Merged auth into new parseRequest method.

src/app/api/users/[userId]/route.ts

@@ -1,16 +1,20 @@
 import { z } from 'zod';
-import { canUpdateUser, canViewUser, checkAuth } from 'lib/auth';
+import { canUpdateUser, canViewUser } from 'lib/auth';
 import { getUser, getUserByUsername, updateUser } from 'queries';
 import { json, unauthorized, badRequest } from 'lib/response';
 import { hashPassword } from 'next-basics';
-import { checkRequest } from 'lib/request';
+import { parseRequest } from 'lib/request';
 
 export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
+  const { auth, error } = await parseRequest(request);
+
+  if (error) {
+    return error();
+  }
+
   const { userId } = await params;
 
-  const auth = await checkAuth(request);
-
-  if (!auth || !(await canViewUser(auth, userId))) {
+  if (!(await canViewUser(auth, userId))) {
     return unauthorized();
   }
 
@@ -26,17 +30,15 @@ export async function POST(request: Request, { params }: { params: Promise<{ use
     role: z.string().regex(/admin|user|view-only/i),
   });
 
-  const { body, error } = await checkRequest(request, schema);
+  const { auth, body, error } = await parseRequest(request, schema);
 
   if (error) {
-    return badRequest(error);
+    return error();
   }
 
   const { userId } = await params;
 
-  const auth = await checkAuth(request);
-
-  if (!auth || !(await canUpdateUser(auth, userId))) {
+  if (!(await canUpdateUser(auth, userId))) {
     return unauthorized();
   }
 

src/app/api/users/[userId]/teams/route.ts

@@ -1,26 +1,23 @@
 import { z } from 'zod';
 import { pagingParams } from 'lib/schema';
 import { getUserTeams } from 'queries';
-import { checkAuth } from 'lib/auth';
-import { unauthorized, badRequest, json } from 'lib/response';
-import { checkRequest } from 'lib/request';
+import { unauthorized, json } from 'lib/response';
+import { parseRequest } from 'lib/request';
 
 export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
   const schema = z.object({
     ...pagingParams,
   });
 
-  const { query, error } = await checkRequest(request, schema);
+  const { auth, query, error } = await parseRequest(request, schema);
 
   if (error) {
-    return badRequest(error);
+    return error();
   }
 
   const { userId } = await params;
 
-  const auth = await checkAuth(request);
-
-  if (!auth || (!auth.user.isAdmin && (!userId || auth.user.id !== userId))) {
+  if (!auth.user.isAdmin && (!userId || auth.user.id !== userId)) {
     return unauthorized();
   }
 

src/app/api/users/[userId]/usage/route.ts

@@ -1,10 +1,9 @@
 import { z } from 'zod';
-import { json, unauthorized, badRequest } from 'lib/response';
+import { json, unauthorized } from 'lib/response';
 import { getAllUserWebsitesIncludingTeamOwner } from 'queries/prisma/website';
 import { getEventUsage } from 'queries/analytics/events/getEventUsage';
 import { getEventDataUsage } from 'queries/analytics/events/getEventDataUsage';
-import { checkAuth } from 'lib/auth';
-import { checkRequest } from 'lib/request';
+import { parseRequest } from 'lib/request';
 
 export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
   const schema = z.object({
@@ -12,15 +11,13 @@ export async function GET(request: Request, { params }: { params: Promise<{ user
     endAt: z.coerce.number().int(),
   });
 
-  const { query, error } = await checkRequest(request, schema);
+  const { auth, query, error } = await parseRequest(request, schema);
 
   if (error) {
-    return badRequest(error);
+    return error();
   }
 
-  const auth = await checkAuth(request);
-
-  if (!auth || !auth.user.isAdmin) {
+  if (!auth.user.isAdmin) {
     return unauthorized();
   }
 

src/app/api/users/[userId]/websites/route.ts

@@ -1,26 +1,23 @@
 import { z } from 'zod';
-import { unauthorized, json, badRequest } from 'lib/response';
+import { unauthorized, json } from 'lib/response';
 import { getUserWebsites } from 'queries/prisma/website';
 import { pagingParams } from 'lib/schema';
-import { checkRequest } from 'lib/request';
-import { checkAuth } from 'lib/auth';
+import { parseRequest } from 'lib/request';
 
 export async function GET(request: Request, { params }: { params: Promise<{ userId: string }> }) {
   const schema = z.object({
     ...pagingParams,
   });
 
-  const { query, error } = await checkRequest(request, schema);
+  const { auth, query, error } = await parseRequest(request, schema);
 
   if (error) {
-    return badRequest(error);
+    return error();
   }
 
   const { userId } = await params;
 
-  const auth = await checkAuth(request);
-
-  if (!auth || (!auth.user.isAdmin && auth.user.id !== userId)) {
+  if (!auth.user.isAdmin && auth.user.id !== userId) {
     return unauthorized();
   }
 

src/app/api/users/route.ts

@@ -1,9 +1,9 @@
 import { z } from 'zod';
 import { hashPassword } from 'next-basics';
-import { canCreateUser, checkAuth } from 'lib/auth';
+import { canCreateUser } from 'lib/auth';
 import { ROLES } from 'lib/constants';
 import { uuid } from 'lib/crypto';
-import { checkRequest } from 'lib/request';
+import { parseRequest } from 'lib/request';
 import { unauthorized, json, badRequest } from 'lib/response';
 import { createUser, getUserByUsername } from 'queries';
 
@@ -15,15 +15,13 @@ export async function POST(request: Request) {
     role: z.string().regex(/admin|user|view-only/i),
   });
 
-  const { body, error } = await checkRequest(request, schema);
+  const { auth, body, error } = await parseRequest(request, schema);
 
   if (error) {
-    return badRequest(error);
+    return error();
   }
 
-  const auth = await checkAuth(request);
-
-  if (!auth || !(await canCreateUser(auth))) {
+  if (!(await canCreateUser(auth))) {
     return unauthorized();
   }