From e1e0af8113793c981b821bc56c4cffd9dfbab780 Mon Sep 17 00:00:00 2001 From: Angelo Reale <12191809+angeloreale@users.noreply.github.com> Date: Thu, 8 Aug 2024 01:01:53 +0100 Subject: [PATCH 1/3] ar(fix) [DPCP-62]: Consolidate Domain --- lib/auth/constants.ts | 1 + lib/model/interfaces/update-private-user-favorite-listings.ts | 2 ++ src/app/api/v1/user/route.ts | 3 +-- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/auth/constants.ts b/lib/auth/constants.ts index 9dc82af9..0c9e2344 100644 --- a/lib/auth/constants.ts +++ b/lib/auth/constants.ts @@ -29,6 +29,7 @@ export const GetSession = async ({ cookies = '' }) => { }, }); const session = await response.json(); + console.log({ cookies, session }); return session; } catch (e) { console.error(e); diff --git a/lib/model/interfaces/update-private-user-favorite-listings.ts b/lib/model/interfaces/update-private-user-favorite-listings.ts index 6ca890c6..fd2ac154 100644 --- a/lib/model/interfaces/update-private-user-favorite-listings.ts +++ b/lib/model/interfaces/update-private-user-favorite-listings.ts @@ -9,6 +9,8 @@ const updatePrivateUserFavoriteListings = async ({ upsert = true, user, listings const loggedUser = user || (await whoAmI()); + console.log({ user, loggedUser }); + const delta = upsert ? listings.filter((listing: any) => !loggedUser?.favorites?.includes(listing)) : []; if ((await canI({ name: 'Ability 1', user: loggedUser })) && type === 'id') { diff --git a/src/app/api/v1/user/route.ts b/src/app/api/v1/user/route.ts index 83abb30d..00c64f26 100644 --- a/src/app/api/v1/user/route.ts +++ b/src/app/api/v1/user/route.ts @@ -22,10 +22,9 @@ export async function PATCH(request: CombineRequest) { const url = new URL(request.url); const query = url.searchParams; const type = query.get('type') || 'id'; - const body = await request?.json(); const listings = body?.listings; - const user = body?.user || session?.user; + const user = session?.user; const data = await UpdatePrivateUserFavoriteListings({ user, From 6f2912b3d020c3c76282a5d7b4a61140a97779b2 Mon Sep 17 00:00:00 2001 From: Angelo Reale <12191809+angeloreale@users.noreply.github.com> Date: Thu, 8 Aug 2024 14:20:58 +0100 Subject: [PATCH 2/3] ar(fix) [DPCP-78]: Fix Like Action in Prod (#26) * ar(fix) [DPCP-78]: Fix Like Action in Prod * ar(fix) [DPCP-78]: Fix Like Action in Prod * ar(fix) [DPCP-78]: Fix Like Action in Prod * ar(fix) [DPCP-78]: Fix Like Action in Prod --- lib/auth/constants.ts | 2 +- lib/model/interfaces/get-private-abilities.ts | 2 +- lib/model/interfaces/get-private-services.ts | 2 +- lib/model/interfaces/middleware/authorization.ts | 13 +++++++------ .../interfaces/update-private-user-abilities.ts | 2 +- .../update-private-user-favorite-listings.ts | 2 +- .../interfaces/update-private-user-services.ts | 2 +- src/app/api/v1/user/route.ts | 2 ++ 8 files changed, 15 insertions(+), 12 deletions(-) diff --git a/lib/auth/constants.ts b/lib/auth/constants.ts index 0c9e2344..00c17f20 100644 --- a/lib/auth/constants.ts +++ b/lib/auth/constants.ts @@ -20,7 +20,7 @@ import { export const GetSession = async ({ cookies = '' }) => { try { - const response = await fetch(`${process.env.MAIN_URL}/api/v1/auth/session`, { + const response = await fetch(`${process.env.API_URL}/api/v1/auth/session`, { method: 'GET', headers: { Accept: 'application/json', diff --git a/lib/model/interfaces/get-private-abilities.ts b/lib/model/interfaces/get-private-abilities.ts index d5248dd8..08bc2029 100644 --- a/lib/model/interfaces/get-private-abilities.ts +++ b/lib/model/interfaces/get-private-abilities.ts @@ -14,7 +14,7 @@ const getPrivateAbilities = async ({ limit = PAGE_SIZE, filters = [], }: any) => { - const loggedUser = user || (await whoAmI()); + const loggedUser = user || (await whoAmI({})); const adaptQuery: any = { where: { diff --git a/lib/model/interfaces/get-private-services.ts b/lib/model/interfaces/get-private-services.ts index 1e12f231..a8020ec8 100644 --- a/lib/model/interfaces/get-private-services.ts +++ b/lib/model/interfaces/get-private-services.ts @@ -14,7 +14,7 @@ const getPrivateServices = async ({ limit = PAGE_SIZE, filters = [], }: any) => { - const loggedUser = user || (await whoAmI()); + const loggedUser = user || (await whoAmI({})); const adaptQuery: any = { where: { diff --git a/lib/model/interfaces/middleware/authorization.ts b/lib/model/interfaces/middleware/authorization.ts index 887255e0..658c4155 100644 --- a/lib/model/interfaces/middleware/authorization.ts +++ b/lib/model/interfaces/middleware/authorization.ts @@ -1,7 +1,7 @@ // @interfaces/middleware/authorization.ts import { getSession, GetSession } from '@auth'; import { GetPrivateAbilities } from '@controller'; -import { cookies } from 'next/headers'; +import { cookies as nextCookies } from 'next/headers'; export const canI = async ({ name, user }: any) => { try { const ability = await GetPrivateAbilities({ name }); @@ -10,16 +10,17 @@ export const canI = async ({ name, user }: any) => { // return the capacity return yes; } catch (e) { - throw new Error(`Code 003: Missing results: ${e}`); + throw new Error(`Code 008: User is not authorized ${e}`); } }; -export const whoAmI = async () => { +export const whoAmI = async ({ cookies }: any) => { try { - const cookieString = cookies().getAll().toString(); - const session = (await getSession()) || (await GetSession({ cookies: cookieString })); + const cookieString = nextCookies().getAll().toString(); + const session = (await getSession()) || (await GetSession({ cookies: cookieString || cookies })); // to-do add authorization/validation checks + console.log({ cookieString, session }); return session?.user; } catch (e) { - throw new Error(`Code 003: Missing results: ${e}`); + throw new Error(`Code 007: Can't identify user ${e}`); } }; diff --git a/lib/model/interfaces/update-private-user-abilities.ts b/lib/model/interfaces/update-private-user-abilities.ts index 5b24f60a..ef1f72e0 100644 --- a/lib/model/interfaces/update-private-user-abilities.ts +++ b/lib/model/interfaces/update-private-user-abilities.ts @@ -8,7 +8,7 @@ const updatePrivateUserAbilities = async ({ upsert = false, user, abilities }: a // to-do: move this will be a middleware if (abilities?.length === 0) return new Error('Code 002: Missing data (abilities)'); - const loggedUser = user || (await whoAmI()); + const loggedUser = user || (await whoAmI({})); const payload = upsert ? { diff --git a/lib/model/interfaces/update-private-user-favorite-listings.ts b/lib/model/interfaces/update-private-user-favorite-listings.ts index fd2ac154..640481c6 100644 --- a/lib/model/interfaces/update-private-user-favorite-listings.ts +++ b/lib/model/interfaces/update-private-user-favorite-listings.ts @@ -7,7 +7,7 @@ const updatePrivateUserFavoriteListings = async ({ upsert = true, user, listings try { if (listings?.length === 0) return new Error('Code 002: Missing data (listings)'); - const loggedUser = user || (await whoAmI()); + const loggedUser = user || (await whoAmI({})); console.log({ user, loggedUser }); diff --git a/lib/model/interfaces/update-private-user-services.ts b/lib/model/interfaces/update-private-user-services.ts index 395784ad..094ff9a5 100644 --- a/lib/model/interfaces/update-private-user-services.ts +++ b/lib/model/interfaces/update-private-user-services.ts @@ -8,7 +8,7 @@ const updatePrivateUserServices = async ({ upsert = false, user, services }: any // to-do: move this will be a middleware if (services?.length === 0) return new Error('Code 002: Missing data (services)'); - const loggedUser = user || (await whoAmI()); + const loggedUser = user || (await whoAmI({})); const payload = upsert ? { diff --git a/src/app/api/v1/user/route.ts b/src/app/api/v1/user/route.ts index 00c64f26..963c9c50 100644 --- a/src/app/api/v1/user/route.ts +++ b/src/app/api/v1/user/route.ts @@ -22,9 +22,11 @@ export async function PATCH(request: CombineRequest) { const url = new URL(request.url); const query = url.searchParams; const type = query.get('type') || 'id'; + const body = await request?.json(); const listings = body?.listings; const user = session?.user; + console.log({ session, body, cookies }); const data = await UpdatePrivateUserFavoriteListings({ user, From 0fa9159dbc6601397bd5695cae6a2a4e446678b3 Mon Sep 17 00:00:00 2001 From: Angelo Reale <12191809+angeloreale@users.noreply.github.com> Date: Thu, 8 Aug 2024 15:27:39 +0100 Subject: [PATCH 3/3] [DPTM-2] Dev env (#27) * ar(fix) [DPTM-2]: Ensure autonomous Dev environment * ar(fix) [DPTM-2]: Ensure autonomous Dev environment * ar(fix) [DPTM-2]: Ensure autonomous Dev environment --- src/middleware.ts | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/middleware.ts b/src/middleware.ts index 35619354..7a494ea3 100644 --- a/src/middleware.ts +++ b/src/middleware.ts @@ -16,8 +16,14 @@ export const config = { matcher: ['/api/:path*'], }; +const allowedOrigins = { + [`${process.env.MAIN_URL}`]: process.env.MAIN_URL, + [`${process.env.NEXUS_HOST}`]: process.env.NEXUS_HOST, + [`${process.env.API_HOST}`]: process.env.API_HOST, +}; + const headers: Record = { - 'Access-Control-Allow-Origin': process.env.MAIN_URL || 'https://www.dreampip.com', + 'Access-Control-Allow-Origin': `${process.env.MAIN_URL}` || 'https://www.dreampip.com', 'Cache-Control': 'maxage=0, s-maxage=300, stale-while-revalidate=300', // DEV-DEBUG: // 'content-type': 'application/json', @@ -27,6 +33,11 @@ const headers: Record = { }; export default async function middleware(request: NextRequest) { + const origin = request.headers.get('x-forwarded-host') || ''; + if (origin !== process.env.MAIN_URL) { + headers['Access-Control-Allow-Origin'] = allowedOrigins[origin] || 'https://www.dreampip.com'; + } + // You could alternatively limit based on user ID or similar const response = next(); const ip = ipAddress(request) || '127.0.0.1';