diff --git a/app/api/account/impersonate/route.ts b/app/api/account/impersonate/route.ts new file mode 100644 index 0000000..1887674 --- /dev/null +++ b/app/api/account/impersonate/route.ts @@ -0,0 +1,91 @@ +import { db } from "@/lib/db" +import { NextResponse } from "next/server"; +import fetchUser from "@/lib/fetch-user"; + +export async function GET(req: Request) { + try { + const user = await fetchUser(req) + if (!user || user.role != "ADMIN") { + return new NextResponse("Unauthorized", { status: 401 }); + } + + const impersonation = await db.impersonation.findFirst({ + where: { + sourceId: user.id + } + }); + + return NextResponse.json(impersonation); + } catch (error) { + console.log("[AUTH/ACCOUNT/IMPERSONATION]", error); + return new NextResponse("Internal Error", { status: 500 }); + } +} + +export async function POST(req: Request) { + try { + const user = await fetchUser(req) + if (!user || user.role != "ADMIN") { + return new NextResponse("Unauthorized", { status: 401 }); + } + + const { targetId } = await req.json(); + + const impersonation = await db.impersonation.create({ + data: { + sourceId: user.id, + targetId + } + }); + + return NextResponse.json(impersonation); + } catch (error) { + console.log("[AUTH/ACCOUNT/IMPERSONATION]", error); + return new NextResponse("Internal Error", { status: 500 }); + } +} + +export async function PUT(req: Request) { + try { + const user = await fetchUser(req) + if (!user || user.role != "ADMIN") { + return new NextResponse("Unauthorized", { status: 401 }); + } + + const { targetId } = await req.json(); + + const impersonation = await db.impersonation.update({ + where: { + sourceId: user.id, + }, + data: { + targetId + } + }); + + return NextResponse.json(impersonation); + } catch (error) { + console.log("[AUTH/ACCOUNT/IMPERSONATION]", error); + return new NextResponse("Internal Error", { status: 500 }); + } +} + +export async function DELETE(req: Request) { + try { + const user = await fetchUser(req) + if (!user || user.role != "ADMIN") { + return new NextResponse("Unauthorized", { status: 401 }); + } + + const impersonation = await db.impersonation.delete({ + where: { + sourceId: user.id + } + }); + + return NextResponse.json(impersonation) + } catch (error) { + console.log("[AUTH/ACCOUNT/IMPERSONATION]", error); + return new NextResponse("Internal Error" + error, { status: 500 }); + } +} \ No newline at end of file diff --git a/app/api/account/route.ts b/app/api/account/route.ts index 9db57cd..28e4b63 100644 --- a/app/api/account/route.ts +++ b/app/api/account/route.ts @@ -1,12 +1,12 @@ import { db } from "@/lib/db" import { NextResponse } from "next/server"; import { auth } from "@/auth"; -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUser from "@/lib/fetch-user"; export async function GET(req: Request) { try { - return NextResponse.json(await fetchUserUsingAPI(req)) + return NextResponse.json(await fetchUser(req)) } catch (error) { console.log("[ACCOUNT]", error); return new NextResponse("Internal Error", { status: 500 }); diff --git a/app/api/settings/connections/twitch/delete/route.ts b/app/api/settings/connections/twitch/delete/route.ts index 6ed56dc..42efdaf 100644 --- a/app/api/settings/connections/twitch/delete/route.ts +++ b/app/api/settings/connections/twitch/delete/route.ts @@ -1,10 +1,10 @@ import { db } from "@/lib/db" -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; import { NextResponse } from "next/server"; export async function POST(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } diff --git a/app/api/settings/connections/twitch/route.ts b/app/api/settings/connections/twitch/route.ts index 149fa01..b2712e8 100644 --- a/app/api/settings/connections/twitch/route.ts +++ b/app/api/settings/connections/twitch/route.ts @@ -1,10 +1,10 @@ import { db } from "@/lib/db" import { NextResponse } from "next/server"; -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; export async function GET(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } diff --git a/app/api/settings/tts/default/route.ts b/app/api/settings/tts/default/route.ts index 53b85f9..0d5d498 100644 --- a/app/api/settings/tts/default/route.ts +++ b/app/api/settings/tts/default/route.ts @@ -1,11 +1,11 @@ import { db } from "@/lib/db" import { NextResponse } from "next/server"; -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; import voices from "@/data/tts"; export async function GET(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -26,7 +26,7 @@ export async function GET(req: Request) { export async function POST(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } diff --git a/app/api/settings/tts/filter/users/route.ts b/app/api/settings/tts/filter/users/route.ts index ef17317..551a6cd 100644 --- a/app/api/settings/tts/filter/users/route.ts +++ b/app/api/settings/tts/filter/users/route.ts @@ -1,10 +1,10 @@ import { db } from "@/lib/db" import { NextResponse } from "next/server"; -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; export async function GET(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -24,7 +24,7 @@ export async function GET(req: Request) { export async function POST(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -57,7 +57,7 @@ export async function POST(req: Request) { export async function DELETE(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } diff --git a/app/api/settings/tts/filter/words/route.ts b/app/api/settings/tts/filter/words/route.ts index 88c8029..080d271 100644 --- a/app/api/settings/tts/filter/words/route.ts +++ b/app/api/settings/tts/filter/words/route.ts @@ -1,10 +1,10 @@ import { db } from "@/lib/db" import { NextResponse } from "next/server"; -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; export async function GET(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -24,7 +24,7 @@ export async function GET(req: Request) { export async function POST(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -35,7 +35,7 @@ export async function POST(req: Request) { data: { search, replace, - userId: user.id as string + userId: user.id } }); @@ -48,7 +48,7 @@ export async function POST(req: Request) { export async function PUT(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -61,7 +61,8 @@ export async function PUT(req: Request) { }, data: { search, - replace + replace, + userId: user.id } }); @@ -74,7 +75,7 @@ export async function PUT(req: Request) { export async function DELETE(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -87,7 +88,7 @@ export async function DELETE(req: Request) { const filter = await db.ttsWordFilter.delete({ where: { userId_search: { - userId: user.id as string, + userId: user.id, search } } diff --git a/app/api/settings/tts/route.ts b/app/api/settings/tts/route.ts index 58ce379..e9c0cd2 100644 --- a/app/api/settings/tts/route.ts +++ b/app/api/settings/tts/route.ts @@ -1,11 +1,11 @@ import { db } from "@/lib/db" import { NextResponse } from "next/server"; -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; import voices from "@/data/tts"; export async function GET(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } @@ -40,7 +40,7 @@ export async function GET(req: Request) { export async function POST(req: Request) { try { - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } diff --git a/app/api/token/[id]/route.ts b/app/api/token/[id]/route.ts index bfac406..09b43f8 100644 --- a/app/api/token/[id]/route.ts +++ b/app/api/token/[id]/route.ts @@ -1,12 +1,17 @@ import { db } from "@/lib/db" -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; import { NextResponse } from "next/server"; export async function GET(req: Request, { params } : { params: { id: string } }) { try { + const user = await fetchUserWithImpersonation(req) + if (!user) { + return new NextResponse("Unauthorized", { status: 401 }); + } + let id = req.headers?.get('x-api-key') if (id == null) { - return NextResponse.json(null); + return NextResponse.json(null); } const tokens = await db.apiKey.findFirst({ @@ -18,15 +23,19 @@ export async function GET(req: Request, { params } : { params: { id: string } }) return NextResponse.json(tokens); } catch (error) { console.log("[TOKEN/GET]", error); - return new NextResponse("Internal Error", { status: 500}); + return new NextResponse("Internal Error", { status: 500 }); } } export async function DELETE(req: Request, { params } : { params: { id: string } }) { try { - const { id } = params - const user = await fetchUserUsingAPI(req) + const user = await fetchUserWithImpersonation(req) + if (!user) { + return new NextResponse("Unauthorized", { status: 401 }); + } + + const { id } = params const token = await db.apiKey.delete({ where: { id, @@ -37,6 +46,6 @@ export async function DELETE(req: Request, { params } : { params: { id: string } return NextResponse.json(token); } catch (error) { console.log("[TOKEN/DELETE]", error); - return new NextResponse("Internal Error", { status: 500}); + return new NextResponse("Internal Error", { status: 500 }); } } \ No newline at end of file diff --git a/app/api/token/bot/route.ts b/app/api/token/bot/route.ts index c876f7b..cca9cdf 100644 --- a/app/api/token/bot/route.ts +++ b/app/api/token/bot/route.ts @@ -1,10 +1,10 @@ import { db } from "@/lib/db" -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; import { NextResponse } from "next/server"; export async function GET(req: Request) { try { - const user = await fetchUserUsingAPI(req); + const user = await fetchUserWithImpersonation(req); if (!user) { return new NextResponse("Unauthorized", { status: 401 }); } diff --git a/app/api/token/route.ts b/app/api/token/route.ts index fc9aa43..3609867 100644 --- a/app/api/token/route.ts +++ b/app/api/token/route.ts @@ -1,13 +1,18 @@ -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUserWithImpersonation from "@/lib/fetch-user-impersonation"; import { db } from "@/lib/db" import { NextResponse } from "next/server"; export async function POST(req: Request) { try { + const user = await fetchUserWithImpersonation(req) + if (!user) { + return new NextResponse("Unauthorized", { status: 401 }); + } + let { userId, label } = await req.json(); if (userId == null) { - const user = await fetchUserUsingAPI(req); + const user = await fetchUserWithImpersonation(req); if (user != null) { userId = user.id; } @@ -31,9 +36,13 @@ export async function POST(req: Request) { export async function DELETE(req: Request) { try { + const user = await fetchUserWithImpersonation(req) + if (!user) { + return new NextResponse("Unauthorized", { status: 401 }); + } + let { id } = await req.json(); - const user = await fetchUserUsingAPI(req); - if (!id || !user) { + if (!id) { return NextResponse.json(null) } diff --git a/app/api/tokens/route.ts b/app/api/tokens/route.ts index 9199d81..6f69725 100644 --- a/app/api/tokens/route.ts +++ b/app/api/tokens/route.ts @@ -1,4 +1,4 @@ -import fetchUserUsingAPI from "@/lib/validate-api"; +import fetchUser from "@/lib/fetch-user"; import { db } from "@/lib/db" import { NextResponse } from "next/server"; @@ -8,7 +8,7 @@ export async function GET(req: Request) { let userId = searchParams.get('userId') if (userId == null) { - const user = await fetchUserUsingAPI(req); + const user = await fetchUser(req); if (user != null) { userId = user.id as string; } diff --git a/app/api/users/route.ts b/app/api/users/route.ts new file mode 100644 index 0000000..f4f3a24 --- /dev/null +++ b/app/api/users/route.ts @@ -0,0 +1,41 @@ +import { db } from "@/lib/db" +import { NextResponse } from "next/server"; +import fetchUser from "@/lib/fetch-user"; + +export async function GET(req: Request) { + try { + const user = await fetchUser(req) + if (!user || user.role != "ADMIN") { + return new NextResponse("Unauthorized", { status: 401 }); + } + + const { searchParams } = new URL(req.url) + const qn = searchParams.get('qn') as string + const id = searchParams.get('id') as string + + if (qn) { + const users = await db.user.findMany({ + where: { + name: { + contains: qn + } + } + }) + return NextResponse.json(users) + } + if (id) { + const users = await db.user.findUnique({ + where: { + id: id + } + }) + return NextResponse.json(users) + } + + const users = await db.user.findMany(); + return NextResponse.json(users) + } catch (error) { + console.log("[AUTH/ACCOUNT/IMPERSONATION]", error); + return new NextResponse("Internal Error", { status: 500 }); + } +} \ No newline at end of file diff --git a/app/settings/api/keys/page.tsx b/app/settings/api/keys/page.tsx index d858fd7..456e720 100644 --- a/app/settings/api/keys/page.tsx +++ b/app/settings/api/keys/page.tsx @@ -20,7 +20,6 @@ const SettingsPage = () => { try { const keys = (await axios.get("/api/tokens")).data ?? {}; setApiKeys(keys) - console.log(keys); } catch (error) { console.log("ERROR", error) } @@ -49,20 +48,6 @@ const SettingsPage = () => { } } - useEffect(() => { - const fetchData = async () => { - try { - const keys = (await axios.get("/api/tokens")).data; - setApiKeys(keys) - console.log(keys); - } catch (error) { - console.log("ERROR", error) - } - }; - - fetchData().catch(console.error); - }, [apiKeyViewable]); - return (
{user.tag}
@@ -200,7 +201,7 @@ const TTSFiltersPage = () => {
Regex Replacement