object storage + full permission system + testing

Object storage now works fully, with the permission system. It still needs additional external endpoints for updating and deleting objects from the API, but it is otherwise complete. Further tasks include writing an S3 adapter.
2025-11-13 16:22:39 +10:00 · 2024-10-09 14:43:06 +11:00
parent de388a937a
commit 435551c207
20 changed files with 376 additions and 63 deletions
--- a/server/api/v1/auth/signup/simple.post.ts
+++ b/server/api/v1/auth/signup/simple.post.ts
@ -1,32 +1,60 @@
 import { AuthMec } from "@prisma/client";
+import { Readable } from "stream";
 import prisma from "~/server/internal/db/database";
 import { createHash } from "~/server/internal/security/simple";
+import { v4 as uuidv4 } from "uuid";

 export default defineEventHandler(async (h3) => {
-    const body = await readBody(h3);
+  const body = await readBody(h3);

-    const username = body.username;
-    const password = body.password;
-    if (username === undefined || password === undefined)
-        throw createError({ statusCode: 403, statusMessage: "Username or password missing from request." });
-
-    const existing = await prisma.user.count({ where: { username: username } });
-    if (existing > 0) throw createError({ statusCode: 400, statusMessage: "Username already taken." })
-
-    const user = await prisma.user.create({
-        data: {
-            username,
-        }
+  const username = body.username;
+  const password = body.password;
+  if (username === undefined || password === undefined)
+    throw createError({
+      statusCode: 403,
+      statusMessage: "Username or password missing from request.",
    });

-    const hash = await createHash(password);
-    const authMek = await prisma.linkedAuthMec.create({
-        data: {
-            mec: AuthMec.Simple,
-            credentials: [username, hash],
-            userId: user.id
-        }
+  const existing = await prisma.user.count({ where: { username: username } });
+  if (existing > 0)
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Username already taken.",
    });

-    return user;
-})
+  const userId = uuidv4();
+
+  const profilePictureObject = await h3.context.objects.createFromSource(
+    () =>
+      $fetch<Readable>("https://avatars.githubusercontent.com/u/64579723?v=4", {
+        responseType: "stream",
+      }),
+    {},
+    [`anonymous:read`, `${userId}:write`]
+  );
+  if (!profilePictureObject)
+    throw createError({
+      statusCode: 500,
+      statusMessage: "Unable to import profile picture",
+    });
+
+  const user = await prisma.user.create({
+    data: {
+      username,
+      displayName: "",
+      email: "",
+      profilePicture: profilePictureObject,
+    },
+  });
+
+  const hash = await createHash(password);
+  await prisma.linkedAuthMec.create({
+    data: {
+      mec: AuthMec.Simple,
+      credentials: [username, hash],
+      userId: user.id,
+    },
+  });
+
+  return user;
+});