popov/mwitnessing
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ec33163dc5191d17f1e804779713d9f385024c36
mwitnessing/pages/api/data/[...nextcrud].ts
Dobromir Popov ec33163dc5 fix logging messages
2024-04-28 02:13:24 +03:00

84 lines
2.5 KiB
TypeScript
Raw Blame History

import NextCrud, { PrismaAdapter } from "@premieroctet/next-crud";
import { Prisma } from "@prisma/client";
import { NextApiRequest, NextApiResponse } from "next";
import { getServerSession } from "next-auth/next";
import { authOptions } from "../auth/[...nextauth]";
// import { getToken } from "next-auth/jwt";
// import { getSession } from "next-auth/client";
const common = require("../../../src/helpers/common");
import jwt from 'jsonwebtoken';
import { decode } from 'next-auth/jwt';
const logger = require('../../../src/logger');
// import { getToken } from "next-auth/jwt";
const handler = async (req: NextApiRequest, res: NextApiResponse) => {
const prismaClient = common.getPrismaClient();
const nextCrudHandler = await NextCrud({
adapter: new PrismaAdapter({ prismaClient }),
models: {
[Prisma.ModelName.CartEvent]: { name: "cartevents" },
},
});
//1: check session
const session = await getServerSession(req, res, authOptions);
//console.log("Session:", session); // Log the session
const authHeader = req.headers.authorization || '';
//console.log('authHeader', authHeader);
if (session) {
//get target table
const targetTable = req.query.nextcrud[0];
//get target action
if (req.method === 'DELETE') {
switch (targetTable) {
case 'publishers':
const targetId = req.query.nextcrud[1];
logger.info('[nextCrud] ' + targetTable + ': ' + targetId + ' DELETED by ' + session.user.email);
break;
default:
break;
}
}
return nextCrudHandler(req, res);
}
else {
console.log('[nextCrud]: No session');
}
//2: check jwt
const secret = process.env.NEXTAUTH_SECRET;
const bearerHeader = req.headers['authorization'];
if (bearerHeader) {
const token = bearerHeader.split(' ')[1]; // Assuming "Bearer <token>"
try {
const decoded = await decode({
token: token,
secret: process.env.NEXTAUTH_SECRET,
});
//console.log('Decoded JWT:');
} catch (err) {
console.error('[nextCrud]: Error decoding token:', err);
}
try {
const verified = jwt.verify(token, secret);
//console.log('Verified JWT:');
return nextCrudHandler(req, res);
} catch (err) {
console.error('[nextCrud]: Invalid token:', err);
}
}
//3. check X-From-Server header
const xFromServer = req.headers['x-from-server'];
if (xFromServer) {
return nextCrudHandler(req, res);
}
return res.status(401).json({ message: '[nextCrud]: Unauthorized' });
};
export default handler;
Reference in New Issue View Git Blame Copy Permalink