next/lib/server/middlewareButNotReally/index.ts

import { EventHandlerRequest, H3Event } from "h3";
import { messages } from "@server/constants";
import { IStory } from "@models/stories";
import { isFicmasHidden } from "@functions";
import { IDraft } from "@models/stories/draft";
import axios from "axios";
import { IUser } from "@models/user";
export function isIdNan(ev: H3Event<EventHandlerRequest>) {
	const id = parseInt(getRouterParam(ev, "id")!);
	if (Number.isNaN(id)) {
		throw createError({
			statusCode: 400,
			message: "Invalid id provided.",
		});
	}
	return id;
}
export function isAdmin(ev: H3Event<EventHandlerRequest>) {
	isLoggedIn(ev);
	if (!ev.context.currentUser?.profile.isAdmin) {
		throw createError({
			statusCode: 403,
			statusMessage: messages[403],
		});
	}
}
export function isLoggedIn(ev: H3Event<EventHandlerRequest>) {
	if (!ev.context.currentUser) {
		throw createError({
			statusCode: 401,
			statusMessage: messages[401],
		});
	}
}

export async function storyCheck(
	event: H3Event<EventHandlerRequest>,
	story: IStory,
	idx: number,
) {
	let ret: any = {};
	if (!story) {
		ret.statusCode = 404;
		ret.message = messages[404];
	} else if (story.ficmas != null) {
		if (isFicmasHidden(story)) {
			ret = {
				statusCode: 423,
				message: `TOP SECRET! This story is part of an ongoing challenge. You'll be able to read it after the challenge's reveal date.`,
			};
		}
	} else if (
		story.chapters[idx]?.hidden &&
		event.context.currentUser?._id !== (story.author as IUser)._id &&
		!event.context.currentUser?.profile.isAdmin
	) {
		ret.statusCode = 403;
		ret.message = messages[403];
	}
	return !!Object.keys(ret).length ? ret : null;
}

export async function captcha(ev: H3Event<EventHandlerRequest>) {
	const body = await readBody(ev);

	let { data: cres }: { data: any } = await axios.post(
		"https://www.google.com/recaptcha/api/siteverify",
		{
			secret: useRuntimeConfig().captcha.secret,
			response: body["recaptcha"],
		},
		{
			headers: {
				"Content-Type": "application/x-www-form-urlencoded",
			},
		},
	);

	console.log(cres);
	if (!cres?.success) {
		throw createError({
			statusCode: 400,
			message: "bad recaptcha",
		});
	}
}
refactor(server/utils): make paths and imports more concise and correct 2023-12-29 16:32:32 -05:00			`import { EventHandlerRequest, H3Event } from "h3";`
			`import { messages } from "@server/constants";`
			`import { IStory } from "@models/stories";`
			`import { isFicmasHidden } from "@functions";`
			`import { IDraft } from "@models/stories/draft";`
fix(server/utils): update recaptcha guard - use actual form field (it's not "g-recaptcha-response") - switch from useFetch to axios - use "application/x-www-form-urlencoded" as content type 2023-12-29 18:04:33 -05:00			`import axios from "axios";`
refactor(db/models): update populatedDoc types - remove `& Document` qualifier - cast `T \| number` to T with the `as` keyword 2023-12-29 19:06:55 -05:00			`import { IUser } from "@models/user";`
refactor(server/utils): make paths and imports more concise and correct 2023-12-29 16:32:32 -05:00			`export function isIdNan(ev: H3Event<EventHandlerRequest>) {`
			`const id = parseInt(getRouterParam(ev, "id")!);`
			`if (Number.isNaN(id)) {`
			`throw createError({`
			`statusCode: 400,`
			`message: "Invalid id provided.",`
			`});`
			`}`
			`return id;`
			`}`
			`export function isAdmin(ev: H3Event<EventHandlerRequest>) {`
			`isLoggedIn(ev);`
			`if (!ev.context.currentUser?.profile.isAdmin) {`
			`throw createError({`
			`statusCode: 403,`
			`statusMessage: messages[403],`
			`});`
			`}`
			`}`
			`export function isLoggedIn(ev: H3Event<EventHandlerRequest>) {`
			`if (!ev.context.currentUser) {`
			`throw createError({`
			`statusCode: 401,`
			`statusMessage: messages[401],`
			`});`
			`}`
			`}`

			`export async function storyCheck(`
			`event: H3Event<EventHandlerRequest>,`
			`story: IStory,`
			`idx: number,`
			`) {`
			`let ret: any = {};`
			`if (!story) {`
			`ret.statusCode = 404;`
			`ret.message = messages[404];`
			`} else if (story.ficmas != null) {`
			`if (isFicmasHidden(story)) {`
			`ret = {`
			`statusCode: 423,`
			message: `TOP SECRET! This story is part of an ongoing challenge. You'll be able to read it after the challenge's reveal date.`,
			`};`
			`}`
			`} else if (`
			`story.chapters[idx]?.hidden &&`
refactor(db/models): update populatedDoc types - remove `& Document` qualifier - cast `T \| number` to T with the `as` keyword 2023-12-29 19:06:55 -05:00			`event.context.currentUser?._id !== (story.author as IUser)._id &&`
refactor(server/utils): make paths and imports more concise and correct 2023-12-29 16:32:32 -05:00			`!event.context.currentUser?.profile.isAdmin`
			`) {`
			`ret.statusCode = 403;`
			`ret.message = messages[403];`
			`}`
			`return !!Object.keys(ret).length ? ret : null;`
			`}`

			`export async function captcha(ev: H3Event<EventHandlerRequest>) {`
			`const body = await readBody(ev);`

fix(server/utils): update recaptcha guard - use actual form field (it's not "g-recaptcha-response") - switch from useFetch to axios - use "application/x-www-form-urlencoded" as content type 2023-12-29 18:04:33 -05:00			`let { data: cres }: { data: any } = await axios.post(`
refactor(server/utils): make paths and imports more concise and correct 2023-12-29 16:32:32 -05:00			`"https://www.google.com/recaptcha/api/siteverify",`
			`{`
fix(server/utils): update recaptcha guard - use actual form field (it's not "g-recaptcha-response") - switch from useFetch to axios - use "application/x-www-form-urlencoded" as content type 2023-12-29 18:04:33 -05:00			`secret: useRuntimeConfig().captcha.secret,`
			`response: body["recaptcha"],`
			`},`
			`{`
			`headers: {`
			`"Content-Type": "application/x-www-form-urlencoded",`
refactor(server/utils): make paths and imports more concise and correct 2023-12-29 16:32:32 -05:00			`},`
			`},`
			`);`
fix(server/utils): update recaptcha guard - use actual form field (it's not "g-recaptcha-response") - switch from useFetch to axios - use "application/x-www-form-urlencoded" as content type 2023-12-29 18:04:33 -05:00
			`console.log(cres);`
			`if (!cres?.success) {`
refactor(server/utils): make paths and imports more concise and correct 2023-12-29 16:32:32 -05:00			`throw createError({`
			`statusCode: 400,`
			`message: "bad recaptcha",`
			`});`
			`}`
			`}`