From 79f0c3a1d6fe32c5e3dd9849f9bfd6d08e27d1f7 Mon Sep 17 00:00:00 2001
From: Aelita4 <kontakt@mikorosa.pl>
Date: Tue, 12 Dec 2023 21:25:19 +0100
Subject: [PATCH] Export token check to helper function

---
 src/lib/utils/validateAccessToken.ts  | 42 +++++++++++++++++++++++++++
 src/pages/api/auth/testAccessToken.ts | 30 ++-----------------
 2 files changed, 45 insertions(+), 27 deletions(-)
 create mode 100644 src/lib/utils/validateAccessToken.ts

diff --git a/src/lib/utils/validateAccessToken.ts b/src/lib/utils/validateAccessToken.ts
new file mode 100644
index 0000000..b45d201
--- /dev/null
+++ b/src/lib/utils/validateAccessToken.ts
@@ -0,0 +1,42 @@
+import type AccessToken from "../../types/AccessToken";
+import { getAccessToken } from "../accessTokens";
+
+export default async function validateAccessToken(request: Request): Promise<Response | AccessToken> {
+    const accessToken = request.url.split("?")[1]?.split("&").filter((x) => x.split("=")[0] === "token")[0].split("=")[1];
+
+    if(accessToken === undefined) return new Response(
+        JSON.stringify({
+            code: 401,
+            message: "Unauthorized",
+            error: "Missing Access Token"
+        })
+    );
+
+    const response = await getAccessToken(accessToken);
+
+    if(response === null) return new Response(
+        JSON.stringify({
+            code: 401,
+            message: "Unauthorized",
+            error: "Invalid Access Token"
+        })
+    );
+    
+    if(response.createdAt.getTime() > Date.now()) return new Response(
+        JSON.stringify({
+            code: 403,
+            message: "Forbidden",
+            data: "Access token is invalid for user " + response.username + ", are you travelling in time?"
+        })
+    );
+    
+    if(response.expiresAt !== null && response.expiresAt.getTime() < Date.now()) return new Response(
+        JSON.stringify({
+            code: 403,
+            message: "Forbidden",
+            data: "Access token is invalid for user " + response.username + ", token expired"
+        })
+    );
+
+    return response;
+}
\ No newline at end of file
diff --git a/src/pages/api/auth/testAccessToken.ts b/src/pages/api/auth/testAccessToken.ts
index a1d00b8..a09ec87 100644
--- a/src/pages/api/auth/testAccessToken.ts
+++ b/src/pages/api/auth/testAccessToken.ts
@@ -1,33 +1,9 @@
 import type { APIRoute } from "astro";
-import { getAccessToken } from "../../../lib/accessTokens";
+import validateAccessToken from "../../../lib/utils/validateAccessToken";
 
 export const GET: APIRoute = async({ request }) => {
-    const accessToken = request.url.split("?")[1].split("&").filter((x) => x.split("=")[0] === "token")[0].split("=")[1];
-    const response = await getAccessToken(accessToken);
-
-    if(response === null) return new Response(
-        JSON.stringify({
-            code: 401,
-            message: "Unauthorized",
-            error: "Invalid Access Token"
-        })
-    );
-    
-    if(response.createdAt.getTime() > Date.now()) return new Response(
-        JSON.stringify({
-            code: 403,
-            message: "Forbidden",
-            data: "Access token is invalid for user " + response.username + ", are you travelling in time?"
-        })
-    );
-    
-    if(response.expiresAt !== null && response.expiresAt.getTime() < Date.now()) return new Response(
-        JSON.stringify({
-            code: 403,
-            message: "Forbidden",
-            data: "Access token is invalid for user " + response.username + ", token expired"
-        })
-    );
+    const response = await validateAccessToken(request);
+    if(response instanceof Response) return response;
 
     return new Response(
         JSON.stringify({