rewrite website

src/pages/api/feedback.ts

@@ -0,0 +1,37 @@
+import { z } from 'astro:schema';
+import type { APIRoute } from 'astro';
+import { API_SECRET } from 'astro:env/server';
+import { db } from '@db/database.ts';
+import { BASE_PATH } from 'astro:env/server';
+
+const postSchema = z.object({
+  event: z.string(),
+  title: z.string(),
+  users: z.array(z.string())
+});
+
+export const POST: APIRoute = async ({ request }) => {
+  if (API_SECRET && request.headers.get('authorization') !== `Basic ${API_SECRET}`) {
+    return new Response(null, { status: 401 });
+  }
+
+  let parsed;
+  try {
+    parsed = await postSchema.parseAsync(await request.json());
+  } catch (_) {
+    return new Response(null, { status: 400 });
+  }
+
+  const feedbacks = await db.addUserFeedbacks({
+    event: parsed.event,
+    title: parsed.title,
+    uuids: parsed.users
+  });
+
+  const response = feedbacks.map((feedback) => ({
+    uuid: feedback.uuid,
+    url: `${BASE_PATH}/feedback/${feedback.urlHash}`
+  }));
+
+  return new Response(JSON.stringify({ feedback: response }), { status: 200 });
+};

src/pages/api/player.ts

@@ -0,0 +1,33 @@
+import { z } from 'astro:schema';
+import type { APIRoute } from 'astro';
+import { API_SECRET } from 'astro:env/server';
+import { db } from '@db/database.ts';
+
+const getSchema = z.object({
+  user: z.string()
+});
+
+export const GET: APIRoute = async ({ request }) => {
+  if (API_SECRET && request.headers.get('authorization') !== `Basic ${API_SECRET}`) {
+    return new Response(null, { status: 401 });
+  }
+
+  let parsed;
+  try {
+    parsed = await getSchema.parseAsync(await request.json());
+  } catch (_) {
+    return new Response(null, { status: 400 });
+  }
+
+  const user = await db.getUserByUuid({ uuid: parsed.user });
+  if (!user) return new Response(null, { status: 404 });
+
+  const strikes = await db.getStrikesByUserId({ userId: user.id });
+
+  return new Response(
+    JSON.stringify({
+      strikes: strikes.map((s) => ({ at: s.at.getTime(), weight: s.reason.weight }))
+    }),
+    { status: 200 }
+  );
+};

src/pages/api/report.ts

@@ -0,0 +1,103 @@
+import type { APIRoute } from 'astro';
+import { z } from 'astro:schema';
+import { API_SECRET } from 'astro:env/server';
+import { db } from '@db/database.ts';
+import { sendWebhook, WebhookAction } from '@util/webhook.ts';
+
+const postSchema = z.object({
+  reporter: z.string(),
+  reported: z.string().nullable(),
+  reason: z.string()
+});
+
+export const POST: APIRoute = async ({ request }) => {
+  if (API_SECRET && request.headers.get('authorization') !== `Basic ${API_SECRET}`) {
+    return new Response(null, { status: 401 });
+  }
+
+  let parsed;
+  try {
+    parsed = await postSchema.parseAsync(await request.json());
+  } catch (_) {
+    return new Response(null, { status: 400 });
+  }
+
+  const reporter = await db.getUserByUuid({ uuid: parsed.reporter });
+  if (!reporter) return new Response(null, { status: 404 });
+
+  let reported = null;
+  if (parsed.reported) {
+    reported = await db.getUserByUuid({ uuid: parsed.reported });
+    if (!reported) return new Response(null, { status: 404 });
+  }
+
+  const report = await db.addReport({
+    reporterId: reporter.id,
+    reportedId: reported?.id,
+    reason: parsed.reason,
+    body: null
+  });
+
+  return new Response(JSON.stringify({ url: report.url }), { status: 200 });
+};
+
+const putSchema = z.object({
+  reporter: z.string().nullable(),
+  reported: z.string(),
+  reason: z.string(),
+  body: z.string().nullable(),
+  notice: z.string().nullable(),
+  statement: z.string().nullable(),
+  strike_reason_id: z.number()
+});
+
+export const PUT: APIRoute = async ({ request }) => {
+  if (API_SECRET && request.headers.get('authorization') !== `Basic ${API_SECRET}`) {
+    return new Response(null, { status: 401 });
+  }
+
+  let parsed;
+  try {
+    parsed = await putSchema.parseAsync(await request.json());
+  } catch (_) {
+    return new Response(null, { status: 400 });
+  }
+
+  const reported = await db.getUserByUuid({ uuid: parsed.reported });
+  if (!reported) return new Response(null, { status: 404 });
+
+  let reporter = null;
+  if (parsed.reporter) {
+    reporter = await db.getUserByUuid({ uuid: parsed.reporter });
+    if (!reporter) return new Response(null, { status: 404 });
+  }
+
+  await db.transaction(async (tx) => {
+    const report = await tx.addReport({
+      reporterId: reporter?.id,
+      reportedId: reported.id,
+      createdAt: new Date(),
+      reason: parsed.reason,
+      body: parsed.body
+    });
+
+    await tx.editReportStatus({
+      reportId: report.id,
+      notice: parsed.notice,
+      statement: parsed.statement,
+      status: 'closed'
+    });
+
+    await tx.editStrike({
+      reportId: report.id,
+      strikeReasonId: parsed.strike_reason_id
+    });
+  });
+
+  // send webhook in background
+  sendWebhook(WebhookAction.Strike, {
+    user: reported.uuid!
+  });
+
+  return new Response(null, { status: 200 });
+};