From f6e5fe8a5e6fbebfe077d1e6501fcddcff193830 Mon Sep 17 00:00:00 2001
From: mantikoros <sgrugett@gmail.com>
Date: Wed, 31 Aug 2022 01:10:59 -0500
Subject: [PATCH] use user id instead of bot id, add manifold api endpoint

---
 functions/src/save-twitch-credentials.ts |  8 +++-----
 web/pages/api/v0/twitch/save.ts          | 23 +++++++++++++++++++++++
 2 files changed, 26 insertions(+), 5 deletions(-)
 create mode 100644 web/pages/api/v0/twitch/save.ts

diff --git a/functions/src/save-twitch-credentials.ts b/functions/src/save-twitch-credentials.ts
index 1553aa0f..80dc86a6 100644
--- a/functions/src/save-twitch-credentials.ts
+++ b/functions/src/save-twitch-credentials.ts
@@ -1,22 +1,20 @@
 import * as admin from 'firebase-admin'
 import { z } from 'zod'
 
-import { APIError, newEndpoint, validate } from './api'
+import { newEndpoint, validate } from './api'
 
 const bodySchema = z.object({
-  userId: z.string(),
   twitchInfo: z.object({
     twitchName: z.string(),
     controlToken: z.string(),
   }),
 })
 
-const BOT_ID = 'BOT_ID'
 
 export const savetwitchcredentials = newEndpoint({}, async (req, auth) => {
-  if (auth.uid !== BOT_ID) throw new APIError(403, 'Invalid access credentials')
+  const { twitchInfo } = validate(bodySchema, req.body)
+  const userId = auth.uid
 
-  const { userId, twitchInfo } = validate(bodySchema, req.body)
   await firestore.doc(`private-users/${userId}`).update({ twitchInfo })
   return { success: true }
 })
diff --git a/web/pages/api/v0/twitch/save.ts b/web/pages/api/v0/twitch/save.ts
new file mode 100644
index 00000000..775817e9
--- /dev/null
+++ b/web/pages/api/v0/twitch/save.ts
@@ -0,0 +1,23 @@
+import { NextApiRequest, NextApiResponse } from 'next'
+import {
+  CORS_ORIGIN_MANIFOLD,
+  CORS_ORIGIN_LOCALHOST,
+} from 'common/envs/constants'
+import { applyCorsHeaders } from 'web/lib/api/cors'
+import { fetchBackend, forwardResponse } from 'web/lib/api/proxy'
+
+export const config = { api: { bodyParser: true } }
+
+export default async function route(req: NextApiRequest, res: NextApiResponse) {
+  await applyCorsHeaders(req, res, {
+    origin: [CORS_ORIGIN_MANIFOLD, CORS_ORIGIN_LOCALHOST],
+    methods: 'POST',
+  })
+  try {
+    const backendRes = await fetchBackend(req, 'savetwitchcredentials')
+    await forwardResponse(res, backendRes)
+  } catch (err) {
+    console.error('Error talking to cloud function: ', err)
+    res.status(500).json({ message: 'Error communicating with backend.' })
+  }
+}