remove test endpoint
This commit is contained in:
Michael Freno
@@ -185,10 +185,6 @@ const loginSchema = z.object({
|
|||||||
password: z.string().min(1)
|
password: z.string().min(1)
|
||||||
});
|
});
|
||||||
|
|
||||||
const testTokenSchema = z.object({
|
|
||||||
userId: z.string().min(1)
|
|
||||||
});
|
|
||||||
|
|
||||||
export const cairnDbRouter = createTRPCRouter({
|
export const cairnDbRouter = createTRPCRouter({
|
||||||
health: cairnProcedure.query(async () => {
|
health: cairnProcedure.query(async () => {
|
||||||
try {
|
try {
|
||||||
@@ -239,15 +235,39 @@ export const cairnDbRouter = createTRPCRouter({
|
|||||||
});
|
});
|
||||||
await conn.execute({
|
await conn.execute({
|
||||||
sql: "INSERT INTO authProviders (id, userId, provider, providerUserId, email, displayName, avatarUrl) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
sql: "INSERT INTO authProviders (id, userId, provider, providerUserId, email, displayName, avatarUrl) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
||||||
args: [crypto.randomUUID(), userId, "email", null, input.email, null, null]
|
args: [
|
||||||
|
crypto.randomUUID(),
|
||||||
|
userId,
|
||||||
|
"email",
|
||||||
|
null,
|
||||||
|
input.email,
|
||||||
|
null,
|
||||||
|
null
|
||||||
|
]
|
||||||
});
|
});
|
||||||
await conn.execute({
|
await conn.execute({
|
||||||
sql: "INSERT INTO authProviders (id, userId, provider, providerUserId, email, displayName, avatarUrl) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
sql: "INSERT INTO authProviders (id, userId, provider, providerUserId, email, displayName, avatarUrl) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
||||||
args: [crypto.randomUUID(), userId, "password", passwordHash, input.email, null, null]
|
args: [
|
||||||
|
crypto.randomUUID(),
|
||||||
|
userId,
|
||||||
|
"password",
|
||||||
|
passwordHash,
|
||||||
|
input.email,
|
||||||
|
null,
|
||||||
|
null
|
||||||
|
]
|
||||||
});
|
});
|
||||||
await conn.execute({
|
await conn.execute({
|
||||||
sql: "INSERT INTO workoutPlans (id, userId, name, category, difficulty, type, isPublic) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
sql: "INSERT INTO workoutPlans (id, userId, name, category, difficulty, type, isPublic) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
||||||
args: [crypto.randomUUID(), userId, "Getting Started", "strength", "beginner", "strength", 0]
|
args: [
|
||||||
|
crypto.randomUUID(),
|
||||||
|
userId,
|
||||||
|
"Getting Started",
|
||||||
|
"strength",
|
||||||
|
"beginner",
|
||||||
|
"strength",
|
||||||
|
0
|
||||||
|
]
|
||||||
});
|
});
|
||||||
|
|
||||||
const token = await signCairnToken(userId);
|
const token = await signCairnToken(userId);
|
||||||
@@ -264,90 +284,73 @@ export const cairnDbRouter = createTRPCRouter({
|
|||||||
}
|
}
|
||||||
}),
|
}),
|
||||||
|
|
||||||
login: publicProcedure
|
login: publicProcedure.input(loginSchema).mutation(async ({ input }) => {
|
||||||
.input(loginSchema)
|
try {
|
||||||
.mutation(async ({ input }) => {
|
const conn = CairnConnectionFactory();
|
||||||
try {
|
const result = await conn.execute({
|
||||||
const conn = CairnConnectionFactory();
|
sql: "SELECT userId, email, provider, providerUserId FROM authProviders WHERE email = ? AND provider IN ('email', 'password')",
|
||||||
const result = await conn.execute({
|
args: [input.email]
|
||||||
sql: "SELECT userId, email, provider, providerUserId FROM authProviders WHERE email = ? AND provider IN ('email', 'password')",
|
});
|
||||||
args: [input.email]
|
|
||||||
});
|
|
||||||
|
|
||||||
if (!result.rows.length) {
|
if (!result.rows.length) {
|
||||||
throw new TRPCError({
|
|
||||||
code: "UNAUTHORIZED",
|
|
||||||
message: "Invalid credentials"
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
const rows = result.rows as Array<{
|
|
||||||
userId: string;
|
|
||||||
email: string | null;
|
|
||||||
provider: string;
|
|
||||||
providerUserId: string | null;
|
|
||||||
}>;
|
|
||||||
const emailProvider = rows.find((row) => row.provider === "email");
|
|
||||||
const passwordProvider = rows.find((row) => row.provider === "password");
|
|
||||||
|
|
||||||
if (emailProvider?.userId !== passwordProvider?.userId) {
|
|
||||||
throw new TRPCError({
|
|
||||||
code: "UNAUTHORIZED",
|
|
||||||
message: "Invalid credentials"
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!emailProvider || !passwordProvider) {
|
|
||||||
throw new TRPCError({
|
|
||||||
code: "UNAUTHORIZED",
|
|
||||||
message: "Invalid credentials"
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
const matches = await checkPasswordSafe(
|
|
||||||
input.password,
|
|
||||||
passwordProvider.providerUserId
|
|
||||||
);
|
|
||||||
if (!matches) {
|
|
||||||
throw new TRPCError({
|
|
||||||
code: "UNAUTHORIZED",
|
|
||||||
message: "Invalid credentials"
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
const token = await signCairnToken(emailProvider.userId);
|
|
||||||
await conn.execute({
|
|
||||||
sql: "UPDATE users SET lastLoginAt = datetime('now'), updatedAt = datetime('now') WHERE id = ?",
|
|
||||||
args: [emailProvider.userId]
|
|
||||||
});
|
|
||||||
|
|
||||||
return { success: true, token, userId: emailProvider.userId };
|
|
||||||
} catch (error) {
|
|
||||||
if (error instanceof TRPCError) {
|
|
||||||
throw error;
|
|
||||||
}
|
|
||||||
console.error("Failed to login Cairn user:", error);
|
|
||||||
throw new TRPCError({
|
throw new TRPCError({
|
||||||
code: "INTERNAL_SERVER_ERROR",
|
code: "UNAUTHORIZED",
|
||||||
message: "Failed to login"
|
message: "Invalid credentials"
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}),
|
|
||||||
|
|
||||||
createTestToken: publicProcedure
|
const rows = result.rows as Array<{
|
||||||
.input(testTokenSchema)
|
userId: string;
|
||||||
.mutation(async ({ input }) => {
|
email: string | null;
|
||||||
try {
|
provider: string;
|
||||||
const token = await signCairnToken(input.userId);
|
providerUserId: string | null;
|
||||||
return { success: true, token, userId: input.userId };
|
}>;
|
||||||
} catch (error) {
|
const emailProvider = rows.find((row) => row.provider === "email");
|
||||||
console.error("Failed to create Cairn test token:", error);
|
const passwordProvider = rows.find((row) => row.provider === "password");
|
||||||
|
|
||||||
|
if (emailProvider?.userId !== passwordProvider?.userId) {
|
||||||
throw new TRPCError({
|
throw new TRPCError({
|
||||||
code: "INTERNAL_SERVER_ERROR",
|
code: "UNAUTHORIZED",
|
||||||
message: "Failed to create test token"
|
message: "Invalid credentials"
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}),
|
|
||||||
|
if (!emailProvider || !passwordProvider) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "UNAUTHORIZED",
|
||||||
|
message: "Invalid credentials"
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
const matches = await checkPasswordSafe(
|
||||||
|
input.password,
|
||||||
|
passwordProvider.providerUserId
|
||||||
|
);
|
||||||
|
if (!matches) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "UNAUTHORIZED",
|
||||||
|
message: "Invalid credentials"
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
const token = await signCairnToken(emailProvider.userId);
|
||||||
|
await conn.execute({
|
||||||
|
sql: "UPDATE users SET lastLoginAt = datetime('now'), updatedAt = datetime('now') WHERE id = ?",
|
||||||
|
args: [emailProvider.userId]
|
||||||
|
});
|
||||||
|
|
||||||
|
return { success: true, token, userId: emailProvider.userId };
|
||||||
|
} catch (error) {
|
||||||
|
if (error instanceof TRPCError) {
|
||||||
|
throw error;
|
||||||
|
}
|
||||||
|
console.error("Failed to login Cairn user:", error);
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "INTERNAL_SERVER_ERROR",
|
||||||
|
message: "Failed to login"
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}),
|
||||||
|
|
||||||
getUsers: cairnProcedure
|
getUsers: cairnProcedure
|
||||||
.input(paginatedQuerySchema)
|
.input(paginatedQuerySchema)
|
||||||
|
|||||||
Reference in New Issue
Block a user