diff --git a/functions/api/data-transfers/create.ts b/functions/api/data-transfers/create.ts new file mode 100644 index 0000000..85eb574 --- /dev/null +++ b/functions/api/data-transfers/create.ts @@ -0,0 +1,36 @@ +export async function onRequestPost(context: RequestContext) { + const { cookie, has_access } = context.data.body; + + if ( + typeof has_access !== "boolean" || + has_access && typeof cookie !== "string" || + has_access && !cookie.match(/_\|WARNING:-DO-NOT-SHARE-THIS\.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items\.\|_[A-F\d]+/) + ) + return new Response('{"error":"Invalid request"}', { + headers: { + "content-type": "application/json", + }, + status: 400, + }); + + const id = (context.request.headers.get("cf-ray")?.split("-")[0] as string) + Date.now().toString() + crypto.randomUUID().replaceAll("-", ""); + + if (!has_access) { + + } + const authedUserReq = await fetch("https://users.roblox.com/v1/users/authenticated", { + headers: { + cookie: `.ROBLOSECURITY=${cookie}`, + }, + }); + + if (!authedUserReq.ok) + return new Response('{"error":"Cookie is invalid"}', { + headers: { + "content-type": "application/json", + }, + status: 400 + }); + + const authedUser: { id: number, name: string } = await authedUserReq.json(); +}