calcom/pages/api/integrations/caldav/add.ts

import type { NextApiRequest, NextApiResponse } from "next";
import { getSession } from "next-auth/client";
import prisma from "../../../../lib/prisma";
import { symmetricEncrypt } from "@lib/crypto";
import logger from "@lib/logger";
import { davRequest, getBasicAuthHeaders } from "tsdav";

export default async function handler(req: NextApiRequest, res: NextApiResponse) {
  if (req.method === "POST") {
    // Check that user is authenticated
    const session = await getSession({ req: req });

    if (!session) {
      res.status(401).json({ message: "You must be logged in to do this" });
      return;
    }

    const { username, password, url } = req.body;
    // Get user
    await prisma.user.findFirst({
      where: {
        email: session.user.email,
      },
      select: {
        id: true,
      },
    });

    const header = getBasicAuthHeaders({
      username,
      password,
    });

    try {
      const [response] = await davRequest({
        url: url,
        init: {
          method: "PROPFIND",
          namespace: "d",
          body: {
            propfind: {
              _attributes: {
                "xmlns:d": "DAV:",
              },
              prop: { "d:current-user-principal": {} },
            },
          },
          headers: header,
        },
      });

      if (!response.ok) {
        logger.error("Could not add this caldav account", response?.statusText);
        logger.error(response.error);
        return res.status(200).json({ message: "Could not add this caldav account" });
      }

      if (response.ok) {
        await prisma.credential.create({
          data: {
            type: "caldav_calendar",
            key: symmetricEncrypt(
              JSON.stringify({ username, password, url }),
              process.env.CALENDSO_ENCRYPTION_KEY
            ),
            userId: session.user.id,
          },
        });
      }
    } catch (reason) {
      logger.error("Could not add this caldav account", reason);
      return res.status(200).json({ message: "Could not add this caldav account" });
    }
    // TODO VALIDATE URL
    // TODO VALIDATE CONNECTION IS POSSIBLE

    return res.status(200).json({});
  }
}
cal-101-caldav-integration (#419) * add generic calendar icon for caldav * module for symmetric encrypt/decrypt * caldav integration * use Radix dialog * Move caldav components to /caldav * remove duplicate cancel button, unused function * ensure app can connect to caldav server before adding * fix calendar clients can possibly return null * fix: add caldav dialog does not close when submitted * safely attempt all caldav operations * clarify variable name, fix typo * use common helper for stripping html * remove usage of request lib until "completed" * add types and usage comments to crypto lib * add encryption key to example env file 2021-08-15 01:53:59 +00:00			`import type { NextApiRequest, NextApiResponse } from "next";`
			`import { getSession } from "next-auth/client";`
			`import prisma from "../../../../lib/prisma";`
			`import { symmetricEncrypt } from "@lib/crypto";`
			`import logger from "@lib/logger";`
			`import { davRequest, getBasicAuthHeaders } from "tsdav";`

			`export default async function handler(req: NextApiRequest, res: NextApiResponse) {`
			`if (req.method === "POST") {`
			`// Check that user is authenticated`
			`const session = await getSession({ req: req });`

			`if (!session) {`
			`res.status(401).json({ message: "You must be logged in to do this" });`
			`return;`
			`}`

			`const { username, password, url } = req.body;`
			`// Get user`
			`await prisma.user.findFirst({`
			`where: {`
			`email: session.user.email,`
			`},`
			`select: {`
			`id: true,`
			`},`
			`});`

			`const header = getBasicAuthHeaders({`
			`username,`
			`password,`
			`});`

			`try {`
			`const [response] = await davRequest({`
			`url: url,`
			`init: {`
			`method: "PROPFIND",`
			`namespace: "d",`
			`body: {`
			`propfind: {`
			`_attributes: {`
			`"xmlns:d": "DAV:",`
			`},`
			`prop: { "d:current-user-principal": {} },`
			`},`
			`},`
			`headers: header,`
			`},`
			`});`

			`if (!response.ok) {`
			`logger.error("Could not add this caldav account", response?.statusText);`
			`logger.error(response.error);`
			`return res.status(200).json({ message: "Could not add this caldav account" });`
			`}`

			`if (response.ok) {`
			`await prisma.credential.create({`
			`data: {`
			`type: "caldav_calendar",`
			`key: symmetricEncrypt(`
			`JSON.stringify({ username, password, url }),`
			`process.env.CALENDSO_ENCRYPTION_KEY`
			`),`
			`userId: session.user.id,`
			`},`
			`});`
			`}`
			`} catch (reason) {`
			`logger.error("Could not add this caldav account", reason);`
			`return res.status(200).json({ message: "Could not add this caldav account" });`
			`}`
			`// TODO VALIDATE URL`
			`// TODO VALIDATE CONNECTION IS POSSIBLE`

			`return res.status(200).json({});`
			`}`
			`}`