devops/encoach_frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af5ae2a6878d893f627f47e2d42570083fe3948c
encoach_frontend/src/pages/api/user.ts
Tiago Ribeiro 55204e2ce1 Started implementing the roles permissions
2024-10-10 19:13:18 +01:00

80 lines
2.4 KiB
TypeScript
Raw Blame History

import {PERMISSIONS} from "@/constants/userPermissions";
import {app, adminApp} from "@/firebase";
import {Group, User} from "@/interfaces/user";
import {sessionOptions} from "@/lib/session";
import {getAuth} from "firebase-admin/auth";
import {withIronSessionApiRoute} from "iron-session/next";
import {NextApiRequest, NextApiResponse} from "next";
import {getPermissions, getPermissionDocs} from "@/utils/permissions.be";
import client from "@/lib/mongodb";
import {getGroupsForUser, getParticipantGroups, removeParticipantFromGroup} from "@/utils/groups.be";
import { mapBy } from "@/utils";
import { getUser } from "@/utils/users.be";
const auth = getAuth(adminApp);
const db = client.db(process.env.MONGODB_DB);
export default withIronSessionApiRoute(user, sessionOptions);
async function user(req: NextApiRequest, res: NextApiResponse) {
if (req.method === "GET") return get(req, res);
if (req.method === "DELETE") return del(req, res);
res.status(404).json(undefined);
}
async function del(req: NextApiRequest, res: NextApiResponse) {
if (!req.session.user) {
res.status(401).json({ok: false});
return;
}
const {id} = req.query as {id: string};
const user = await db.collection("users").findOne<User>({id: req.session.user.id});
if (!user) {
res.status(401).json({ok: false});
return;
}
const targetUser = await db.collection("users").findOne<User>({id});
if (!targetUser) {
res.status(404).json({ok: false});
return;
}
await auth.deleteUser(id);
await db.collection("users").deleteOne({id: targetUser.id});
await db.collection("codes").deleteMany({userId: targetUser.id});
await db.collection("groups").deleteMany({admin: targetUser.id});
await db.collection("stats").deleteMany({user: targetUser.id});
const groups = await getParticipantGroups(targetUser.id);
await Promise.all(
groups
.map(async (g) => await removeParticipantFromGroup(g.id, targetUser.id)),
);
res.json({ok: true});
}
async function get(req: NextApiRequest, res: NextApiResponse) {
if (req.session.user) {
const user = await getUser(req.session.user.id)
if (!user) return res.status(401).json(undefined);
await db.collection("users").updateOne({id: user.id}, {$set: {lastLogin: new Date().toISOString()}});
req.session.user = {
...user,
id: req.session.user.id,
lastLogin: new Date(),
};
await req.session.save();
res.json({...user, id: req.session.user.id});
} else {
res.status(401).json(undefined);
}
}
Reference in New Issue View Git Blame Copy Permalink