rhythia-api 241.0.0 → 243.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/api/createBeatmap.ts +57 -39
  2. package/api/editProfile.ts +4 -56
  3. package/api/editProfileFriend.ts +122 -0
  4. package/api/executeAdminOperation.ts +1030 -681
  5. package/api/getAvatarUploadUrl.ts +90 -85
  6. package/api/getBeatmapPage.ts +2 -0
  7. package/api/getBeatmapPageById.ts +2 -0
  8. package/api/getBeatmaps.ts +110 -197
  9. package/api/getCollection.ts +44 -31
  10. package/api/getFriends.ts +154 -0
  11. package/api/getMapUploadUrl.ts +90 -93
  12. package/api/getProfile.ts +195 -127
  13. package/api/getScore.ts +2 -0
  14. package/api/getVideoUploadUrl.ts +90 -85
  15. package/api/submitScoreInternal.ts +506 -461
  16. package/api/updateBeatmapPage.ts +6 -0
  17. package/beatmap-file-urls.json +29398 -0
  18. package/handleApi.ts +24 -21
  19. package/index.ts +183 -137
  20. package/package.json +5 -2
  21. package/queries/admin_delete_user.sql +42 -39
  22. package/queries/admin_remove_all_scores.sql +6 -3
  23. package/queries/admin_remove_score.sql +107 -0
  24. package/queries/admin_update_profile.sql +22 -0
  25. package/queries/get_beatmaps_v2.sql +48 -0
  26. package/queries/get_top_scores_for_beatmap3.sql +47 -38
  27. package/queries/profile_update_guards.sql +66 -0
  28. package/types/database.ts +1525 -1414
  29. package/utils/beatmapFiles.ts +102 -0
  30. package/utils/beatmapHash.ts +336 -0
  31. package/utils/beatmapTopScores.ts +68 -84
  32. package/utils/getUserBySession.ts +3 -1
  33. package/utils/profileUpdateValidation.ts +51 -0
  34. package/utils/redis.ts +24 -0
  35. package/utils/rhrReplay.ts +122 -0
  36. package/utils/star-calc/sspmParser.ts +294 -160
  37. package/worker.ts +195 -191
package/api/getFriends.ts ADDED
@@ -0,0 +1,154 @@
1
+ import { NextResponse } from "../utils/response";
2
+ import z from "zod";
3
+ import { protectedApi, validUser } from "../utils/requestUtils";
4
+ import { supabase } from "../utils/supabase";
5
+ import { getUserBySession } from "../utils/getUserBySession";
6
+ import { User } from "@supabase/supabase-js";
7
+
8
+ const friendUserSchema = z.object({
9
+ id: z.number(),
10
+ username: z.string().nullable(),
11
+ avatar_url: z.string().nullable(),
12
+ flag: z.string().nullable(),
13
+ profile_image: z.string().nullable(),
14
+ is_online: z.boolean(),
15
+ last_active_timestamp: z.number().nullable(),
16
+ is_mutual: z.boolean(),
17
+ });
18
+
19
+ export const Schema = {
20
+ input: z.strictObject({
21
+ session: z.string(),
22
+ }),
23
+ output: z.strictObject({
24
+ error: z.string().optional(),
25
+ friends: z.array(friendUserSchema),
26
+ }),
27
+ };
28
+
29
+ export async function POST(request: Request): Promise<NextResponse> {
30
+ return protectedApi({
31
+ request,
32
+ schema: Schema,
33
+ authorization: validUser,
34
+ activity: handler,
35
+ });
36
+ }
37
+
38
+ export async function handler({
39
+ session,
40
+ }: (typeof Schema)["input"]["_type"]): Promise<
41
+ NextResponse<(typeof Schema)["output"]["_type"]>
42
+ > {
43
+ const user = (await getUserBySession(session)) as User;
44
+
45
+ const { data: viewerProfile } = await supabase
46
+ .from("profiles")
47
+ .select("id")
48
+ .eq("uid", user.id)
49
+ .single();
50
+
51
+ if (!viewerProfile) {
52
+ return NextResponse.json({ error: "Can't find user", friends: [] });
53
+ }
54
+
55
+ const { data: outgoingRows, error: outgoingError } = await supabase
56
+ .from("profileFriends")
57
+ .select("friend_id,created_at")
58
+ .eq("profile_id", viewerProfile.id)
59
+ .order("created_at", { ascending: false });
60
+
61
+ if (outgoingError) {
62
+ return NextResponse.json({
63
+ error: outgoingError.message,
64
+ friends: [],
65
+ });
66
+ }
67
+
68
+ const outgoingIds = (outgoingRows || []).map((row) => row.friend_id);
69
+
70
+ if (!outgoingIds.length) {
71
+ return NextResponse.json({ friends: [] });
72
+ }
73
+
74
+ const [{ data: reverseRows, error: reverseError }, { data: profiles, error: profilesError }] =
75
+ await Promise.all([
76
+ supabase
77
+ .from("profileFriends")
78
+ .select("profile_id")
79
+ .in("profile_id", outgoingIds)
80
+ .eq("friend_id", viewerProfile.id),
81
+ supabase
82
+ .from("profiles")
83
+ .select("id,uid,username,avatar_url,flag,profile_image")
84
+ .in("id", outgoingIds)
85
+ .neq("ban", "excluded"),
86
+ ]);
87
+
88
+ if (reverseError) {
89
+ return NextResponse.json({
90
+ error: reverseError.message,
91
+ friends: [],
92
+ });
93
+ }
94
+
95
+ if (profilesError) {
96
+ return NextResponse.json({
97
+ error: profilesError.message,
98
+ friends: [],
99
+ });
100
+ }
101
+
102
+ const activityUids = (profiles || [])
103
+ .map((profile) => profile.uid)
104
+ .filter((uid): uid is string => !!uid);
105
+
106
+ const { data: activities, error: activitiesError } = activityUids.length
107
+ ? await supabase
108
+ .from("profileActivities")
109
+ .select("uid,last_activity")
110
+ .in("uid", activityUids)
111
+ : { data: [], error: null };
112
+
113
+ if (activitiesError) {
114
+ return NextResponse.json({
115
+ error: activitiesError.message,
116
+ friends: [],
117
+ });
118
+ }
119
+
120
+ const profileMap = new Map((profiles || []).map((profile) => [profile.id, profile]));
121
+ const mutualIds = new Set((reverseRows || []).map((row) => row.profile_id));
122
+ const activityMap = new Map(
123
+ (activities || []).map((activity) => [activity.uid, activity.last_activity])
124
+ );
125
+ const addedUsers = outgoingIds
126
+ .map((friendId) => profileMap.get(friendId))
127
+ .filter(
128
+ (
129
+ profile
130
+ ): profile is {
131
+ id: number;
132
+ uid: string | null;
133
+ username: string | null;
134
+ avatar_url: string | null;
135
+ flag: string | null;
136
+ profile_image: string | null;
137
+ } => !!profile
138
+ );
139
+
140
+ return NextResponse.json({
141
+ friends: addedUsers.map((profile) => ({
142
+ id: profile.id,
143
+ username: profile.username,
144
+ avatar_url: profile.avatar_url,
145
+ flag: profile.flag,
146
+ profile_image: profile.profile_image,
147
+ is_online:
148
+ typeof activityMap.get(profile.uid || "") === "number" &&
149
+ Date.now() - (activityMap.get(profile.uid || "") || 0) < 1800000,
150
+ last_active_timestamp: activityMap.get(profile.uid || "") ?? null,
151
+ is_mutual: mutualIds.has(profile.id),
152
+ })),
153
+ });
154
+ }
package/api/getMapUploadUrl.ts CHANGED
@@ -1,93 +1,90 @@
1
- import { NextResponse } from "../utils/response";
2
- import z from "zod";
3
- import { protectedApi, validUser } from "../utils/requestUtils";
4
- import { supabase } from "../utils/supabase";
5
-
6
- import {
7
- PutBucketCorsCommand,
8
- PutObjectCommand,
9
- S3Client,
10
- } from "@aws-sdk/client-s3";
11
- import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
12
- import { validateIntrinsicToken } from "../utils/validateToken";
13
- import { getUserBySession } from "../utils/getUserBySession";
14
- import { User } from "@supabase/supabase-js";
15
-
16
- const s3Client = new S3Client({
17
- region: "auto",
18
- endpoint: "https://s3.eu-central-003.backblazeb2.com",
19
- credentials: {
20
- secretAccessKey: process.env.SECRET_BUCKET || "",
21
- accessKeyId: process.env.ACCESS_BUCKET || "",
22
- },
23
- });
24
-
25
- export const Schema = {
26
- input: z.strictObject({
27
- mapName: z.string().optional(),
28
- session: z.string(),
29
- contentLength: z.number(),
30
- contentType: z.string(),
31
- intrinsicToken: z.string(),
32
- }),
33
- output: z.strictObject({
34
- error: z.string().optional(),
35
- url: z.string().optional(),
36
- objectKey: z.string().optional(),
37
- }),
38
- };
39
-
40
- export async function POST(request: Request): Promise<NextResponse> {
41
- return protectedApi({
42
- request,
43
- schema: Schema,
44
- authorization: validUser,
45
- activity: handler,
46
- });
47
- }
48
-
49
- export async function handler({
50
- mapName,
51
- session,
52
- contentLength,
53
- contentType,
54
- intrinsicToken,
55
- }: (typeof Schema)["input"]["_type"]): Promise<
56
- NextResponse<(typeof Schema)["output"]["_type"]>
57
- > {
58
- const user = (await getUserBySession(session)) as User;
59
-
60
- if (!validateIntrinsicToken(intrinsicToken)) {
61
- return NextResponse.json({
62
- error: "Invalid intrinsic token",
63
- });
64
- }
65
-
66
- if (contentLength > 100000000) {
67
- return NextResponse.json({
68
- error: "Max content length exceeded.",
69
- });
70
- }
71
-
72
- if (contentType !== "application/octet-stream") {
73
- return NextResponse.json({
74
- error: "Unnacceptable format",
75
- });
76
- }
77
-
78
- const key = `rhythia-${mapName ? mapName : user.id}-${Date.now()}.sspm`;
79
- const command = new PutObjectCommand({
80
- Bucket: "rhthia-avatars",
81
- Key: key,
82
- ContentLength: contentLength,
83
- ContentType: contentType,
84
- });
85
-
86
- const presigned = await getSignedUrl(s3Client, command, {
87
- expiresIn: 3600,
88
- });
89
- return NextResponse.json({
90
- url: presigned,
91
- objectKey: key,
92
- });
93
- }
1
+ import { NextResponse } from "../utils/response";
2
+ import z from "zod";
3
+ import { protectedApi, validUser } from "../utils/requestUtils";
4
+
5
+ import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
6
+ import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
7
+ import { validateIntrinsicToken } from "../utils/validateToken";
8
+ import { getUserBySession } from "../utils/getUserBySession";
9
+ import { User } from "@supabase/supabase-js";
10
+
11
+ const s3Client = new S3Client({
12
+ region: "auto",
13
+ endpoint: "https://s3.eu-central-003.backblazeb2.com",
14
+ credentials: {
15
+ secretAccessKey: process.env.SECRET_BUCKET || "",
16
+ accessKeyId: process.env.ACCESS_BUCKET || "",
17
+ },
18
+ });
19
+
20
+ export const Schema = {
21
+ input: z.strictObject({
22
+ mapName: z.string().optional(),
23
+ session: z.string(),
24
+ contentLength: z.number(),
25
+ contentType: z.string(),
26
+ intrinsicToken: z.string(),
27
+ }),
28
+ output: z.strictObject({
29
+ error: z.string().optional(),
30
+ url: z.string().optional(),
31
+ objectKey: z.string().optional(),
32
+ }),
33
+ };
34
+
35
+ export async function POST(request: Request): Promise<NextResponse> {
36
+ return protectedApi({
37
+ request,
38
+ schema: Schema,
39
+ authorization: validUser,
40
+ activity: handler,
41
+ });
42
+ }
43
+
44
+ export async function handler({
45
+ mapName,
46
+ session,
47
+ contentLength,
48
+ contentType,
49
+ intrinsicToken,
50
+ }: (typeof Schema)["input"]["_type"]): Promise<
51
+ NextResponse<(typeof Schema)["output"]["_type"]>
52
+ > {
53
+ const user = (await getUserBySession(session)) as User;
54
+
55
+ if (!validateIntrinsicToken(intrinsicToken)) {
56
+ return NextResponse.json({
57
+ error: "Invalid intrinsic token",
58
+ });
59
+ }
60
+
61
+ if (contentLength > 100000000) {
62
+ return NextResponse.json({
63
+ error: "Max content length exceeded.",
64
+ });
65
+ }
66
+
67
+ if (contentType !== "application/octet-stream") {
68
+ return NextResponse.json({
69
+ error: "Unnacceptable format",
70
+ });
71
+ }
72
+
73
+ const key = `rhythia-${mapName ? mapName : user.id}-${Date.now()}.sspm`;
74
+ const command = new PutObjectCommand({
75
+ Bucket: "rhthia-avatars",
76
+ Key: key,
77
+ ContentLength: contentLength,
78
+ ContentType: contentType,
79
+ ContentDisposition: "attachment",
80
+ });
81
+
82
+ const presigned = await getSignedUrl(s3Client, command, {
83
+ expiresIn: 3600,
84
+ signableHeaders: new Set(["content-type"]),
85
+ });
86
+ return NextResponse.json({
87
+ url: presigned,
88
+ objectKey: key,
89
+ });
90
+ }