From 03fe13e7074ca7468a379bb588b0136d94c56f32 Mon Sep 17 00:00:00 2001 From: nate Date: Thu, 19 Mar 2026 10:00:30 +0400 Subject: [PATCH] fix: elysia issues --- apps/web/src/routes/auth.ts | 33 ++++++++++++++++---------------- apps/web/src/routes/dashboard.ts | 10 +++++----- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/apps/web/src/routes/auth.ts b/apps/web/src/routes/auth.ts index 04985b6..9cebca3 100644 --- a/apps/web/src/routes/auth.ts +++ b/apps/web/src/routes/auth.ts @@ -5,6 +5,10 @@ import { createRateLimiter } from "../utils/rate-limit"; const EMAIL_HMAC_KEY = process.env.EMAIL_HMAC_KEY || "pingql-default-hmac-key"; +function redir(to: string) { + return new Response(null, { status: 302, headers: { Location: to } }); +} + // ── Per-IP rate limiting for auth endpoints ─────────────────────────── const checkAuthRateLimit = createRateLimiter(); @@ -79,18 +83,18 @@ export const account = new Elysia({ prefix: "/account" }) const resolved = await resolveKey(key); if (!resolved) { set.status = 401; - if ((body as any)._form) { set.redirect = "/dashboard?error=invalid"; return; } + if ((body as any)._form) return redir("/dashboard?error=invalid"); return { error: "Invalid account key" }; } cookie.pingql_key.set({ value: key, ...COOKIE_OPTS }); - if ((body as any)._form) { set.redirect = "/dashboard/home"; return; } + if ((body as any)._form) return redir("/dashboard/home"); return { ok: true }; }, { detail: { hide: true } }) - .get("/logout", ({ cookie, set }) => { + .get("/logout", ({ cookie }) => { cookie.pingql_key.set({ value: "", ...COOKIE_OPTS, maxAge: 0 }); - set.redirect = "/dashboard"; + return redir("/dashboard"); }, { detail: { hide: true } }) .post("/register", async ({ body, cookie, request, set, error }) => { @@ -103,10 +107,7 @@ export const account = new Elysia({ prefix: "/account" }) cookie.pingql_key.set({ value: key, ...COOKIE_OPTS }); // Form submission → redirect to welcome page showing the key - if ((body as any)._form) { - set.redirect = `/dashboard/welcome?key=${encodeURIComponent(key)}`; - return; - } + if ((body as any)._form) return redir(`/dashboard/welcome?key=${encodeURIComponent(key)}`); return { key, email_registered: !!emailHash }; }) @@ -124,31 +125,31 @@ export const account = new Elysia({ prefix: "/account" }) }; }) - .post("/email", async ({ accountId, body, set }) => { + .post("/email", async ({ accountId, body }) => { const emailHash = (body as any).email ? hashEmail((body as any).email) : null; await sql`UPDATE accounts SET email_hash = ${emailHash} WHERE id = ${accountId}`; - if ((body as any)._form) { set.redirect = "/dashboard/settings"; return; } + if ((body as any)._form) return redir("/dashboard/settings"); return { ok: true }; }) - .post("/reset-key", async ({ accountId, cookie, body, set }) => { + .post("/reset-key", async ({ accountId, cookie, body }) => { const key = generateKey(); await sql`UPDATE accounts SET key = ${key} WHERE id = ${accountId}`; cookie.pingql_key.set({ value: key, ...COOKIE_OPTS }); - if ((body as any)?._form) { set.redirect = "/dashboard/settings"; return; } + if ((body as any)?._form) return redir("/dashboard/settings"); return { key, message: "Primary key rotated. Your old key is now invalid." }; }) - .post("/keys", async ({ accountId, body, set }) => { + .post("/keys", async ({ accountId, body }) => { const key = generateKey(); const [created] = await sql`INSERT INTO api_keys (key, account_id, label) VALUES (${key}, ${accountId}, ${(body as any).label}) RETURNING id`; - if ((body as any)._form) { set.redirect = "/dashboard/settings"; return; } + if ((body as any)._form) return redir("/dashboard/settings"); return { key, id: created.id, label: (body as any).label }; }) - .post("/keys/:id/delete", async ({ accountId, params, set }) => { + .post("/keys/:id/delete", async ({ accountId, params }) => { await sql`DELETE FROM api_keys WHERE id = ${params.id} AND account_id = ${accountId}`; - set.redirect = "/dashboard/settings"; + return redir("/dashboard/settings"); }) .delete("/keys/:id", async ({ accountId, params, error }) => { diff --git a/apps/web/src/routes/dashboard.ts b/apps/web/src/routes/dashboard.ts index a18c968..d15913a 100644 --- a/apps/web/src/routes/dashboard.ts +++ b/apps/web/src/routes/dashboard.ts @@ -370,11 +370,11 @@ export const dashboard = new Elysia() }); } catch {} - set.redirect = "/dashboard/home"; + return redirect("/dashboard/home"); }) // Delete monitor via form POST - .post("/dashboard/monitors/:id/delete", async ({ cookie, headers, params, set }) => { + .post("/dashboard/monitors/:id/delete", async ({ cookie, headers, params }) => { const resolved = await getAccountId(cookie, headers); if (!resolved?.accountId) return redirect("/dashboard"); @@ -385,11 +385,11 @@ export const dashboard = new Elysia() headers: { "Authorization": `Bearer ${key}` }, }); - set.redirect = "/dashboard/home"; + return redirect("/dashboard/home"); }) // Toggle monitor via form POST - .post("/dashboard/monitors/:id/toggle", async ({ cookie, headers, params, set }) => { + .post("/dashboard/monitors/:id/toggle", async ({ cookie, headers, params }) => { const resolved = await getAccountId(cookie, headers); if (!resolved?.accountId) return redirect("/dashboard"); @@ -400,7 +400,7 @@ export const dashboard = new Elysia() headers: { "Authorization": `Bearer ${key}` }, }); - set.redirect = `/dashboard/monitors/${params.id}`; + return redirect(`/dashboard/monitors/${params.id}`); }) // Docs