diff --git a/server/api/updates/[id].delete.js b/server/api/updates/[id].delete.js index aeedd95..9b899ae 100644 --- a/server/api/updates/[id].delete.js +++ b/server/api/updates/[id].delete.js @@ -1,29 +1,8 @@ -import jwt from "jsonwebtoken"; import Update from "../../models/update.js"; -import { connectDB } from "../../utils/mongoose.js"; export default defineEventHandler(async (event) => { - await connectDB(); - - const token = getCookie(event, "auth-token"); - - if (!token) { - throw createError({ - statusCode: 401, - statusMessage: "Not authenticated", - }); - } - - let memberId; - try { - const decoded = jwt.verify(token, useRuntimeConfig().jwtSecret); - memberId = decoded.memberId; - } catch (err) { - throw createError({ - statusCode: 401, - statusMessage: "Invalid or expired token", - }); - } + const member = await requireAuth(event); + const memberId = member._id.toString(); const id = getRouterParam(event, "id"); diff --git a/server/api/updates/[id].patch.js b/server/api/updates/[id].patch.js index d8871f8..d4bd824 100644 --- a/server/api/updates/[id].patch.js +++ b/server/api/updates/[id].patch.js @@ -1,29 +1,8 @@ -import jwt from "jsonwebtoken"; import Update from "../../models/update.js"; -import { connectDB } from "../../utils/mongoose.js"; export default defineEventHandler(async (event) => { - await connectDB(); - - const token = getCookie(event, "auth-token"); - - if (!token) { - throw createError({ - statusCode: 401, - statusMessage: "Not authenticated", - }); - } - - let memberId; - try { - const decoded = jwt.verify(token, useRuntimeConfig().jwtSecret); - memberId = decoded.memberId; - } catch (err) { - throw createError({ - statusCode: 401, - statusMessage: "Invalid or expired token", - }); - } + const member = await requireAuth(event); + const memberId = member._id.toString(); const id = getRouterParam(event, "id"); const body = await validateBody(event, updatePatchSchema); diff --git a/server/api/updates/index.post.js b/server/api/updates/index.post.js index 8f1e330..29c3a84 100644 --- a/server/api/updates/index.post.js +++ b/server/api/updates/index.post.js @@ -1,31 +1,10 @@ -import jwt from "jsonwebtoken"; import Update from "../../models/update.js"; -import { connectDB } from "../../utils/mongoose.js"; import { validateBody } from "../../utils/validateBody.js"; import { updateCreateSchema } from "../../utils/schemas.js"; export default defineEventHandler(async (event) => { - await connectDB(); - - const token = getCookie(event, "auth-token"); - - if (!token) { - throw createError({ - statusCode: 401, - statusMessage: "Not authenticated", - }); - } - - let memberId; - try { - const decoded = jwt.verify(token, useRuntimeConfig().jwtSecret); - memberId = decoded.memberId; - } catch (err) { - throw createError({ - statusCode: 401, - statusMessage: "Invalid or expired token", - }); - } + const member = await requireAuth(event); + const memberId = member._id.toString(); const body = await validateBody(event, updateCreateSchema); diff --git a/server/api/updates/my-updates.get.js b/server/api/updates/my-updates.get.js index 084d787..37a9b3d 100644 --- a/server/api/updates/my-updates.get.js +++ b/server/api/updates/my-updates.get.js @@ -1,29 +1,8 @@ -import jwt from "jsonwebtoken"; import Update from "../../models/update.js"; -import { connectDB } from "../../utils/mongoose.js"; export default defineEventHandler(async (event) => { - await connectDB(); - - const token = getCookie(event, "auth-token"); - - if (!token) { - throw createError({ - statusCode: 401, - statusMessage: "Not authenticated", - }); - } - - let memberId; - try { - const decoded = jwt.verify(token, useRuntimeConfig().jwtSecret); - memberId = decoded.memberId; - } catch (err) { - throw createError({ - statusCode: 401, - statusMessage: "Invalid or expired token", - }); - } + const member = await requireAuth(event); + const memberId = member._id.toString(); const query = getQuery(event); const limit = parseInt(query.limit) || 20;