next/lib/server/middlewareButNotReally/index.ts

78 lines
2.0 KiB
TypeScript

import { EventHandlerRequest, H3Event } from "h3";
import { messages } from "@server/constants";
import { IStory } from "@models/stories";
import { isFicmasHidden } from "@functions";
import axios from "axios";
import { IUser } from "@models/user";
export function isIdNan(ev: H3Event<EventHandlerRequest>) {
const id = parseInt(getRouterParam(ev, "id")!);
if (Number.isNaN(id)) {
throw createError({
statusCode: 400,
message: "Invalid id provided.",
});
}
return id;
}
export function isAdmin(ev: H3Event<EventHandlerRequest>) {
isLoggedIn(ev);
if (!ev.context.currentUser?.profile.isAdmin) {
throw createError({
statusCode: 403,
statusMessage: messages[403],
});
}
}
export function isLoggedIn(ev: H3Event<EventHandlerRequest>) {
if (!ev.context.currentUser) {
throw createError({
statusCode: 401,
statusMessage: messages[401],
});
}
}
export async function storyCheck(event: H3Event<EventHandlerRequest>, story: IStory, idx: number) {
let ret: any = {};
if (!story) {
ret.statusCode = 404;
ret.message = messages[404];
} else if (story.ficmas != null) {
if (isFicmasHidden(story)) {
ret = {
statusCode: 423,
message: `TOP SECRET! This story is part of an ongoing challenge. You'll be able to read it after the challenge's reveal date.`,
};
}
} else if (story.chapters[idx]?.hidden && event.context.currentUser?._id !== (story.author as IUser)._id && !event.context.currentUser?.profile.isAdmin) {
ret.statusCode = 403;
ret.message = messages[403];
}
return !!Object.keys(ret).length ? ret : null;
}
export async function captcha(ev: H3Event<EventHandlerRequest>) {
const body = await readBody(ev);
let { data: cres }: { data: any } = await axios.post(
"https://www.google.com/recaptcha/api/siteverify",
{
secret: useRuntimeConfig().captcha.secret,
response: body["recaptcha"],
},
{
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
},
);
console.log(cres);
if (!cres?.success) {
throw createError({
statusCode: 400,
message: "bad recaptcha",
});
}
}