implement better-auth auth with postgres and route protection
This commit is contained in:
@@ -1,4 +1,5 @@
|
||||
import { jsonError } from '@/lib/server/http';
|
||||
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
|
||||
import { withStore } from '@/lib/server/store';
|
||||
|
||||
type Context = {
|
||||
@@ -6,6 +7,12 @@ type Context = {
|
||||
};
|
||||
|
||||
export async function DELETE(_request: Request, context: Context) {
|
||||
const { session, response } = await requireAuthenticatedSession();
|
||||
if (response) {
|
||||
return response;
|
||||
}
|
||||
|
||||
const userId = session.user.id;
|
||||
const { id } = await context.params;
|
||||
const numericId = Number(id);
|
||||
|
||||
@@ -16,7 +23,7 @@ export async function DELETE(_request: Request, context: Context) {
|
||||
let removed = false;
|
||||
|
||||
await withStore((store) => {
|
||||
const next = store.watchlist.filter((item) => item.id !== numericId);
|
||||
const next = store.watchlist.filter((item) => !(item.id === numericId && item.user_id === userId));
|
||||
removed = next.length !== store.watchlist.length;
|
||||
store.watchlist = next;
|
||||
});
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import type { WatchlistItem } from '@/lib/types';
|
||||
import { asErrorMessage, jsonError } from '@/lib/server/http';
|
||||
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
|
||||
import { getStoreSnapshot, withStore } from '@/lib/server/store';
|
||||
|
||||
function nowIso() {
|
||||
@@ -7,8 +8,15 @@ function nowIso() {
|
||||
}
|
||||
|
||||
export async function GET() {
|
||||
const { session, response } = await requireAuthenticatedSession();
|
||||
if (response) {
|
||||
return response;
|
||||
}
|
||||
|
||||
const userId = session.user.id;
|
||||
const snapshot = await getStoreSnapshot();
|
||||
const items = snapshot.watchlist
|
||||
.filter((item) => item.user_id === userId)
|
||||
.slice()
|
||||
.sort((a, b) => Date.parse(b.created_at) - Date.parse(a.created_at));
|
||||
|
||||
@@ -16,6 +24,13 @@ export async function GET() {
|
||||
}
|
||||
|
||||
export async function POST(request: Request) {
|
||||
const { session, response } = await requireAuthenticatedSession();
|
||||
if (response) {
|
||||
return response;
|
||||
}
|
||||
|
||||
const userId = session.user.id;
|
||||
|
||||
try {
|
||||
const payload = await request.json() as {
|
||||
ticker?: string;
|
||||
@@ -35,7 +50,7 @@ export async function POST(request: Request) {
|
||||
|
||||
await withStore((store) => {
|
||||
const ticker = payload.ticker!.trim().toUpperCase();
|
||||
const existingIndex = store.watchlist.findIndex((entry) => entry.ticker === ticker);
|
||||
const existingIndex = store.watchlist.findIndex((entry) => entry.user_id === userId && entry.ticker === ticker);
|
||||
|
||||
if (existingIndex >= 0) {
|
||||
const existing = store.watchlist[existingIndex];
|
||||
@@ -53,7 +68,7 @@ export async function POST(request: Request) {
|
||||
store.counters.watchlist += 1;
|
||||
const created: WatchlistItem = {
|
||||
id: store.counters.watchlist,
|
||||
user_id: 1,
|
||||
user_id: userId,
|
||||
ticker,
|
||||
company_name: payload.companyName!.trim(),
|
||||
sector: payload.sector?.trim() || null,
|
||||
|
||||
Reference in New Issue
Block a user