Leahnaya/sendou.ink
1
0
Fork 0
mirror of https://github.com/Sendouc/sendou.ink.git synced 2026-03-21 18:04:39 -05:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix /api/user/:identifier/ids returning 401
Some checks are pending
E2E Tests / e2e (push) Waiting to run
Details
Tests and checks on push / run-checks-and-tests (push) Waiting to run
Details
Updates translation progress / update-translation-progress-issue (push) Waiting to run
Details

Browse Source
This commit is contained in:
Kalle 2026-01-27 20:58:27 +02:00
parent f7d93b250b
commit a8b2a74435
2 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/features/api-public/api-auth-middleware.server.ts
View File

@ -2,6 +2,8 @@ import { userAsyncLocalStorage } from "~/features/auth/core/user-context.server"
import * as UserRepository from "~/features/user-page/UserRepository.server";
import { getTokenInfo } from "./api-public-utils.server";
const USER_IDS_PATTERN = /^\/api\/user\/[^/]+\/ids$/;
type MiddlewareArgs = {
request: Request;
context: unknown;
@ -18,11 +20,21 @@ function extractToken(req: Request): string | null {
return authHeader.replace("Bearer ", "");
}
function isPublicRoute(request: Request): boolean {
if (request.method !== "GET") return false;
const url = new URL(request.url);
return USER_IDS_PATTERN.test(url.pathname);
}
export const apiAuthMiddleware: MiddlewareFn = async ({ request }, next) => {
if (request.method === "OPTIONS") {
return next();
}
if (isPublicRoute(request)) {
return next();
}
const token = extractToken(request);
if (!token) {
return Response.json(

13
e2e/api-public.spec.ts
View File

@ -49,6 +49,19 @@ test.describe("Public API", () => {
expect(response.headers()["access-control-allow-origin"]).toBe("*");
});
test("GET user IDs endpoint works without authentication", async ({
page,
}) => {
await seed(page);
const response = await page.request.fetch(`/api/user/${ADMIN_ID}/ids`);
expect(response.status()).toBe(200);
const data = await response.json();
expect(data.id).toBe(ADMIN_ID);
expect(data.discordId).toBeTruthy();
});
test("creates read API token and calls public endpoint", async ({ page }) => {
await seed(page);
await impersonate(page);