Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Finish data transfer creation endpoint
  • Loading branch information
regalijan committed Oct 19, 2023
1 parent 6b6c6c2 commit 5db1df7
Showing 1 changed file with 80 additions and 10 deletions.
90 changes: 80 additions & 10 deletions functions/api/data-transfers/create.ts
Expand Up @@ -3,8 +3,11 @@ export async function onRequestPost(context: RequestContext) {

if (
typeof has_access !== "boolean" ||
has_access && typeof cookie !== "string" ||
has_access && !cookie.match(/_\|WARNING:-DO-NOT-SHARE-THIS\.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items\.\|_[A-F\d]+/)
(has_access && typeof cookie !== "string") ||
(has_access &&
!cookie.match(
/_\|WARNING:-DO-NOT-SHARE-THIS\.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items\.\|_[A-F\d]+/,
))
)
return new Response('{"error":"Invalid request"}', {
headers: {
Expand All @@ -13,24 +16,91 @@ export async function onRequestPost(context: RequestContext) {
status: 400,
});

const id = (context.request.headers.get("cf-ray")?.split("-")[0] as string) + Date.now().toString() + crypto.randomUUID().replaceAll("-", "");
const id =
(context.request.headers.get("cf-ray")?.split("-")[0] as string) +
Date.now().toString() +
crypto.randomUUID().replaceAll("-", "");

if (!has_access) {
if (has_access) {
await context.env.DATA.put(`datatransfer_${id}`, "{}", {
expirationTtl: 1800,
});

const host = context.request.headers.get("Host") as string;

return new Response(
`{"url":"https://apis.roblox.com/oauth/v1/authorize?client_id=${
context.env.ROBLOX_OAUTH_CLIENT_ID
}&redirect_uri=${encodeURIComponent(
`http${host.startsWith(
"localhost" ? "" : "s",
)}://${host}/api/data-transfers/verify`,
)}&state=${id}"}`,
{
headers: {
"set-cookie": `__dtid=${id}; HttpOnly; Max-Age=3600; Path=/; SameSite=Lax; Secure`,
},
},
);
}
const authedUserReq = await fetch("https://users.roblox.com/v1/users/authenticated", {
headers: {
cookie: `.ROBLOSECURITY=${cookie}`,

const authedUserReq = await fetch(
"https://users.roblox.com/v1/users/authenticated",
{
headers: {
cookie: `.ROBLOSECURITY=${cookie}`,
},
},
});
);

if (!authedUserReq.ok)
return new Response('{"error":"Cookie is invalid"}', {
headers: {
"content-type": "application/json",
},
status: 400
status: 400,
});

const authedUser: { id: number, name: string } = await authedUserReq.json();
const authedUser: { id: number; name: string } = await authedUserReq.json();

const createCardReq = await fetch(
`https://api.trello.com/1/cards?key=${context.env.TRELLO_API_KEY}&token=${context.env.TRELLO_API_TOKEN}`,
{
body: JSON.stringify({
desc: `Old account: ${authedUser.name} (${authedUser.id})`,
idList: "5fbd440cd30b6377f959e244",
name: `${authedUser.name} | Data Transfer`,
}),
headers: {
accept: "application/json",
"content-type": "application/json",
},
method: "POST",
},
);

if (!createCardReq.ok)
return new Response('{"error":"Failed to create entry"}', {
headers: {
"content-type": "application/json",
},
status: 500,
});

await context.env.DATA.put(
`datatransfer_${id}`,
JSON.stringify({
oldUser: authedUser,
}),
{
expirationTtl: 900,
},
);

return new Response(null, {
headers: {
location: `/data-transfer/${id}`,
},
status: 201,
});
}

0 comments on commit 5db1df7

Please sign in to comment.