From d085d4b762b86ff7cc56613e877004ec52942d27 Mon Sep 17 00:00:00 2001
From: Benny Samir Hierl <bennysamir@posteo.de>
Date: Sat, 12 Feb 2022 22:26:38 +0100
Subject: [PATCH] allow wishlist to be not public

Signed-off-by: Benny Samir Hierl <bennysamir@posteo.de>
---
 .../migration.sql                             | 16 +++++++++
 prisma/schema.prisma                          |  1 +
 prisma/seed.ts                                |  1 +
 src/api/config/auth.ts                        | 34 +++++++++----------
 src/api/config/initApp.ts                     |  9 +++++
 src/api/models/wishlist/index.ts              |  3 +-
 src/api/routes/wishlist/read.ts               |  5 +--
 src/composables/useAxios.ts                   |  2 +-
 src/types.ts                                  |  1 +
 9 files changed, 51 insertions(+), 21 deletions(-)
 create mode 100644 prisma/migrations/20220212205507_add_public_option/migration.sql

diff --git a/prisma/migrations/20220212205507_add_public_option/migration.sql b/prisma/migrations/20220212205507_add_public_option/migration.sql
new file mode 100644
index 0000000..628c5cd
--- /dev/null
+++ b/prisma/migrations/20220212205507_add_public_option/migration.sql
@@ -0,0 +1,16 @@
+-- RedefineTables
+PRAGMA foreign_keys=OFF;
+CREATE TABLE "new_Wishlist" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "public" BOOLEAN NOT NULL DEFAULT true,
+    "title" TEXT NOT NULL,
+    "imageSrc" TEXT NOT NULL,
+    "slugUrlText" TEXT NOT NULL,
+    "description" TEXT NOT NULL DEFAULT ''
+);
+INSERT INTO "new_Wishlist" ("description", "id", "imageSrc", "slugUrlText", "title") SELECT "description", "id", "imageSrc", "slugUrlText", "title" FROM "Wishlist";
+DROP TABLE "Wishlist";
+ALTER TABLE "new_Wishlist" RENAME TO "Wishlist";
+CREATE UNIQUE INDEX "Wishlist_slugUrlText_key" ON "Wishlist"("slugUrlText");
+PRAGMA foreign_key_check;
+PRAGMA foreign_keys=ON;
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index adb8d25..dfd43ca 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -12,6 +12,7 @@ datasource db {
 
 model Wishlist {
   id            String    @id @default(uuid())
+  public        Boolean   @default(true)
   title         String
   imageSrc      String
   slugUrlText   String    @unique
diff --git a/prisma/seed.ts b/prisma/seed.ts
index 17b66a2..b20142c 100644
--- a/prisma/seed.ts
+++ b/prisma/seed.ts
@@ -31,6 +31,7 @@ const wishlistData: Prisma.WishlistCreateInput[] = [
   },
   {
     title: 'Wedding',
+    public: false,
     imageSrc:
       'https://unsplash.com/photos/8vaQKYnawHw/download?ixid=MnwxMjA3fDB8MXxhbGx8fHx8fHx8fHwxNjQ0MDQ4MTIy&force=true&w=200',
     description: 'We are getting married',
diff --git a/src/api/config/auth.ts b/src/api/config/auth.ts
index 6c43c95..c5869cd 100644
--- a/src/api/config/auth.ts
+++ b/src/api/config/auth.ts
@@ -8,28 +8,28 @@ export default {
     if (!process.env.API_KEY) {
       throw new Error('ENV API_KEY is not set!')
     }
+    app.decorateRequest('isAuthenticated', false)
     app.addHook(
       'onRequest',
       (request: FastifyRequest, reply: FastifyReply, done) => {
-        //@ts-expect-error: custom attribute
-        if (!reply.context.config.protected) {
-          return done()
-        }
-        if (!request.headers.authorization) {
-          return done(error)
-        }
-        const authHeader = request.headers.authorization.split(' ')
-        request.log.debug(authHeader)
-        if (
-          authHeader[0] &&
-          authHeader[0].trim().toLowerCase() === 'api-key' &&
-          authHeader[1]
-        ) {
-          if (authHeader[1] === process.env.API_KEY) {
-            return done()
+        if (request.headers.authorization) {
+          const authHeader = request.headers.authorization.split(' ')
+          request.log.debug(authHeader)
+          if (
+            authHeader[0] &&
+            authHeader[0].trim().toLowerCase() === 'api-key' &&
+            authHeader[1]
+          ) {
+            if (authHeader[1] === process.env.API_KEY) {
+              request.isAuthenticated = true
+            }
           }
         }
-        done(error)
+        if (reply.context.config.protected && !request.isAuthenticated) {
+          done(error)
+        } else {
+          done()
+        }
       }
     )
   },
diff --git a/src/api/config/initApp.ts b/src/api/config/initApp.ts
index 5328d83..2b8f6e7 100644
--- a/src/api/config/initApp.ts
+++ b/src/api/config/initApp.ts
@@ -5,6 +5,15 @@ import cors from 'fastify-cors'
 import { fastify as defaultConfig } from './'
 import auth from './auth'
 
+declare module 'fastify' {
+  interface FastifyRequest {
+    isAuthenticated: boolean
+  }
+  interface FastifyContextConfig {
+    protected?: boolean
+  }
+}
+
 export default async (opts: FastifyContextConfig = {}) => {
   const app = Fastify({
     ...defaultConfig,
diff --git a/src/api/models/wishlist/index.ts b/src/api/models/wishlist/index.ts
index 183f227..7d7dd73 100644
--- a/src/api/models/wishlist/index.ts
+++ b/src/api/models/wishlist/index.ts
@@ -2,8 +2,9 @@ import { prisma } from '../../services'
 import { Wishlist, WishlistItem } from '@/types'
 
 export default {
-  getAll: async (): Promise<Wishlist[]> => {
+  getAll: async (where?: any): Promise<Wishlist[]> => {
     return (await prisma.client.wishlist.findMany({
+      where,
       include: { items: false },
     })) as Wishlist[]
   },
diff --git a/src/api/routes/wishlist/read.ts b/src/api/routes/wishlist/read.ts
index 3bc6e80..98ea8ca 100644
--- a/src/api/routes/wishlist/read.ts
+++ b/src/api/routes/wishlist/read.ts
@@ -13,8 +13,9 @@ export const getAll = <RouteOptions>{
       },
     },
   },
-  handler: async () => {
-    return await wishlist.getAll()
+  handler: async (request) => {
+    const where = request.isAuthenticated ? {} : { public: true }
+    return await wishlist.getAll(where)
   },
 }
 
diff --git a/src/composables/useAxios.ts b/src/composables/useAxios.ts
index e444108..d0d0556 100644
--- a/src/composables/useAxios.ts
+++ b/src/composables/useAxios.ts
@@ -33,7 +33,7 @@ export const requestInterceptor = client.interceptors.request.use(
     }
     isLoading.value = true
     error.value = null
-    config.headers.Authorization = token.value ? `Bearer ${token.value}` : ''
+    config.headers.Authorization = token.value ? `API-Key ${token.value}` : ''
 
     return config
   },
diff --git a/src/types.ts b/src/types.ts
index 3742140..c5d1cc3 100644
--- a/src/types.ts
+++ b/src/types.ts
@@ -9,6 +9,7 @@ export interface WishlistItem {
 }
 export interface Wishlist {
   id?: string
+  public: boolean
   title: string
   description: string
   imageSrc: string