From 8935fa0b1ce222f69e74e038eefdd1d5a311e1e7 Mon Sep 17 00:00:00 2001 From: CultPodcastsBot <142722442+cultpodcasts@users.noreply.github.com> Date: Wed, 7 Aug 2024 14:25:42 +0100 Subject: [PATCH] Add create subject endpoints (#36) --- src/index.ts | 40 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/src/index.ts b/src/index.ts index fe62954..606ebf3 100644 --- a/src/index.ts +++ b/src/index.ts @@ -71,7 +71,7 @@ app.use('/*', cors({ return getOrigin(origin); }, allowHeaders: ['content-type', 'authorization'], - allowMethods: ['GET', 'HEAD', 'POST', 'OPTIONS'], + allowMethods: ['GET', 'HEAD', 'POST', 'OPTIONS', 'PUT'], maxAge: 86400, credentials: true, exposeHeaders: ['X-Origin'] @@ -641,6 +641,44 @@ app.post("/subject/:id", auth0Middleware, async (c) => { return c.json({ error: "Unauthorised" }, 403); }); +app.put("/subject", auth0Middleware, async (c) => { + const auth0Payload: Auth0JwtPayload = c.var.auth0('payload'); + c.header("Cache-Control", "max-age=600"); + c.header("Content-Type", "application/json"); + c.header("Access-Control-Allow-Origin", getOrigin(c.req.header("Origin"))); + c.header("Access-Control-Allow-Methods", "POST,GET,OPTIONS"); + + if (auth0Payload?.permissions && auth0Payload.permissions.includes('curate')) { + const authorisation: string = c.req.header("Authorization")!; + const url = `${c.env.secureSubjectEndpoint}`; + const data: any = await c.req.json(); + const body: string = JSON.stringify(data) + const resp = await fetch(url, { + headers: { + 'Accept': "*/*", + 'Authorization': authorisation, + "Content-type": "application/json", + "Cache-Control": "no-cache", + "User-Agent": "cult-podcasts-api", + "Host": new URL(c.env.secureSubjectEndpoint).host + }, + method: "PUT", + body: body + }); + if (resp.status == 202) { + console.log(`Successfully used secure-subject-endpoint.`); + return new Response(resp.body, {status:resp.status}); + } else if (resp.status == 409) { + console.log(`Conflict reported on secure-subject-endpoint.`); + return new Response(resp.body, {status:resp.status}); + } else { + console.log(`Failed to use secure-subject-endpoint. Response code: '${resp.status}'.`); + return c.json({ error: "Error" }, 500); + } + } + return c.json({ error: "Unauthorised" }, 403); +}); + app.get("/discovery-curation", auth0Middleware, async (c) => { const auth0Payload: Auth0JwtPayload = c.var.auth0('payload'); c.header("Cache-Control", "max-age=600");