rhythia-api 233.0.0 → 235.0.0

package/utils/requestUtils.ts

@@ -1,127 +1,127 @@
-import { NextResponse } from "next/server";
-import { ZodObject } from "zod";
-import { getUserBySession } from "./getUserBySession";
-import { supabase } from "./supabase";
-
-const SENSITIVE_LOG_KEYS = new Set([
-  "session",
-  "replayBytes",
-  "token",
-  "secret",
-  "passkey",
-  "passKey",
-]);
-const LONG_LOG_STRING_THRESHOLD = 256;
-
-function sanitizeForLog(
-  value: unknown,
-  key?: string
-):
-  | string
-  | number
-  | boolean
-  | null
-  | undefined
-  | Record<string, unknown>
-  | unknown[] {
-  const normalizedKey = (key || "").toLowerCase();
-  if (
-    SENSITIVE_LOG_KEYS.has(key || "") ||
-    SENSITIVE_LOG_KEYS.has(normalizedKey)
-  ) {
-    if (value === null || value === undefined) {
-      return value as null | undefined;
-    }
-    return "<Long>";
-  }
-
-  if (typeof value === "string") {
-    return value.length > LONG_LOG_STRING_THRESHOLD ? "<Long>" : value;
-  }
-
-  if (Array.isArray(value)) {
-    return value.map((item) => sanitizeForLog(item));
-  }
-
-  if (value && typeof value === "object") {
-    const sanitizedObject: Record<string, unknown> = {};
-    Object.entries(value as Record<string, unknown>).forEach(
-      ([entryKey, entryValue]) => {
-        sanitizedObject[entryKey] = sanitizeForLog(entryValue, entryKey);
-      }
-    );
-    return sanitizedObject;
-  }
-
-  return value as string | number | boolean | null | undefined;
-}
-
-interface Props<
-  K = (...args: any[]) => Promise<NextResponse<any>>,
-  T = ZodObject<any>,
-> {
-  request: Request;
-  schema: { input: T; output: T };
-  authorization?: Function;
-  activity: K;
-}
-
-export async function protectedApi({
-  request,
-  schema,
-  authorization,
-  activity,
-}: Props) {
-  try {
-    const toParse = await request.json();
-    const data = schema.input.parse(toParse);
-
-    console.log("Request payload:", sanitizeForLog(data));
-
-    setActivity(data);
-    if (authorization) {
-      const authorizationResponse = await authorization(data);
-      if (authorizationResponse) {
-        return authorizationResponse;
-      }
-    }
-    return await activity(data, request);
-  } catch (error) {
-    console.log(`Couldn't parse`, error.toString());
-    return NextResponse.json({ error: error.toString() }, { status: 400 });
-  }
-}
-
-export async function setActivity(data: Record<string, any>) {
-  if (data.session) {
-    const user = (await supabase.auth.getUser(data.session)).data.user;
-    if (user) {
-      await supabase.from("profileActivities").upsert({
-        uid: user.id,
-        last_activity: Date.now(),
-      });
-    }
-  }
-}
-
-export async function validUser(data) {
-  if (!data.session) {
-    return NextResponse.json(
-      {
-        error: "Session is missing",
-      },
-      { status: 501 }
-    );
-  }
-
-  const user = await getUserBySession(data.session);
-  if (!user) {
-    console.log("Invalid user session");
-    return NextResponse.json(
-      {
-        error: "Invalid user session",
-      },
-      { status: 401 }
-    );
-  }
-}
+import { NextResponse } from "./response";
+import { ZodObject } from "zod";
+import { getUserBySession } from "./getUserBySession";
+import { supabase } from "./supabase";
+
+const SENSITIVE_LOG_KEYS = new Set([
+  "session",
+  "replayBytes",
+  "token",
+  "secret",
+  "passkey",
+  "passKey",
+]);
+const LONG_LOG_STRING_THRESHOLD = 256;
+
+function sanitizeForLog(
+  value: unknown,
+  key?: string
+):
+  | string
+  | number
+  | boolean
+  | null
+  | undefined
+  | Record<string, unknown>
+  | unknown[] {
+  const normalizedKey = (key || "").toLowerCase();
+  if (
+    SENSITIVE_LOG_KEYS.has(key || "") ||
+    SENSITIVE_LOG_KEYS.has(normalizedKey)
+  ) {
+    if (value === null || value === undefined) {
+      return value as null | undefined;
+    }
+    return "<Long>";
+  }
+
+  if (typeof value === "string") {
+    return value.length > LONG_LOG_STRING_THRESHOLD ? "<Long>" : value;
+  }
+
+  if (Array.isArray(value)) {
+    return value.map((item) => sanitizeForLog(item));
+  }
+
+  if (value && typeof value === "object") {
+    const sanitizedObject: Record<string, unknown> = {};
+    Object.entries(value as Record<string, unknown>).forEach(
+      ([entryKey, entryValue]) => {
+        sanitizedObject[entryKey] = sanitizeForLog(entryValue, entryKey);
+      }
+    );
+    return sanitizedObject;
+  }
+
+  return value as string | number | boolean | null | undefined;
+}
+
+interface Props<
+  K = (...args: any[]) => Promise<NextResponse<any>>,
+  T = ZodObject<any>,
+> {
+  request: Request;
+  schema: { input: T; output: T };
+  authorization?: Function;
+  activity: K;
+}
+
+export async function protectedApi({
+  request,
+  schema,
+  authorization,
+  activity,
+}: Props) {
+  try {
+    const toParse = await request.json();
+    const data = schema.input.parse(toParse);
+
+    console.log("Request payload:", sanitizeForLog(data));
+
+    setActivity(data);
+    if (authorization) {
+      const authorizationResponse = await authorization(data);
+      if (authorizationResponse) {
+        return authorizationResponse;
+      }
+    }
+    return await activity(data, request);
+  } catch (error) {
+    console.log(`Couldn't parse`, error.toString());
+    return NextResponse.json({ error: error.toString() }, { status: 400 });
+  }
+}
+
+export async function setActivity(data: Record<string, any>) {
+  if (data.session) {
+    const user = (await supabase.auth.getUser(data.session)).data.user;
+    if (user) {
+      await supabase.from("profileActivities").upsert({
+        uid: user.id,
+        last_activity: Date.now(),
+      });
+    }
+  }
+}
+
+export async function validUser(data) {
+  if (!data.session) {
+    return NextResponse.json(
+      {
+        error: "Session is missing",
+      },
+      { status: 501 }
+    );
+  }
+
+  const user = await getUserBySession(data.session);
+  if (!user) {
+    console.log("Invalid user session");
+    return NextResponse.json(
+      {
+        error: "Invalid user session",
+      },
+      { status: 401 }
+    );
+  }
+}

package/utils/response.ts

@@ -0,0 +1,11 @@
+export class NextResponse<Body = unknown> extends Response {
+  static json<Body>(body: Body, init: ResponseInit = {}) {
+    const headers = new Headers(init.headers);
+    headers.set("content-type", "application/json; charset=utf-8");
+
+    return new NextResponse<Body>(JSON.stringify(body), {
+      ...init,
+      headers,
+    });
+  }
+}

package/worker.ts

@@ -0,0 +1,189 @@
+import { POST as acceptInvite } from "./api/acceptInvite";
+import { POST as addCollectionMap } from "./api/addCollectionMap";
+import { POST as chartPublicStats } from "./api/chartPublicStats";
+import { POST as checkQualified } from "./api/checkQualified";
+import { POST as createBeatmap } from "./api/createBeatmap";
+import { POST as createBeatmapPage } from "./api/createBeatmapPage";
+import { POST as createClan } from "./api/createClan";
+import { POST as createCollection } from "./api/createCollection";
+import { POST as createInvite } from "./api/createInvite";
+import { POST as createSupporter } from "./api/createSupporter";
+import { POST as deleteBeatmapPage } from "./api/deleteBeatmapPage";
+import { POST as deleteCollection } from "./api/deleteCollection";
+import { POST as deleteCollectionMap } from "./api/deleteCollectionMap";
+import { POST as editAboutMe } from "./api/editAboutMe";
+import { POST as editClan } from "./api/editClan";
+import { POST as editCollection } from "./api/editCollection";
+import { POST as editProfile } from "./api/editProfile";
+import { POST as enhancedSearch } from "./api/enhancedSearch";
+import { POST as executeAdminOperation } from "./api/executeAdminOperation";
+import { POST as getAvatarUploadUrl } from "./api/getAvatarUploadUrl";
+import { POST as getBadgeLeaders } from "./api/getBadgeLeaders";
+import { POST as getBadgedUsers } from "./api/getBadgedUsers";
+import { POST as getBeatmapComments } from "./api/getBeatmapComments";
+import { POST as getBeatmapPage } from "./api/getBeatmapPage";
+import { POST as getBeatmapPageById } from "./api/getBeatmapPageById";
+import { POST as getBeatmapStarRating } from "./api/getBeatmapStarRating";
+import { POST as getBeatmaps } from "./api/getBeatmaps";
+import { POST as getClan } from "./api/getClan";
+import { POST as getClans } from "./api/getClans";
+import { POST as getCollection } from "./api/getCollection";
+import { POST as getCollections } from "./api/getCollections";
+import { POST as getInventory } from "./api/getInventory";
+import { POST as getLeaderboard } from "./api/getLeaderboard";
+import { POST as getMapUploadUrl } from "./api/getMapUploadUrl";
+import { POST as getOnlinePlayers } from "./api/getOnlinePlayers";
+import { POST as getPassToken } from "./api/getPassToken";
+import { POST as getProfile } from "./api/getProfile";
+import { POST as getPublicStats } from "./api/getPublicStats";
+import { POST as getRawStarRating } from "./api/getRawStarRating";
+import { POST as getScore } from "./api/getScore";
+import { POST as getStoryBeatmaps } from "./api/getStoryBeatmaps";
+import { POST as getTimestamp } from "./api/getTimestamp";
+import { POST as getUserScores } from "./api/getUserScores";
+import { POST as getVerified } from "./api/getVerified";
+import { POST as getVideoUploadUrl } from "./api/getVideoUploadUrl";
+import { POST as postBeatmapComment } from "./api/postBeatmapComment";
+import { POST as qualifyMap } from "./api/qualifyMap";
+import { POST as rankMapsArchive } from "./api/rankMapsArchive";
+import { POST as searchUsers } from "./api/searchUsers";
+import { POST as setPasskey } from "./api/setPasskey";
+import { POST as submitScore } from "./api/submitScore";
+import { POST as submitScoreInternal } from "./api/submitScoreInternal";
+import { POST as updateBeatmapPage } from "./api/updateBeatmapPage";
+import { POST as vetoMap } from "./api/vetoMap";
+import { NextResponse } from "./utils/response";
+
+type RouteHandler = (request: Request) => Promise<Response> | Response;
+
+const corsHeaders = {
+  "Access-Control-Allow-Credentials": "true",
+  "Access-Control-Allow-Origin": "*",
+  "Access-Control-Allow-Methods": "GET,OPTIONS,PATCH,DELETE,POST,PUT",
+  "Access-Control-Allow-Headers":
+    "X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version",
+};
+
+const apiRoutes: Record<string, RouteHandler> = {
+  "/api/acceptInvite": acceptInvite,
+  "/api/addCollectionMap": addCollectionMap,
+  "/api/chartPublicStats": chartPublicStats,
+  "/api/checkQualified": checkQualified,
+  "/api/createBeatmap": createBeatmap,
+  "/api/createBeatmapPage": createBeatmapPage,
+  "/api/createClan": createClan,
+  "/api/createCollection": createCollection,
+  "/api/createInvite": createInvite,
+  "/api/createSupporter": createSupporter,
+  "/api/deleteBeatmapPage": deleteBeatmapPage,
+  "/api/deleteCollection": deleteCollection,
+  "/api/deleteCollectionMap": deleteCollectionMap,
+  "/api/editAboutMe": editAboutMe,
+  "/api/editClan": editClan,
+  "/api/editCollection": editCollection,
+  "/api/editProfile": editProfile,
+  "/api/enhancedSearch": enhancedSearch,
+  "/api/executeAdminOperation": executeAdminOperation,
+  "/api/getAvatarUploadUrl": getAvatarUploadUrl,
+  "/api/getBadgeLeaders": getBadgeLeaders,
+  "/api/getBadgedUsers": getBadgedUsers,
+  "/api/getBeatmapComments": getBeatmapComments,
+  "/api/getBeatmapPage": getBeatmapPage,
+  "/api/getBeatmapPageById": getBeatmapPageById,
+  "/api/getBeatmapStarRating": getBeatmapStarRating,
+  "/api/getBeatmaps": getBeatmaps,
+  "/api/getClan": getClan,
+  "/api/getClans": getClans,
+  "/api/getCollection": getCollection,
+  "/api/getCollections": getCollections,
+  "/api/getInventory": getInventory,
+  "/api/getLeaderboard": getLeaderboard,
+  "/api/getMapUploadUrl": getMapUploadUrl,
+  "/api/getOnlinePlayers": getOnlinePlayers,
+  "/api/getPassToken": getPassToken,
+  "/api/getProfile": getProfile,
+  "/api/getPublicStats": getPublicStats,
+  "/api/getRawStarRating": getRawStarRating,
+  "/api/getScore": getScore,
+  "/api/getStoryBeatmaps": getStoryBeatmaps,
+  "/api/getTimestamp": getTimestamp,
+  "/api/getUserScores": getUserScores,
+  "/api/getVerified": getVerified,
+  "/api/getVideoUploadUrl": getVideoUploadUrl,
+  "/api/postBeatmapComment": postBeatmapComment,
+  "/api/qualifyMap": qualifyMap,
+  "/api/rankMapsArchive": rankMapsArchive,
+  "/api/searchUsers": searchUsers,
+  "/api/setPasskey": setPasskey,
+  "/api/submitScore": submitScore,
+  "/api/submitScoreInternal": submitScoreInternal,
+  "/api/updateBeatmapPage": updateBeatmapPage,
+  "/api/vetoMap": vetoMap,
+};
+
+function withCors(response: Response) {
+  const headers = new Headers(response.headers);
+
+  for (const [key, value] of Object.entries(corsHeaders)) {
+    headers.set(key, value);
+  }
+
+  return new Response(response.body, {
+    status: response.status,
+    statusText: response.statusText,
+    headers,
+  });
+}
+
+function notFound() {
+  return NextResponse.json({ error: "Not Found" }, { status: 404 });
+}
+
+export default {
+  async fetch(request: Request) {
+    const url = new URL(request.url);
+    const pathname =
+      url.pathname.endsWith("/") && url.pathname.length > 1
+        ? url.pathname.slice(0, -1)
+        : url.pathname;
+
+    if (request.method === "OPTIONS") {
+      return withCors(new Response(null, { status: 204 }));
+    }
+
+    if (pathname === "/") {
+      return withCors(
+        new Response("<html><div>Rhythia API</div></html>", {
+          headers: {
+            "content-type": "text/html; charset=utf-8",
+          },
+        })
+      );
+    }
+
+    const handler = apiRoutes[pathname];
+    if (!handler) {
+      return withCors(notFound());
+    }
+
+    if (request.method !== "POST") {
+      return withCors(
+        NextResponse.json({ error: "Method Not Allowed" }, { status: 405 })
+      );
+    }
+
+    try {
+      return withCors(await handler(request));
+    } catch (error) {
+      console.error(error);
+      return withCors(
+        NextResponse.json(
+          {
+            error: "Internal Server Error",
+          },
+          { status: 500 }
+        )
+      );
+    }
+  },
+};

package/wrangler.jsonc

@@ -0,0 +1,10 @@
+{
+  "$schema": "./node_modules/wrangler/config-schema.json",
+  "name": "rhythia-online-api",
+  "main": "worker.ts",
+  "compatibility_date": "2026-03-11",
+  "compatibility_flags": ["nodejs_compat"],
+  "observability": {
+    "enabled": true
+  }
+}

package/index.html

@@ -1,3 +0,0 @@
-<html>
-    <div>Rhythia API</div>
-</html>

package/vercel.json

@@ -1,13 +0,0 @@
-{
-  "headers": [
-    {
-      "source": "/api/(.*)",
-      "headers": [
-        { "key": "Access-Control-Allow-Credentials", "value": "true" },
-        { "key": "Access-Control-Allow-Origin", "value": "*" },
-        { "key": "Access-Control-Allow-Methods", "value": "GET,OPTIONS,PATCH,DELETE,POST,PUT" },
-        { "key": "Access-Control-Allow-Headers", "value": "X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version" }
-      ]
-    }
-  ]
-}