Get user ID from session instead of looking it up

2021-05-11 10:21:05 +01:00 · 2021-05-11 10:21:05 +01:00 · 209791d86d
commit 209791d86d
parent b760ed6ff7
11 changed files with 12 additions and 79 deletions
--- a/components/Shell.tsx
+++ b/components/Shell.tsx
@ -76,7 +76,7 @@ export default function Shell(props) {
                                            </div>
                                            {
                                                profileDropdownExpanded && (
-                                                    <div className="origin-top-right absolute right-0 mt-2 w-48 rounded-md shadow-lg py-1 bg-white ring-1 ring-black ring-opacity-5 focus:outline-none" role="menu" aria-orientation="vertical" aria-labelledby="user-menu">
+                                                    <div className="origin-top-right absolute right-0 mt-2 w-48 rounded-md shadow-lg py-1 bg-white ring-1 ring-black ring-opacity-5 focus:outline-none z-50" role="menu" aria-orientation="vertical" aria-labelledby="user-menu">
                                                        <Link href={"/" + session.user.username}><a target="_blank" className="block px-4 py-2 text-sm text-gray-700 hover:bg-gray-100" role="menuitem">Your Public Page</a></Link>
                                                        <Link href="/settings/profile"><a className="block px-4 py-2 text-sm text-gray-700 hover:bg-gray-100" role="menuitem">Your Profile</a></Link>
                                                        <Link href="/settings/password"><a className="block px-4 py-2 text-sm text-gray-700 hover:bg-gray-100" role="menuitem">Login &amp; Security</a></Link>
--- a/pages/api/auth/[...nextauth].tsx
+++ b/pages/api/auth/[...nextauth].tsx
@ -44,12 +44,14 @@ export default NextAuth({
        async jwt(token, user, account, profile, isNewUser) {
            // Add username to the token right after signin
            if (user?.username) {
-                token.username = user.username
+                token.id = user.id;
                token.username = user.username;
            }
            return token;
        },
        async session(session, token) {
            session.user = session.user || {}
            session.user.id = token.id;
            session.user.username = token.username;
            return session;
        },
--- a/pages/api/auth/changepw.ts
+++ b/pages/api/auth/changepw.ts
@ -11,7 +11,6 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
        return;
    }
    // TODO: Add user ID to user session object
    const user = await prisma.user.findFirst({
        where: {
            email: session.user.email,
--- a/pages/api/availability/day.ts
+++ b/pages/api/availability/day.ts
@ -11,24 +11,12 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
    }
    if (req.method == "PATCH") {
        // TODO: Add user ID to user session object
        const user = await prisma.user.findFirst({
            where: {
                email: session.user.email,
            },
            select: {
                id: true
            }
        });
        if (!user) { res.status(404).json({message: 'User not found'}); return; }
        const startMins = req.body.start;
        const endMins = req.body.end;
        const updateDay = await prisma.user.update({
            where: {
-                id: user.id,
+                id: session.user.id,
            },
            data: {
                startTime: startMins,
--- a/pages/api/availability/eventtype.ts
+++ b/pages/api/availability/eventtype.ts
@ -8,20 +8,6 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
        res.status(401).json({message: "Not authenticated"});
        return;
    }
    // TODO: Add user ID to user session object
    const user = await prisma.user.findFirst({
        where: {
            email: session.user.email,
        },
        select: {
            id: true
        }
    });
    if (!user) {
        res.status(404).json({message: 'User not found'});
        return;
    }
    if (req.method == "PATCH" || req.method == "POST") {
@ -37,7 +23,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
        if (req.method == "POST") {
            const createEventType = await prisma.eventType.create({
                data: {
-                    userId: user.id,
+                    userId: session.user.id,
                    ...data,
                },
            });
--- a/pages/api/integrations.ts
+++ b/pages/api/integrations.ts
@ -8,19 +8,9 @@ export default async function handler(req, res) {
        if (!session) { res.status(401).json({message: 'You must be logged in to do this'}); return; }
        // TODO: Add user ID to user session object
        const user = await prisma.user.findFirst({
            where: {
                email: session.user.email,
            },
            select: {
                id: true
            }
        });
        const credentials = await prisma.credential.findMany({
            where: {
-                userId: user.id,
+                userId: session.user.id,
            },
            select: {
                type: true,
@ -36,18 +26,6 @@ export default async function handler(req, res) {
        if (!session) { res.status(401).json({message: 'You must be logged in to do this'}); return; }
        // TODO: Add user ID to user session object
        const user = await prisma.user.findFirst({
            where: {
                email: session.user.email,
            },
            select: {
                id: true
            }
        });
        if (!user) { res.status(404).json({message: 'User not found'}); return; }
        const id = req.body.id;
        const deleteIntegration = await prisma.credential.delete({
--- a/pages/api/integrations/googlecalendar/add.ts
+++ b/pages/api/integrations/googlecalendar/add.ts
@ -13,7 +13,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
        if (!session) { res.status(401).json({message: 'You must be logged in to do this'}); return; }
-        // TODO: Add user ID to user session object
+        // Get user
        const user = await prisma.user.findFirst({
            where: {
                email: session.user.email,
--- a/pages/api/integrations/googlecalendar/callback.ts
+++ b/pages/api/integrations/googlecalendar/callback.ts
@ -13,16 +13,6 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
    if (!session) { res.status(401).json({message: 'You must be logged in to do this'}); return; }
    // TODO: Add user ID to user session object
    const user = await prisma.user.findFirst({
        where: {
            email: session.user.email,
        },
        select: {
            id: true
        }
    });
    const {client_secret, client_id, redirect_uris} = JSON.parse(credentials).web;
    const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirect_uris[0]);
@ -34,7 +24,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
            data: {
                type: 'google_calendar',
                key: token,
-                userId: user.id
+                userId: session.user.id
            }
        });
--- a/pages/api/integrations/office365calendar/add.ts
+++ b/pages/api/integrations/office365calendar/add.ts
@ -11,7 +11,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
        if (!session) { res.status(401).json({message: 'You must be logged in to do this'}); return; }
-        // TODO: Add user ID to user session object
+        // Get user
        const user = await prisma.user.findFirst({
            where: {
                email: session.user.email,
--- a/pages/api/integrations/office365calendar/callback.ts
+++ b/pages/api/integrations/office365calendar/callback.ts
@ -10,16 +10,6 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
    const session = await getSession({req: req});
    if (!session) { res.status(401).json({message: 'You must be logged in to do this'}); return; }
    // TODO: Add user ID to user session object
    const user = await prisma.user.findFirst({
        where: {
            email: session.user.email,
        },
        select: {
            id: true
        }
    });
    const toUrlEncoded = payload => Object.keys(payload).map( (key) => key + '=' + encodeURIComponent(payload[ key ]) ).join('&');
    const hostname = 'x-forwarded-host' in req.headers ? 'https://' + req.headers['x-forwarded-host'] : 'host' in req.headers ? (req.secure ? 'https://' : 'http://') + req.headers['host'] : '';
@ -46,7 +36,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
        data: {
            type: 'office365_calendar',
            key: responseBody,
-            userId: user.id
+            userId: session.user.id
        }
    });
--- a/pages/api/user/profile.ts
+++ b/pages/api/user/profile.ts
@ -10,7 +10,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
        return;
    }
-    // TODO: Add user ID to user session object
+    // Get user
    const user = await prisma.user.findFirst({
        where: {
            email: session.user.email,