rhythia-api 241.0.0 → 242.0.0

package/api/editProfile.ts

@@ -72,44 +72,55 @@ export async function handler(
   data: (typeof Schema)["input"]["_type"]
 ): Promise<NextResponse<(typeof Schema)["output"]["_type"]>> {
   if (data.data.username !== undefined) {
-    if (data.data.username.length < 3) {
+    data.data.username = removeZeroWidth(data.data.username);
+
+    if (validator.trim(data.data.username) !== data.data.username) {
       return NextResponse.json(
         {
-          error: "Username must be at least 3 characters long",
+          error: "Username can't start or end with spaces.",
         },
         { status: 404 }
       );
     }
 
-    if (data.data.username.length > 20) {
+    if (data.data.username.length < 2) {
       return NextResponse.json(
         {
-          error: "Username too long.",
+          error: "Username must be at least 2 characters long",
         },
         { status: 404 }
       );
     }
 
-    if (!/^[a-z0-9]+$/i.test(data.data.username)) {
+    if (data.data.username.length > 16) {
       return NextResponse.json(
         {
-          error: "Username can only contain letters (a-z) and numbers (0-9)",
+          error: "Username must be 16 characters or fewer.",
         },
         { status: 404 }
       );
     }
-  }
 
-  if (validator.trim(data.data.username || "") !== (data.data.username || "")) {
-    return NextResponse.json(
-      {
-        error: "Username can't start or end with spaces.",
-      },
-      { status: 404 }
-    );
-  }
+    if (!/^[A-Za-z0-9._]+$/.test(data.data.username)) {
+      return NextResponse.json(
+        {
+          error:
+            "Username can only contain English letters (a-z), numbers (0-9), and up to one '_' or '.'",
+        },
+        { status: 404 }
+      );
+    }
 
-  data.data.username = removeZeroWidth(data.data.username || "");
+    const specialCharacters = data.data.username.match(/[._]/g) ?? [];
+    if (specialCharacters.length > 1) {
+      return NextResponse.json(
+        {
+          error: "Username can contain at most one '_' or one '.'",
+        },
+        { status: 404 }
+      );
+    }
+  }
 
   if (data.data.flag !== undefined) {
     const normalizedFlag = validator.trim(data.data.flag).toUpperCase();

package/api/editProfileFriend.ts

@@ -0,0 +1,122 @@
+import { NextResponse } from "../utils/response";
+import z from "zod";
+import { protectedApi, validUser } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+import { getUserBySession } from "../utils/getUserBySession";
+import { User } from "@supabase/supabase-js";
+
+const friendStateSchema = z.enum(["none", "added", "mutual"]);
+
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+    profileId: z.number(),
+    action: z.enum(["add", "remove"]),
+  }),
+  output: z.strictObject({
+    error: z.string().optional(),
+    friend_count: z.number().optional(),
+    friend_state: friendStateSchema.optional(),
+  }),
+};
+
+async function getFriendState(viewerProfileId: number, profileId: number) {
+  const [{ count: addedCount }, { count: mutualCount }] = await Promise.all([
+    supabase
+      .from("profileFriends")
+      .select("*", { count: "exact", head: true })
+      .eq("profile_id", viewerProfileId)
+      .eq("friend_id", profileId),
+    supabase
+      .from("profileFriends")
+      .select("*", { count: "exact", head: true })
+      .eq("profile_id", profileId)
+      .eq("friend_id", viewerProfileId),
+  ]);
+
+  if (!addedCount) {
+    return "none";
+  }
+
+  return mutualCount ? "mutual" : "added";
+}
+
+export async function POST(request: Request): Promise<NextResponse> {
+  return protectedApi({
+    request,
+    schema: Schema,
+    authorization: validUser,
+    activity: handler,
+  });
+}
+
+export async function handler({
+  session,
+  profileId,
+  action,
+}: (typeof Schema)["input"]["_type"]): Promise<
+  NextResponse<(typeof Schema)["output"]["_type"]>
+> {
+  const user = (await getUserBySession(session)) as User;
+
+  const { data: viewerProfile } = await supabase
+    .from("profiles")
+    .select("id")
+    .eq("uid", user.id)
+    .single();
+
+  if (!viewerProfile) {
+    return NextResponse.json({ error: "Can't find user" });
+  }
+
+  if (viewerProfile.id === profileId) {
+    return NextResponse.json({ error: "You can't friend yourself." });
+  }
+
+  const { data: targetProfile } = await supabase
+    .from("profiles")
+    .select("id")
+    .eq("id", profileId)
+    .single();
+
+  if (!targetProfile) {
+    return NextResponse.json({ error: "Player not found." });
+  }
+
+  const relation = {
+    profile_id: viewerProfile.id,
+    friend_id: targetProfile.id,
+  };
+
+  const mutation =
+    action === "add"
+      ? await supabase
+          .from("profileFriends")
+          .upsert(relation, {
+            onConflict: "profile_id,friend_id",
+            ignoreDuplicates: true,
+          })
+      : await supabase
+          .from("profileFriends")
+          .delete()
+          .eq("profile_id", relation.profile_id)
+          .eq("friend_id", relation.friend_id);
+
+  if (mutation.error) {
+    return NextResponse.json({ error: mutation.error.message });
+  }
+
+  const [friendCount, friendState] = await Promise.all([
+    supabase
+      .from("profileFriends")
+      .select("*", { count: "exact", head: true })
+      .eq("friend_id", targetProfile.id)
+      .then((result) => result.count || 0),
+    getFriendState(viewerProfile.id, targetProfile.id),
+  ]);
+
+  return NextResponse.json({
+    friend_count: friendCount,
+    friend_state: friendState,
+  });
+}

package/api/getFriends.ts

@@ -0,0 +1,154 @@
+import { NextResponse } from "../utils/response";
+import z from "zod";
+import { protectedApi, validUser } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+import { getUserBySession } from "../utils/getUserBySession";
+import { User } from "@supabase/supabase-js";
+
+const friendUserSchema = z.object({
+  id: z.number(),
+  username: z.string().nullable(),
+  avatar_url: z.string().nullable(),
+  flag: z.string().nullable(),
+  profile_image: z.string().nullable(),
+  is_online: z.boolean(),
+  last_active_timestamp: z.number().nullable(),
+  is_mutual: z.boolean(),
+});
+
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+  }),
+  output: z.strictObject({
+    error: z.string().optional(),
+    friends: z.array(friendUserSchema),
+  }),
+};
+
+export async function POST(request: Request): Promise<NextResponse> {
+  return protectedApi({
+    request,
+    schema: Schema,
+    authorization: validUser,
+    activity: handler,
+  });
+}
+
+export async function handler({
+  session,
+}: (typeof Schema)["input"]["_type"]): Promise<
+  NextResponse<(typeof Schema)["output"]["_type"]>
+> {
+  const user = (await getUserBySession(session)) as User;
+
+  const { data: viewerProfile } = await supabase
+    .from("profiles")
+    .select("id")
+    .eq("uid", user.id)
+    .single();
+
+  if (!viewerProfile) {
+    return NextResponse.json({ error: "Can't find user", friends: [] });
+  }
+
+  const { data: outgoingRows, error: outgoingError } = await supabase
+    .from("profileFriends")
+    .select("friend_id,created_at")
+    .eq("profile_id", viewerProfile.id)
+    .order("created_at", { ascending: false });
+
+  if (outgoingError) {
+    return NextResponse.json({
+      error: outgoingError.message,
+      friends: [],
+    });
+  }
+
+  const outgoingIds = (outgoingRows || []).map((row) => row.friend_id);
+
+  if (!outgoingIds.length) {
+    return NextResponse.json({ friends: [] });
+  }
+
+  const [{ data: reverseRows, error: reverseError }, { data: profiles, error: profilesError }] =
+    await Promise.all([
+      supabase
+        .from("profileFriends")
+        .select("profile_id")
+        .in("profile_id", outgoingIds)
+        .eq("friend_id", viewerProfile.id),
+      supabase
+        .from("profiles")
+        .select("id,uid,username,avatar_url,flag,profile_image")
+        .in("id", outgoingIds)
+        .neq("ban", "excluded"),
+    ]);
+
+  if (reverseError) {
+    return NextResponse.json({
+      error: reverseError.message,
+      friends: [],
+    });
+  }
+
+  if (profilesError) {
+    return NextResponse.json({
+      error: profilesError.message,
+      friends: [],
+    });
+  }
+
+  const activityUids = (profiles || [])
+    .map((profile) => profile.uid)
+    .filter((uid): uid is string => !!uid);
+
+  const { data: activities, error: activitiesError } = activityUids.length
+    ? await supabase
+        .from("profileActivities")
+        .select("uid,last_activity")
+        .in("uid", activityUids)
+    : { data: [], error: null };
+
+  if (activitiesError) {
+    return NextResponse.json({
+      error: activitiesError.message,
+      friends: [],
+    });
+  }
+
+  const profileMap = new Map((profiles || []).map((profile) => [profile.id, profile]));
+  const mutualIds = new Set((reverseRows || []).map((row) => row.profile_id));
+  const activityMap = new Map(
+    (activities || []).map((activity) => [activity.uid, activity.last_activity])
+  );
+  const addedUsers = outgoingIds
+    .map((friendId) => profileMap.get(friendId))
+    .filter(
+      (
+        profile
+      ): profile is {
+        id: number;
+        uid: string | null;
+        username: string | null;
+        avatar_url: string | null;
+        flag: string | null;
+        profile_image: string | null;
+      } => !!profile
+    );
+
+  return NextResponse.json({
+    friends: addedUsers.map((profile) => ({
+      id: profile.id,
+      username: profile.username,
+      avatar_url: profile.avatar_url,
+      flag: profile.flag,
+      profile_image: profile.profile_image,
+      is_online:
+        typeof activityMap.get(profile.uid || "") === "number" &&
+        Date.now() - (activityMap.get(profile.uid || "") || 0) < 1800000,
+      last_active_timestamp: activityMap.get(profile.uid || "") ?? null,
+      is_mutual: mutualIds.has(profile.id),
+    })),
+  });
+}

package/api/getProfile.ts

@@ -1,16 +1,18 @@
-import { geolocation } from "../utils/requestGeo";
-import { NextResponse } from "../utils/response";
-import z from "zod";
-import { Database } from "../types/database";
-import { protectedApi } from "../utils/requestUtils";
-import { supabase } from "../utils/supabase";
-import { getUserBySession } from "../utils/getUserBySession";
+import { geolocation } from "../utils/requestGeo";
+import { NextResponse } from "../utils/response";
+import z from "zod";
+import { Database } from "../types/database";
+import { protectedApi } from "../utils/requestUtils";
+import { supabase } from "../utils/supabase";
+import { getUserBySession } from "../utils/getUserBySession";
 import { User } from "@supabase/supabase-js";
 import {
   getActivityStatusForUserId,
   getScoreActivityCutoffIso,
 } from "../utils/activityStatus";
 
+const friendStateSchema = z.enum(["none", "added", "mutual"]);
+
 function getNextUsernameChangeAt(
   lastChangedAt: string | null | undefined
 ): string | null {
@@ -23,28 +25,73 @@ function getNextUsernameChangeAt(
   return nextAllowedAt.toISOString();
 }
 
+async function getViewerProfileId(session: string) {
+  if (!session) {
+    return null;
+  }
+
+  const viewer = await getUserBySession(session);
+
+  if (!viewer) {
+    return null;
+  }
+
+  const { data: viewerProfile } = await supabase
+    .from("profiles")
+    .select("id")
+    .eq("uid", viewer.id)
+    .single();
+
+  return viewerProfile?.id ?? null;
+}
+
+async function getFriendState(viewerProfileId: number | null, profileId: number) {
+  if (viewerProfileId === null || viewerProfileId === profileId) {
+    return "none" as const;
+  }
+
+  const [{ count: addedCount }, { count: mutualCount }] = await Promise.all([
+    supabase
+      .from("profileFriends")
+      .select("*", { count: "exact", head: true })
+      .eq("profile_id", viewerProfileId)
+      .eq("friend_id", profileId),
+    supabase
+      .from("profileFriends")
+      .select("*", { count: "exact", head: true })
+      .eq("profile_id", profileId)
+      .eq("friend_id", viewerProfileId),
+  ]);
+
+  if (!addedCount) {
+    return "none" as const;
+  }
+
+  return mutualCount ? ("mutual" as const) : ("added" as const);
+}
+
 export const Schema = {
   input: z.strictObject({
-    session: z.string(),
-    id: z.number().nullable().optional(),
-  }),
-  output: z.object({
-    error: z.string().optional(),
-    user: z
-      .object({
-        about_me: z.string().nullable(),
-        avatar_url: z.string().nullable(),
-        profile_image: z.string().nullable(),
-        badges: z.any().nullable(),
-        created_at: z.number().nullable(),
-        flag: z.string().nullable(),
-        id: z.number(),
-        uid: z.string().nullable(),
-        ban: z.string().nullable(),
-        username: z.string().nullable(),
-        verified: z.boolean().nullable(),
-        verificationDeadline: z.number().nullable(),
-        play_count: z.number().nullable(),
+    session: z.string(),
+    id: z.number().nullable().optional(),
+  }),
+  output: z.object({
+    error: z.string().optional(),
+    user: z
+      .object({
+        about_me: z.string().nullable(),
+        avatar_url: z.string().nullable(),
+        profile_image: z.string().nullable(),
+        badges: z.any().nullable(),
+        created_at: z.number().nullable(),
+        flag: z.string().nullable(),
+        id: z.number(),
+        uid: z.string().nullable(),
+        ban: z.string().nullable(),
+        username: z.string().nullable(),
+        verified: z.boolean().nullable(),
+        verificationDeadline: z.number().nullable(),
+        play_count: z.number().nullable(),
         skill_points: z.number().nullable(),
         squares_hit: z.number().nullable(),
         total_score: z.number().nullable(),
@@ -53,6 +100,8 @@ export const Schema = {
         activity_status: z.enum(["active", "inactive"]),
         is_online: z.boolean(),
         last_active_timestamp: z.number().nullable(),
+        friend_count: z.number(),
+        friend_state: friendStateSchema,
         can_change_flag: z.boolean(),
         next_username_change_at: z.string().nullable(),
         previous_usernames: z.array(
@@ -66,105 +115,122 @@ export const Schema = {
             id: z.number(),
             acronym: z.string(),
           })
-          .optional()
-          .nullable(),
-      })
-      .optional(),
-  }),
-};
-
-export async function POST(request: Request): Promise<NextResponse> {
-  return protectedApi({
-    request,
-    schema: Schema,
-    authorization: () => {},
-    activity: handler,
-  });
-}
-
-export async function handler(
-  data: (typeof Schema)["input"]["_type"],
-  req: Request
-): Promise<NextResponse<(typeof Schema)["output"]["_type"]>> {
-  let profiles: Database["public"]["Tables"]["profiles"]["Row"][] = [];
-  let isOnline = false;
-  // Fetch by id
-  if (data.id !== undefined && data.id !== null) {
-    let { data: queryData, error } = await supabase
-      .from("profiles")
-      .select(`*,clans:clan(id,acronym)`)
-      .eq("id", data.id);
-
-    console.log(profiles, error);
-
-    if (!queryData?.length) {
-      return NextResponse.json(
-        {
-          error: "User not found",
-        },
-        { status: 404 }
-      );
-    }
-
-    profiles = queryData;
-  } else {
-    // Fetch by session id
-    const user = (await getUserBySession(data.session)) as User;
-
-    if (user) {
-      let { data: queryData, error } = await supabase
-        .from("profiles")
-        .select("*")
-        .eq("uid", user.id);
-
-      if (!queryData?.length) {
-        const geo = geolocation(req);
-        const data = await supabase.from("profiles").upsert({
-          uid: user.id,
-          about_me: "",
-          avatar_url:
-            "https://rhthia-avatars.s3.eu-central-003.backblazeb2.com/user-avatar-1725309193296-72002e6b-321c-4f60-a692-568e0e75147d",
-          badges: [],
-          username: `user${Math.round(Math.random() * 900000 + 100000)}`,
-          computedUsername: `user${Math.round(Math.random() * 900000 + 100000)}`.toLowerCase(),
-          flag: (geo.country || "US").toUpperCase(),
-          created_at: Date.now(),
-        }).select(`
-          *,clans:clan(id,acronym)`);
-
-        profiles = data.data!;
-      } else {
-        profiles = queryData;
-      }
-    }
-  }
-
-  const user = profiles[0];
-
-  const activityStatus = await getActivityStatusForUserId(user.id);
-
-  const { data: activityData } = await supabase
-    .from("profileActivities")
-    .select("last_activity")
-    .eq("uid", user.uid || "")
-    .single();
+          .optional()
+          .nullable(),
+      })
+      .optional(),
+  }),
+};
 
-  const { data: usernameHistoryData } = await supabase
-    .from("profileUsernames")
-    .select("username,changed_at")
-    .eq("profile_id", user.id)
-    .order("changed_at", { ascending: false });
+export async function POST(request: Request): Promise<NextResponse> {
+  return protectedApi({
+    request,
+    schema: Schema,
+    authorization: () => {},
+    activity: handler,
+  });
+}
 
-  const { data: flagHistoryData } = await supabase
-    .from("profileFlags")
-    .select("id")
-    .eq("profile_id", user.id)
-    .limit(1);
-
-  //last 30 minutes
-  if (activityData && activityData.last_activity) {
-    isOnline = Date.now() - activityData.last_activity < 1800000;
-  }
+export async function handler(
+  data: (typeof Schema)["input"]["_type"],
+  req: Request
+): Promise<NextResponse<(typeof Schema)["output"]["_type"]>> {
+  let profiles: Database["public"]["Tables"]["profiles"]["Row"][] = [];
+  let isOnline = false;
+  let viewerProfileId =
+    data.id !== undefined && data.id !== null
+      ? await getViewerProfileId(data.session)
+      : null;
+  // Fetch by id
+  if (data.id !== undefined && data.id !== null) {
+    let { data: queryData, error } = await supabase
+      .from("profiles")
+      .select(`*,clans:clan(id,acronym)`)
+      .eq("id", data.id);
+
+    console.log(profiles, error);
+
+    if (!queryData?.length) {
+      return NextResponse.json(
+        {
+          error: "User not found",
+        },
+        { status: 404 }
+      );
+    }
+
+    profiles = queryData;
+  } else {
+    // Fetch by session id
+    const user = (await getUserBySession(data.session)) as User;
+
+    if (user) {
+      let { data: queryData, error } = await supabase
+        .from("profiles")
+        .select("*")
+        .eq("uid", user.id);
+
+      if (!queryData?.length) {
+        const geo = geolocation(req);
+        const data = await supabase.from("profiles").upsert({
+          uid: user.id,
+          about_me: "",
+          avatar_url:
+            "https://rhthia-avatars.s3.eu-central-003.backblazeb2.com/user-avatar-1725309193296-72002e6b-321c-4f60-a692-568e0e75147d",
+          badges: [],
+          username: `user${Math.round(Math.random() * 900000 + 100000)}`,
+          computedUsername: `user${Math.round(Math.random() * 900000 + 100000)}`.toLowerCase(),
+          flag: (geo.country || "US").toUpperCase(),
+          created_at: Date.now(),
+        }).select(`
+          *,clans:clan(id,acronym)`);
+
+        profiles = data.data!;
+      } else {
+        profiles = queryData;
+      }
+
+      viewerProfileId = profiles[0]?.id ?? null;
+    }
+  }
+
+  const user = profiles[0];
+
+  const activityStatus = await getActivityStatusForUserId(user.id);
+
+  const [
+    { data: activityData },
+    { data: usernameHistoryData },
+    { data: flagHistoryData },
+    { count: friendCount },
+    friendState,
+  ] = await Promise.all([
+    supabase
+      .from("profileActivities")
+      .select("last_activity")
+      .eq("uid", user.uid || "")
+      .single(),
+    supabase
+      .from("profileUsernames")
+      .select("username,changed_at")
+      .eq("profile_id", user.id)
+      .order("changed_at", { ascending: false }),
+    supabase
+      .from("profileFlags")
+      .select("id")
+      .eq("profile_id", user.id)
+      .limit(1),
+    supabase
+      .from("profileFriends")
+      .select("*", { count: "exact", head: true })
+      .eq("friend_id", user.id),
+    getFriendState(viewerProfileId, user.id),
+  ]);
+
+  //last 30 minutes
+  if (activityData && activityData.last_activity) {
+    isOnline = Date.now() - activityData.last_activity < 1800000;
+  }
 
   let position: number | null = null;
   let countryPosition: number | null = null;
@@ -196,13 +262,13 @@ export async function handler(
         ? (countryPlayersWithMorePoints || 0) + 1
         : null;
   }
-
+
   if (user.verificationDeadline < Date.now()) {
     await supabase
       .from("profiles")
       .upsert({
-        id: user.id,
-        verified: false,
+        id: user.id,
+        verified: false,
       })
       .select();
   }
@@ -221,6 +287,8 @@ export async function handler(
       activity_status: activityStatus,
       is_online: isOnline,
       last_active_timestamp: activityData?.last_activity ?? null,
+      friend_count: friendCount || 0,
+      friend_state: friendState,
       can_change_flag: !flagHistoryData?.length,
       next_username_change_at: getNextUsernameChangeAt(latestUsernameChangeAt),
       previous_usernames: previousUsernames,

package/index.ts

@@ -321,6 +321,25 @@ import { Schema as EditProfile } from "./api/editProfile"
 export { Schema as SchemaEditProfile } from "./api/editProfile"
 export const editProfile = handleApi({url:"/api/editProfile",...EditProfile})
 
+// ./api/editProfileFriend.ts API
+
+/*
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+    profileId: z.number(),
+    action: z.enum(["add", "remove"]),
+  }),
+  output: z.strictObject({
+    error: z.string().optional(),
+    friend_count: z.number().optional(),
+    friend_state: friendStateSchema.optional(),
+  }),
+};*/
+import { Schema as EditProfileFriend } from "./api/editProfileFriend"
+export { Schema as SchemaEditProfileFriend } from "./api/editProfileFriend"
+export const editProfileFriend = handleApi({url:"/api/editProfileFriend",...EditProfileFriend})
+
 // ./api/enhancedSearch.ts API
 
 /*
@@ -840,6 +859,22 @@ import { Schema as GetCollections } from "./api/getCollections"
 export { Schema as SchemaGetCollections } from "./api/getCollections"
 export const getCollections = handleApi({url:"/api/getCollections",...GetCollections})
 
+// ./api/getFriends.ts API
+
+/*
+export const Schema = {
+  input: z.strictObject({
+    session: z.string(),
+  }),
+  output: z.strictObject({
+    error: z.string().optional(),
+    friends: z.array(friendUserSchema),
+  }),
+};*/
+import { Schema as GetFriends } from "./api/getFriends"
+export { Schema as SchemaGetFriends } from "./api/getFriends"
+export const getFriends = handleApi({url:"/api/getFriends",...GetFriends})
+
 // ./api/getInventory.ts API
 
 /*
@@ -967,26 +1002,26 @@ export const getPassToken = handleApi({url:"/api/getPassToken",...GetPassToken})
 /*
 export const Schema = {
   input: z.strictObject({
-    session: z.string(),
-    id: z.number().nullable().optional(),
-  }),
-  output: z.object({
-    error: z.string().optional(),
-    user: z
-      .object({
-        about_me: z.string().nullable(),
-        avatar_url: z.string().nullable(),
-        profile_image: z.string().nullable(),
-        badges: z.any().nullable(),
-        created_at: z.number().nullable(),
-        flag: z.string().nullable(),
-        id: z.number(),
-        uid: z.string().nullable(),
-        ban: z.string().nullable(),
-        username: z.string().nullable(),
-        verified: z.boolean().nullable(),
-        verificationDeadline: z.number().nullable(),
-        play_count: z.number().nullable(),
+    session: z.string(),
+    id: z.number().nullable().optional(),
+  }),
+  output: z.object({
+    error: z.string().optional(),
+    user: z
+      .object({
+        about_me: z.string().nullable(),
+        avatar_url: z.string().nullable(),
+        profile_image: z.string().nullable(),
+        badges: z.any().nullable(),
+        created_at: z.number().nullable(),
+        flag: z.string().nullable(),
+        id: z.number(),
+        uid: z.string().nullable(),
+        ban: z.string().nullable(),
+        username: z.string().nullable(),
+        verified: z.boolean().nullable(),
+        verificationDeadline: z.number().nullable(),
+        play_count: z.number().nullable(),
         skill_points: z.number().nullable(),
         squares_hit: z.number().nullable(),
         total_score: z.number().nullable(),
@@ -995,6 +1030,8 @@ export const Schema = {
         activity_status: z.enum(["active", "inactive"]),
         is_online: z.boolean(),
         last_active_timestamp: z.number().nullable(),
+        friend_count: z.number(),
+        friend_state: friendStateSchema,
         can_change_flag: z.boolean(),
         next_username_change_at: z.string().nullable(),
         previous_usernames: z.array(
@@ -1008,11 +1045,11 @@ export const Schema = {
             id: z.number(),
             acronym: z.string(),
           })
-          .optional()
-          .nullable(),
-      })
-      .optional(),
-  }),
+          .optional()
+          .nullable(),
+      })
+      .optional(),
+  }),
 };*/
 import { Schema as GetProfile } from "./api/getProfile"
 export { Schema as SchemaGetProfile } from "./api/getProfile"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "rhythia-api",
-  "version": "241.0.0",
+  "version": "242.0.0",
   "main": "index.ts",
   "author": "online-contributors-cunev",
   "scripts": {
@@ -11,6 +11,7 @@
     "cache:clear-user-scores": "bun run scripts/clear-user-score-cache.ts",
     "db:optimize-user-scores": "bun run scripts/optimize-user-scores-indexes.ts",
     "db:create-profile-flags": "node scripts/create-profile-flags-table.ts",
+    "db:create-profile-friends": "node scripts/create-profile-friends-table.ts",
     "db:create-profile-reports": "node scripts/create-profile-reports-table.ts",
     "query-pull": "bun run scripts/pull-queries.ts",
     "query-push": "bun run scripts/deploy-queries.ts",

package/types/database.ts

@@ -558,6 +558,42 @@ export type Database = {
           },
         ]
       }
+      profileFriends: {
+        Row: {
+          created_at: string
+          friend_id: number
+          id: number
+          profile_id: number
+        }
+        Insert: {
+          created_at?: string
+          friend_id: number
+          id?: number
+          profile_id: number
+        }
+        Update: {
+          created_at?: string
+          friend_id?: number
+          id?: number
+          profile_id?: number
+        }
+        Relationships: [
+          {
+            foreignKeyName: "profileFriends_friend_id_fkey"
+            columns: ["friend_id"]
+            isOneToOne: false
+            referencedRelation: "profiles"
+            referencedColumns: ["id"]
+          },
+          {
+            foreignKeyName: "profileFriends_profile_id_fkey"
+            columns: ["profile_id"]
+            isOneToOne: false
+            referencedRelation: "profiles"
+            referencedColumns: ["id"]
+          },
+        ]
+      }
       profileFlags: {
         Row: {
           changed_at: string

package/worker.ts

@@ -1,191 +1,195 @@
-import { POST as acceptInvite } from "./api/acceptInvite";
-import { POST as addCollectionMap } from "./api/addCollectionMap";
-import { POST as chartPublicStats } from "./api/chartPublicStats";
-import { POST as checkQualified } from "./api/checkQualified";
-import { POST as createBeatmap } from "./api/createBeatmap";
-import { POST as createBeatmapPage } from "./api/createBeatmapPage";
-import { POST as createClan } from "./api/createClan";
-import { POST as createCollection } from "./api/createCollection";
-import { POST as createInvite } from "./api/createInvite";
-import { POST as createSupporter } from "./api/createSupporter";
-import { POST as deleteBeatmapPage } from "./api/deleteBeatmapPage";
-import { POST as deleteCollection } from "./api/deleteCollection";
-import { POST as deleteCollectionMap } from "./api/deleteCollectionMap";
-import { POST as editAboutMe } from "./api/editAboutMe";
-import { POST as editClan } from "./api/editClan";
-import { POST as editCollection } from "./api/editCollection";
-import { POST as editProfile } from "./api/editProfile";
-import { POST as enhancedSearch } from "./api/enhancedSearch";
-import { POST as executeAdminOperation } from "./api/executeAdminOperation";
-import { POST as getAvatarUploadUrl } from "./api/getAvatarUploadUrl";
-import { POST as getBadgeLeaders } from "./api/getBadgeLeaders";
-import { POST as getBadgedUsers } from "./api/getBadgedUsers";
-import { POST as getBeatmapComments } from "./api/getBeatmapComments";
-import { POST as getBeatmapPage } from "./api/getBeatmapPage";
-import { POST as getBeatmapPageById } from "./api/getBeatmapPageById";
-import { POST as getBeatmapStarRating } from "./api/getBeatmapStarRating";
-import { POST as getBeatmaps } from "./api/getBeatmaps";
-import { POST as getClan } from "./api/getClan";
-import { POST as getClans } from "./api/getClans";
-import { POST as getCollection } from "./api/getCollection";
-import { POST as getCollections } from "./api/getCollections";
-import { POST as getInventory } from "./api/getInventory";
-import { POST as getLeaderboard } from "./api/getLeaderboard";
-import { POST as getMapUploadUrl } from "./api/getMapUploadUrl";
-import { POST as getOnlinePlayers } from "./api/getOnlinePlayers";
-import { POST as getPassToken } from "./api/getPassToken";
-import { POST as getProfile } from "./api/getProfile";
-import { POST as getPublicStats } from "./api/getPublicStats";
-import { POST as getRawStarRating } from "./api/getRawStarRating";
-import { POST as getScore } from "./api/getScore";
-import { POST as getStoryBeatmaps } from "./api/getStoryBeatmaps";
-import { POST as getTimestamp } from "./api/getTimestamp";
-import { POST as getUserScores } from "./api/getUserScores";
-import { POST as getVerified } from "./api/getVerified";
-import { POST as getVideoUploadUrl } from "./api/getVideoUploadUrl";
-import { POST as postBeatmapComment } from "./api/postBeatmapComment";
-import { POST as qualifyMap } from "./api/qualifyMap";
-import { POST as rankMapsArchive } from "./api/rankMapsArchive";
-import { POST as reportProfile } from "./api/reportProfile";
-import { POST as searchUsers } from "./api/searchUsers";
-import { POST as setPasskey } from "./api/setPasskey";
-import { POST as submitScore } from "./api/submitScore";
-import { POST as submitScoreInternal } from "./api/submitScoreInternal";
-import { POST as updateBeatmapPage } from "./api/updateBeatmapPage";
-import { POST as vetoMap } from "./api/vetoMap";
-import { NextResponse } from "./utils/response";
-
-type RouteHandler = (request: Request) => Promise<Response> | Response;
-
-const corsHeaders = {
-  "Access-Control-Allow-Credentials": "true",
-  "Access-Control-Allow-Origin": "*",
-  "Access-Control-Allow-Methods": "GET,OPTIONS,PATCH,DELETE,POST,PUT",
-  "Access-Control-Allow-Headers":
-    "X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version",
-};
-
-const apiRoutes: Record<string, RouteHandler> = {
-  "/api/acceptInvite": acceptInvite,
-  "/api/addCollectionMap": addCollectionMap,
-  "/api/chartPublicStats": chartPublicStats,
-  "/api/checkQualified": checkQualified,
-  "/api/createBeatmap": createBeatmap,
-  "/api/createBeatmapPage": createBeatmapPage,
-  "/api/createClan": createClan,
-  "/api/createCollection": createCollection,
-  "/api/createInvite": createInvite,
-  "/api/createSupporter": createSupporter,
-  "/api/deleteBeatmapPage": deleteBeatmapPage,
-  "/api/deleteCollection": deleteCollection,
-  "/api/deleteCollectionMap": deleteCollectionMap,
-  "/api/editAboutMe": editAboutMe,
-  "/api/editClan": editClan,
-  "/api/editCollection": editCollection,
-  "/api/editProfile": editProfile,
-  "/api/enhancedSearch": enhancedSearch,
-  "/api/executeAdminOperation": executeAdminOperation,
-  "/api/getAvatarUploadUrl": getAvatarUploadUrl,
-  "/api/getBadgeLeaders": getBadgeLeaders,
-  "/api/getBadgedUsers": getBadgedUsers,
-  "/api/getBeatmapComments": getBeatmapComments,
-  "/api/getBeatmapPage": getBeatmapPage,
-  "/api/getBeatmapPageById": getBeatmapPageById,
-  "/api/getBeatmapStarRating": getBeatmapStarRating,
-  "/api/getBeatmaps": getBeatmaps,
-  "/api/getClan": getClan,
-  "/api/getClans": getClans,
-  "/api/getCollection": getCollection,
-  "/api/getCollections": getCollections,
-  "/api/getInventory": getInventory,
-  "/api/getLeaderboard": getLeaderboard,
-  "/api/getMapUploadUrl": getMapUploadUrl,
-  "/api/getOnlinePlayers": getOnlinePlayers,
-  "/api/getPassToken": getPassToken,
-  "/api/getProfile": getProfile,
-  "/api/getPublicStats": getPublicStats,
-  "/api/getRawStarRating": getRawStarRating,
-  "/api/getScore": getScore,
-  "/api/getStoryBeatmaps": getStoryBeatmaps,
-  "/api/getTimestamp": getTimestamp,
-  "/api/getUserScores": getUserScores,
-  "/api/getVerified": getVerified,
-  "/api/getVideoUploadUrl": getVideoUploadUrl,
-  "/api/postBeatmapComment": postBeatmapComment,
-  "/api/qualifyMap": qualifyMap,
-  "/api/rankMapsArchive": rankMapsArchive,
-  "/api/reportProfile": reportProfile,
-  "/api/searchUsers": searchUsers,
-  "/api/setPasskey": setPasskey,
-  "/api/submitScore": submitScore,
-  "/api/submitScoreInternal": submitScoreInternal,
-  "/api/updateBeatmapPage": updateBeatmapPage,
-  "/api/vetoMap": vetoMap,
-};
-
-function withCors(response: Response) {
-  const headers = new Headers(response.headers);
-
-  for (const [key, value] of Object.entries(corsHeaders)) {
-    headers.set(key, value);
-  }
-
-  return new Response(response.body, {
-    status: response.status,
-    statusText: response.statusText,
-    headers,
-  });
-}
-
-function notFound() {
-  return NextResponse.json({ error: "Not Found" }, { status: 404 });
-}
-
-export default {
-  async fetch(request: Request) {
-    const url = new URL(request.url);
-    const pathname =
-      url.pathname.endsWith("/") && url.pathname.length > 1
-        ? url.pathname.slice(0, -1)
-        : url.pathname;
-
-    if (request.method === "OPTIONS") {
-      return withCors(new Response(null, { status: 204 }));
-    }
-
-    if (pathname === "/") {
-      return withCors(
-        new Response("<html><div>Rhythia API</div></html>", {
-          headers: {
-            "content-type": "text/html; charset=utf-8",
-          },
-        })
-      );
-    }
-
-    const handler = apiRoutes[pathname];
-    if (!handler) {
-      return withCors(notFound());
-    }
-
-    if (request.method !== "POST") {
-      return withCors(
-        NextResponse.json({ error: "Method Not Allowed" }, { status: 405 })
-      );
-    }
-
-    try {
-      return withCors(await handler(request));
-    } catch (error) {
-      console.error(error);
-      return withCors(
-        NextResponse.json(
-          {
-            error: "Internal Server Error",
-          },
-          { status: 500 }
-        )
-      );
-    }
-  },
-};
+import { POST as acceptInvite } from "./api/acceptInvite";
+import { POST as addCollectionMap } from "./api/addCollectionMap";
+import { POST as chartPublicStats } from "./api/chartPublicStats";
+import { POST as checkQualified } from "./api/checkQualified";
+import { POST as createBeatmap } from "./api/createBeatmap";
+import { POST as createBeatmapPage } from "./api/createBeatmapPage";
+import { POST as createClan } from "./api/createClan";
+import { POST as createCollection } from "./api/createCollection";
+import { POST as createInvite } from "./api/createInvite";
+import { POST as createSupporter } from "./api/createSupporter";
+import { POST as deleteBeatmapPage } from "./api/deleteBeatmapPage";
+import { POST as deleteCollection } from "./api/deleteCollection";
+import { POST as deleteCollectionMap } from "./api/deleteCollectionMap";
+import { POST as editAboutMe } from "./api/editAboutMe";
+import { POST as editClan } from "./api/editClan";
+import { POST as editCollection } from "./api/editCollection";
+import { POST as editProfile } from "./api/editProfile";
+import { POST as editProfileFriend } from "./api/editProfileFriend";
+import { POST as enhancedSearch } from "./api/enhancedSearch";
+import { POST as executeAdminOperation } from "./api/executeAdminOperation";
+import { POST as getAvatarUploadUrl } from "./api/getAvatarUploadUrl";
+import { POST as getBadgeLeaders } from "./api/getBadgeLeaders";
+import { POST as getBadgedUsers } from "./api/getBadgedUsers";
+import { POST as getBeatmapComments } from "./api/getBeatmapComments";
+import { POST as getBeatmapPage } from "./api/getBeatmapPage";
+import { POST as getBeatmapPageById } from "./api/getBeatmapPageById";
+import { POST as getBeatmapStarRating } from "./api/getBeatmapStarRating";
+import { POST as getBeatmaps } from "./api/getBeatmaps";
+import { POST as getClan } from "./api/getClan";
+import { POST as getClans } from "./api/getClans";
+import { POST as getCollection } from "./api/getCollection";
+import { POST as getCollections } from "./api/getCollections";
+import { POST as getFriends } from "./api/getFriends";
+import { POST as getInventory } from "./api/getInventory";
+import { POST as getLeaderboard } from "./api/getLeaderboard";
+import { POST as getMapUploadUrl } from "./api/getMapUploadUrl";
+import { POST as getOnlinePlayers } from "./api/getOnlinePlayers";
+import { POST as getPassToken } from "./api/getPassToken";
+import { POST as getProfile } from "./api/getProfile";
+import { POST as getPublicStats } from "./api/getPublicStats";
+import { POST as getRawStarRating } from "./api/getRawStarRating";
+import { POST as getScore } from "./api/getScore";
+import { POST as getStoryBeatmaps } from "./api/getStoryBeatmaps";
+import { POST as getTimestamp } from "./api/getTimestamp";
+import { POST as getUserScores } from "./api/getUserScores";
+import { POST as getVerified } from "./api/getVerified";
+import { POST as getVideoUploadUrl } from "./api/getVideoUploadUrl";
+import { POST as postBeatmapComment } from "./api/postBeatmapComment";
+import { POST as qualifyMap } from "./api/qualifyMap";
+import { POST as rankMapsArchive } from "./api/rankMapsArchive";
+import { POST as reportProfile } from "./api/reportProfile";
+import { POST as searchUsers } from "./api/searchUsers";
+import { POST as setPasskey } from "./api/setPasskey";
+import { POST as submitScore } from "./api/submitScore";
+import { POST as submitScoreInternal } from "./api/submitScoreInternal";
+import { POST as updateBeatmapPage } from "./api/updateBeatmapPage";
+import { POST as vetoMap } from "./api/vetoMap";
+import { NextResponse } from "./utils/response";
+
+type RouteHandler = (request: Request) => Promise<Response> | Response;
+
+const corsHeaders = {
+  "Access-Control-Allow-Credentials": "true",
+  "Access-Control-Allow-Origin": "*",
+  "Access-Control-Allow-Methods": "GET,OPTIONS,PATCH,DELETE,POST,PUT",
+  "Access-Control-Allow-Headers":
+    "X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version",
+};
+
+const apiRoutes: Record<string, RouteHandler> = {
+  "/api/acceptInvite": acceptInvite,
+  "/api/addCollectionMap": addCollectionMap,
+  "/api/chartPublicStats": chartPublicStats,
+  "/api/checkQualified": checkQualified,
+  "/api/createBeatmap": createBeatmap,
+  "/api/createBeatmapPage": createBeatmapPage,
+  "/api/createClan": createClan,
+  "/api/createCollection": createCollection,
+  "/api/createInvite": createInvite,
+  "/api/createSupporter": createSupporter,
+  "/api/deleteBeatmapPage": deleteBeatmapPage,
+  "/api/deleteCollection": deleteCollection,
+  "/api/deleteCollectionMap": deleteCollectionMap,
+  "/api/editAboutMe": editAboutMe,
+  "/api/editClan": editClan,
+  "/api/editCollection": editCollection,
+  "/api/editProfile": editProfile,
+  "/api/editProfileFriend": editProfileFriend,
+  "/api/enhancedSearch": enhancedSearch,
+  "/api/executeAdminOperation": executeAdminOperation,
+  "/api/getAvatarUploadUrl": getAvatarUploadUrl,
+  "/api/getBadgeLeaders": getBadgeLeaders,
+  "/api/getBadgedUsers": getBadgedUsers,
+  "/api/getBeatmapComments": getBeatmapComments,
+  "/api/getBeatmapPage": getBeatmapPage,
+  "/api/getBeatmapPageById": getBeatmapPageById,
+  "/api/getBeatmapStarRating": getBeatmapStarRating,
+  "/api/getBeatmaps": getBeatmaps,
+  "/api/getClan": getClan,
+  "/api/getClans": getClans,
+  "/api/getCollection": getCollection,
+  "/api/getCollections": getCollections,
+  "/api/getFriends": getFriends,
+  "/api/getInventory": getInventory,
+  "/api/getLeaderboard": getLeaderboard,
+  "/api/getMapUploadUrl": getMapUploadUrl,
+  "/api/getOnlinePlayers": getOnlinePlayers,
+  "/api/getPassToken": getPassToken,
+  "/api/getProfile": getProfile,
+  "/api/getPublicStats": getPublicStats,
+  "/api/getRawStarRating": getRawStarRating,
+  "/api/getScore": getScore,
+  "/api/getStoryBeatmaps": getStoryBeatmaps,
+  "/api/getTimestamp": getTimestamp,
+  "/api/getUserScores": getUserScores,
+  "/api/getVerified": getVerified,
+  "/api/getVideoUploadUrl": getVideoUploadUrl,
+  "/api/postBeatmapComment": postBeatmapComment,
+  "/api/qualifyMap": qualifyMap,
+  "/api/rankMapsArchive": rankMapsArchive,
+  "/api/reportProfile": reportProfile,
+  "/api/searchUsers": searchUsers,
+  "/api/setPasskey": setPasskey,
+  "/api/submitScore": submitScore,
+  "/api/submitScoreInternal": submitScoreInternal,
+  "/api/updateBeatmapPage": updateBeatmapPage,
+  "/api/vetoMap": vetoMap,
+};
+
+function withCors(response: Response) {
+  const headers = new Headers(response.headers);
+
+  for (const [key, value] of Object.entries(corsHeaders)) {
+    headers.set(key, value);
+  }
+
+  return new Response(response.body, {
+    status: response.status,
+    statusText: response.statusText,
+    headers,
+  });
+}
+
+function notFound() {
+  return NextResponse.json({ error: "Not Found" }, { status: 404 });
+}
+
+export default {
+  async fetch(request: Request) {
+    const url = new URL(request.url);
+    const pathname =
+      url.pathname.endsWith("/") && url.pathname.length > 1
+        ? url.pathname.slice(0, -1)
+        : url.pathname;
+
+    if (request.method === "OPTIONS") {
+      return withCors(new Response(null, { status: 204 }));
+    }
+
+    if (pathname === "/") {
+      return withCors(
+        new Response("<html><div>Rhythia API</div></html>", {
+          headers: {
+            "content-type": "text/html; charset=utf-8",
+          },
+        })
+      );
+    }
+
+    const handler = apiRoutes[pathname];
+    if (!handler) {
+      return withCors(notFound());
+    }
+
+    if (request.method !== "POST") {
+      return withCors(
+        NextResponse.json({ error: "Method Not Allowed" }, { status: 405 })
+      );
+    }
+
+    try {
+      return withCors(await handler(request));
+    } catch (error) {
+      console.error(error);
+      return withCors(
+        NextResponse.json(
+          {
+            error: "Internal Server Error",
+          },
+          { status: 500 }
+        )
+      );
+    }
+  },
+};