Make subdomain passport lookup more defensive - try username and ID
cgen-15db8a51f310456fac0c747c9716b219
This commit is contained in:
Builder.io
parent
86bfa51ba9
commit
e45479212e
1 changed files with 53 additions and 38 deletions
|
|
@ -15,11 +15,7 @@ export default async function handler(req: VercelRequest, res: VercelResponse) {
|
||||||
try {
|
try {
|
||||||
const admin = getAdminClient();
|
const admin = getAdminClient();
|
||||||
|
|
||||||
// Look up user by username
|
const userFields = `
|
||||||
const { data: user, error: userError } = await admin
|
|
||||||
.from("user_profiles")
|
|
||||||
.select(
|
|
||||||
`
|
|
||||||
id,
|
id,
|
||||||
username,
|
username,
|
||||||
full_name,
|
full_name,
|
||||||
|
|
@ -41,17 +37,35 @@ export default async function handler(req: VercelRequest, res: VercelResponse) {
|
||||||
longest_streak,
|
longest_streak,
|
||||||
created_at,
|
created_at,
|
||||||
updated_at
|
updated_at
|
||||||
`,
|
`;
|
||||||
)
|
|
||||||
.eq("username", username)
|
|
||||||
.single();
|
|
||||||
|
|
||||||
if (userError) {
|
// Try to look up user by username first (case-insensitive)
|
||||||
if (userError.code === "PGRST116") {
|
let user: any = null;
|
||||||
// No rows found
|
|
||||||
return res.status(404).json({ error: "User not found" });
|
try {
|
||||||
|
const result = await admin
|
||||||
|
.from("user_profiles")
|
||||||
|
.select(userFields)
|
||||||
|
.ilike("username", `%${username}%`)
|
||||||
|
.limit(1)
|
||||||
|
.single();
|
||||||
|
user = result.data;
|
||||||
|
} catch (e) {
|
||||||
|
// Continue to ID lookup
|
||||||
|
}
|
||||||
|
|
||||||
|
// If not found by username, try by exact ID match
|
||||||
|
if (!user) {
|
||||||
|
try {
|
||||||
|
const result = await admin
|
||||||
|
.from("user_profiles")
|
||||||
|
.select(userFields)
|
||||||
|
.eq("id", username)
|
||||||
|
.single();
|
||||||
|
user = result.data;
|
||||||
|
} catch (e) {
|
||||||
|
// Continue to error handling
|
||||||
}
|
}
|
||||||
throw userError;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!user) {
|
if (!user) {
|
||||||
|
|
@ -94,8 +108,7 @@ export default async function handler(req: VercelRequest, res: VercelResponse) {
|
||||||
const { data: linkedProviders = [] } = await admin
|
const { data: linkedProviders = [] } = await admin
|
||||||
.from("user_auth_identities")
|
.from("user_auth_identities")
|
||||||
.select("provider, linked_at, last_sign_in_at")
|
.select("provider, linked_at, last_sign_in_at")
|
||||||
.eq("user_id", user.id)
|
.eq("user_id", user.id);
|
||||||
.not("deleted_at", "is", null);
|
|
||||||
|
|
||||||
return res.status(200).json({
|
return res.status(200).json({
|
||||||
type: "creator",
|
type: "creator",
|
||||||
|
|
@ -104,7 +117,9 @@ export default async function handler(req: VercelRequest, res: VercelResponse) {
|
||||||
achievements: achievements
|
achievements: achievements
|
||||||
.map((a: any) => a.achievements)
|
.map((a: any) => a.achievements)
|
||||||
.filter(Boolean),
|
.filter(Boolean),
|
||||||
interests: userInterests.map((i: any) => i.interests).filter(Boolean),
|
interests: userInterests
|
||||||
|
.map((i: any) => i.interests)
|
||||||
|
.filter(Boolean),
|
||||||
linkedProviders,
|
linkedProviders,
|
||||||
},
|
},
|
||||||
domain: req.headers.host || "",
|
domain: req.headers.host || "",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue