From f1c956a361539592d00836488181b69218798600 Mon Sep 17 00:00:00 2001
From: MohamedBassem <me@mbassem.com>
Date: Sat, 5 Oct 2024 17:14:59 +0000
Subject: feature(web): Async validate JWT account and sign out the user if
 they no longer exist

---
 packages/trpc/routers/users.ts | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'packages')

diff --git a/packages/trpc/routers/users.ts b/packages/trpc/routers/users.ts
index 51f9429e..ba1aee24 100644
--- a/packages/trpc/routers/users.ts
+++ b/packages/trpc/routers/users.ts
@@ -1,5 +1,5 @@
 import { TRPCError } from "@trpc/server";
-import { count, eq } from "drizzle-orm";
+import { and, count, eq } from "drizzle-orm";
 import invariant from "tiny-invariant";
 import { z } from "zod";
 
@@ -138,7 +138,16 @@ export const usersAppRouter = router({
         email: z.string().nullish(),
       }),
     )
-    .query(({ ctx }) => {
+    .query(async ({ ctx }) => {
+      if (!ctx.user.email) {
+        throw new TRPCError({ code: "UNAUTHORIZED" });
+      }
+      const userDb = await ctx.db.query.users.findFirst({
+        where: and(eq(users.id, ctx.user.id), eq(users.email, ctx.user.email)),
+      });
+      if (!userDb) {
+        throw new TRPCError({ code: "UNAUTHORIZED" });
+      }
       return { id: ctx.user.id, name: ctx.user.name, email: ctx.user.email };
     }),
 });
-- 
cgit v1.2.3-70-g09d2