From 9a44b91099f6c049c6dace70641f8af02bdcaa3f Mon Sep 17 00:00:00 2001 From: Pablu23 Date: Fri, 10 Oct 2025 10:36:08 +0200 Subject: [PATCH] Remove all api endpoints from frontend project --- src/app.d.ts | 34 ++++++----- src/hooks.server.ts | 79 +++++++++++++------------ src/routes/+page.server.ts | 8 --- src/routes/+page.svelte | 13 ++-- src/routes/+page.ts | 21 +++++++ src/routes/api/createLobby/+server.ts | 41 ------------- src/routes/api/createUser/+server.ts | 19 ------ src/routes/api/deleteUsers/+server.ts | 9 --- src/routes/callback/+page.server.ts | 54 ----------------- src/routes/lobby/create/+page.server.ts | 18 ------ src/routes/login/+page.server.ts | 37 ------------ src/routes/logout/+page.server.ts | 9 +-- src/routes/private/+page.svelte | 3 - 13 files changed, 87 insertions(+), 258 deletions(-) delete mode 100644 src/routes/+page.server.ts create mode 100644 src/routes/+page.ts delete mode 100644 src/routes/api/createLobby/+server.ts delete mode 100644 src/routes/api/createUser/+server.ts delete mode 100644 src/routes/api/deleteUsers/+server.ts delete mode 100644 src/routes/callback/+page.server.ts delete mode 100644 src/routes/lobby/create/+page.server.ts delete mode 100644 src/routes/login/+page.server.ts delete mode 100644 src/routes/private/+page.svelte diff --git a/src/app.d.ts b/src/app.d.ts index 21047bb..8b27859 100644 --- a/src/app.d.ts +++ b/src/app.d.ts @@ -1,21 +1,25 @@ // See https://svelte.dev/docs/kit/types#app.d.ts - // for information about these interfaces declare global { - namespace App { - // interface Error {} - interface Locals { - user: { - isLoggedIn: boolean; - email: string | null; - username: string | null; - } - } - // interface PageData {} - // interface PageState {} - // interface Platform {} - } + namespace App { + // interface Error {} + interface Locals { + // user: { + // isLoggedIn: boolean; + // email: string | null; + // username: string | null; + // } + } + // interface PageData {} + // interface PageState {} + // interface Platform {} + } +} + +export interface User { + email: string | null; + username: string | null; } export interface Player { @@ -45,4 +49,4 @@ export interface GameSettings { export type WebSocketMessage = { type: string; [key: string]: any; -} +}; diff --git a/src/hooks.server.ts b/src/hooks.server.ts index 8223b38..665a820 100644 --- a/src/hooks.server.ts +++ b/src/hooks.server.ts @@ -1,42 +1,43 @@ -import { redirect, type Handle, type HandleFetch } from '@sveltejs/kit'; - -export const handle: Handle = async ({ event, resolve }) => { - const sessionId = event.cookies.get('session_id'); - let user = { - isLoggedIn: false, - email: '', - username: '' - }; - - if (sessionId) { - const response = await fetch('http://localhost/api/user/me', { - headers: { - 'Content-Type': 'application/json' - } - }); - console.log(response.status); - console.log(JSON.stringify(response)); - - if (response.status >= 200 && response.status < 300) { - const uBody = await response.json(); - user = { - isLoggedIn: true, - email: uBody.email, - username: uBody.display_name || 'Unknown username' - }; - } - } - - if (event.url.pathname.startsWith('/private') && !user.isLoggedIn) { - redirect(307, '/error'); - } else if (event.url.pathname.startsWith('/api') && !user.isLoggedIn) { - return new Response(null, { status: 401 }); - } - - event.locals.user = user; - const response = await resolve(event); - return response; -}; +// import { redirect, type Handle } from '@sveltejs/kit'; +// +// export const handle: Handle = async ({ event, resolve }) => { +// const sessionId = event.cookies.get('session_id'); +// let user = { +// isLoggedIn: false, +// email: '', +// username: '' +// }; +// +// if (sessionId) { +// const response = await fetch('http://hitstar.xyz/api/user/me', { +// headers: { +// 'Content-Type': 'application/json' +// }, +// credentials: 'include' +// }); +// console.log(response.status); +// console.log(await response.text()); +// +// if (response.status >= 200 && response.status < 300) { +// const uBody = await response.json(); +// user = { +// isLoggedIn: true, +// email: uBody.email, +// username: uBody.display_name || 'Unknown username' +// }; +// } +// } +// +// if (event.url.pathname.startsWith('/private') && !user.isLoggedIn) { +// redirect(307, '/error'); +// } else if (event.url.pathname.startsWith('/api') && !user.isLoggedIn) { +// return new Response(null, { status: 401 }); +// } +// +// event.locals.user = user; +// const response = await resolve(event); +// return response; +// }; // export const handleFetch: HandleFetch = async({request, fetch}) => { // if (request.url diff --git a/src/routes/+page.server.ts b/src/routes/+page.server.ts deleted file mode 100644 index aa0f5f3..0000000 --- a/src/routes/+page.server.ts +++ /dev/null @@ -1,8 +0,0 @@ -import type { PageServerLoad } from "./$types"; - - -export const load: PageServerLoad = async ({ locals }) => { - return { - user: locals.user, - } -}; diff --git a/src/routes/+page.svelte b/src/routes/+page.svelte index 71a83ef..0ec85f6 100644 --- a/src/routes/+page.svelte +++ b/src/routes/+page.svelte @@ -7,8 +7,7 @@ let loginError = $state(''); let { data }: PageProps = $props(); - let user = $state(data.user); - + let user = $state(data.user); // Example login function (would connect to a real auth service) function handleLogin() { @@ -19,11 +18,9 @@ } function handleLogout() { - user.isLoggedIn = false; - user.username = null; - user.email = null; + user = null; - goto("/logout"); + goto('/logout'); } function createLobby() { @@ -43,7 +40,7 @@

Hitstar

- {#if user.isLoggedIn} + {#if user}
Welcome, {user.username}
- {#if !user.isLoggedIn} + {#if !user}

Sign In to Play

diff --git a/src/routes/+page.ts b/src/routes/+page.ts new file mode 100644 index 0000000..41f137c --- /dev/null +++ b/src/routes/+page.ts @@ -0,0 +1,21 @@ +import type { User } from '../app'; +import type { PageLoad } from './$types'; + +export const load: PageLoad = async ({ fetch }) => { + const response = await fetch('http://hitstar.xyz/api/user/me', { + headers: { + 'Content-Type': 'application/json' + } + }); + if (response.status >= 200 && response.status < 300) { + const user: User = await response.json(); + return { + user + }; + } else { + console.log(await response.text()); + return { + user: null + } + } +}; diff --git a/src/routes/api/createLobby/+server.ts b/src/routes/api/createLobby/+server.ts deleted file mode 100644 index e0efd05..0000000 --- a/src/routes/api/createLobby/+server.ts +++ /dev/null @@ -1,41 +0,0 @@ -import { db } from '$lib/server/db'; -import { lobbysTable, usersInLobby } from '$lib/server/db/schema'; -import { json, type RequestHandler } from '@sveltejs/kit'; -import { eq } from 'drizzle-orm'; - - -export const POST: RequestHandler = async ({ request }) => { - const userReq = await request.json(); - - const userInLobby = (await db.$count(usersInLobby, eq(usersInLobby.userEmail, userReq.email))) > 0 - if (userInLobby) { - const lobbys = await db.query.lobbysTable.findMany({ - with: { - usersInLobby: true - }, - }); - - // This should be done with database queries - const lobby = lobbys.find((l) => l.usersInLobby.find((u) => u.userEmail == userReq.email)) - - return json(lobby, { status: 200 }) - } - - // const lobby = await db.transaction(async (tx) => { - const l: typeof lobbysTable.$inferInsert = { - hostEmail: userReq.email - }; - const [lobby] = await db.insert(lobbysTable).values(l).onConflictDoNothing().returning(); - const uLobby: typeof usersInLobby.$inferInsert = { - userEmail: userReq.email, - lobbyId: lobby.id - }; - await db.insert(usersInLobby).values(uLobby); - // }) - - if (!lobby) { - return new Response(null, { status: 500 }) - } - - return json(lobby, { status: 201 }) -} diff --git a/src/routes/api/createUser/+server.ts b/src/routes/api/createUser/+server.ts deleted file mode 100644 index 9a3a7fe..0000000 --- a/src/routes/api/createUser/+server.ts +++ /dev/null @@ -1,19 +0,0 @@ -import { db } from "$lib/server/db"; -import { usersTable } from "$lib/server/db/schema"; -import { json, type RequestHandler } from "@sveltejs/kit"; - -export const POST: RequestHandler = async ({ request }) => { - const user = await request.json(); - const u: typeof usersTable.$inferInsert = { - email: user.email, - username: user.username - }; - - const result = await db.insert(usersTable).values(u).onConflictDoNothing().returning(); - - if (result.length <= 0) { - return new Response(null, { status: 409 }); - } - - return json(result, { status: 201 }) -} diff --git a/src/routes/api/deleteUsers/+server.ts b/src/routes/api/deleteUsers/+server.ts deleted file mode 100644 index fad19b2..0000000 --- a/src/routes/api/deleteUsers/+server.ts +++ /dev/null @@ -1,9 +0,0 @@ -import { db } from "$lib/server/db" -import { sessionsTable, usersTable } from "$lib/server/db/schema" - -export async function POST() { - await db.delete(sessionsTable); - await db.delete(usersTable); - - return new Response(); -} \ No newline at end of file diff --git a/src/routes/callback/+page.server.ts b/src/routes/callback/+page.server.ts deleted file mode 100644 index 49455cd..0000000 --- a/src/routes/callback/+page.server.ts +++ /dev/null @@ -1,54 +0,0 @@ -import { redirect } from "@sveltejs/kit"; -import type { PageServerLoad } from "./$types"; -import { eq } from 'drizzle-orm'; -import { db } from "$lib/server/db"; -import { sessionsTable, states, usersTable } from "$lib/server/db/schema"; -import { generateRandomString, getToken } from "$lib/server/auth/spotify"; -import { getCurrentUserProfile } from "$lib/server/spotify/users"; -import { env } from "$env/dynamic/public" - -export const load: PageServerLoad = async ({ url, cookies }) => { - const code = url.searchParams.get('code'); - const state = url.searchParams.get('state') - - if (!state || !code) { - redirect(307, "/error") - } - - const s = await db.select().from(states).where(eq(states.id, state)).limit(1); - - if (s.length <= 0 || !s[0].codeVerifier) { - redirect(307, "/error") - } - const token = await getToken(code, s[0].codeVerifier) - - // TODO: Check if deletion was fulfilled - await db.delete(states).where(eq(states.id, state)); - - const userResponse = await getCurrentUserProfile(token.access_token) - - const isUser: boolean = (await db.$count(usersTable, eq(usersTable.email, userResponse.email))) === 1 - - if (!isUser) { - const user: typeof usersTable.$inferInsert = { - email: userResponse.email, - username: userResponse.display_name - } - - await db.insert(usersTable).values(user); - } - - const session: typeof sessionsTable.$inferInsert = { - id: generateRandomString(64), - accessToken: token.access_token, - refreshToken: token.refresh_token, - userEmail: userResponse.email, - // TODO: Session Timeouts MUST - } - - const sessionResponse = await db.insert(sessionsTable).values(session); - - cookies.set("session_id", session.id, { path: "/", secure: /^true$/i.test(env.PUBLIC_SECURE ?? "true") }); - - redirect(307, "/") -}; diff --git a/src/routes/lobby/create/+page.server.ts b/src/routes/lobby/create/+page.server.ts deleted file mode 100644 index 9815c09..0000000 --- a/src/routes/lobby/create/+page.server.ts +++ /dev/null @@ -1,18 +0,0 @@ -import { redirect } from "@sveltejs/kit"; -import type { PageServerLoad } from "./$types"; - -export const load: PageServerLoad = async ({locals, fetch}) => { - const response = await fetch("/api/createLobby", { - method: "POST", - headers: { - "Content-Type": "application/json" - }, - body: JSON.stringify(locals.user) - }); - - if (!response.ok) redirect(307, "/error"); - - const lobby = await response.json(); - - redirect(307, `/lobby/${lobby.id}`); -}; diff --git a/src/routes/login/+page.server.ts b/src/routes/login/+page.server.ts deleted file mode 100644 index d7505e4..0000000 --- a/src/routes/login/+page.server.ts +++ /dev/null @@ -1,37 +0,0 @@ -import { env } from "$env/dynamic/public"; -import { redirect } from "@sveltejs/kit"; -import { generateRandomString, sha256, base64encode } from '$lib/server/auth/spotify'; -import type { PageServerLoad } from "../$types"; -import { db } from "$lib/server/db"; -import { states } from "$lib/server/db/schema"; - -export const load: PageServerLoad = async () => { - const scope = 'user-read-private user-read-email'; - const authUrl = new URL("https://accounts.spotify.com/authorize"); - - const verifier = generateRandomString(64); - const state = generateRandomString(64); - - const s: typeof states.$inferInsert = { - id: state, - codeVerifier: verifier - }; - - await db.insert(states).values(s); - - const hashed = await sha256(verifier); - const codeChallenge = base64encode(hashed); - - const params = { - response_type: 'code', - client_id: env.PUBLIC_CLIENT_ID, - scope, - code_challenge_method: 'S256', - code_challenge: codeChallenge, - redirect_uri: env.PUBLIC_REDIRECT_URI, - state - } - - authUrl.search = new URLSearchParams(params).toString(); - redirect(307, authUrl); -}; \ No newline at end of file diff --git a/src/routes/logout/+page.server.ts b/src/routes/logout/+page.server.ts index 3ab02fc..9fffa6f 100644 --- a/src/routes/logout/+page.server.ts +++ b/src/routes/logout/+page.server.ts @@ -1,8 +1,5 @@ -import { db } from "$lib/server/db"; -import { sessionsTable } from "$lib/server/db/schema"; -import { eq } from "drizzle-orm"; -import type { PageServerLoad } from "../$types"; import { redirect } from "@sveltejs/kit"; +import type { PageServerLoad } from "./$types"; export const load: PageServerLoad = async ({ cookies }) => { const sessionId = cookies.get('session_id'); @@ -11,8 +8,6 @@ export const load: PageServerLoad = async ({ cookies }) => { redirect(307, "/error") } - db.delete(sessionsTable).where(eq(sessionsTable.id, sessionId)) - - cookies.delete('session_id', { path: "/" }); + cookies.delete('session_id', { path: "/", secure: false }); redirect(307, "/") } diff --git a/src/routes/private/+page.svelte b/src/routes/private/+page.svelte deleted file mode 100644 index a6a663b..0000000 --- a/src/routes/private/+page.svelte +++ /dev/null @@ -1,3 +0,0 @@ -

- Hello :) -

\ No newline at end of file