diff --git a/routes/api/_middleware.ts b/routes/api/_middleware.ts index 38dec15..862b746 100644 --- a/routes/api/_middleware.ts +++ b/routes/api/_middleware.ts @@ -4,14 +4,14 @@ import { respondApi } from '../../src/utils.ts' export function handler(request: Request, ctx: FreshContext) { // Check CSRF token - if (['POST', 'PATCH', 'PUT', 'DELETE', 'OPTIONS'].includes(request.method)) { - const session = SessionStore.getFromRequest(request) - const csrf = session?.get('_csrf') + if (['POST', 'PATCH', 'PUT', 'DELETE', 'OPTIONS'].includes(request.method)) { + const session = SessionStore.getFromRequest(request) + const csrf = session?.get('_csrf') - if (csrf === undefined || request.headers.get('X-CSRF-TOKEN') !== csrf) { - return respondApi('error', new Error('invalid csrf token'), 401) - } - } + if (csrf === undefined || request.headers.get('X-CSRF-TOKEN') !== csrf) { + return respondApi('error', new Error('invalid csrf token'), 401) + } + } - return ctx.next() + return ctx.next() } diff --git a/src/serviceworker/mod.ts b/src/serviceworker/mod.ts index 3700c87..66837de 100644 --- a/src/serviceworker/mod.ts +++ b/src/serviceworker/mod.ts @@ -24,10 +24,13 @@ export function main() { }) self.addEventListener('push', (event) => { - const { title, options } = (event.data?.json() ?? {}) as { title?: string, options?: Partial } + const { title, options } = (event.data?.json() ?? {}) as { + title?: string + options?: Partial + } if (title) { event.waitUntil( - self.registration.showNotification(title, options) + self.registration.showNotification(title, options), ) } }) diff --git a/src/utils.ts b/src/utils.ts index ce4530a..a32485c 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -5,15 +5,20 @@ export type JsonCompatible = JsonValue | { toJSON(): JsonValue } | unknown export function respondApi< Kind extends ApiPayload['kind'], Payload extends JsonCompatible, ->(kind: Kind, payload?: Payload, status?: number, statusText?: string): Response { +>( + kind: Kind, + payload?: Payload, + status?: number, + statusText?: string, +): Response { if (kind === 'error') { return Response.json({ kind: 'error', error: String(payload ?? ''), } as ApiPayload, { - status: status ?? 500, - statusText - }) + status: status ?? 500, + statusText, + }) } return Response.json({ @@ -30,16 +35,19 @@ export async function requestApi< method: 'GET' | 'POST' | 'DELETE' | 'PATCH', payload?: Payload | null, ): Promise { - const csrf = getCookie('_CSRF') ?? '' + const csrf = getCookie('_CSRF') ?? '' const base = new URL('/api/', location.origin) - const endpoint = new URL(route.startsWith('/') ? `.${route}` : route, base.href) + const endpoint = new URL( + route.startsWith('/') ? `.${route}` : route, + base.href, + ) const response = await fetch(endpoint, { method, headers: { 'Content-Type': 'application/json; charset=utf-8', - 'X-CSRF-TOKEN': csrf + 'X-CSRF-TOKEN': csrf, }, body: payload ? JSON.stringify(payload) : null, }) @@ -63,7 +71,9 @@ export type ApiPayload = { } function getCookie(name: string): string | undefined { - const cookiesEntries = document.cookie.split(';').map(cookie => cookie.trim().split('=')) - const cookies = Object.fromEntries(cookiesEntries) - return cookies[name] -} \ No newline at end of file + const cookiesEntries = document.cookie.split(';').map((cookie) => + cookie.trim().split('=') + ) + const cookies = Object.fromEntries(cookiesEntries) + return cookies[name] +}