rhythia-api 233.0.0 → 234.0.0

package/api/submitScoreInternal.ts

@@ -1,449 +1,461 @@
-import { NextResponse } from "next/server";
-import z from "zod";
-import { protectedApi, validUser } from "../utils/requestUtils";
-import { supabase } from "../utils/supabase";
-import { decryptString } from "../utils/security";
-import { isEqual } from "lodash";
-import { getUserBySession } from "../utils/getUserBySession";
-import { User } from "@supabase/supabase-js";
-import { invalidateCachePrefix } from "../utils/cache";
-import { createClient, RedisClientType } from "redis";
-import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
-
-const s3Client = new S3Client({
-  region: "auto",
-  endpoint: "https://s3.eu-central-003.backblazeb2.com",
-  credentials: {
-    secretAccessKey: process.env.SECRET_BUCKET || "",
-    accessKeyId: process.env.ACCESS_BUCKET || "",
-  },
-  requestChecksumCalculation: "WHEN_REQUIRED",
-});
-
-s3Client.middlewareStack.add(
-  (next) =>
-    async (args): Promise<any> => {
-      const request = args.request as RequestInit;
-      const headers = (request.headers || {}) as Record<string, string>;
-
-      delete headers["x-amz-checksum-crc32"];
-      delete headers["x-amz-checksum-crc32c"];
-      delete headers["x-amz-checksum-sha1"];
-      delete headers["x-amz-checksum-sha256"];
-
-      request.headers = headers;
-      return next(args);
-    },
-  { step: "build", name: "stripBackblazeChecksumHeaders" }
-);
-
-export const Schema = {
-  input: z.strictObject({
-    session: z.string(),
-    secret: z.string(),
-    token: z.string(),
-    data: z.strictObject({
-      onlineMapId: z.number(),
-      misses: z.number(),
-      hits: z.number(),
-      speed: z.number(),
-      mods: z.array(z.string()),
-      spin: z.boolean(),
-      replayBytes: z.string().nullable().optional(),
-      pauses: z.number().nullable().optional(),
-      failTime: z.number().nullable().optional(),
-    }),
-  }),
-  output: z.object({
-    error: z.string().optional(),
-  }),
-};
-
-function easeInExpoDeqHard(x: number, star: number) {
-  let exponent = 100 - 12 * star;
-  if (exponent < 5) exponent = 5;
-  return x === 0 ? 0 : Math.pow(2, exponent * x - exponent);
-}
-
-export function calculatePerformancePoints(
-  starRating: number,
-  accuracy: number
-) {
-  return (
-    Math.round(
-      Math.pow(
-        (starRating * easeInExpoDeqHard(accuracy, starRating) * 100) / 2,
-        2
-      ) / 1000
-    ) * 2
-  );
-}
-
-export async function POST(request: Request): Promise<NextResponse> {
-  console.log("Received submitScoreInternal request");
-  return protectedApi({
-    request,
-    schema: Schema,
-    authorization: validUser,
-    activity: handler,
-  });
-}
-
-export async function handler({
-  data,
-  token,
-  session,
-  secret,
-}: (typeof Schema)["input"]["_type"]): Promise<
-  NextResponse<(typeof Schema)["output"]["_type"]>
-> {
-  if (secret !== "testing-1") {
-    console.log("Internal usage only");
-    return NextResponse.json({
-      error: "Internal usage only",
-    });
-  }
-  const user = (await getUserBySession(session)) as User;
-
-  if (!user) {
-    console.log("token-expired");
-    return NextResponse.json(
-      {
-        error: "token-expired",
-      },
-      { status: 401 }
-    );
-  }
-
-  let { data: leversData } = await supabase
-    .from("levers")
-    .select("*")
-    .eq("id", 1)
-    .single();
-
-  if (leversData && leversData.disable_scores) {
-    console.log("Lever pulled - blocked score");
-    return NextResponse.json({
-      error: "Scores are temporarily disabled",
-    });
-  }
-
-  if (data.failTime) {
-    console.log("Fail Score don't save");
-    return NextResponse.json({
-      error: "Fail time scores aren't saved for now",
-    });
-  }
-
-  let { data: userData, error: userError } = await supabase
-    .from("profiles")
-    .select("*")
-    .eq("uid", user.id)
-    .single();
-
-  if (!userData) {
-    console.log("User doesn't exist");
-    return NextResponse.json(
-      {
-        error: "User doesn't exist",
-      },
-      { status: 400 }
-    );
-  }
-
-  console.log(userData);
-
-  if (userData.ban == "excluded" || userData.ban == "restricted") {
-    console.log(
-      "Silenced, restricted or excluded players can't submit scores."
-    );
-    return NextResponse.json(
-      {
-        error: "Silenced, restricted or excluded players can't submit scores.",
-      },
-      { status: 400 }
-    );
-  }
-
-  let { data: beatmapPages, error: bpError } = await supabase
-    .from("beatmapPages")
-    .select("*")
-    .eq("id", data.onlineMapId)
-    .single();
-
-  let { data: beatmaps, error: bpErr } = await supabase
-    .from("beatmaps")
-    .select("*")
-    .eq("beatmapHash", beatmapPages!.latestBeatmapHash!)
-    .single();
-
-  if (!beatmaps) {
-    console.log("Map not submitted");
-    return NextResponse.json(
-      {
-        error: "Map not submitted",
-      },
-      { status: 400 }
-    );
-  }
-
-  if (!beatmapPages) {
-    console.log("Map page not submitted");
-    return NextResponse.json(
-      {
-        error: "Map not submitted",
-      },
-      { status: 400 }
-    );
-  }
-
-  await supabase.from("beatmaps").upsert({
-    beatmapHash: beatmapPages.latestBeatmapHash!,
-    playcount: (beatmaps!.playcount || 1) + 1,
-  });
-
-  let passed = true;
-
-  // Pass invalidation
-  if (data.misses + data.hits !== beatmaps.noteCount) {
-    passed = false;
-  }
-
-  const accurracy = data.hits / beatmaps.noteCount!;
-  let awarded_sp = 0;
-
-  console.log(
-    data.misses + data.hits == beatmaps.noteCount,
-    data.misses + data.hits,
-    beatmaps.noteCount
-  );
-
-  let multiplierMod = 1;
-  if (data.mods.includes("mod_hardrock")) {
-    multiplierMod *= 1; //todo: change here
-  }
-
-  if (data.mods.includes("mod_nofail")) {
-    multiplierMod *= Math.pow(0.95, data.misses);
-  }
-
-  awarded_sp = calculatePerformancePoints(
-    data.speed * beatmaps.starRating! * multiplierMod,
-    accurracy
-  );
-
-  if (beatmapPages.status == "UNRANKED") {
-    awarded_sp = 0;
-  }
-
-  console.log("p1");
-
-  let client: RedisClientType | undefined;
-  let tokenId = -1;
-
-  try {
-    if (Buffer.from(token, "base64").length != 4096) {
-      console.log("token length check failed");
-      return NextResponse.json(
-        {
-          error: "",
-        },
-        { status: 400 }
-      );
-    }
-
-    client = createClient({
-      username: process.env.REDIS_USERNAME,
-      password: process.env.REDIS_PASSWORD,
-      socket: {
-        host: process.env.REDIS_HOST,
-        port: process.env.REDIS_PORT as unknown as number,
-      },
-    });
-
-    client.on("error", (err) => console.log("Redis Client Error", err));
-    await client.connect();
-
-    const { data, error } = await supabase
-      .from("tokens")
-      .insert({})
-      .select()
-      .single();
-
-    if (error !== null) {
-      console.log(error);
-      throw error;
-    }
-
-    tokenId = data.id;
-
-    await client.xAdd("score:tokens", "*", {
-      token: JSON.stringify({
-        userId: userData.id,
-        tokenId: tokenId,
-        token: token,
-      }),
-    });
-  } catch (exception) {
-    console.log(exception);
-    console.log("failed to send redis request", {
-      token: "<Long>",
-      userId: userData.id,
-    });
-  } finally {
-    client?.destroy();
-  }
-
-  // auto-exclude: if a newly-created account (>600 RP) submits a score
-  try {
-    const ONE_WEEK = 7 * 24 * 60 * 60 * 1000;
-    if (
-      awarded_sp > 600 &&
-      userData?.created_at &&
-      Date.now() - userData.created_at < ONE_WEEK
-    ) {
-      await supabase
-        .from("profiles")
-        .upsert({ id: userData.id, ban: "excluded", bannedAt: Date.now() });
-
-      return NextResponse.json(
-        { error: "User excluded due to suspicious activity." },
-        { status: 400 }
-      );
-    }
-  } catch (e) {
-    console.error("safen/ auto-exclude check failed:", e);
-  }
-  let replayUrl: string | null = null;
-
-  if (data.replayBytes) {
-    try {
-      const replayBuffer = Buffer.from(data.replayBytes, "base64");
-      if (replayBuffer.length > 0) {
-        const replayKey = `score-replay-${Date.now()}-${user.id}.rhr`;
-        await s3Client.send(
-          new PutObjectCommand({
-            Bucket: "rhthia-avatars",
-            Key: replayKey,
-            Body: replayBuffer,
-            ContentType: "application/octet-stream",
-          })
-        );
-        replayUrl = `https://rhthia-avatars.s3.eu-central-003.backblazeb2.com/${replayKey}`;
-      }
-    } catch (error) {
-      console.error("Replay upload failed:", error);
-    }
-  }
-
-  await supabase.from("scores").upsert({
-    beatmapHash: beatmaps.beatmapHash,
-    replayHwid: "",
-    replay_url: replayUrl,
-    songId: beatmaps.beatmapHash,
-    userId: userData.id,
-    passed,
-    misses: data.misses,
-    awarded_sp: Math.round(awarded_sp * 100) / 100,
-    speed: data.speed,
-    mods: data.mods,
-    additional_data: "",
-    spin: data.spin || false,
-    token: tokenId === -1 ? undefined : tokenId,
-  });
-
-  console.log("p2");
-
-  let { data: scores2, error: errorsp } = await supabase
-    .from("scores")
-    .select(`awarded_sp,beatmapHash,spin`)
-    .eq("userId", userData.id)
-    .neq("awarded_sp", 0)
-    .eq("passed", true)
-    .order("awarded_sp", { ascending: false });
-
-  if (scores2 == null) return NextResponse.json({ error: "No scores" });
-
-  let allHashMap: Record<string, number> = {};
-  let spinHashMap: Record<string, number> = {};
-
-  for (const score of scores2) {
-    const { beatmapHash, awarded_sp } = score;
-
-    if (!beatmapHash || !awarded_sp) continue;
-
-    // Normal Scores
-    if (!allHashMap[beatmapHash] || allHashMap[beatmapHash] < awarded_sp) {
-      allHashMap[beatmapHash] = awarded_sp;
-    }
-
-    // Spin Scores
-    if (score.spin) {
-      if (!spinHashMap[beatmapHash] || spinHashMap[beatmapHash] < awarded_sp) {
-        spinHashMap[beatmapHash] = awarded_sp;
-      }
-    }
-  }
-  // All scores
-  const totalSp = weightCalculate(allHashMap);
-
-  // Only spin scores
-  const spinTotalSp = weightCalculate(spinHashMap);
-
-  await supabase.from("profiles").upsert({
-    id: userData.id,
-    play_count: (userData.play_count || 0) + 1,
-    skill_points: Math.round(totalSp * 100) / 100,
-    spin_skill_points: Math.round(spinTotalSp * 100) / 100,
-    squares_hit: (userData.squares_hit || 0) + data.hits,
-  });
-  console.log("p3");
-
-  await invalidateCachePrefix(`userscore:${userData.id}`);
-  const beatmapIsRanked =
-    beatmapPages?.status === "RANKED" || beatmapPages?.status === "APPROVED";
-  if (beatmapIsRanked) {
-    await invalidateCachePrefix(`beatmap-scores:${beatmaps.beatmapHash}`);
-  }
-
-  // Grant special badges if applicable
-  if (passed && beatmapPages && !data.mods.includes("mod_nofail")) {
-    try {
-      const { data: badgeResult, error: badgeError } = await supabase.rpc(
-        "grant_special_badges",
-        {
-          p_user_id: userData.id,
-          p_beatmap_id: beatmapPages.id,
-          p_spin: data.spin || false,
-          p_passed: passed,
-        }
-      );
-
-      const result = badgeResult as { granted: boolean; badge: string | null };
-      if (result && result.granted) {
-        console.log(`Badge granted: ${result.badge} to user ${userData.id}`);
-      }
-    } catch (error) {
-      console.error("Error granting badge:", error);
-    }
-  }
-  return NextResponse.json({});
-}
-
-export function weightCalculate(hashMap: Record<string, number>) {
-  let totalSp = 0;
-  let weight = 100;
-
-  const values = Object.values(hashMap);
-  values.sort((a, b) => b - a);
-
-  for (const score of values) {
-    totalSp += ((score || 0) * weight) / 100;
-    weight = weight * 0.97;
-
-    if (weight < 5) {
-      break;
-    }
-  }
-  return totalSp;
-}
+import { NextResponse } from "../utils/response";
+import z from "zod";
+import { protectedApi, validUser } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+import { decryptString } from "../utils/security";
+import { isEqual } from "lodash";
+import { getUserBySession } from "../utils/getUserBySession";
+import { User } from "@supabase/supabase-js";
+import { invalidateCachePrefix } from "../utils/cache";
+import { createClient, RedisClientType } from "redis";
+import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
+
+const SCORE_TOKEN_STREAM_MAXLEN = 10000;
+
+const s3Client = new S3Client({
+  region: "auto",
+  endpoint: "https://s3.eu-central-003.backblazeb2.com",
+  credentials: {
+    secretAccessKey: process.env.SECRET_BUCKET || "",
+    accessKeyId: process.env.ACCESS_BUCKET || "",
+  },
+  requestChecksumCalculation: "WHEN_REQUIRED",
+});
+
+s3Client.middlewareStack.add(
+  (next) =>
+    async (args): Promise<any> => {
+      const request = args.request as RequestInit;
+      const headers = (request.headers || {}) as Record<string, string>;
+
+      delete headers["x-amz-checksum-crc32"];
+      delete headers["x-amz-checksum-crc32c"];
+      delete headers["x-amz-checksum-sha1"];
+      delete headers["x-amz-checksum-sha256"];
+
+      request.headers = headers;
+      return next(args);
+    },
+  { step: "build", name: "stripBackblazeChecksumHeaders" }
+);
+
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+    secret: z.string(),
+    token: z.string(),
+    data: z.strictObject({
+      onlineMapId: z.number(),
+      misses: z.number(),
+      hits: z.number(),
+      speed: z.number(),
+      mods: z.array(z.string()),
+      spin: z.boolean(),
+      replayBytes: z.string().nullable().optional(),
+      pauses: z.number().nullable().optional(),
+      failTime: z.number().nullable().optional(),
+    }),
+  }),
+  output: z.object({
+    error: z.string().optional(),
+  }),
+};
+
+function easeInExpoDeqHard(x: number, star: number) {
+  let exponent = 100 - 12 * star;
+  if (exponent < 5) exponent = 5;
+  return x === 0 ? 0 : Math.pow(2, exponent * x - exponent);
+}
+
+export function calculatePerformancePoints(
+  starRating: number,
+  accuracy: number
+) {
+  return (
+    Math.round(
+      Math.pow(
+        (starRating * easeInExpoDeqHard(accuracy, starRating) * 100) / 2,
+        2
+      ) / 1000
+    ) * 2
+  );
+}
+
+export async function POST(request: Request): Promise<NextResponse> {
+  console.log("Received submitScoreInternal request");
+  return protectedApi({
+    request,
+    schema: Schema,
+    authorization: validUser,
+    activity: handler,
+  });
+}
+
+export async function handler({
+  data,
+  token,
+  session,
+  secret,
+}: (typeof Schema)["input"]["_type"]): Promise<
+  NextResponse<(typeof Schema)["output"]["_type"]>
+> {
+  if (secret !== "testing-1") {
+    console.log("Internal usage only");
+    return NextResponse.json({
+      error: "Internal usage only",
+    });
+  }
+  const user = (await getUserBySession(session)) as User;
+
+  if (!user) {
+    console.log("token-expired");
+    return NextResponse.json(
+      {
+        error: "token-expired",
+      },
+      { status: 401 }
+    );
+  }
+
+  let { data: leversData } = await supabase
+    .from("levers")
+    .select("*")
+    .eq("id", 1)
+    .single();
+
+  if (leversData && leversData.disable_scores) {
+    console.log("Lever pulled - blocked score");
+    return NextResponse.json({
+      error: "Scores are temporarily disabled",
+    });
+  }
+
+  if (data.failTime) {
+    console.log("Fail Score don't save");
+    return NextResponse.json({
+      error: "Fail time scores aren't saved for now",
+    });
+  }
+
+  let { data: userData, error: userError } = await supabase
+    .from("profiles")
+    .select("*")
+    .eq("uid", user.id)
+    .single();
+
+  if (!userData) {
+    console.log("User doesn't exist");
+    return NextResponse.json(
+      {
+        error: "User doesn't exist",
+      },
+      { status: 400 }
+    );
+  }
+
+  console.log(userData);
+
+  if (userData.ban == "excluded" || userData.ban == "restricted") {
+    console.log(
+      "Silenced, restricted or excluded players can't submit scores."
+    );
+    return NextResponse.json(
+      {
+        error: "Silenced, restricted or excluded players can't submit scores.",
+      },
+      { status: 400 }
+    );
+  }
+
+  let { data: beatmapPages, error: bpError } = await supabase
+    .from("beatmapPages")
+    .select("*")
+    .eq("id", data.onlineMapId)
+    .single();
+
+  let { data: beatmaps, error: bpErr } = await supabase
+    .from("beatmaps")
+    .select("*")
+    .eq("beatmapHash", beatmapPages!.latestBeatmapHash!)
+    .single();
+
+  if (!beatmaps) {
+    console.log("Map not submitted");
+    return NextResponse.json(
+      {
+        error: "Map not submitted",
+      },
+      { status: 400 }
+    );
+  }
+
+  if (!beatmapPages) {
+    console.log("Map page not submitted");
+    return NextResponse.json(
+      {
+        error: "Map not submitted",
+      },
+      { status: 400 }
+    );
+  }
+
+  await supabase.from("beatmaps").upsert({
+    beatmapHash: beatmapPages.latestBeatmapHash!,
+    playcount: (beatmaps!.playcount || 1) + 1,
+  });
+
+  let passed = true;
+
+  // Pass invalidation
+  if (data.misses + data.hits !== beatmaps.noteCount) {
+    passed = false;
+  }
+
+  const accurracy = data.hits / beatmaps.noteCount!;
+  let awarded_sp = 0;
+
+  console.log(
+    data.misses + data.hits == beatmaps.noteCount,
+    data.misses + data.hits,
+    beatmaps.noteCount
+  );
+
+  let multiplierMod = 1;
+  if (data.mods.includes("mod_hardrock")) {
+    multiplierMod *= 1; //todo: change here
+  }
+
+  if (data.mods.includes("mod_nofail")) {
+    multiplierMod *= Math.pow(0.95, data.misses);
+  }
+
+  awarded_sp = calculatePerformancePoints(
+    data.speed * beatmaps.starRating! * multiplierMod,
+    accurracy
+  );
+
+  if (beatmapPages.status == "UNRANKED") {
+    awarded_sp = 0;
+  }
+
+  console.log("p1");
+
+  let client: RedisClientType | undefined;
+  let tokenId = -1;
+
+  try {
+    if (Buffer.from(token, "base64").length != 4096) {
+      console.log("token length check failed");
+      return NextResponse.json(
+        {
+          error: "",
+        },
+        { status: 400 }
+      );
+    }
+
+    client = createClient({
+      username: process.env.REDIS_USERNAME,
+      password: process.env.REDIS_PASSWORD,
+      socket: {
+        host: process.env.REDIS_HOST,
+        port: process.env.REDIS_PORT as unknown as number,
+      },
+    });
+
+    client.on("error", (err) => console.log("Redis Client Error", err));
+    await client.connect();
+
+    const { data, error } = await supabase
+      .from("tokens")
+      .insert({})
+      .select()
+      .single();
+
+    if (error !== null) {
+      console.log(error);
+      throw error;
+    }
+
+    tokenId = data.id;
+
+    await client.xTrim("score:tokens", "MAXLEN", SCORE_TOKEN_STREAM_MAXLEN, {
+      strategyModifier: "~",
+    });
+
+    await client.xAdd(
+      "score:tokens",
+      "*",
+      {
+        token: JSON.stringify({
+          userId: userData.id,
+          tokenId: tokenId,
+          token: token,
+        }),
+      },
+      {
+        TRIM: {
+          strategy: "MAXLEN",
+          strategyModifier: "~",
+          threshold: SCORE_TOKEN_STREAM_MAXLEN,
+        },
+      }
+    );
+  } catch (exception) {
+    console.log(exception);
+    console.log("failed to send redis request", {
+      token: "<Long>",
+      userId: userData.id,
+    });
+  } finally {
+    client?.destroy();
+  }
+
+  // auto-exclude: if a newly-created account (>600 RP) submits a score
+  try {
+    const ONE_WEEK = 7 * 24 * 60 * 60 * 1000;
+    if (
+      awarded_sp > 600 &&
+      userData?.created_at &&
+      Date.now() - userData.created_at < ONE_WEEK
+    ) {
+      await supabase
+        .from("profiles")
+        .upsert({ id: userData.id, ban: "excluded", bannedAt: Date.now() });
+
+      return NextResponse.json(
+        { error: "User excluded due to suspicious activity." },
+        { status: 400 }
+      );
+    }
+  } catch (e) {
+    console.error("safen/ auto-exclude check failed:", e);
+  }
+  let replayUrl: string | null = null;
+
+  if (data.replayBytes) {
+    try {
+      const replayBuffer = Buffer.from(data.replayBytes, "base64");
+      if (replayBuffer.length > 0) {
+        const replayKey = `score-replay-${Date.now()}-${user.id}.rhr`;
+        await s3Client.send(
+          new PutObjectCommand({
+            Bucket: "rhthia-avatars",
+            Key: replayKey,
+            Body: replayBuffer,
+            ContentType: "application/octet-stream",
+          })
+        );
+        replayUrl = `https://rhthia-avatars.s3.eu-central-003.backblazeb2.com/${replayKey}`;
+      }
+    } catch (error) {
+      console.error("Replay upload failed:", error);
+    }
+  }
+
+  await supabase.from("scores").upsert({
+    beatmapHash: beatmaps.beatmapHash,
+    replayHwid: "",
+    replay_url: replayUrl,
+    songId: beatmaps.beatmapHash,
+    userId: userData.id,
+    passed,
+    misses: data.misses,
+    awarded_sp: Math.round(awarded_sp * 100) / 100,
+    speed: data.speed,
+    mods: data.mods,
+    additional_data: "",
+    spin: data.spin || false,
+    token: tokenId === -1 ? undefined : tokenId,
+  });
+
+  console.log("p2");
+
+  let { data: scores2, error: errorsp } = await supabase
+    .from("scores")
+    .select(`awarded_sp,beatmapHash,spin`)
+    .eq("userId", userData.id)
+    .neq("awarded_sp", 0)
+    .eq("passed", true)
+    .order("awarded_sp", { ascending: false });
+
+  if (scores2 == null) return NextResponse.json({ error: "No scores" });
+
+  let allHashMap: Record<string, number> = {};
+  let spinHashMap: Record<string, number> = {};
+
+  for (const score of scores2) {
+    const { beatmapHash, awarded_sp } = score;
+
+    if (!beatmapHash || !awarded_sp) continue;
+
+    // Normal Scores
+    if (!allHashMap[beatmapHash] || allHashMap[beatmapHash] < awarded_sp) {
+      allHashMap[beatmapHash] = awarded_sp;
+    }
+
+    // Spin Scores
+    if (score.spin) {
+      if (!spinHashMap[beatmapHash] || spinHashMap[beatmapHash] < awarded_sp) {
+        spinHashMap[beatmapHash] = awarded_sp;
+      }
+    }
+  }
+  // All scores
+  const totalSp = weightCalculate(allHashMap);
+
+  // Only spin scores
+  const spinTotalSp = weightCalculate(spinHashMap);
+
+  await supabase.from("profiles").upsert({
+    id: userData.id,
+    play_count: (userData.play_count || 0) + 1,
+    skill_points: Math.round(totalSp * 100) / 100,
+    spin_skill_points: Math.round(spinTotalSp * 100) / 100,
+    squares_hit: (userData.squares_hit || 0) + data.hits,
+  });
+  console.log("p3");
+
+  await invalidateCachePrefix(`userscore:${userData.id}`);
+
+  // Grant special badges if applicable
+  if (passed && beatmapPages && !data.mods.includes("mod_nofail")) {
+    try {
+      const { data: badgeResult, error: badgeError } = await supabase.rpc(
+        "grant_special_badges",
+        {
+          p_user_id: userData.id,
+          p_beatmap_id: beatmapPages.id,
+          p_spin: data.spin || false,
+          p_passed: passed,
+        }
+      );
+
+      const result = badgeResult as { granted: boolean; badge: string | null };
+      if (result && result.granted) {
+        console.log(`Badge granted: ${result.badge} to user ${userData.id}`);
+      }
+    } catch (error) {
+      console.error("Error granting badge:", error);
+    }
+  }
+  return NextResponse.json({});
+}
+
+export function weightCalculate(hashMap: Record<string, number>) {
+  let totalSp = 0;
+  let weight = 100;
+
+  const values = Object.values(hashMap);
+  values.sort((a, b) => b - a);
+
+  for (const score of values) {
+    totalSp += ((score || 0) * weight) / 100;
+    weight = weight * 0.97;
+
+    if (weight < 5) {
+      break;
+    }
+  }
+  return totalSp;
+}