Solved some problems, bypassed some stuff
This commit is contained in:
Tiago Ribeiro
@@ -1,17 +1,17 @@
|
||||
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
|
||||
import type { NextApiRequest, NextApiResponse } from "next";
|
||||
import { app, storage } from "@/firebase";
|
||||
import { withIronSessionApiRoute } from "iron-session/next";
|
||||
import { sessionOptions } from "@/lib/session";
|
||||
import { Group, User } from "@/interfaces/user";
|
||||
import { getDownloadURL, getStorage, ref, uploadBytes } from "firebase/storage";
|
||||
import { getAuth, signInWithEmailAndPassword, updateEmail, updatePassword } from "firebase/auth";
|
||||
import { errorMessages } from "@/constants/errors";
|
||||
import type {NextApiRequest, NextApiResponse} from "next";
|
||||
import {app, storage} from "@/firebase";
|
||||
import {withIronSessionApiRoute} from "iron-session/next";
|
||||
import {sessionOptions} from "@/lib/session";
|
||||
import {Group, User} from "@/interfaces/user";
|
||||
import {getDownloadURL, getStorage, ref, uploadBytes} from "firebase/storage";
|
||||
import {getAuth, signInWithEmailAndPassword, updateEmail, updatePassword} from "firebase/auth";
|
||||
import {errorMessages} from "@/constants/errors";
|
||||
import moment from "moment";
|
||||
import ShortUniqueId from "short-unique-id";
|
||||
import { Payment } from "@/interfaces/paypal";
|
||||
import { toFixedNumber } from "@/utils/number";
|
||||
import { propagateExpiryDateChanges, propagateStatusChange } from "@/utils/propagate.user.changes";
|
||||
import {Payment} from "@/interfaces/paypal";
|
||||
import {toFixedNumber} from "@/utils/number";
|
||||
import {propagateExpiryDateChanges, propagateStatusChange} from "@/utils/propagate.user.changes";
|
||||
import client from "@/lib/mongodb";
|
||||
|
||||
const db = client.db(process.env.MONGODB_DB);
|
||||
@@ -41,7 +41,7 @@ const managePaymentRecords = async (user: User, userId: string | undefined): Pro
|
||||
date: new Date().toISOString(),
|
||||
};
|
||||
|
||||
const corporatePayments = await db.collection("payments").find({ corporate: userId }).toArray();
|
||||
const corporatePayments = await db.collection("payments").find({corporate: userId}).toArray();
|
||||
if (corporatePayments.length === 0) {
|
||||
await addPaymentRecord(data);
|
||||
return true;
|
||||
@@ -71,20 +71,17 @@ const managePaymentRecords = async (user: User, userId: string | undefined): Pro
|
||||
|
||||
async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
if (!req.session.user) {
|
||||
res.status(401).json({ ok: false });
|
||||
res.status(401).json({ok: false});
|
||||
return;
|
||||
}
|
||||
|
||||
const queryId = req.query.id as string;
|
||||
|
||||
let user = await db.collection("users").findOne<User>({ id: queryId ? (queryId as string) : req.session.user.id });
|
||||
const updatedUser = req.body as User & { password?: string; newPassword?: string };
|
||||
let user = await db.collection("users").findOne<User>({id: queryId ? (queryId as string) : req.session.user.id});
|
||||
const updatedUser = req.body as User & {password?: string; newPassword?: string};
|
||||
|
||||
if (!!queryId) {
|
||||
await db.collection("users").updateOne(
|
||||
{ id: queryId },
|
||||
{ $set: updatedUser }
|
||||
);
|
||||
await db.collection("users").updateOne({id: queryId}, {$set: updatedUser});
|
||||
|
||||
await managePaymentRecords(updatedUser, updatedUser.id);
|
||||
if (updatedUser.status || updatedUser.type === "corporate") {
|
||||
@@ -93,7 +90,7 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
propagateExpiryDateChanges(queryId, user?.subscriptionExpirationDate, updatedUser.subscriptionExpirationDate || null);
|
||||
}
|
||||
|
||||
res.status(200).json({ ok: true });
|
||||
res.status(200).json({ok: true});
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -113,17 +110,17 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
const credential = await signInWithEmailAndPassword(auth, req.session.user.email, updatedUser.password);
|
||||
await updatePassword(credential.user, updatedUser.newPassword);
|
||||
} catch {
|
||||
res.status(400).json({ error: "E001", message: errorMessages.E001 });
|
||||
res.status(400).json({error: "E001", message: errorMessages.E001});
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (updatedUser.email !== req.session.user.email && updatedUser.password) {
|
||||
try {
|
||||
const usersWithSameEmail = await db.collection("users").find({ email: updatedUser.email.toLowerCase() }).toArray();
|
||||
const usersWithSameEmail = await db.collection("users").find({email: updatedUser.email.toLowerCase()}).toArray();
|
||||
|
||||
if (usersWithSameEmail.length > 0) {
|
||||
res.status(400).json({ error: "E003", message: errorMessages.E003 });
|
||||
res.status(400).json({error: "E003", message: errorMessages.E003});
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -131,22 +128,24 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
await updateEmail(credential.user, updatedUser.email);
|
||||
|
||||
if (req.session.user.type === "student") {
|
||||
const corporateAdmins = (await db.collection("users").find<User>({ type: "corporate" }).toArray()).map((x) => x.id);
|
||||
const corporateAdmins = (await db.collection("users").find<User>({type: "corporate"}).toArray()).map((x) => x.id);
|
||||
|
||||
const groups = await db.collection("groups").find<Group>({
|
||||
participants: req.session.user!.id,
|
||||
admin: { $in: corporateAdmins }
|
||||
}).toArray();
|
||||
const groups = await db
|
||||
.collection("groups")
|
||||
.find<Group>({
|
||||
participants: req.session.user!.id,
|
||||
admin: {$in: corporateAdmins},
|
||||
})
|
||||
.toArray();
|
||||
|
||||
groups.forEach(async (group) => {
|
||||
await db.collection("groups").updateOne(
|
||||
{ id: group.id },
|
||||
{ $set: { participants: group.participants.filter((x) => x !== req.session.user!.id) } }
|
||||
);
|
||||
await db
|
||||
.collection("groups")
|
||||
.updateOne({id: group.id}, {$set: {participants: group.participants.filter((x) => x !== req.session.user!.id)}});
|
||||
});
|
||||
}
|
||||
} catch {
|
||||
res.status(400).json({ error: "E002", message: errorMessages.E002 });
|
||||
res.status(400).json({error: "E002", message: errorMessages.E002});
|
||||
return;
|
||||
}
|
||||
}
|
||||
@@ -159,22 +158,18 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
|
||||
delete updatedUser.password;
|
||||
delete updatedUser.newPassword;
|
||||
|
||||
await db.collection("users").updateOne(
|
||||
{ id: queryId },
|
||||
{ $set: updatedUser }
|
||||
);
|
||||
|
||||
user = await db.collection("users").findOne<User>({ id: req.session.user.id });
|
||||
await db.collection("users").updateOne({id: queryId}, {$set: updatedUser});
|
||||
|
||||
if (!queryId) {
|
||||
req.session.user = user ? user : null;
|
||||
req.session.user = updatedUser ? {...updatedUser, id: req.session.user.id} : null;
|
||||
await req.session.save();
|
||||
}
|
||||
|
||||
if (user) {
|
||||
await managePaymentRecords(user, queryId);
|
||||
if ({...updatedUser, id: req.session.user!.id}) {
|
||||
await managePaymentRecords({...updatedUser, id: req.session.user!.id}, queryId);
|
||||
}
|
||||
res.status(200).json({ user });
|
||||
|
||||
res.status(200).json({user: {...updatedUser, id: req.session.user!.id}});
|
||||
}
|
||||
|
||||
export const config = {
|
||||
|
||||
Reference in New Issue
Block a user