forked from akai/readest
fix(sync): resolve issue where invalid tokens were occasionally used with the storage API (#2041)
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next';
|
||||
import { corsAllMethods, runMiddleware } from '@/utils/cors';
|
||||
import { createSupabaseClient } from '@/utils/supabase';
|
||||
import { createSupabaseAdminClient } from '@/utils/supabase';
|
||||
import { validateUserAndToken } from '@/utils/access';
|
||||
import { deleteObject } from '@/utils/object';
|
||||
|
||||
@@ -23,7 +23,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
return res.status(400).json({ error: 'Missing or invalid fileKey' });
|
||||
}
|
||||
|
||||
const supabase = createSupabaseClient(token);
|
||||
const supabase = createSupabaseAdminClient();
|
||||
const { data: fileRecord, error: fileError } = await supabase
|
||||
.from('files')
|
||||
.select('user_id, id')
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next';
|
||||
import { createSupabaseClient } from '@/utils/supabase';
|
||||
import { createSupabaseAdminClient } from '@/utils/supabase';
|
||||
import { corsAllMethods, runMiddleware } from '@/utils/cors';
|
||||
import { getDownloadSignedUrl } from '@/utils/object';
|
||||
import { validateUserAndToken } from '@/utils/access';
|
||||
@@ -24,7 +24,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
}
|
||||
|
||||
// Verify the file belongs to the user
|
||||
const supabase = createSupabaseClient(token);
|
||||
const supabase = createSupabaseAdminClient();
|
||||
const result = await supabase
|
||||
.from('files')
|
||||
.select('user_id, file_key')
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import type { NextApiRequest, NextApiResponse } from 'next';
|
||||
import { createSupabaseClient } from '@/utils/supabase';
|
||||
import { createSupabaseAdminClient } from '@/utils/supabase';
|
||||
import { corsAllMethods, runMiddleware } from '@/utils/cors';
|
||||
import {
|
||||
getStoragePlanData,
|
||||
@@ -32,7 +32,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
||||
}
|
||||
|
||||
const fileKey = `${user.id}/${fileName}`;
|
||||
const supabase = createSupabaseClient(token);
|
||||
const supabase = createSupabaseAdminClient();
|
||||
const { data: existingRecord, error: fetchError } = await supabase
|
||||
.from('files')
|
||||
.select('*')
|
||||
|
||||
Reference in New Issue
Block a user