popov/mwitnessing
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

protecting prisma API with session check

Browse Source
This commit is contained in:
Dobromir Popov
2024-04-30 15:12:35 +03:00
parent 8aac5231ef
commit 08349dc870
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pages/api/data/prisma/[...model].ts
View File

@ -1,5 +1,8 @@
import { NextApiRequest, NextApiResponse } from 'next'; import { NextApiRequest, NextApiResponse } from 'next';
import { PrismaClient } from '@prisma/client'; import { PrismaClient } from '@prisma/client';
import { getServerSession } from "next-auth/next";
import { authOptions } from "../../auth/[...nextauth]";
const common = require('../../../../src/helpers/common'); const common = require('../../../../src/helpers/common');
const logger = require('../../../../src/logger'); const logger = require('../../../../src/logger');
@ -53,6 +56,14 @@ const generateSQL = (data, tableName) => {
}).join("\n"); }).join("\n");
}; };
export default async function handler(req: NextApiRequest, res: NextApiResponse) { export default async function handler(req: NextApiRequest, res: NextApiResponse) {
const session = await getServerSession(req, res, authOptions);
if (!session) {
return res.status(401).json({ error: "Unauthorized" });
}
const prisma: PrismaClient = common.getPrismaClient(); const prisma: PrismaClient = common.getPrismaClient();
const modelArray = (req.query.model || (req.body && req.body.model)) as string[]; const modelArray = (req.query.model || (req.body && req.body.model)) as string[];
let queryOptions = {}; let queryOptions = {};