rhythia-api 211.0.0 → 214.0.0

package/README.md

@@ -0,0 +1,9 @@
+# Rhythia Online API
+
+This repo is a typed wrapper around Rhythia's backend endpoints. The helpers under `api/` are wired through `handleApi.ts` so consumers can call functions like `acceptInvite` or `createCollection` and let the shared client post to the hosted service while censoring stray profanity in responses.
+
+Install dependencies with Bun, then reach for the scripts in `package.json`; `bun run dev` starts the local handler, `bun run test` exercises the contract tests, and `bun run pipeline:build-api` prepares the bundle that powers deployments. The production build is pushed to Vercel from the `main` branch, so anything merged there lands at the hosted Rhythia Online API a few moments later.
+
+Runtime secrets live in environment variables. Upload endpoints expect `ACCESS_BUCKET` and `SECRET_BUCKET` for S3, the purchase flow checks `BUY_SECRET`, auth helpers derive tokens from `TOKEN_SECRET`, and the Supabase admin calls need `ADMIN_KEY`. The deploy script also looks for `GIT_USER`, `GIT_KEY`, `SOURCE_BRANCH`, and `TARGET_BRANCH` when the CI job mirrors changes upstream.
+
+If you need to point at a different stack, call `setEnvironment` with `development`, `testing`, or `production` before making requests so the helper talks to the right Rhythia host.

package/api/getBadgeLeaders.ts

@@ -13,8 +13,6 @@ export const Schema = {
         display_name: z.string(),
         avatar_url: z.string().nullable(),
         special_badge_count: z.number(),
-        earned_badges: z.array(z.string()),
-        all_badges: z.any(), // JSON type
       })
     ),
     total_count: z.number(),

package/api/getVideoUploadUrl.ts

@@ -0,0 +1,85 @@
+import { NextResponse } from "next/server";
+import z from "zod";
+import { protectedApi, validUser } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+
+import {
+  PutBucketCorsCommand,
+  PutObjectCommand,
+  S3Client,
+} from "@aws-sdk/client-s3";
+import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
+import { validateIntrinsicToken } from "../utils/validateToken";
+import { getUserBySession } from "../utils/getUserBySession";
+import { User } from "@supabase/supabase-js";
+
+const s3Client = new S3Client({
+  region: "auto",
+  endpoint: "https://s3.eu-central-003.backblazeb2.com",
+  credentials: {
+    secretAccessKey: process.env.SECRET_BUCKET || "",
+    accessKeyId: process.env.ACCESS_BUCKET || "",
+  },
+});
+
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+    contentLength: z.number(),
+    contentType: z.string(),
+    intrinsicToken: z.string(),
+  }),
+  output: z.strictObject({
+    error: z.string().optional(),
+    url: z.string().optional(),
+    objectKey: z.string().optional(),
+  }),
+};
+
+export async function POST(request: Request): Promise<NextResponse> {
+  return protectedApi({
+    request,
+    schema: Schema,
+    authorization: validUser,
+    activity: handler,
+  });
+}
+
+export async function handler({
+  session,
+  contentLength,
+  contentType,
+  intrinsicToken,
+}: (typeof Schema)["input"]["_type"]): Promise<
+  NextResponse<(typeof Schema)["output"]["_type"]>
+> {
+  const user = (await getUserBySession(session)) as User;
+
+  if (!validateIntrinsicToken(intrinsicToken)) {
+    return NextResponse.json({
+      error: "Invalid intrinsic token",
+    });
+  }
+
+  if (contentLength > 25000000) {
+    return NextResponse.json({
+      error: "Max content length exceeded.",
+    });
+  }
+
+  const key = `beatmap-video-${Date.now()}-${user.id}`;
+  const command = new PutObjectCommand({
+    Bucket: "rhthia-avatars",
+    Key: key,
+    ContentLength: contentLength,
+    ContentType: contentType,
+  });
+
+  const presigned = await getSignedUrl(s3Client, command, {
+    expiresIn: 3600,
+  });
+  return NextResponse.json({
+    url: presigned,
+    objectKey: key,
+  });
+}

package/api/updateBeatmapPage.ts

@@ -13,6 +13,7 @@ export const Schema = {
     beatmapHash: z.string().optional(),
     tags: z.string().optional(),
     description: z.string().optional(),
+    videoUrl: z.string().optional(),
   }),
   output: z.strictObject({
     error: z.string().optional(),
@@ -41,6 +42,7 @@ export async function handler({
   id,
   description,
   tags,
+  videoUrl,
 }: (typeof Schema)["input"]["_type"]): Promise<
   NextResponse<(typeof Schema)["output"]["_type"]>
 > {
@@ -82,8 +84,9 @@ export async function handler({
     owner: userData.id,
     description: description ? description : pageData.description,
     tags: tags ? tags : pageData.tags,
+    video_url: videoUrl ? videoUrl : pageData.video_url,
     updated_at: Date.now(),
-  };
+  } as any;
 
   if (beatmapHash && beatmapData) {
     upsertPayload["title"] = beatmapData.title;

package/index.ts

@@ -384,8 +384,6 @@ export const Schema = {
         display_name: z.string(),
         avatar_url: z.string().nullable(),
         special_badge_count: z.number(),
-        earned_badges: z.array(z.string()),
-        all_badges: z.any(), // JSON type
       })
     ),
     total_count: z.number(),
@@ -1166,6 +1164,26 @@ import { Schema as GetVerified } from "./api/getVerified"
 export { Schema as SchemaGetVerified } from "./api/getVerified"
 export const getVerified = handleApi({url:"/api/getVerified",...GetVerified})
 
+// ./api/getVideoUploadUrl.ts API
+
+/*
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+    contentLength: z.number(),
+    contentType: z.string(),
+    intrinsicToken: z.string(),
+  }),
+  output: z.strictObject({
+    error: z.string().optional(),
+    url: z.string().optional(),
+    objectKey: z.string().optional(),
+  }),
+};*/
+import { Schema as GetVideoUploadUrl } from "./api/getVideoUploadUrl"
+export { Schema as SchemaGetVideoUploadUrl } from "./api/getVideoUploadUrl"
+export const getVideoUploadUrl = handleApi({url:"/api/getVideoUploadUrl",...GetVideoUploadUrl})
+
 // ./api/nominateMap.ts API
 
 /*
@@ -1295,6 +1313,7 @@ export const Schema = {
     beatmapHash: z.string().optional(),
     tags: z.string().optional(),
     description: z.string().optional(),
+    videoUrl: z.string().optional(),
   }),
   output: z.strictObject({
     error: z.string().optional(),

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "rhythia-api",
-  "version": "211.0.0",
+  "version": "214.0.0",
   "main": "index.ts",
   "author": "online-contributors-cunev",
   "scripts": {
@@ -43,7 +43,7 @@
     "sharp": "^0.33.5",
     "short-uuid": "^5.2.0",
     "simple-git": "^3.25.0",
-    "supabase": "^2.19.7",
+    "supabase": "^2.53.6",
     "tsx": "^4.17.0",
     "utf-8-validate": "^6.0.4",
     "uuid": "^11.1.0",

package/types/database.ts

@@ -10,7 +10,7 @@ export type Database = {
   // Allows to automatically instantiate createClient with right options
   // instead of createClient<Database, { PostgrestVersion: 'XX' }>(URL, KEY)
   __InternalSupabase: {
-    PostgrestVersion: "12.2.3 (519615d)"
+    PostgrestVersion: "13.0.4"
   }
   public: {
     Tables: {
@@ -158,6 +158,7 @@ export type Database = {
           tags: string
           title: string | null
           updated_at: number | null
+          video_url: string | null
         }
         Insert: {
           created_at?: string
@@ -172,6 +173,7 @@ export type Database = {
           tags?: string
           title?: string | null
           updated_at?: number | null
+          video_url?: string | null
         }
         Update: {
           created_at?: string
@@ -186,6 +188,7 @@ export type Database = {
           tags?: string
           title?: string | null
           updated_at?: number | null
+          video_url?: string | null
         }
         Relationships: [
           {
@@ -703,10 +706,8 @@ export type Database = {
       get_badge_leaderboard: {
         Args: { p_limit?: number }
         Returns: {
-          all_badges: Json
           avatar_url: string
           display_name: string
-          earned_badges: string[]
           id: number
           special_badge_count: number
         }[]