Added checks for CLOUD_MODE.

2023-02-27 20:03:04 -08:00
parent 5657a64c77
commit 3ac560dc0f
24 changed files with 175 additions and 60 deletions
--- a/pages/api/me/index.ts
+++ b/pages/api/me/index.ts
@@ -0,0 +1,13 @@
+import { NextApiResponse } from 'next';
+import { useAuth } from 'lib/middleware';
+import { NextApiRequestQueryBody, User } from 'lib/types';
+import { ok } from 'next-basics';
+
+export default async (
+  req: NextApiRequestQueryBody<unknown, unknown>,
+  res: NextApiResponse<User>,
+) => {
+  await useAuth(req, res);
+
+  return ok(res, req.auth.user);
+};
--- a/pages/api/me/password.ts
+++ b/pages/api/me/password.ts
@@ -1,4 +1,4 @@
-import { NextApiRequestQueryBody } from 'lib/types';
+import { NextApiRequestQueryBody, User } from 'lib/types';
 import { canUpdateUser } from 'lib/auth';
 import { useAuth } from 'lib/middleware';
 import { NextApiResponse } from 'next';
@@ -7,10 +7,11 @@ import {
  checkPassword,
  hashPassword,
  methodNotAllowed,
+  forbidden,
  ok,
  unauthorized,
 } from 'next-basics';
-import { getUser, updateUser, User } from 'queries';
+import { getUser, updateUser } from 'queries';

 export interface UserPasswordRequestQuery {
  id: string;
@@ -25,6 +26,10 @@ export default async (
  req: NextApiRequestQueryBody<UserPasswordRequestQuery, UserPasswordRequestBody>,
  res: NextApiResponse<User>,
 ) => {
+  if (process.env.CLOUD_MODE) {
+    return forbidden(res);
+  }
+
  await useAuth(req, res);

  const { currentPassword, newPassword } = req.body;