feature(web): Async validate JWT account and sign out the user if they no longer exist

author: MohamedBassem <me@mbassem.com> 2024-10-05 17:14:59 +0000
committer: MohamedBassem <me@mbassem.com> 2024-10-05 17:15:36 +0000
commit: f1c956a361539592d00836488181b69218798600 (patch)
tree: ff975397e3ecb4063675962857441623082c2175 /packages
parent: 3a8d197437868ca10d294f0174afa013f138ec33 (diff)
download: karakeep-f1c956a361539592d00836488181b69218798600.tar.zst
1 files changed, 11 insertions, 2 deletions
diff --git a/packages/trpc/routers/users.ts b/packages/trpc/routers/users.ts
index 51f9429e..ba1aee24 100644
--- a/packages/trpc/routers/users.ts
+++ b/packages/trpc/routers/users.ts
@@ -1,5 +1,5 @@
 import { TRPCError } from "@trpc/server";
-import { count, eq } from "drizzle-orm";
+import { and, count, eq } from "drizzle-orm";
 import invariant from "tiny-invariant";
 import { z } from "zod";
 
@@ -138,7 +138,16 @@ export const usersAppRouter = router({
         email: z.string().nullish(),
       }),
     )
-    .query(({ ctx }) => {
+    .query(async ({ ctx }) => {
+      if (!ctx.user.email) {
+        throw new TRPCError({ code: "UNAUTHORIZED" });
+      }
+      const userDb = await ctx.db.query.users.findFirst({
+        where: and(eq(users.id, ctx.user.id), eq(users.email, ctx.user.email)),
+      });
+      if (!userDb) {
+        throw new TRPCError({ code: "UNAUTHORIZED" });
+      }
       return { id: ctx.user.id, name: ctx.user.name, email: ctx.user.email };
     }),
 });
author	MohamedBassem <me@mbassem.com>	2024-10-05 17:14:59 +0000
committer	MohamedBassem <me@mbassem.com>	2024-10-05 17:15:36 +0000
commit	f1c956a361539592d00836488181b69218798600 (patch)
tree	ff975397e3ecb4063675962857441623082c2175 /packages
parent	3a8d197437868ca10d294f0174afa013f138ec33 (diff)
download	karakeep-f1c956a361539592d00836488181b69218798600.tar.zst