
|
||||
await auth.assert();
|
||||
|
||||
const targetedSession = await em.findOne(Session, { id: params.sid });
|
||||
if (!targetedSession) throw new StatusError('Not found', 404);
|
||||
if (targetedSession.id !== params.sid)
|
||||
throw new StatusError('Cannot edit sessions other than your own', 401);
|
||||
|
||||
if (body.deviceName) targetedSession.device = body.deviceName;
|
||||
|
||||
await em.persistAndFlush(targetedSession);
|
||||
|
||||
return formatSession(targetedSession);
|
||||
}),
|
||||
);
|
||||
});
|
|
@ -13,7 +13,7 @@ export const sessionsRouter = makeRouter((app) => {
|
|||
sid: z.string(),
|
||||
}),
|
||||
body: z.object({
|
||||
name: z.string().max(500).min(1).optional(),
|
||||
deviceName: z.string().max(500).min(1).optional(),
|
||||
}),
|
||||
},
|
||||
},
|
||||
|
@ -25,10 +25,10 @@ export const sessionsRouter = makeRouter((app) => {
|
|||
if (!targetedSession)
|
||||
throw new StatusError('Session cannot be found', 404);
|
||||
|
||||
if (targetedSession.user !== auth.user.id)
|
||||
throw new StatusError('Cannot modify sessions you do not own', 401);
|
||||
if (targetedSession.id !== params.sid)
|
||||
throw new StatusError('Cannot edit sessions other than your own', 401);
|
||||
|
||||
if (body.name) targetedSession.device = body.name;
|
||||
if (body.deviceName) targetedSession.device = body.deviceName;
|
||||
|
||||
await em.persistAndFlush(targetedSession);
|
||||
|
Loading…
Reference in New Issue