rhythia-api 233.0.0 → 235.0.0

package/.env

@@ -1,12 +1 @@
-REDIS_PORT=18304
-REDIS_USERNAME=default
-REDIS_PASSWORD=yg7hYF9LPhGJRmORVIjMB8FWP2axPGto
-REDIS_HOST=redis-18304.c55.eu-central-1-1.ec2.cloud.redislabs.com
-CF_NAMESPACE_ID=571cf88650514eeba649517a75ede74a
-CF_API_TOKEN=Ldsh-UKJZw0feHmZOvhSCxaurwJBVW12LgnV_v38
-CF_ACCOUNT_ID=571cf88650514eeba649517a75ede74a
-TOKEN_SECRET=fa686bfdffd3758f6377abbc23bf3d9bdc1a0dda4a6e7f8dbdd579fa1ff6d7e2
-ACCESS_BUCKET=003c245e893e8060000000003
-SECRET_BUCKET=K003LpAu8X+2lJ09EB8NtPL/OZXV8ts
-ADMIN_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InBma2FqbmdibGxjYmR6b3lscnZwIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImlhdCI6MTcyOTAxNTMwNSwiZXhwIjoyMDQ0NTkxMzA1fQ.dKg8Wq3zZEBAH63V7q1D8a8N-d6qkB5Inm524Vmso3k
-PROD_DO_NOT_WRITE_PG=postgresql://postgres:huaUpTz3d3p7w6VU@db.pfkajngbllcbdzoylrvp.supabase.co:5432/postgres
+PROD_DO_NOT_WRITE_PG=postgresql://postgres:pMCnLpLl6UmdcStP@db.pfkajngbllcbdzoylrvp.supabase.co:5432/postgres

package/README.md

@@ -2,10 +2,10 @@
 
 This repo is a typed wrapper around Rhythia's backend endpoints. The helpers under `api/` are wired through `handleApi.ts` so consumers can call functions like `acceptInvite` or `createCollection` and let the shared client post to the hosted service while censoring stray profanity in responses.
 
-Install dependencies with Bun, then reach for the scripts in `package.json`; `bun run dev` starts the local handler, `bun run test` exercises the contract tests, and `bun run pipeline:build-api` prepares the bundle that powers deployments. The production build is pushed to Vercel from the `main` branch, so anything merged there lands at the hosted Rhythia Online API a few moments later.
+The deploy target is Cloudflare Workers. `worker.ts` dispatches the existing `api/*.ts` handlers, keeps the old `/api/*` paths, and applies the same CORS policy the old deployment used.
 
-Runtime secrets live in environment variables. Upload endpoints expect `ACCESS_BUCKET` and `SECRET_BUCKET` for S3, the purchase flow checks `BUY_SECRET`, auth helpers derive tokens from `TOKEN_SECRET`, and the Supabase admin calls need `ADMIN_KEY`. The deploy script also looks for `GIT_USER`, `GIT_KEY`, `SOURCE_BRANCH`, and `TARGET_BRANCH` when the CI job mirrors changes upstream.
+Local development uses Wrangler and reads secrets from the existing `.env` file. Install dependencies, then run `yarn dev`. Deploy with `yarn deploy`. For production, mirror the same keys in the Cloudflare dashboard or with Wrangler secrets.
 
-If you need to point at a different stack, call `setEnvironment` with `development`, `testing`, or `production` before making requests so the helper talks to the right Rhythia host.
+Runtime secrets live in environment variables. Upload endpoints expect `ACCESS_BUCKET` and `SECRET_BUCKET` for S3, the purchase flow checks `BUY_SECRET`, auth helpers derive tokens from `TOKEN_SECRET`, and the Supabase admin calls need `ADMIN_KEY`. Score ingestion also still expects the Redis credentials already used by `submitScoreInternal`.
 
-//
+If you need to point at a different stack, call `setEnvironment` with `development`, `testing`, or `production` before making requests so the helper talks to the right Rhythia host.

package/api/acceptInvite.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/addCollectionMap.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/chartPublicStats.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/checkQualified.ts

@@ -1,93 +1,93 @@
-import { NextResponse } from "next/server";
-import z from "zod";
-import { protectedApi } from "../utils/requestUtils";
-import { supabase } from "../utils/supabase";
-import { postMapLifecycleWebhook } from "../utils/mapLifecycleWebhook";
-
-const INTERNAL_SECRET = "testing-1";
-const THREE_DAYS_MS = 3 * 24 * 60 * 60 * 1000;
-
-export const Schema = {
-  input: z.strictObject({
-    secret: z.string(),
-  }),
-  output: z.object({
-    error: z.string().optional(),
-    updated: z.number(),
-  }),
-};
-
-export async function POST(request: Request): Promise<NextResponse> {
-  return protectedApi({
-    request,
-    schema: Schema,
-    authorization: () => {},
-    activity: handler,
-  });
-}
-
-export async function handler({
-  secret,
-}: (typeof Schema)["input"]["_type"]): Promise<
-  NextResponse<(typeof Schema)["output"]["_type"]>
-> {
-  if (secret !== INTERNAL_SECRET) {
-    return NextResponse.json({ error: "Internal usage only", updated: 0 });
-  }
-
-  const { data: qualifiedMaps, error: qualifiedMapsError } = await supabase
-    .from("beatmapPages")
-    .select("id,status,qualifiedAt")
-    .eq("qualified", true)
-    .not("qualifiedAt", "is", null);
-
-  if (qualifiedMapsError) {
-    return NextResponse.json({ error: qualifiedMapsError.message, updated: 0 });
-  }
-
-  const cutoffTimestamp = Date.now() - THREE_DAYS_MS;
-  const mapsToRank = (qualifiedMaps || []).filter((mapData) => {
-    if (mapData.status === "RANKED") {
-      return false;
-    }
-
-    const qualifiedAt = Date.parse(mapData.qualifiedAt || "");
-    if (!Number.isFinite(qualifiedAt)) {
-      return false;
-    }
-
-    return qualifiedAt <= cutoffTimestamp;
-  });
-
-  if (mapsToRank.length === 0) {
-    return NextResponse.json({ updated: 0 });
-  }
-
-  const { error: updateError } = await supabase
-    .from("beatmapPages")
-    .update({
-      status: "RANKED",
-      ranked_at: Date.now(),
-      qualified: false,
-      qualifiedAt: null,
-    })
-    .in(
-      "id",
-      mapsToRank.map((mapData) => mapData.id)
-    );
-
-  if (updateError) {
-    return NextResponse.json({ error: updateError.message, updated: 0 });
-  }
-
-  await Promise.allSettled(
-    mapsToRank.map((mapData) =>
-      postMapLifecycleWebhook({
-        mapId: mapData.id,
-        event: "ranked",
-      })
-    )
-  );
-
-  return NextResponse.json({ updated: mapsToRank.length });
-}
+import { NextResponse } from "../utils/response";
+import z from "zod";
+import { protectedApi } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+import { postMapLifecycleWebhook } from "../utils/mapLifecycleWebhook";
+
+const INTERNAL_SECRET = "testing-1";
+const THREE_DAYS_MS = 3 * 24 * 60 * 60 * 1000;
+
+export const Schema = {
+  input: z.strictObject({
+    secret: z.string(),
+  }),
+  output: z.object({
+    error: z.string().optional(),
+    updated: z.number(),
+  }),
+};
+
+export async function POST(request: Request): Promise<NextResponse> {
+  return protectedApi({
+    request,
+    schema: Schema,
+    authorization: () => {},
+    activity: handler,
+  });
+}
+
+export async function handler({
+  secret,
+}: (typeof Schema)["input"]["_type"]): Promise<
+  NextResponse<(typeof Schema)["output"]["_type"]>
+> {
+  if (secret !== INTERNAL_SECRET) {
+    return NextResponse.json({ error: "Internal usage only", updated: 0 });
+  }
+
+  const { data: qualifiedMaps, error: qualifiedMapsError } = await supabase
+    .from("beatmapPages")
+    .select("id,status,qualifiedAt")
+    .eq("qualified", true)
+    .not("qualifiedAt", "is", null);
+
+  if (qualifiedMapsError) {
+    return NextResponse.json({ error: qualifiedMapsError.message, updated: 0 });
+  }
+
+  const cutoffTimestamp = Date.now() - THREE_DAYS_MS;
+  const mapsToRank = (qualifiedMaps || []).filter((mapData) => {
+    if (mapData.status === "RANKED") {
+      return false;
+    }
+
+    const qualifiedAt = Date.parse(mapData.qualifiedAt || "");
+    if (!Number.isFinite(qualifiedAt)) {
+      return false;
+    }
+
+    return qualifiedAt <= cutoffTimestamp;
+  });
+
+  if (mapsToRank.length === 0) {
+    return NextResponse.json({ updated: 0 });
+  }
+
+  const { error: updateError } = await supabase
+    .from("beatmapPages")
+    .update({
+      status: "RANKED",
+      ranked_at: Date.now(),
+      qualified: false,
+      qualifiedAt: null,
+    })
+    .in(
+      "id",
+      mapsToRank.map((mapData) => mapData.id)
+    );
+
+  if (updateError) {
+    return NextResponse.json({ error: updateError.message, updated: 0 });
+  }
+
+  await Promise.allSettled(
+    mapsToRank.map((mapData) =>
+      postMapLifecycleWebhook({
+        mapId: mapData.id,
+        event: "ranked",
+      })
+    )
+  );
+
+  return NextResponse.json({ updated: mapsToRank.length });
+}

package/api/createBeatmap.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { SSPMParser } from "../utils/star-calc/sspmParser";
@@ -7,7 +7,6 @@ import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
 import { rateMap } from "../utils/star-calc";
 import { getUserBySession } from "../utils/getUserBySession";
 import { User } from "@supabase/supabase-js";
-import { NodeHttpHandler } from "@aws-sdk/node-http-handler";
 
 const s3Client = new S3Client({
   region: "auto",
@@ -19,21 +18,10 @@ const s3Client = new S3Client({
   requestChecksumCalculation: "WHEN_REQUIRED",
 });
 
-// Remove ALL validation and checksum middleware
-const middlewareToRemove = [
-  "build:checksum",
-  "build:content-checksum",
-  "build:content-md5",
-  "validate",
-  "validateChecksum",
-];
-
 s3Client.middlewareStack.add(
   (next) =>
     async (args): Promise<any> => {
       const request = args.request as RequestInit;
-
-      // Remove checksum headers
       const headers = request.headers as Record<string, string>;
       delete headers["x-amz-checksum-crc32"];
       delete headers["x-amz-checksum-crc32c"];
@@ -41,21 +29,51 @@ s3Client.middlewareStack.add(
       delete headers["x-amz-checksum-sha256"];
       request.headers = headers;
 
-      Object.entries(request.headers).forEach(
-        // @ts-ignore
-        ([key, value]: [string, string]): void => {
-          if (!request.headers) {
-            request.headers = {};
-          }
-          (request.headers as Record<string, string>)[key] = value;
-        }
-      );
-
       return next(args);
     },
   { step: "build", name: "customHeaders" }
 );
 
+function getCoverContentType(cover: Uint8Array) {
+  if (
+    cover.length >= 8 &&
+    cover[0] === 0x89 &&
+    cover[1] === 0x50 &&
+    cover[2] === 0x4e &&
+    cover[3] === 0x47
+  ) {
+    return "image/png";
+  }
+
+  if (cover.length >= 3 && cover[0] === 0xff && cover[1] === 0xd8) {
+    return "image/jpeg";
+  }
+
+  if (
+    cover.length >= 12 &&
+    cover[0] === 0x52 &&
+    cover[1] === 0x49 &&
+    cover[2] === 0x46 &&
+    cover[3] === 0x46 &&
+    cover[8] === 0x57 &&
+    cover[9] === 0x45 &&
+    cover[10] === 0x42 &&
+    cover[11] === 0x50
+  ) {
+    return "image/webp";
+  }
+
+  if (
+    cover.length >= 6 &&
+    cover[0] === 0x47 &&
+    cover[1] === 0x49 &&
+    cover[2] === 0x46
+  ) {
+    return "image/gif";
+  }
+
+  return "image/jpeg";
+}
 export const Schema = {
   input: z.strictObject({
     url: z.string(),
@@ -147,44 +165,18 @@ export async function handler({
       return NextResponse.json({ error: "Already Exists" });
     }
   }
-
   const imgkey = `beatmap-img-${Date.now()}-${digested}`;
-
-  let buffer = Buffer.from([]);
-  try {
-    buffer = await require("sharp")(parsedData.cover)
-      .resize(250)
-      .jpeg({ mozjpeg: true })
-      .toBuffer();
-  } catch (error) {}
-
-  let largeBuffer = Buffer.from([]);
-  try {
-    largeBuffer = await require("sharp")(parsedData.cover)
-      .resize(850)
-      .jpeg({ mozjpeg: true })
-      .toBuffer();
-  } catch (error) {}
-
-  // Images
-  const command = new PutObjectCommand({
-    Bucket: "rhthia-avatars",
-    Key: imgkey,
-    Body: buffer,
-    ContentType: "image/jpeg",
-  });
-
-  await s3Client.send(command);
-
-  const command2 = new PutObjectCommand({
-    Bucket: "rhthia-avatars",
-    Key: imgkey + "large",
-    Body: largeBuffer,
-    ContentType: "image/jpeg",
-  });
-
-  await s3Client.send(command2);
-  // Images End
+  const cover = parsedData.cover || Buffer.from([]);
+  const coverContentType = getCoverContentType(cover);
+
+  await s3Client.send(
+    new PutObjectCommand({
+      Bucket: "rhthia-avatars",
+      Key: imgkey,
+      Body: cover,
+      ContentType: coverContentType,
+    })
+  );
 
   const markers = parsedData.markers.sort((a, b) => a.position - b.position);
 
@@ -197,10 +189,9 @@ export async function handler({
     length: markers[markers.length - 1].position,
     beatmapFile: url,
     image: `https://static.rhythia.com/${imgkey}`,
-    imageLarge: `https://static.rhythia.com/${imgkey}large`,
+    imageLarge: `https://static.rhythia.com/${imgkey}`,
     starRating: rateMap(parsedData),
   });
-
   if (upserted.error?.message.length) {
     return NextResponse.json({ error: upserted.error.message });
   }

package/api/createBeatmapPage.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/createClan.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/createCollection.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/createInvite.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/createSupporter.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/deleteBeatmapPage.ts

@@ -1,10 +1,10 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";
 import { getUserBySession } from "../utils/getUserBySession";
 import { User } from "@supabase/supabase-js";
-import { invalidateCache, invalidateCachePrefix } from "../utils/cache";
+import { invalidateCache } from "../utils/cache";
 
 export const Schema = {
   input: z.strictObject({
@@ -76,9 +76,6 @@ export async function handler({
     .eq("beatmapHash", beatmapData.beatmapHash);
 
   await invalidateCache(`beatmap-comments:${id}`);
-  if (pageData.latestBeatmapHash) {
-    await invalidateCachePrefix(`beatmap-scores:${pageData.latestBeatmapHash}`);
-  }
 
   return NextResponse.json({});
 }

package/api/deleteCollection.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/deleteCollectionMap.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/editAboutMe.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { Database } from "../types/database";
 import { protectedApi, validUser } from "../utils/requestUtils";

package/api/editClan.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";

package/api/editCollection.ts

@@ -1,10 +1,9 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { protectedApi, validUser } from "../utils/requestUtils";
 import { supabase } from "../utils/supabase";
 import { getUserBySession } from "../utils/getUserBySession";
 import { User } from "@supabase/supabase-js";
-import { describe } from "node:test";
 
 export const Schema = {
   input: z.strictObject({

package/api/editProfile.ts

@@ -1,4 +1,4 @@
-import { NextResponse } from "next/server";
+import { NextResponse } from "../utils/response";
 import z from "zod";
 import { Database } from "../types/database";
 import { protectedApi, validUser } from "../utils/requestUtils";