diff --git a/pages/api/v2/bots/[id]/index.ts b/pages/api/v2/bots/[id]/index.ts index 45f4d6c..0804870 100644 --- a/pages/api/v2/bots/[id]/index.ts +++ b/pages/api/v2/bots/[id]/index.ts @@ -39,6 +39,10 @@ const patchLimiter = rateLimit({ }) const Bots = RequestHandler() .get(async (req: GetApiRequest, res) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const bot = await get.bot.load(req.query.id) if (!bot) return ResponseWrapper(res, { code: 404, message: '존재하지 않는 봇입니다.' }) else { @@ -200,7 +204,7 @@ const Bots = RequestHandler() const isPerkAvailable = checkBotFlag(bot.flags, 'partnered') || checkBotFlag(bot.flags, 'trusted') - + const userInfo = await get.user.load(user) if ( ['reported', 'blocked', 'archived'].includes(bot.state) && @@ -219,7 +223,8 @@ const Bots = RequestHandler() const csrfValidated = checkToken(req, res, req.body._csrf) if (!csrfValidated) return - const validated: ManageBot = await getManageBotSchema(isPerkAvailable).validate(req.body, { abortEarly: false }) + const validated: ManageBot = await getManageBotSchema(isPerkAvailable) + .validate(req.body, { abortEarly: false }) .then((el) => el) .catch((e) => { ResponseWrapper(res, { code: 400, errors: e.errors }) diff --git a/pages/api/v2/list/bots/new.ts b/pages/api/v2/list/bots/new.ts index 280c32f..79c49f7 100644 --- a/pages/api/v2/list/bots/new.ts +++ b/pages/api/v2/list/bots/new.ts @@ -4,7 +4,11 @@ import ResponseWrapper from '@utils/ResponseWrapper' import { Bot, List } from '@types' -const NewList = RequestHandler().get(async (_req, res) => { +const NewList = RequestHandler().get(async (req, res) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const result = await get.list.new.load(1) return ResponseWrapper>(res, { code: 200, data: result }) }) diff --git a/pages/api/v2/list/bots/votes.ts b/pages/api/v2/list/bots/votes.ts index 22a91b1..974e003 100644 --- a/pages/api/v2/list/bots/votes.ts +++ b/pages/api/v2/list/bots/votes.ts @@ -6,6 +6,10 @@ import { Bot, List } from '@types' import Yup from '@utils/Yup' const VotesList = RequestHandler().get(async (req, res) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const page = await Yup.number() .positive() .integer() diff --git a/pages/api/v2/search/all.ts b/pages/api/v2/search/all.ts index 43d2bab..89839d6 100644 --- a/pages/api/v2/search/all.ts +++ b/pages/api/v2/search/all.ts @@ -8,6 +8,10 @@ import { SearchQuerySchema } from '@utils/Yup' import { Bot, Server, List } from '@types' const Search = RequestHandler().get(async (req: ApiRequest, res) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const validated = await SearchQuerySchema.validate({ q: req.query.q || req.query.query, page: 1 }) .then((el) => el) .catch((e) => { diff --git a/pages/api/v2/search/bots.ts b/pages/api/v2/search/bots.ts index eeb711b..d95d88f 100644 --- a/pages/api/v2/search/bots.ts +++ b/pages/api/v2/search/bots.ts @@ -8,6 +8,10 @@ import { SearchQuerySchema } from '@utils/Yup' import { Bot, List } from '@types' const SearchBots = RequestHandler().get(async (req: ApiRequest, res: NextApiResponse) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const validated = await SearchQuerySchema.validate({ q: req.query.q || req.query.query, page: req.query.page, diff --git a/pages/api/v2/search/servers.ts b/pages/api/v2/search/servers.ts index e255cd9..0437457 100644 --- a/pages/api/v2/search/servers.ts +++ b/pages/api/v2/search/servers.ts @@ -8,6 +8,10 @@ import { SearchQuerySchema } from '@utils/Yup' import { Server, List } from '@types' const SearchServers = RequestHandler().get(async (req: ApiRequest, res: NextApiResponse) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const validated = await SearchQuerySchema.validate({ q: req.query.q || req.query.query, page: req.query.page, diff --git a/pages/api/v2/servers/[id]/index.ts b/pages/api/v2/servers/[id]/index.ts index 986cfdd..235ff1e 100644 --- a/pages/api/v2/servers/[id]/index.ts +++ b/pages/api/v2/servers/[id]/index.ts @@ -36,6 +36,10 @@ const patchLimiter = rateLimit({ }) const Servers = RequestHandler() .get(async (req: GetApiRequest, res) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const server = await get.server.load(req.query.id) if (!server) return ResponseWrapper(res, { code: 404, message: '존재하지 않는 서버 입니다.' }) else { diff --git a/pages/api/v2/servers/[id]/owners.ts b/pages/api/v2/servers/[id]/owners.ts index 808999d..4367c3b 100644 --- a/pages/api/v2/servers/[id]/owners.ts +++ b/pages/api/v2/servers/[id]/owners.ts @@ -5,6 +5,10 @@ import ResponseWrapper from '@utils/ResponseWrapper' import { get } from '@utils/Query' const ServerOwners = RequestHandler().get(async (req: GetApiRequest, res) => { + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const owners = await get.serverOwners(req.query.id) if (!owners) return ResponseWrapper(res, { code: 404 }) return ResponseWrapper(res, { code: 200, data: owners }) diff --git a/pages/api/v2/users/[id]/index.ts b/pages/api/v2/users/[id]/index.ts index 69d052c..eeb9b75 100644 --- a/pages/api/v2/users/[id]/index.ts +++ b/pages/api/v2/users/[id]/index.ts @@ -5,7 +5,10 @@ import ResponseWrapper from '@utils/ResponseWrapper' import RequestHandler from '@utils/RequestHandler' const Users = RequestHandler().get(async (req: ApiRequest, res) => { - console.log(req.query) + const auth = req.headers.authorization + ? await get.BotAuthorization(req.headers.authorization) + : await get.Authorization(req.cookies.token) + if (!auth) return ResponseWrapper(res, { code: 401 }) const user = await get.user.load(req.query?.id) if (!user) return ResponseWrapper(res, { code: 404, message: '존재하지 않는 유저 입니다.' }) else return ResponseWrapper(res, { code: 200, data: user })