blsmedia/bot
2
0
Fork 0
Code Activity

build: 🔒️ Add extra user check in api

Browse Source
This commit is contained in:
Baptiste Arnaud
2022-03-04 17:21:01 +01:00
parent 2a31b13cb3
commit ec18912879
20 changed files with 80 additions and 179 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
apps/builder/pages/api/folders.ts
View File

@ -1,17 +1,14 @@
import { withSentry } from '@sentry/nextjs'
import { DashboardFolder, User } from 'db'
import { DashboardFolder } from 'db'
import prisma from 'libs/prisma'
import { NextApiRequest, NextApiResponse } from 'next'
import { getSession } from 'next-auth/react'
import { methodNotAllowed } from 'utils'
import { getAuthenticatedUser } from 'services/api/utils'
import { methodNotAllowed, notAuthenticated } from 'utils'
const handler = async (req: NextApiRequest, res: NextApiResponse) => {
const session = await getSession({ req })
const user = await getAuthenticatedUser(req)
if (!user) return notAuthenticated(res)
if (!session?.user)
return res.status(401).json({ message: 'Not authenticated' })
const user = session.user as User
const parentFolderId = req.query.parentId
? req.query.parentId.toString()
: null