diff --git a/src/app/api/teams/[teamId]/route.ts b/src/app/api/teams/[teamId]/route.ts index 7348e3c4..8ea41442 100644 --- a/src/app/api/teams/[teamId]/route.ts +++ b/src/app/api/teams/[teamId]/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { unauthorized, json, badRequest, notFound, ok } from 'lib/response'; -import { canDeleteTeam, canUpdateTeam, canViewTeam, checkAuth } from 'lib/auth'; -import { checkRequest } from 'lib/request'; +import { unauthorized, json, notFound, ok } from 'lib/response'; +import { canDeleteTeam, canUpdateTeam, canViewTeam } from 'lib/auth'; +import { parseRequest } from 'lib/request'; import { deleteTeam, getTeam, updateTeam } from 'queries'; export async function GET(request: Request, { params }: { params: Promise<{ teamId: string }> }) { @@ -9,17 +9,15 @@ export async function GET(request: Request, { params }: { params: Promise<{ team teamId: z.string().uuid(), }); - const { error } = await checkRequest(request, schema); + const { auth, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { teamId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewTeam(auth, teamId))) { + if (!(await canViewTeam(auth, teamId))) { return unauthorized(); } @@ -38,17 +36,15 @@ export async function POST(request: Request, { params }: { params: Promise<{ tea accessCode: z.string().max(50), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { teamId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canUpdateTeam(auth, teamId))) { + if (!(await canUpdateTeam(auth, teamId))) { return unauthorized('You must be the owner of this team.'); } @@ -61,11 +57,15 @@ export async function DELETE( request: Request, { params }: { params: Promise<{ teamId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { teamId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canDeleteTeam(auth, teamId))) { + if (!(await canDeleteTeam(auth, teamId))) { return unauthorized('You must be the owner of this team.'); } diff --git a/src/app/api/teams/[teamId]/users/[userId]/route.ts b/src/app/api/teams/[teamId]/users/[userId]/route.ts index c0a7f11f..9276c194 100644 --- a/src/app/api/teams/[teamId]/users/[userId]/route.ts +++ b/src/app/api/teams/[teamId]/users/[userId]/route.ts @@ -1,16 +1,20 @@ import { z } from 'zod'; import { unauthorized, json, badRequest, ok } from 'lib/response'; -import { canDeleteTeam, canUpdateTeam, checkAuth } from 'lib/auth'; -import { checkRequest } from 'lib/request'; +import { canDeleteTeam, canUpdateTeam } from 'lib/auth'; +import { parseRequest } from 'lib/request'; import { deleteTeam, getTeamUser, updateTeamUser } from 'queries'; export async function GET( request: Request, { params }: { params: Promise<{ teamId: string; userId: string }> }, ) { - const { teamId, userId } = await params; + const { auth, error } = await parseRequest(request); - const auth = await checkAuth(request); + if (error) { + return error(); + } + + const { teamId, userId } = await params; if (!(await canUpdateTeam(auth, teamId))) { return unauthorized('You must be the owner of this team.'); @@ -29,16 +33,14 @@ export async function POST( role: z.string().regex(/team-member|team-view-only|team-manager/), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { teamId, userId } = await params; - const auth = await checkAuth(request); - if (!(await canUpdateTeam(auth, teamId))) { return unauthorized('You must be the owner of this team.'); } @@ -58,11 +60,15 @@ export async function DELETE( request: Request, { params }: { params: Promise<{ teamId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { teamId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canDeleteTeam(auth, teamId))) { + if (!(await canDeleteTeam(auth, teamId))) { return unauthorized('You must be the owner of this team.'); } diff --git a/src/app/api/teams/[teamId]/users/route.ts b/src/app/api/teams/[teamId]/users/route.ts index 3b7f9558..a69a6b85 100644 --- a/src/app/api/teams/[teamId]/users/route.ts +++ b/src/app/api/teams/[teamId]/users/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; import { unauthorized, json, badRequest } from 'lib/response'; -import { canAddUserToTeam, canUpdateTeam, checkAuth } from 'lib/auth'; -import { checkRequest } from 'lib/request'; +import { canAddUserToTeam, canUpdateTeam } from 'lib/auth'; +import { parseRequest } from 'lib/request'; import { pagingParams, roleParam } from 'lib/schema'; import { createTeamUser, getTeamUser, getTeamUsers } from 'queries'; @@ -10,16 +10,14 @@ export async function GET(request: Request, { params }: { params: Promise<{ team ...pagingParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { teamId } = await params; - const auth = await checkAuth(request); - if (!(await canUpdateTeam(auth, teamId))) { return unauthorized('You must be the owner of this team.'); } @@ -55,17 +53,15 @@ export async function POST( role: roleParam, }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { teamId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canAddUserToTeam(auth))) { + if (!(await canAddUserToTeam(auth))) { return unauthorized(); } diff --git a/src/app/api/teams/[teamId]/websites/route.ts b/src/app/api/teams/[teamId]/websites/route.ts index 1d06b3c8..9f800e0e 100644 --- a/src/app/api/teams/[teamId]/websites/route.ts +++ b/src/app/api/teams/[teamId]/websites/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { unauthorized, json, badRequest } from 'lib/response'; -import { canViewTeam, checkAuth } from 'lib/auth'; -import { checkRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewTeam } from 'lib/auth'; +import { parseRequest } from 'lib/request'; import { pagingParams } from 'lib/schema'; import { getTeamWebsites } from 'queries'; @@ -9,18 +9,14 @@ export async function GET(request: Request, { params }: { params: Promise<{ team const schema = z.object({ ...pagingParams, }); - - const { query, error } = await checkRequest(request, schema); + const { teamId } = await params; + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } - const { teamId } = await params; - - const auth = await checkAuth(request); - - if (!auth || !(await canViewTeam(auth, teamId))) { + if (!(await canViewTeam(auth, teamId))) { return unauthorized(); } diff --git a/src/app/api/teams/join/route.ts b/src/app/api/teams/join/route.ts index c7bff019..76d4a83f 100644 --- a/src/app/api/teams/join/route.ts +++ b/src/app/api/teams/join/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; import { unauthorized, json, badRequest, notFound } from 'lib/response'; -import { canCreateTeam, checkAuth } from 'lib/auth'; -import { checkRequest } from 'lib/request'; +import { canCreateTeam } from 'lib/auth'; +import { parseRequest } from 'lib/request'; import { ROLES } from 'lib/constants'; import { createTeamUser, findTeam, getTeamUser } from 'queries'; @@ -10,15 +10,13 @@ export async function POST(request: Request) { accessCode: z.string().max(50), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } - const auth = await checkAuth(request); - - if (!auth || !(await canCreateTeam(auth))) { + if (!(await canCreateTeam(auth))) { return unauthorized(); } diff --git a/src/app/api/teams/route.ts b/src/app/api/teams/route.ts index 1c097e8e..cd71b24a 100644 --- a/src/app/api/teams/route.ts +++ b/src/app/api/teams/route.ts @@ -1,9 +1,9 @@ import { z } from 'zod'; import { getRandomChars } from 'next-basics'; -import { unauthorized, json, badRequest } from 'lib/response'; -import { canCreateTeam, checkAuth } from 'lib/auth'; +import { unauthorized, json } from 'lib/response'; +import { canCreateTeam } from 'lib/auth'; import { uuid } from 'lib/crypto'; -import { checkRequest } from 'lib/request'; +import { parseRequest } from 'lib/request'; import { createTeam } from 'queries'; export async function POST(request: Request) { @@ -11,15 +11,13 @@ export async function POST(request: Request) { name: z.string().max(50), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } - const auth = await checkAuth(request); - - if (!auth || !(await canCreateTeam(auth))) { + if (!(await canCreateTeam(auth))) { return unauthorized(); } diff --git a/src/app/api/users/[userId]/route.ts b/src/app/api/users/[userId]/route.ts index 30c166f1..684be305 100644 --- a/src/app/api/users/[userId]/route.ts +++ b/src/app/api/users/[userId]/route.ts @@ -1,16 +1,20 @@ import { z } from 'zod'; -import { canUpdateUser, canViewUser, checkAuth } from 'lib/auth'; +import { canUpdateUser, canViewUser } from 'lib/auth'; import { getUser, getUserByUsername, updateUser } from 'queries'; import { json, unauthorized, badRequest } from 'lib/response'; import { hashPassword } from 'next-basics'; -import { checkRequest } from 'lib/request'; +import { parseRequest } from 'lib/request'; export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { userId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewUser(auth, userId))) { + if (!(await canViewUser(auth, userId))) { return unauthorized(); } @@ -26,17 +30,15 @@ export async function POST(request: Request, { params }: { params: Promise<{ use role: z.string().regex(/admin|user|view-only/i), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { userId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canUpdateUser(auth, userId))) { + if (!(await canUpdateUser(auth, userId))) { return unauthorized(); } diff --git a/src/app/api/users/[userId]/teams/route.ts b/src/app/api/users/[userId]/teams/route.ts index 83238799..4eb37a61 100644 --- a/src/app/api/users/[userId]/teams/route.ts +++ b/src/app/api/users/[userId]/teams/route.ts @@ -1,26 +1,23 @@ import { z } from 'zod'; import { pagingParams } from 'lib/schema'; import { getUserTeams } from 'queries'; -import { checkAuth } from 'lib/auth'; -import { unauthorized, badRequest, json } from 'lib/response'; -import { checkRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { parseRequest } from 'lib/request'; export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) { const schema = z.object({ ...pagingParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { userId } = await params; - const auth = await checkAuth(request); - - if (!auth || (!auth.user.isAdmin && (!userId || auth.user.id !== userId))) { + if (!auth.user.isAdmin && (!userId || auth.user.id !== userId)) { return unauthorized(); } diff --git a/src/app/api/users/[userId]/usage/route.ts b/src/app/api/users/[userId]/usage/route.ts index 275f665f..72510bd3 100644 --- a/src/app/api/users/[userId]/usage/route.ts +++ b/src/app/api/users/[userId]/usage/route.ts @@ -1,10 +1,9 @@ import { z } from 'zod'; -import { json, unauthorized, badRequest } from 'lib/response'; +import { json, unauthorized } from 'lib/response'; import { getAllUserWebsitesIncludingTeamOwner } from 'queries/prisma/website'; import { getEventUsage } from 'queries/analytics/events/getEventUsage'; import { getEventDataUsage } from 'queries/analytics/events/getEventDataUsage'; -import { checkAuth } from 'lib/auth'; -import { checkRequest } from 'lib/request'; +import { parseRequest } from 'lib/request'; export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) { const schema = z.object({ @@ -12,15 +11,13 @@ export async function GET(request: Request, { params }: { params: Promise<{ user endAt: z.coerce.number().int(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } - const auth = await checkAuth(request); - - if (!auth || !auth.user.isAdmin) { + if (!auth.user.isAdmin) { return unauthorized(); } diff --git a/src/app/api/users/[userId]/websites/route.ts b/src/app/api/users/[userId]/websites/route.ts index 189bf8fa..22aced51 100644 --- a/src/app/api/users/[userId]/websites/route.ts +++ b/src/app/api/users/[userId]/websites/route.ts @@ -1,26 +1,23 @@ import { z } from 'zod'; -import { unauthorized, json, badRequest } from 'lib/response'; +import { unauthorized, json } from 'lib/response'; import { getUserWebsites } from 'queries/prisma/website'; import { pagingParams } from 'lib/schema'; -import { checkRequest } from 'lib/request'; -import { checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) { const schema = z.object({ ...pagingParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { userId } = await params; - const auth = await checkAuth(request); - - if (!auth || (!auth.user.isAdmin && auth.user.id !== userId)) { + if (!auth.user.isAdmin && auth.user.id !== userId) { return unauthorized(); } diff --git a/src/app/api/users/route.ts b/src/app/api/users/route.ts index 87959a0c..8f9e5723 100644 --- a/src/app/api/users/route.ts +++ b/src/app/api/users/route.ts @@ -1,9 +1,9 @@ import { z } from 'zod'; import { hashPassword } from 'next-basics'; -import { canCreateUser, checkAuth } from 'lib/auth'; +import { canCreateUser } from 'lib/auth'; import { ROLES } from 'lib/constants'; import { uuid } from 'lib/crypto'; -import { checkRequest } from 'lib/request'; +import { parseRequest } from 'lib/request'; import { unauthorized, json, badRequest } from 'lib/response'; import { createUser, getUserByUsername } from 'queries'; @@ -15,15 +15,13 @@ export async function POST(request: Request) { role: z.string().regex(/admin|user|view-only/i), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } - const auth = await checkAuth(request); - - if (!auth || !(await canCreateUser(auth))) { + if (!(await canCreateUser(auth))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/active/route.ts b/src/app/api/websites/[websiteId]/active/route.ts index 569bdb7b..9e25cea6 100644 --- a/src/app/api/websites/[websiteId]/active/route.ts +++ b/src/app/api/websites/[websiteId]/active/route.ts @@ -1,16 +1,21 @@ -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { canViewWebsite } from 'lib/auth'; import { json, unauthorized } from 'lib/response'; import { getActiveVisitors } from 'queries'; +import { parseRequest } from 'lib/request'; export async function GET( request: Request, { params }: { params: Promise<{ websiteId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/daterange/route.ts b/src/app/api/websites/[websiteId]/daterange/route.ts index d4a562de..75423454 100644 --- a/src/app/api/websites/[websiteId]/daterange/route.ts +++ b/src/app/api/websites/[websiteId]/daterange/route.ts @@ -1,16 +1,21 @@ -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { canViewWebsite } from 'lib/auth'; import { getWebsiteDateRange } from 'queries'; import { json, unauthorized } from 'lib/response'; +import { parseRequest } from 'lib/request'; export async function GET( request: Request, { params }: { params: Promise<{ websiteId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/event-data/events/route.ts b/src/app/api/websites/[websiteId]/event-data/events/route.ts index 143fae18..4937482a 100644 --- a/src/app/api/websites/[websiteId]/event-data/events/route.ts +++ b/src/app/api/websites/[websiteId]/event-data/events/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getEventDataEvents } from 'queries/analytics/events/getEventDataEvents'; export async function GET( @@ -13,19 +13,16 @@ export async function GET( endAt: z.coerce.number().int(), event: z.string().optional(), }); - - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt, event } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/event-data/fields/route.ts b/src/app/api/websites/[websiteId]/event-data/fields/route.ts index 3ef2f3b1..e95998ed 100644 --- a/src/app/api/websites/[websiteId]/event-data/fields/route.ts +++ b/src/app/api/websites/[websiteId]/event-data/fields/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getEventDataFields } from 'queries'; export async function GET( @@ -13,17 +13,15 @@ export async function GET( endAt: z.coerce.number().int(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt } = query; - const auth = await checkAuth(request); - if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/event-data/properties/route.ts b/src/app/api/websites/[websiteId]/event-data/properties/route.ts index 68fdf4e3..25f915b1 100644 --- a/src/app/api/websites/[websiteId]/event-data/properties/route.ts +++ b/src/app/api/websites/[websiteId]/event-data/properties/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getEventDataProperties } from 'queries'; export async function GET( @@ -14,18 +14,16 @@ export async function GET( propertyName: z.string().optional(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt, propertyName } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/event-data/stats/route.ts b/src/app/api/websites/[websiteId]/event-data/stats/route.ts index d958bbdc..a8093e61 100644 --- a/src/app/api/websites/[websiteId]/event-data/stats/route.ts +++ b/src/app/api/websites/[websiteId]/event-data/stats/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getEventDataStats } from 'queries'; export async function GET( @@ -14,18 +14,16 @@ export async function GET( propertyName: z.string().optional(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/event-data/values/route.ts b/src/app/api/websites/[websiteId]/event-data/values/route.ts index 0ecf20d3..7734d920 100644 --- a/src/app/api/websites/[websiteId]/event-data/values/route.ts +++ b/src/app/api/websites/[websiteId]/event-data/values/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getEventDataValues } from 'queries'; export async function GET( @@ -15,18 +15,16 @@ export async function GET( propertyName: z.string().optional(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt, eventName, propertyName } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/events/route.ts b/src/app/api/websites/[websiteId]/events/route.ts index ef929312..71046b3c 100644 --- a/src/app/api/websites/[websiteId]/events/route.ts +++ b/src/app/api/websites/[websiteId]/events/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { pagingParams } from 'lib/schema'; import { getWebsiteEvents } from 'queries'; @@ -15,18 +15,16 @@ export async function GET( ...pagingParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/events/series/route.ts b/src/app/api/websites/[websiteId]/events/series/route.ts index 4551e3bf..99378612 100644 --- a/src/app/api/websites/[websiteId]/events/series/route.ts +++ b/src/app/api/websites/[websiteId]/events/series/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest, getRequestDateRange, getRequestFilters } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest, getRequestDateRange, getRequestFilters } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { filterParams, timezoneParam, unitParam } from 'lib/schema'; import { getEventMetrics } from 'queries'; @@ -17,19 +17,17 @@ export async function GET( ...filterParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { timezone } = query; const { startDate, endDate, unit } = await getRequestDateRange(request); - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/metrics/route.ts b/src/app/api/websites/[websiteId]/metrics/route.ts index 3842c683..44312429 100644 --- a/src/app/api/websites/[websiteId]/metrics/route.ts +++ b/src/app/api/websites/[websiteId]/metrics/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { canViewWebsite } from 'lib/auth'; import { SESSION_COLUMNS, EVENT_COLUMNS, FILTER_COLUMNS, OPERATORS } from 'lib/constants'; -import { getRequestFilters, getRequestDateRange, checkRequest } from 'lib/request'; +import { getRequestFilters, getRequestDateRange, parseRequest } from 'lib/request'; import { json, unauthorized, badRequest } from 'lib/response'; import { getPageviewMetrics, getSessionMetrics } from 'queries'; import { filterParams } from 'lib/schema'; @@ -20,18 +20,16 @@ export async function GET( ...filterParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { type, limit, offset, search } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/pageviews/route.ts b/src/app/api/websites/[websiteId]/pageviews/route.ts index e9e6f32b..020e139b 100644 --- a/src/app/api/websites/[websiteId]/pageviews/route.ts +++ b/src/app/api/websites/[websiteId]/pageviews/route.ts @@ -1,9 +1,9 @@ import { z } from 'zod'; -import { canViewWebsite, checkAuth } from 'lib/auth'; -import { getRequestFilters, getRequestDateRange, checkRequest } from 'lib/request'; +import { canViewWebsite } from 'lib/auth'; +import { getRequestFilters, getRequestDateRange, parseRequest } from 'lib/request'; import { unitParam, timezoneParam, filterParams } from 'lib/schema'; import { getCompareDate } from 'lib/date'; -import { badRequest, unauthorized, json } from 'lib/response'; +import { unauthorized, json } from 'lib/response'; import { getPageviewStats, getSessionStats } from 'queries'; export async function GET( @@ -19,18 +19,16 @@ export async function GET( ...filterParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { timezone, compare } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/reports/route.ts b/src/app/api/websites/[websiteId]/reports/route.ts index 0098fa15..44f62625 100644 --- a/src/app/api/websites/[websiteId]/reports/route.ts +++ b/src/app/api/websites/[websiteId]/reports/route.ts @@ -1,9 +1,9 @@ import { z } from 'zod'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { canViewWebsite } from 'lib/auth'; import { getWebsiteReports } from 'queries'; import { pagingParams } from 'lib/schema'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; export async function GET( request: Request, @@ -13,18 +13,16 @@ export async function GET( ...pagingParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { page, pageSize, search } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/reset/route.ts b/src/app/api/websites/[websiteId]/reset/route.ts index bfbd11a8..8f2df289 100644 --- a/src/app/api/websites/[websiteId]/reset/route.ts +++ b/src/app/api/websites/[websiteId]/reset/route.ts @@ -1,16 +1,21 @@ -import { canUpdateWebsite, checkAuth } from 'lib/auth'; +import { canUpdateWebsite } from 'lib/auth'; import { resetWebsite } from 'queries'; import { unauthorized, ok } from 'lib/response'; +import { parseRequest } from 'lib/request'; export async function POST( request: Request, { params }: { params: Promise<{ websiteId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canUpdateWebsite(auth, websiteId))) { + if (!(await canUpdateWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/route.ts b/src/app/api/websites/[websiteId]/route.ts index e8ad8a0b..b72a5e1d 100644 --- a/src/app/api/websites/[websiteId]/route.ts +++ b/src/app/api/websites/[websiteId]/route.ts @@ -1,19 +1,23 @@ import { z } from 'zod'; -import { canUpdateWebsite, canDeleteWebsite, checkAuth, canViewWebsite } from 'lib/auth'; +import { canUpdateWebsite, canDeleteWebsite, canViewWebsite } from 'lib/auth'; import { SHARE_ID_REGEX } from 'lib/constants'; -import { checkRequest } from 'lib/request'; -import { ok, json, badRequest, unauthorized, serverError } from 'lib/response'; +import { parseRequest } from 'lib/request'; +import { ok, json, unauthorized, serverError } from 'lib/response'; import { deleteWebsite, getWebsite, updateWebsite } from 'queries'; export async function GET( request: Request, { params }: { params: Promise<{ websiteId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } @@ -32,18 +36,16 @@ export async function POST( shareId: z.string().regex(SHARE_ID_REGEX).nullable(), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { name, domain, shareId } = body; - const auth = await checkAuth(request); - - if (!auth || !(await canUpdateWebsite(auth, websiteId))) { + if (!(await canUpdateWebsite(auth, websiteId))) { return unauthorized(); } @@ -64,11 +66,15 @@ export async function DELETE( request: Request, { params }: { params: Promise<{ websiteId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canDeleteWebsite(auth, websiteId))) { + if (!(await canDeleteWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/session-data/properties/route.ts b/src/app/api/websites/[websiteId]/session-data/properties/route.ts index af168f84..5729ddbd 100644 --- a/src/app/api/websites/[websiteId]/session-data/properties/route.ts +++ b/src/app/api/websites/[websiteId]/session-data/properties/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getSessionDataProperties } from 'queries'; export async function GET( @@ -14,18 +14,16 @@ export async function GET( propertyName: z.string().optional(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { startAt, endAt, propertyName } = query; const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/session-data/values/route.ts b/src/app/api/websites/[websiteId]/session-data/values/route.ts index 627298af..f14b1916 100644 --- a/src/app/api/websites/[websiteId]/session-data/values/route.ts +++ b/src/app/api/websites/[websiteId]/session-data/values/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getEventDataEvents } from 'queries/analytics/events/getEventDataEvents'; export async function GET( @@ -14,18 +14,16 @@ export async function GET( propertyName: z.string().optional(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { startAt, endAt, event } = query; const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/sessions/[sessionId]/activity/route.ts b/src/app/api/websites/[websiteId]/sessions/[sessionId]/activity/route.ts index 48123ffe..ccd05d4d 100644 --- a/src/app/api/websites/[websiteId]/sessions/[sessionId]/activity/route.ts +++ b/src/app/api/websites/[websiteId]/sessions/[sessionId]/activity/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getSessionActivity } from 'queries'; export async function GET( @@ -13,18 +13,16 @@ export async function GET( endAt: z.coerce.number().int(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId, sessionId } = await params; const { startAt, endAt } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/sessions/[sessionId]/properties/route.ts b/src/app/api/websites/[websiteId]/sessions/[sessionId]/properties/route.ts index 7c5863e8..a95a0233 100644 --- a/src/app/api/websites/[websiteId]/sessions/[sessionId]/properties/route.ts +++ b/src/app/api/websites/[websiteId]/sessions/[sessionId]/properties/route.ts @@ -1,16 +1,21 @@ import { unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { canViewWebsite } from 'lib/auth'; import { getSessionData } from 'queries'; +import { parseRequest } from 'lib/request'; export async function GET( request: Request, { params }: { params: Promise<{ websiteId: string; sessionId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { websiteId, sessionId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/sessions/[sessionId]/route.ts b/src/app/api/websites/[websiteId]/sessions/[sessionId]/route.ts index 6822aaa0..0a968eb2 100644 --- a/src/app/api/websites/[websiteId]/sessions/[sessionId]/route.ts +++ b/src/app/api/websites/[websiteId]/sessions/[sessionId]/route.ts @@ -1,16 +1,21 @@ import { unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { canViewWebsite } from 'lib/auth'; import { getWebsiteSession } from 'queries'; +import { parseRequest } from 'lib/request'; export async function GET( request: Request, { params }: { params: Promise<{ websiteId: string; sessionId: string }> }, ) { + const { auth, error } = await parseRequest(request); + + if (error) { + return error(); + } + const { websiteId, sessionId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/sessions/route.ts b/src/app/api/websites/[websiteId]/sessions/route.ts index c96a8ddb..da8d9d09 100644 --- a/src/app/api/websites/[websiteId]/sessions/route.ts +++ b/src/app/api/websites/[websiteId]/sessions/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { pagingParams } from 'lib/schema'; import { getWebsiteSessions } from 'queries'; @@ -15,18 +15,16 @@ export async function GET( ...pagingParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/sessions/stats/route.ts b/src/app/api/websites/[websiteId]/sessions/stats/route.ts index 35c17021..8149942a 100644 --- a/src/app/api/websites/[websiteId]/sessions/stats/route.ts +++ b/src/app/api/websites/[websiteId]/sessions/stats/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest, getRequestDateRange, getRequestFilters } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest, getRequestDateRange, getRequestFilters } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { filterParams } from 'lib/schema'; import { getWebsiteSessionStats } from 'queries'; @@ -15,17 +15,15 @@ export async function GET( ...filterParams, }); - const { error } = await checkRequest(request, schema); + const { auth, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/sessions/weekly/route.ts b/src/app/api/websites/[websiteId]/sessions/weekly/route.ts index 05cc9cad..b57bb95c 100644 --- a/src/app/api/websites/[websiteId]/sessions/weekly/route.ts +++ b/src/app/api/websites/[websiteId]/sessions/weekly/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { parseRequest } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { pagingParams, timezoneParam } from 'lib/schema'; import { getWebsiteSessionsWeekly } from 'queries'; @@ -16,18 +16,16 @@ export async function GET( ...pagingParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { startAt, endAt, timezone } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/stats/route.ts b/src/app/api/websites/[websiteId]/stats/route.ts index 76d9f9a6..55dc4e3e 100644 --- a/src/app/api/websites/[websiteId]/stats/route.ts +++ b/src/app/api/websites/[websiteId]/stats/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { checkRequest, getRequestDateRange, getRequestFilters } from 'lib/request'; -import { badRequest, unauthorized, json } from 'lib/response'; -import { checkAuth, canViewWebsite } from 'lib/auth'; +import { parseRequest, getRequestDateRange, getRequestFilters } from 'lib/request'; +import { unauthorized, json } from 'lib/response'; +import { canViewWebsite } from 'lib/auth'; import { getCompareDate } from 'lib/date'; import { filterParams } from 'lib/schema'; import { getWebsiteStats } from 'queries'; @@ -17,18 +17,16 @@ export async function GET( ...filterParams, }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { compare } = query; - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } diff --git a/src/app/api/websites/[websiteId]/transfer/route.ts b/src/app/api/websites/[websiteId]/transfer/route.ts index 8771ecc2..d3e497cd 100644 --- a/src/app/api/websites/[websiteId]/transfer/route.ts +++ b/src/app/api/websites/[websiteId]/transfer/route.ts @@ -1,7 +1,7 @@ import { z } from 'zod'; -import { canTransferWebsiteToTeam, canTransferWebsiteToUser, checkAuth } from 'lib/auth'; +import { canTransferWebsiteToTeam, canTransferWebsiteToUser } from 'lib/auth'; import { updateWebsite } from 'queries'; -import { checkRequest } from 'lib/request'; +import { parseRequest } from 'lib/request'; import { badRequest, unauthorized, json } from 'lib/response'; export async function POST( @@ -13,20 +13,16 @@ export async function POST( teamId: z.string().uuid().optional(), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { userId, teamId } = body; - const auth = await checkAuth(request); - - if (!auth) { - return unauthorized(); - } else if (userId) { + if (userId) { if (!(await canTransferWebsiteToUser(auth, websiteId, userId))) { return unauthorized(); } @@ -49,4 +45,6 @@ export async function POST( return json(website); } + + return badRequest(); } diff --git a/src/app/api/websites/[websiteId]/values/route.ts b/src/app/api/websites/[websiteId]/values/route.ts index fe4edfbb..6e7b51d6 100644 --- a/src/app/api/websites/[websiteId]/values/route.ts +++ b/src/app/api/websites/[websiteId]/values/route.ts @@ -1,8 +1,8 @@ import { z } from 'zod'; -import { canViewWebsite, checkAuth } from 'lib/auth'; +import { canViewWebsite } from 'lib/auth'; import { EVENT_COLUMNS, FILTER_COLUMNS, SESSION_COLUMNS } from 'lib/constants'; import { getValues } from 'queries'; -import { checkRequest, getRequestDateRange } from 'lib/request'; +import { parseRequest, getRequestDateRange } from 'lib/request'; import { badRequest, json, unauthorized } from 'lib/response'; export async function GET( @@ -16,24 +16,22 @@ export async function GET( search: z.string().optional(), }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); + return error(); } const { websiteId } = await params; const { type, search } = query; const { startDate, endDate } = await getRequestDateRange(request); - const auth = await checkAuth(request); - - if (!auth || !(await canViewWebsite(auth, websiteId))) { + if (!(await canViewWebsite(auth, websiteId))) { return unauthorized(); } if (!SESSION_COLUMNS.includes(type) && !EVENT_COLUMNS.includes(type)) { - return badRequest(); + return badRequest('Invalid type.'); } const values = await getValues(websiteId, FILTER_COLUMNS[type], startDate, endDate, search); diff --git a/src/app/api/websites/route.ts b/src/app/api/websites/route.ts index 6bb1e476..3911d8d8 100644 --- a/src/app/api/websites/route.ts +++ b/src/app/api/websites/route.ts @@ -1,24 +1,18 @@ import { z } from 'zod'; -import { canCreateTeamWebsite, canCreateWebsite, checkAuth } from 'lib/auth'; -import { json, badRequest, unauthorized } from 'lib/response'; +import { canCreateTeamWebsite, canCreateWebsite } from 'lib/auth'; +import { json, unauthorized } from 'lib/response'; import { uuid } from 'lib/crypto'; -import { checkRequest } from 'lib/request'; +import { parseRequest } from 'lib/request'; import { createWebsite, getUserWebsites } from 'queries'; import { pagingParams } from 'lib/schema'; export async function GET(request: Request) { const schema = z.object({ ...pagingParams }); - const { query, error } = await checkRequest(request, schema); + const { auth, query, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); - } - - const auth = await checkAuth(request); - - if (!auth) { - return unauthorized(); + return error(); } const websites = await getUserWebsites(auth.user.userId, query); @@ -34,16 +28,10 @@ export async function POST(request: Request) { teamId: z.string().nullable(), }); - const { body, error } = await checkRequest(request, schema); + const { auth, body, error } = await parseRequest(request, schema); if (error) { - return badRequest(error); - } - - const auth = await checkAuth(request); - - if (!auth) { - return unauthorized(); + return error(); } const { name, domain, shareId, teamId } = body; diff --git a/src/lib/request.ts b/src/lib/request.ts index 5eb1b477..ed5270d2 100644 --- a/src/lib/request.ts +++ b/src/lib/request.ts @@ -1,7 +1,9 @@ import { ZodObject } from 'zod'; +import { FILTER_COLUMNS } from 'lib/constants'; +import { badRequest, unauthorized } from 'lib/response'; import { getAllowedUnits, getMinimumUnit } from './date'; import { getWebsiteDateRange } from '../queries'; -import { FILTER_COLUMNS } from 'lib/constants'; +import { checkAuth } from 'lib/auth'; export async function getJsonBody(request: Request) { try { @@ -11,14 +13,27 @@ export async function getJsonBody(request: Request) { } } -export async function checkRequest(request: Request, schema: ZodObject) { +export async function parseRequest(request: Request, schema?: ZodObject) { + let error: () => void | undefined; const url = new URL(request.url); const query = Object.fromEntries(url.searchParams); const body = await getJsonBody(request); - const result = schema.safeParse(request.method === 'GET' ? query : body); + if (schema) { + const result = schema.safeParse(request.method === 'GET' ? query : body); - return { query, body, error: result.error }; + if (result.error) { + error = () => badRequest(result.error); + } + } + + const auth = !error ? await checkAuth(request) : null; + + if (!error && !auth) { + error = () => unauthorized(); + } + + return { url, query, body, auth, error }; } export async function getRequestDateRange(query: Record) { diff --git a/src/lib/schema.ts b/src/lib/schema.ts index 5f81b1f1..0410a965 100644 --- a/src/lib/schema.ts +++ b/src/lib/schema.ts @@ -16,8 +16,8 @@ export const pageInfo = { }; export const pagingParams = { - page: z.coerce.number().int().positive(), - pageSize: z.coerce.number().int().positive(), + page: z.coerce.number().int().positive().optional(), + pageSize: z.coerce.number().int().positive().optional(), orderBy: z.string().optional(), query: z.string().optional(), };