rhythia-api 215.0.0 → 217.0.0

package/api/getOnlinePlayers.ts

@@ -0,0 +1,78 @@
+import { NextResponse } from "next/server";
+import z from "zod";
+import { protectedApi } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+
+const ONLINE_WINDOW_MS = 30 * 60 * 1000;
+
+export const Schema = {
+  input: z.strictObject({}),
+  output: z.object({
+    error: z.string().optional(),
+    players: z.array(
+      z.object({
+        id: z.number(),
+        name: z.string().nullable(),
+        profilePictureUrl: z.string().nullable(),
+      })
+    ),
+  }),
+};
+
+export async function POST(request: Request): Promise<NextResponse> {
+  return protectedApi({
+    request,
+    schema: Schema,
+    authorization: () => {},
+    activity: handler,
+  });
+}
+
+export async function handler(
+  _data: (typeof Schema)["input"]["_type"]
+): Promise<NextResponse<(typeof Schema)["output"]["_type"]>> {
+  const cutoff = Date.now() - ONLINE_WINDOW_MS;
+
+  const { data: activityRows, error: activityError } = await supabase
+    .from("profileActivities")
+    .select("uid")
+    .gt("last_activity", cutoff);
+
+  if (activityError) {
+    return NextResponse.json(
+      { players: [], error: "Failed to load online players" },
+      { status: 500 }
+    );
+  }
+
+  const onlineUids = Array.from(
+    new Set((activityRows || []).map((row) => row.uid).filter(Boolean))
+  );
+
+  if (!onlineUids.length) {
+    return NextResponse.json({ players: [] });
+  }
+
+  const { data: profiles, error: profilesError } = await supabase
+    .from("profiles")
+    .select("id,username,avatar_url,profile_image,skill_points")
+    .in("uid", onlineUids)
+    .neq("ban", "excluded")
+    .order("skill_points", { ascending: false });
+
+  if (profilesError) {
+    return NextResponse.json(
+      { players: [], error: "Failed to load online players" },
+      { status: 500 }
+    );
+  }
+
+  const players =
+    profiles?.map((profile) => ({
+      id: profile.id,
+      name: profile.username,
+      profilePictureUrl: profile.profile_image || profile.avatar_url,
+    })) || [];
+
+  return NextResponse.json({ players });
+}

package/api/getUserScores.ts

@@ -1,7 +1,8 @@
-import { NextResponse } from "next/server";
-import z from "zod";
-import { protectedApi } from "../utils/requestUtils";
-import { supabase } from "../utils/supabase";
+import { NextResponse } from "next/server";
+import z from "zod";
+import { getCacheValue, setCacheValue } from "../utils/cache";
+import { protectedApi } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
 
 export const Schema = {
   input: z.strictObject({
@@ -87,33 +88,61 @@ export async function POST(request: Request): Promise<NextResponse> {
   });
 }
 
-export async function handler(
-  data: (typeof Schema)["input"]["_type"],
-  req: Request
-): Promise<NextResponse<(typeof Schema)["output"]["_type"]>> {
-  // Call the RPC created earlier
-  const { data: result, error } = await supabase.rpc(
-    "get_user_scores_summary",
-    {
-      userid: data.id,
-      limit_param: data.limit,
-    }
-  );
+export async function handler(
+  data: (typeof Schema)["input"]["_type"],
+  req: Request
+): Promise<NextResponse<(typeof Schema)["output"]["_type"]>> {
+  const limit = data.limit ?? 10;
+  const cacheKey = `userscore:${data.id}:limit=${limit}`;
+  const cachedValue = await getCacheValue<(typeof Schema)["output"]["_type"]>(
+    cacheKey
+  );
+
+  if (cachedValue !== null) {
+    return NextResponse.json(cachedValue);
+  }
+
+  // parallel RPCs
+  const [
+    { data: lastDay, error: err1 },
+    { data: topAndStats, error: err2 },
+    { data: reign, error: err3 },
+  ] = await Promise.all([
+    supabase.rpc("get_user_scores_lastday", {
+      userid: data.id,
+      limit_param: limit,
+    }),
+    supabase.rpc("get_user_scores_top_and_stats", {
+      userid: data.id,
+      limit_param: limit,
+    }),
+    supabase.rpc("get_user_scores_reign", {
+      userid: data.id,
+    }),
+  ]);
 
-  if (error) {
-    return NextResponse.json({ error: JSON.stringify(error) });
+  const err = err1 || err2 || err3;
+  if (err) {
+    return NextResponse.json({ error: JSON.stringify(err) });
   }
 
-  if (!result) {
-    return NextResponse.json({ error: "No data returned" });
-  }
-
-  // The RPC may return { error: "..." } as a JSON object
-  if (typeof result === "object" && result !== null && "error" in result) {
-    return NextResponse.json({ error: String((result as any).error) });
-  }
+  // Extract pieces from the { top, stats } object
+  let top: unknown[] | undefined;
+  let stats: { totalScores: number; spinScores: number } | undefined;
 
-  // Trust the RPC's JSON shape to match Schema.output
-  const typedResult = result as (typeof Schema)["output"]["_type"];
-  return NextResponse.json(typedResult);
-}
+  if (topAndStats && typeof topAndStats === "object") {
+    top = (topAndStats as any).top ?? [];
+    stats = (topAndStats as any).stats;
+  }
+
+  const responseBody = {
+    lastDay: (lastDay as any) ?? [],
+    top: (top as any) ?? [],
+    stats,
+    reign: (reign as any) ?? [],
+  };
+
+  await setCacheValue(cacheKey, responseBody);
+
+  return NextResponse.json(responseBody);
+}

package/api/postBeatmapComment.ts

@@ -1,9 +1,10 @@
 import { NextResponse } from "next/server";
 import z from "zod";
-import { protectedApi, validUser } from "../utils/requestUtils";
-import { supabase } from "../utils/supabase";
-import { User } from "@supabase/supabase-js";
-import { getUserBySession } from "../utils/getUserBySession";
+import { protectedApi, validUser } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+import { User } from "@supabase/supabase-js";
+import { getUserBySession } from "../utils/getUserBySession";
+import { invalidateCache } from "../utils/cache";
 
 export const Schema = {
   input: z.strictObject({
@@ -45,18 +46,21 @@ export async function handler({
   if (content.length > 256)
     return NextResponse.json({ error: "Comment exceeds length." });
 
-  const upserted = await supabase
-    .from("beatmapPageComments")
-    .upsert({
-      beatmapPage: page,
-      owner: userData.id,
-      content,
-    })
-    .select("*")
-    .single();
-
-  if (upserted.error?.message.length) {
-    return NextResponse.json({ error: upserted.error.message });
-  }
-  return NextResponse.json({});
-}
+  const upserted = await supabase
+    .from("beatmapPageComments")
+    .upsert({
+      beatmapPage: page,
+      owner: userData.id,
+      content,
+    })
+    .select("*")
+    .single();
+
+  if (upserted.error?.message.length) {
+    return NextResponse.json({ error: upserted.error.message });
+  }
+
+  await invalidateCache(`beatmap-comments:${page}`);
+
+  return NextResponse.json({});
+}

package/api/submitScore.ts

@@ -1,11 +1,12 @@
 import { NextResponse } from "next/server";
-import z from "zod";
-import { protectedApi, validUser } from "../utils/requestUtils";
-import { supabase } from "../utils/supabase";
-import { decryptString } from "../utils/security";
-import { isEqual } from "lodash";
-import { getUserBySession } from "../utils/getUserBySession";
-import { User } from "@supabase/supabase-js";
+import z from "zod";
+import { protectedApi, validUser } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+import { decryptString } from "../utils/security";
+import { isEqual } from "lodash";
+import { getUserBySession } from "../utils/getUserBySession";
+import { User } from "@supabase/supabase-js";
+import { invalidateCache, invalidateCachePrefix } from "../utils/cache";
 
 export const Schema = {
   input: z.strictObject({
@@ -214,6 +215,27 @@ export async function handler({
 
   console.log("p1");
 
+  // auto-exclude: if a newly-created account (>600 RP) submits a score
+  try {
+    const ONE_WEEK = 7 * 24 * 60 * 60 * 1000;
+    if (
+      awarded_sp > 600 &&
+      userData?.created_at &&
+      Date.now() - userData.created_at < ONE_WEEK
+    ) {
+      await supabase
+        .from("profiles")
+        .upsert({ id: userData.id, ban: "excluded", bannedAt: Date.now() });
+
+      return NextResponse.json(
+        { error: "User excluded due to suspicious activity." },
+        { status: 400 }
+      );
+    }
+  } catch (e) {
+    console.error("safen/ auto-exclude check failed:", e);
+  }
+
   let parsed = [];
 
   try {
@@ -271,16 +293,24 @@ export async function handler({
   const spinTotalSp = weightCalculate(spinHashMap);
 
   console.log("VERSION: " + version);
-  await supabase.from("profiles").upsert({
-    id: userData.id,
-    play_count: (userData.play_count || 0) + 1,
-    skill_points: Math.round(totalSp * 100) / 100,
-    spin_skill_points: Math.round(spinTotalSp * 100) / 100,
-    squares_hit: (userData.squares_hit || 0) + data.hits,
-  });
-  console.log("p3");
-  // Grant special badges if applicable
-  if (passed && beatmapPages && !data.mods.includes("mod_nofail")) {
+  await supabase.from("profiles").upsert({
+    id: userData.id,
+    play_count: (userData.play_count || 0) + 1,
+    skill_points: Math.round(totalSp * 100) / 100,
+    spin_skill_points: Math.round(spinTotalSp * 100) / 100,
+    squares_hit: (userData.squares_hit || 0) + data.hits,
+  });
+  console.log("p3");
+
+  await invalidateCachePrefix(`userscore:${userData.id}`);
+  const beatmapIsRanked =
+    beatmapPages?.status === "RANKED" || beatmapPages?.status === "APPROVED";
+  if (beatmapIsRanked) {
+    await invalidateCachePrefix(`beatmap-scores:${data.mapHash}`);
+  }
+
+  // Grant special badges if applicable
+  if (passed && beatmapPages && !data.mods.includes("mod_nofail")) {
     try {
       const { data: badgeResult, error: badgeError } = await supabase.rpc(
         "grant_special_badges",

package/api/updateBeatmapPage.ts

@@ -74,21 +74,23 @@ export async function handler({
   if (userData.id !== pageData?.owner)
     return NextResponse.json({ error: "Non-authz user." });
 
-  if (pageData?.status !== "UNRANKED")
-    return NextResponse.json({ error: "Only unranked maps can be updated" });
-
-  const upsertPayload = {
+  const upsertPayload: any = {
     id,
-    genre: "",
-    status: "UNRANKED",
     owner: userData.id,
-    description: description ? description : pageData.description,
-    tags: tags ? tags : pageData.tags,
-    video_url: videoUrl ? videoUrl : pageData.video_url,
     updated_at: Date.now(),
-  } as any;
+  };
+
+  if (typeof description !== "undefined")
+    upsertPayload.description = description;
+  if (typeof tags !== "undefined") upsertPayload.tags = tags;
+  if (typeof videoUrl !== "undefined") upsertPayload.video_url = videoUrl;
 
   if (beatmapHash && beatmapData) {
+    if (pageData?.status !== "UNRANKED") {
+      return NextResponse.json({
+        error: "Only unranked maps can be updated",
+      });
+    }
     upsertPayload["title"] = beatmapData.title;
     upsertPayload["latestBeatmapHash"] = beatmapHash;
     upsertPayload["nominations"] = [];

package/index.ts

@@ -425,15 +425,16 @@ export const getBeatmapComments = handleApi({url:"/api/getBeatmapComments",...Ge
 // ./api/getBeatmapPage.ts API
 
 /*
-export const Schema = {
-  input: z.strictObject({
-    session: z.string(),
-    id: z.number(),
-  }),
-  output: z.object({
-    error: z.string().optional(),
-    scores: z
-      .array(
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+    id: z.number(),
+    limit: z.number().min(1).max(200).default(50),
+  }),
+  output: z.object({
+    error: z.string().optional(),
+    scores: z
+      .array(
         z.object({
           id: z.number(),
           awarded_sp: z.number().nullable(),
@@ -485,15 +486,16 @@ export const getBeatmapPage = handleApi({url:"/api/getBeatmapPage",...GetBeatmap
 // ./api/getBeatmapPageById.ts API
 
 /*
-export const Schema = {
-  input: z.strictObject({
-    session: z.string(),
-    mapId: z.string(),
-  }),
-  output: z.object({
-    error: z.string().optional(),
-    scores: z
-      .array(
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+    mapId: z.string(),
+    limit: z.number().min(1).max(200).default(50),
+  }),
+  output: z.object({
+    error: z.string().optional(),
+    scores: z
+      .array(
         z.object({
           id: z.number(),
           awarded_sp: z.number().nullable(),
@@ -579,6 +581,7 @@ export const Schema = {
           ownerAvatar: z.string().nullable().optional(),
           status: z.string().nullable().optional(),
           tags: z.string().nullable().optional(),
+          videoUrl: z.string().nullable().optional(),
         })
       )
       .optional(),
@@ -841,6 +844,26 @@ import { Schema as GetMapUploadUrl } from "./api/getMapUploadUrl"
 export { Schema as SchemaGetMapUploadUrl } from "./api/getMapUploadUrl"
 export const getMapUploadUrl = handleApi({url:"/api/getMapUploadUrl",...GetMapUploadUrl})
 
+// ./api/getOnlinePlayers.ts API
+
+/*
+export const Schema = {
+  input: z.strictObject({}),
+  output: z.object({
+    error: z.string().optional(),
+    players: z.array(
+      z.object({
+        id: z.number(),
+        name: z.string().nullable(),
+        profilePictureUrl: z.string().nullable(),
+      })
+    ),
+  }),
+};*/
+import { Schema as GetOnlinePlayers } from "./api/getOnlinePlayers"
+export { Schema as SchemaGetOnlinePlayers } from "./api/getOnlinePlayers"
+export const getOnlinePlayers = handleApi({url:"/api/getOnlinePlayers",...GetOnlinePlayers})
+
 // ./api/getPassToken.ts API
 
 /*

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "rhythia-api",
-  "version": "215.0.0",
+  "version": "217.0.0",
   "main": "index.ts",
   "author": "online-contributors-cunev",
   "scripts": {
@@ -40,6 +40,7 @@
     "osu-classes": "^3.1.0",
     "osu-parsers": "^4.1.7",
     "osu-standard-stable": "^5.0.0",
+    "remote-cloudflare-kv": "^1.0.1",
     "sharp": "^0.33.5",
     "short-uuid": "^5.2.0",
     "simple-git": "^3.25.0",
@@ -50,5 +51,6 @@
     "validator": "^13.12.0",
     "zero-width": "^1.0.29",
     "zod": "^3.24.2"
-  }
+  },
+  "packageManager": "yarn@1.22.22"
 }