From 03b40d73f813d64fc85b221a95ec905ed5df7f6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A5vard=20Stigen=20Andersen?= Date: Mon, 13 May 2024 20:46:15 +0200 Subject: [PATCH] slettjs --- .gitignore | 1 + api/v1/bets.js | 49 ------------------------- api/v1/chat.js | 29 --------------- api/v1/matches.js | 16 --------- api/v1/matches/[id].js | 57 ----------------------------- api/v1/me.js | 78 ---------------------------------------- api/v1/me/bets.js | 33 ----------------- api/v1/me/bets/[id].js | 26 -------------- api/v1/stats.js | 12 ------- auth/authHandler.js | 48 ------------------------- auth/verifiserIdToken.js | 26 -------------- cors/corsHelper.js | 18 ---------- 12 files changed, 1 insertion(+), 392 deletions(-) delete mode 100644 api/v1/bets.js delete mode 100644 api/v1/chat.js delete mode 100644 api/v1/matches.js delete mode 100644 api/v1/matches/[id].js delete mode 100644 api/v1/me.js delete mode 100644 api/v1/me/bets.js delete mode 100644 api/v1/me/bets/[id].js delete mode 100644 api/v1/stats.js delete mode 100644 auth/authHandler.js delete mode 100644 auth/verifiserIdToken.js delete mode 100644 cors/corsHelper.js diff --git a/.gitignore b/.gitignore index cf7ae1a..f9ad1b4 100644 --- a/.gitignore +++ b/.gitignore @@ -106,3 +106,4 @@ dist .idea .vercel /public +api/**.*.js \ No newline at end of file diff --git a/api/v1/bets.js b/api/v1/bets.js deleted file mode 100644 index e7bda26..0000000 --- a/api/v1/bets.js +++ /dev/null @@ -1,49 +0,0 @@ -import dayjs from 'dayjs' -import { allowCors } from '../../cors/corsHelper' -import { auth } from '../../auth/authHandler' -const handler = async function handler(opts) { - const { res, user, client } = opts - if (!user) { - res.status(401) - return - } - async function getBets() { - return ( - await client.query(` - SELECT b.user_id, - b.match_id, - m.game_start, - m.away_team, - m.home_team, - b.home_score, - b.away_score, - m.round, - m.home_score home_result, - m.away_score away_result - FROM bets b, - matches m, - users u - WHERE b.match_id = m.id - AND game_start < now() - AND u.id = b.user_id - AND u.active is true;`) - ).rows - } - async function getUsers() { - return ( - await client.query(` - SELECT u.id, u.name, u.picture, u.winner, u.topscorer - FROM users u - WHERE u.active is true`) - ).rows - } - const alt = await Promise.all([getBets(), getUsers()]) - if (dayjs('2022-11-25T10:00:00.000Z').isAfter(dayjs())) { - alt[1].forEach((a) => { - delete a.winner - delete a.topscorer - }) - } - res.json({ bets: alt[0], users: alt[1] }) -} -export default allowCors(auth(handler)) diff --git a/api/v1/chat.js b/api/v1/chat.js deleted file mode 100644 index 60e529a..0000000 --- a/api/v1/chat.js +++ /dev/null @@ -1,29 +0,0 @@ -import { allowCors } from '../../cors/corsHelper' -import { auth } from '../../auth/authHandler' -const handler = async function handler(opts) { - const { res, req, user, client } = opts - if (!user) { - res.status(401) - return - } - if (req.method == 'POST') { - const reqBody = JSON.parse(req.body) - await client.query('INSERT INTO chat (message, user_id) VALUES ($1, $2)', [reqBody.message, user.id]) - res.status(201).json({ ok: ':)' }) - return - } - const chat = ( - await client.query(` - SELECT u.id userid, - u.name, - u.picture, - c.* - FROM chat c, - users u - WHERE c.user_id = u.id - ORDER BY c.created_at asc - `) - ).rows - res.json(chat) -} -export default allowCors(auth(handler)) diff --git a/api/v1/matches.js b/api/v1/matches.js deleted file mode 100644 index ff7e3f4..0000000 --- a/api/v1/matches.js +++ /dev/null @@ -1,16 +0,0 @@ -import { allowCors } from '../../cors/corsHelper' -import { auth } from '../../auth/authHandler' -const handler = async function handler(opts) { - const { res, user, client } = opts - if (!user) { - res.status(401) - return - } - const matches = ( - await client.query(` - SELECT * - FROM matches m;`) - ).rows - res.status(200).json(matches) -} -export default allowCors(auth(handler)) diff --git a/api/v1/matches/[id].js b/api/v1/matches/[id].js deleted file mode 100644 index 7c0bcad..0000000 --- a/api/v1/matches/[id].js +++ /dev/null @@ -1,57 +0,0 @@ -import { allowCors } from '../../../cors/corsHelper' -import { auth } from '../../../auth/authHandler' -const handler = async function handler(opts) { - const { user, res, req, client } = opts - if (!user) { - res.status(401) - return - } - if (!user.admin) { - res.status(403) - return - } - const { id } = req.query - const reqBody = JSON.parse(req.body) - if (typeof reqBody.home_score !== 'undefined') { - await client.query( - ` - UPDATE matches - SET home_score = $1 - WHERE id = $2; - `, - [reqBody.home_score, id], - ) - } - if (typeof reqBody.away_score !== 'undefined') { - await client.query( - ` - UPDATE matches - SET away_score = $1 - WHERE id = $2; - `, - [reqBody.away_score, id], - ) - } - if (typeof reqBody.home_team !== 'undefined') { - await client.query( - ` - UPDATE matches - SET home_team = $1 - WHERE id = $2; - `, - [reqBody.home_team, id], - ) - } - if (typeof reqBody.away_team !== 'undefined') { - await client.query( - ` - UPDATE matches - SET away_team = $1 - WHERE id = $2; - `, - [reqBody.away_team, id], - ) - } - res.status(200).json({ ok: 123 }) -} -export default allowCors(auth(handler)) diff --git a/api/v1/me.js b/api/v1/me.js deleted file mode 100644 index d9c1e46..0000000 --- a/api/v1/me.js +++ /dev/null @@ -1,78 +0,0 @@ -import dayjs from 'dayjs' -import { allowCors } from '../../cors/corsHelper' -import { auth } from '../../auth/authHandler' -const handler = async function handler(opts) { - const { res, req, user, jwtPayload, client } = opts - if (user) { - if (req.method == 'PUT') { - const reqBody = JSON.parse(req.body) - if (reqBody.charity) { - const charity = reqBody.charity - if (!(charity >= 10 && charity <= 75)) { - res.status(400) - return - } - await client.query( - ` - UPDATE users - SET charity = $1 - WHERE id = $2; - `, - [charity, user.id], - ) - } - const kanBette = dayjs('2022-11-25T10:00:00.000Z').isAfter(dayjs()) - if (reqBody.winner && kanBette) { - await client.query( - ` - UPDATE users - SET winner = $1 - WHERE id = $2; - `, - [reqBody.winner, user.id], - ) - } - if (reqBody.topscorer && kanBette) { - await client.query( - ` - UPDATE users - SET topscorer = $1 - WHERE id = $2; - `, - [reqBody.topscorer, user.id], - ) - } - res.status(200).json({ ok: 123 }) - return - } - res.status(200).json(user) - return - } - const nyBruker = await client.query( - ` - INSERT INTO users (firebase_user_id, picture, active, email, name, admin, paid, charity, winner) - VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9) RETURNING *`, - [ - jwtPayload.sub, - jwtPayload.picture, - true, - jwtPayload.email, - jwtPayload.name || jwtPayload.email, - false, - true, - 10, - 'USA', - ], - ) - const matchIds = (await client.query(' select id from matches')).rows - for (let i = 0; i < matchIds.length; i++) { - await client.query( - ` - INSERT INTO bets (user_id, match_id) - VALUES ($1, $2) RETURNING *`, - [nyBruker.rows[0].id, matchIds[i].id], - ) - } - res.status(200).json(nyBruker.rows[0]) -} -export default allowCors(auth(handler)) diff --git a/api/v1/me/bets.js b/api/v1/me/bets.js deleted file mode 100644 index edcf192..0000000 --- a/api/v1/me/bets.js +++ /dev/null @@ -1,33 +0,0 @@ -import { allowCors } from '../../../cors/corsHelper' -import { auth } from '../../../auth/authHandler' -const handler = async function handler(opts) { - const { user, res, client } = opts - if (!user) { - res.status(401) - return - } - const upcoming = ( - await client.query( - ` - SELECT m.game_start, - m.away_team, - m.home_team, - m.round, - b.home_score, - b.away_score, - b.match_id, - b.id bet_id - FROM bets b, - matches m, - users u - WHERE b.user_id = $1 - AND b.match_id = m.id - AND u.id = b.user_id - AND u.active is true - ORDER BY game_start, m.id asc;`, - [user?.id], - ) - ).rows - res.status(200).json(upcoming) -} -export default allowCors(auth(handler)) diff --git a/api/v1/me/bets/[id].js b/api/v1/me/bets/[id].js deleted file mode 100644 index 2c6ade2..0000000 --- a/api/v1/me/bets/[id].js +++ /dev/null @@ -1,26 +0,0 @@ -import { allowCors } from '../../../../cors/corsHelper' -import { auth } from '../../../../auth/authHandler' -const handler = async function handler(opts) { - const { user, res, req, client } = opts - if (!user) { - res.status(401) - return - } - const { id } = req.query - const reqBody = JSON.parse(req.body) - await client.query( - ` - UPDATE bets - SET home_score = $1, - away_score = $2 - WHERE user_id = $3 - AND id = $4 - AND match_id in (select id - from matches - WHERE game_start > now()); - `, - [reqBody.home_score, reqBody.away_score, user.id, id], - ) - res.status(200).json({ ok: 123 }) -} -export default allowCors(auth(handler)) diff --git a/api/v1/stats.js b/api/v1/stats.js deleted file mode 100644 index 69acd02..0000000 --- a/api/v1/stats.js +++ /dev/null @@ -1,12 +0,0 @@ -import { allowCors } from '../../cors/corsHelper' -import { auth } from '../../auth/authHandler' -const handler = async function handler(opts) { - const { user, res, client } = opts - if (!user) { - res.status(401) - return - } - const charity = (await client.query('SELECT charity from users where active is true')).rows - res.json(charity) -} -export default allowCors(auth(handler)) diff --git a/auth/authHandler.js b/auth/authHandler.js deleted file mode 100644 index 20ddd77..0000000 --- a/auth/authHandler.js +++ /dev/null @@ -1,48 +0,0 @@ -import { Pool } from 'pg' -import { verifiserIdToken } from './verifiserIdToken' -let pool -export function auth(fn) { - return async (req, res) => { - if (!pool) { - const connectionString = process.env.PG_URI - pool = new Pool({ - connectionString, - max: 1, - }) - } - const start = Date.now() - const authheader = req.headers.authorization - if (!authheader) { - res.status(401) - return - } - const verifisert = await verifiserIdToken(authheader.split(' ')[1]) - if (!verifisert) { - res.status(401) - return - } - const verifsert = Date.now() - let client = null - try { - client = await pool.connect() - const dbkobling = Date.now() - const userList = await client.query('SELECT * from users where firebase_user_id = $1', [ - verifisert.payload.sub, - ]) - function hentBrukeren() { - if (userList.rows.length == null) { - return undefined - } - return userList.rows[0] - } - const etterUser = Date.now() - await fn({ req, res, jwtPayload: verifisert.payload, client, user: hentBrukeren() }) - const etterKoden = Date.now() - console.log( - `${req.url} Verifisering pg handler: ${verifsert - start} - Db: ${dbkobling - verifsert} - user: ${etterUser - dbkobling} - kode: ${etterKoden - etterUser} - `, - ) - } finally { - client?.release() - } - } -} diff --git a/auth/verifiserIdToken.js b/auth/verifiserIdToken.js deleted file mode 100644 index 72d4729..0000000 --- a/auth/verifiserIdToken.js +++ /dev/null @@ -1,26 +0,0 @@ -import { createRemoteJWKSet, jwtVerify } from 'jose' -let _remoteJWKSet -async function validerToken(token) { - return jwtVerify(token, await jwks(), { - issuer: 'https://securetoken.google.com/betpool-2022', - audience: 'betpool-2022', - }) -} -async function jwks() { - if (typeof _remoteJWKSet === 'undefined') { - _remoteJWKSet = createRemoteJWKSet( - new URL('https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com'), - ) - } - return _remoteJWKSet -} -export async function verifiserIdToken(token) { - const verified = await validerToken(token) - if (verified.payload.aud !== 'betpool-2022') { - return undefined - } - if (verified.payload.iss !== 'https://securetoken.google.com/betpool-2022') { - return undefined - } - return verified -} diff --git a/cors/corsHelper.js b/cors/corsHelper.js deleted file mode 100644 index efe072e..0000000 --- a/cors/corsHelper.js +++ /dev/null @@ -1,18 +0,0 @@ -export function allowCors(fn) { - return async (req, res) => { - res.setHeader('Access-Control-Allow-Credentials', 'true') - if (req.headers.origin) { - if (['https://betpool-2022.vercel.app', 'http://localhost:3000'].includes(req.headers.origin)) { - res.setHeader('Access-Control-Allow-Origin', req.headers.origin) - res.setHeader('Access-Control-Allow-Methods', 'GET,OPTIONS,PATCH,DELETE,POST,PUT') - res.setHeader('Access-Control-Allow-Headers', 'Authorization') - res.setHeader('Access-Control-Max-Age', '600') - } - } - if (req.method === 'OPTIONS') { - res.status(200).end() - return - } - return await fn(req, res) - } -}