adilallo
122 lines
3.6 KiB
TypeScript
122 lines
3.6 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { prisma } from "../../../../../../../lib/server/db";
|
|
import {
|
|
getSessionPepper,
|
|
isDatabaseConfigured,
|
|
} from "../../../../../../../lib/server/env";
|
|
import { hashSessionToken, newSessionToken } from "../../../../../../../lib/server/hash";
|
|
import { sendRuleStakeholderInviteEmail } from "../../../../../../../lib/server/mail";
|
|
import { apiRoute } from "../../../../../../../lib/server/apiRoute";
|
|
import { logRouteError } from "../../../../../../../lib/server/requestId";
|
|
import { stakeholderInviteVerifyUrl } from "../../../../../../../lib/server/ruleStakeholderInviteOps";
|
|
import { STAKEHOLDER_INVITE_TTL_MS } from "../../../../../../../lib/server/ruleStakeholders";
|
|
import {
|
|
dbUnavailable,
|
|
errorJson,
|
|
forbidden,
|
|
notFound,
|
|
rateLimited,
|
|
serverMisconfigured,
|
|
unauthorized,
|
|
} from "../../../../../../../lib/server/responses";
|
|
import { getSessionUser } from "../../../../../../../lib/server/session";
|
|
import { rateLimitKey } from "../../../../../../../lib/server/rateLimit";
|
|
import { getPublicOrigin } from "../../../../../../../lib/server/publicOrigin";
|
|
|
|
type RouteContext = { params: Promise<{ id: string; stakeholderId: string }> };
|
|
|
|
export const POST = apiRoute<RouteContext>(
|
|
"rules.stakeholders.resend",
|
|
async (request: NextRequest, context, { requestId }) => {
|
|
if (!isDatabaseConfigured()) {
|
|
return dbUnavailable();
|
|
}
|
|
|
|
const user = await getSessionUser();
|
|
if (!user) {
|
|
return unauthorized();
|
|
}
|
|
|
|
const { id: ruleId, stakeholderId } = await context.params;
|
|
|
|
const row = await prisma.ruleStakeholder.findFirst({
|
|
where: { id: stakeholderId, ruleId },
|
|
select: {
|
|
id: true,
|
|
email: true,
|
|
inviteTokenHash: true,
|
|
inviteExpiresAt: true,
|
|
rule: { select: { userId: true, title: true } },
|
|
},
|
|
});
|
|
|
|
if (!row) {
|
|
return notFound();
|
|
}
|
|
if (row.rule.userId !== user.id) {
|
|
return forbidden();
|
|
}
|
|
if (row.inviteTokenHash === null) {
|
|
return errorJson(
|
|
"validation_error",
|
|
"This stakeholder has already accepted the invite",
|
|
400,
|
|
);
|
|
}
|
|
|
|
const rl = rateLimitKey(`rule-stakeholders-resend:${row.id}`, 60_000);
|
|
if (rl.ok === false) {
|
|
return rateLimited(rl.retryAfterMs);
|
|
}
|
|
|
|
let pepper: string;
|
|
try {
|
|
pepper = getSessionPepper();
|
|
} catch (err) {
|
|
logRouteError("rules.stakeholders.resend", requestId, err, {
|
|
phase: "getSessionPepper",
|
|
});
|
|
return serverMisconfigured();
|
|
}
|
|
|
|
const prevHash = row.inviteTokenHash;
|
|
const prevExp = row.inviteExpiresAt;
|
|
const token = newSessionToken();
|
|
const newHash = hashSessionToken(token, pepper);
|
|
const newExp = new Date(Date.now() + STAKEHOLDER_INVITE_TTL_MS);
|
|
|
|
await prisma.ruleStakeholder.update({
|
|
where: { id: row.id },
|
|
data: {
|
|
inviteTokenHash: newHash,
|
|
inviteExpiresAt: newExp,
|
|
},
|
|
});
|
|
|
|
const verifyUrl = stakeholderInviteVerifyUrl(getPublicOrigin(request), token);
|
|
try {
|
|
await sendRuleStakeholderInviteEmail(row.email, verifyUrl, row.rule.title);
|
|
} catch (err) {
|
|
logRouteError("rules.stakeholders.resend", requestId, err, {
|
|
phase: "sendRuleStakeholderInviteEmail",
|
|
});
|
|
await prisma.ruleStakeholder
|
|
.update({
|
|
where: { id: row.id },
|
|
data: {
|
|
inviteTokenHash: prevHash,
|
|
inviteExpiresAt: prevExp,
|
|
},
|
|
})
|
|
.catch(() => {});
|
|
return errorJson(
|
|
"mail_failed",
|
|
"Could not resend stakeholder invite",
|
|
502,
|
|
);
|
|
}
|
|
|
|
return NextResponse.json({ ok: true });
|
|
},
|
|
);
|