From 0dc863633d2b0f94c38a9c3c305c4e62c25e3122 Mon Sep 17 00:00:00 2001
From: Jack LaFond <jack.lafond@icloud.com>
Date: Sun, 16 Jun 2024 11:19:02 -0400
Subject: [PATCH] fix an error with mismatched variables causing a login issue

---
 src/pages/api/oauth/callback.ts | 53 ++++++++++++++++++---------------
 src/pages/api/saves/index.ts    | 49 ++++++++++++++----------------
 2 files changed, 52 insertions(+), 50 deletions(-)

diff --git a/src/pages/api/oauth/callback.ts b/src/pages/api/oauth/callback.ts
index d68eccb..623f655 100644
--- a/src/pages/api/oauth/callback.ts
+++ b/src/pages/api/oauth/callback.ts
@@ -1,10 +1,10 @@
-import * as schema from '$drizzle/schema';
-import { db } from '@/db';
+import * as schema from "$drizzle/schema";
+import { db } from "@/db";
 import { getCookie, setCookie } from "cookies-next";
 import crypto from "crypto";
 import { eq } from "drizzle-orm";
 import type { NextApiRequest, NextApiResponse } from "next";
-import { createToken } from '../saves';
+import { createToken } from "../saves";
 
 type Data = Record<string, any>;
 
@@ -22,6 +22,7 @@ export default async function handler(
     }
 
     const uid = getCookie("uid", { req });
+
     if (!uid || typeof uid !== "string") {
       res.status(400).end();
       res.redirect("/");
@@ -80,12 +81,21 @@ export default async function handler(
 
     const discordUserData = await discordUser.json();
 
-    let [user] = await db.select().from(schema.users).where(eq(schema.users.id, uid)).limit(1);
+    let [user] = await db
+      .select()
+      .from(schema.users)
+      .where(eq(schema.users.id, uid))
+      .limit(1);
 
     let cookieSecret =
       user?.cookie_secret ?? crypto.randomBytes(16).toString("hex");
+
     if (!user) {
-      let [discordUser] = await db.select().from(schema.users).where(eq(schema.users.id, discordData.uid)).limit(1);
+      let [discordUser] = await db
+        .select()
+        .from(schema.users)
+        .where(eq(schema.users.discord_id, discordUserData.id))
+        .limit(1);
 
       if (discordUser) {
         user = discordUser;
@@ -97,10 +107,6 @@ export default async function handler(
             .update(schema.users)
             .set({ discord_name: discordUserData.username })
             .where(eq(schema.saves.user_id, discordUserData.id));
-          // const r = await conn.execute(
-          //   "UPDATE Users SET discord_name = ? WHERE discord_id = ?",
-          //   [discordUserData.username, discordUserData.id],
-          // );
         }
 
         // update discord avatar if the avatar hash changed
@@ -109,26 +115,25 @@ export default async function handler(
             .update(schema.users)
             .set({ discord_avatar: discordUserData.avatar })
             .where(eq(schema.saves.user_id, discordUserData.id));
-          // const r = await conn.execute(
-          //   "UPDATE Users SET discord_avatar = ? WHERE discord_id = ?",
-          //   [discordUserData.avatar, discordUserData.id],
-          // );
         }
       } else {
-        await db.insert(schema.users).values({
-          id: uid,
-          discord_id: discordUserData.id,
-          discord_name: discordUserData.username,
-          discord_avatar: discordUserData.avatar,
-          cookie_secret: cookieSecret
-        }).onDuplicateKeyUpdate({
-          set: {
+        await db
+          .insert(schema.users)
+          .values({
+            id: uid,
             discord_id: discordUserData.id,
             discord_name: discordUserData.username,
             discord_avatar: discordUserData.avatar,
-            cookie_secret: cookieSecret
-          }
-        });
+            cookie_secret: cookieSecret,
+          })
+          .onDuplicateKeyUpdate({
+            set: {
+              discord_id: discordUserData.id,
+              discord_name: discordUserData.username,
+              discord_avatar: discordUserData.avatar,
+              cookie_secret: cookieSecret,
+            },
+          });
         // await conn.execute(
         //   "INSERT INTO Users (id, discord_id, discord_name, discord_avatar, cookie_secret) VALUES (?, ?, ?, ?, ?)",
         //   [
diff --git a/src/pages/api/saves/index.ts b/src/pages/api/saves/index.ts
index b8edac7..acbc19e 100644
--- a/src/pages/api/saves/index.ts
+++ b/src/pages/api/saves/index.ts
@@ -1,11 +1,10 @@
-import { db } from '$db';
-import * as schema from '$drizzle/schema';
+import { db } from "$db";
+import * as schema from "$drizzle/schema";
 import { getCookie, setCookie } from "cookies-next";
 import crypto from "crypto";
 import { and, eq } from "drizzle-orm";
 import { NextApiRequest, NextApiResponse } from "next";
 
-
 type Data = Record<string, any>;
 
 export interface SqlUser {
@@ -38,17 +37,15 @@ export async function getUID(
   req: NextApiRequest,
   res: NextApiResponse<Data>,
 ): Promise<string> {
-  // console.log("Getting UID from cookie...");
   let uid = getCookie("uid", { req, res });
-  // console.log("UID: ", uid);
   if (uid && typeof uid === "string") {
-    // console.log("Found UID...");
     // uids can be anonymous, so we need to check if the user exists
 
-
-    // yeah this is correct now but eq needs to come from drizzle-orm/mysql-core or sm no its fine its cuz cookies are weird
-    // one secn
-    const [user] = await db.select().from(schema.users).where(eq(schema.users.id, uid)).limit(1);
+    const [user] = await db
+      .select()
+      .from(schema.users)
+      .where(eq(schema.users.id, uid))
+      .limit(1);
 
     if (user) {
       // user exists, so we check if the user is authenticated
@@ -71,7 +68,7 @@ export async function getUID(
     // everything is ok, so we return the uid
     return uid as string;
   } else {
-    // console.log("Generating new UID...");
+    console.log("Generating new UID...");
     // no uid, so we create an anonymous one
     uid = crypto.randomBytes(16).toString("hex");
     setCookie("uid", uid, {
@@ -117,10 +114,11 @@ export const verifyToken = (token: string, key: string) => {
 };
 
 async function get(req: NextApiRequest, res: NextApiResponse) {
-  // console.log("Getting...");
   const uid = await getUID(req, res);
-  // console.log("uid: ", uid);
-  const players = await db.select().from(schema.saves).where(eq(schema.saves.user_id, uid));
+  const players = await db
+    .select()
+    .from(schema.saves)
+    .where(eq(schema.saves.user_id, uid));
   res.json(players);
 }
 
@@ -132,11 +130,14 @@ async function post(req: NextApiRequest, res: NextApiResponse) {
   for (const player of players) {
     try {
       if (player._id) {
-        await db.insert(schema.saves).values({
-          _id: player._id,
-          user_id: uid,
-          ...player
-        }).onDuplicateKeyUpdate({ set: player });
+        await db
+          .insert(schema.saves)
+          .values({
+            _id: player._id,
+            user_id: uid,
+            ...player,
+          })
+          .onDuplicateKeyUpdate({ set: player });
       }
       res.status(200).end();
     } catch (e) {
@@ -164,13 +165,9 @@ async function _delete(req: NextApiRequest, res: NextApiResponse) {
     if (type === "player") {
       // delete a single player
       const { _id } = JSON.parse(req.body);
-      await db.delete(schema.saves)
-        .where(
-          and(
-            eq(schema.saves.user_id, uid),
-            eq(schema.saves._id, _id)
-          )
-        );
+      await db
+        .delete(schema.saves)
+        .where(and(eq(schema.saves.user_id, uid), eq(schema.saves._id, _id)));
 
       // const result = await conn.execute(
       //   "DELETE FROM Saves WHERE user_id = ? AND _id = ?",