Francy51/Neon-Desk
2
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity

implement better-auth auth with postgres and route protection

Browse Source
This commit is contained in:
francy51
2026-02-24 13:32:43 -05:00
parent fd168f607c
commit 52a4ab38d3
31 changed files with 1202 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/api/portfolio/holdings/[id]/route.ts
View File

@@ -1,4 +1,5 @@
import { jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { recalculateHolding } from '@/lib/server/portfolio';
import { withStore } from '@/lib/server/store';
@@ -16,6 +17,12 @@ function asPositiveNumber(value: unknown) {
}
export async function PATCH(request: Request, context: Context) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const { id } = await context.params;
const numericId = Number(id);
@@ -33,7 +40,7 @@ export async function PATCH(request: Request, context: Context) {
let updated: unknown = null;
await withStore((store) => {
const index = store.holdings.findIndex((entry) => entry.id === numericId);
const index = store.holdings.findIndex((entry) => entry.id === numericId && entry.user_id === userId);
if (index < 0) {
return;
}
@@ -66,6 +73,12 @@ export async function PATCH(request: Request, context: Context) {
}
export async function DELETE(_request: Request, context: Context) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const { id } = await context.params;
const numericId = Number(id);
@@ -76,7 +89,7 @@ export async function DELETE(_request: Request, context: Context) {
let removed = false;
await withStore((store) => {
const next = store.holdings.filter((holding) => holding.id !== numericId);
const next = store.holdings.filter((holding) => !(holding.id === numericId && holding.user_id === userId));
removed = next.length !== store.holdings.length;
store.holdings = next;
});

19
app/api/portfolio/holdings/route.ts
View File

@@ -1,5 +1,6 @@
import type { Holding } from '@/lib/types';
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { recalculateHolding } from '@/lib/server/portfolio';
import { getStoreSnapshot, withStore } from '@/lib/server/store';
@@ -13,8 +14,15 @@ function asPositiveNumber(value: unknown) {
}
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const snapshot = await getStoreSnapshot();
const holdings = snapshot.holdings
.filter((holding) => holding.user_id === userId)
.slice()
.sort((a, b) => Number(b.market_value) - Number(a.market_value));
@@ -22,6 +30,13 @@ export async function GET() {
}
export async function POST(request: Request) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
try {
const payload = await request.json() as {
ticker?: string;
@@ -50,7 +65,7 @@ export async function POST(request: Request) {
let holding: Holding | null = null;
await withStore((store) => {
const existingIndex = store.holdings.findIndex((entry) => entry.ticker === ticker);
const existingIndex = store.holdings.findIndex((entry) => entry.user_id === userId && entry.ticker === ticker);
const currentPrice = asPositiveNumber(payload.currentPrice) ?? avgCost;
if (existingIndex >= 0) {
@@ -73,7 +88,7 @@ export async function POST(request: Request) {
store.counters.holdings += 1;
const created = recalculateHolding({
id: store.counters.holdings,
user_id: 1,
user_id: userId,
ticker,
shares: shares.toFixed(6),
avg_cost: avgCost.toFixed(6),

7
app/api/portfolio/insights/generate/route.ts
View File

@@ -1,9 +1,16 @@
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { enqueueTask } from '@/lib/server/tasks';
export async function POST() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const task = await enqueueTask({
userId: session.user.id,
taskType: 'portfolio_insights',
payload: {},
priority: 70

8
app/api/portfolio/insights/latest/route.ts
View File

@@ -1,8 +1,16 @@
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { getStoreSnapshot } from '@/lib/server/store';
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const snapshot = await getStoreSnapshot();
const insight = snapshot.insights
.filter((entry) => entry.user_id === userId)
.slice()
.sort((a, b) => Date.parse(b.created_at) - Date.parse(a.created_at))[0] ?? null;

7
app/api/portfolio/refresh-prices/route.ts
View File

@@ -1,9 +1,16 @@
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { enqueueTask } from '@/lib/server/tasks';
export async function POST() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const task = await enqueueTask({
userId: session.user.id,
taskType: 'refresh_prices',
payload: {},
priority: 80

9
app/api/portfolio/summary/route.ts
View File

@@ -1,8 +1,15 @@
import { buildPortfolioSummary } from '@/lib/server/portfolio';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { getStoreSnapshot } from '@/lib/server/store';
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const snapshot = await getStoreSnapshot();
const summary = buildPortfolioSummary(snapshot.holdings);
const summary = buildPortfolioSummary(snapshot.holdings.filter((holding) => holding.user_id === userId));
return Response.json({ summary });
}