partial: user routes

2025-11-21 12:11:09 +10:00 · 2025-08-10 10:19:45 +10:00
parent 80f7757558
commit a0b4381f0b
54 changed files with 545 additions and 410 deletions
--- a/server/api/v1/user/token/index.post.ts
+++ b/server/api/v1/user/token/index.post.ts
@ -1,46 +1,44 @@
+import { type } from "arktype";
 import { APITokenMode } from "~/prisma/client/enums";
+import { readDropValidatedBody, throwingArktype } from "~/server/arktype";
 import aclManager, { userACLs } from "~/server/internal/acls";
 import prisma from "~/server/internal/db/database";

-export default defineEventHandler(async (h3) => {
-  const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
-  if (!userId) throw createError({ statusCode: 403 });
+const CreateToken = type({
+  name: "string",
+  acls: "string[] > 0",
+}).configure(throwingArktype);

-  const body = await readBody(h3);
-  const name: string = body.name;
-  const acls: string[] = body.acls;
+/**
+ *
+ */
+export default defineEventHandler<{ body: typeof CreateToken.infer }>(
+  async (h3) => {
+    const userId = await aclManager.getUserIdACL(h3, []); // No ACLs only allows session authentication
+    if (!userId) throw createError({ statusCode: 403 });

-  if (!name || typeof name !== "string")
-    throw createError({
-      statusCode: 400,
-      statusMessage: "Token name required",
-    });
-  if (!acls || !Array.isArray(acls))
-    throw createError({ statusCode: 400, statusMessage: "ACLs required" });
+    const body = await readDropValidatedBody(h3, CreateToken);
+    const name: string = body.name;
+    const acls: string[] = body.acls;

-  if (acls.length == 0)
-    throw createError({
-      statusCode: 400,
-      statusMessage: "Token requires more than zero ACLs",
+    const invalidACLs = acls.filter(
+      (e) => userACLs.findIndex((v) => e == v) == -1,
+    );
+    if (invalidACLs.length > 0)
+      throw createError({
+        statusCode: 400,
+        statusMessage: `Invalid ACLs: ${invalidACLs.join(", ")}`,
+      });
+
+    const token = await prisma.aPIToken.create({
+      data: {
+        mode: APITokenMode.User,
+        name: name,
+        userId: userId,
+        acls: acls,
+      },
    });

-  const invalidACLs = acls.filter(
-    (e) => userACLs.findIndex((v) => e == v) == -1,
-  );
-  if (invalidACLs.length > 0)
-    throw createError({
-      statusCode: 400,
-      statusMessage: `Invalid ACLs: ${invalidACLs.join(", ")}`,
-    });
-
-  const token = await prisma.aPIToken.create({
-    data: {
-      mode: APITokenMode.User,
-      name: name,
-      userId: userId,
-      acls: acls,
-    },
-  });
-
-  return token;
-});
+    return token;
+  },
+);