ekzyis/stacker.news
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow anons to get presigned URLs

Browse Source
This commit is contained in:
ekzyis 2023-10-25 17:01:16 +02:00
parent ed3a681950
commit 726f10c396
1 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
api/resolvers/upload.js
View File

@ -1,14 +1,10 @@
import { GraphQLError } from 'graphql' import { GraphQLError } from 'graphql'
import { IMAGE_PIXELS_MAX, UPLOAD_SIZE_MAX, UPLOAD_TYPES_ALLOW } from '../../lib/constants' import { ANON_USER_ID, IMAGE_PIXELS_MAX, UPLOAD_SIZE_MAX, UPLOAD_TYPES_ALLOW } from '../../lib/constants'
import { createPresignedPost } from '../s3' import { createPresignedPost } from '../s3'
export default { export default {
Mutation: { Mutation: {
getSignedPOST: async (parent, { type, size, width, height, avatar }, { models, me }) => { getSignedPOST: async (parent, { type, size, width, height, avatar }, { models, me }) => {
if (!me) {
throw new GraphQLError('you must be logged in to get a signed url', { extensions: { code: 'FORBIDDEN' } })
}
if (UPLOAD_TYPES_ALLOW.indexOf(type) === -1) { if (UPLOAD_TYPES_ALLOW.indexOf(type) === -1) {
throw new GraphQLError(`image must be ${UPLOAD_TYPES_ALLOW.map(t => t.replace('image/', '')).join(', ')}`, { extensions: { code: 'BAD_INPUT' } }) throw new GraphQLError(`image must be ${UPLOAD_TYPES_ALLOW.map(t => t.replace('image/', '')).join(', ')}`, { extensions: { code: 'BAD_INPUT' } })
} }
@ -21,15 +17,15 @@ export default {
throw new GraphQLError(`image must be less than ${IMAGE_PIXELS_MAX} pixels`, { extensions: { code: 'BAD_INPUT' } }) throw new GraphQLError(`image must be less than ${IMAGE_PIXELS_MAX} pixels`, { extensions: { code: 'BAD_INPUT' } })
} }
const { photoId } = await models.user.findUnique({ where: { id: me.id } }) const { photoId } = me ? await models.user.findUnique({ where: { id: me.id } }) : {}
const data = { const data = {
type, type,
size, size,
width, width,
height, height,
userId: me.id, userId: me?.id || ANON_USER_ID,
paid: avatar ? undefined : false paid: avatar && !!me ? undefined : false
} }
let uploadId let uploadId