auth splitting

2025-07-26 14:07:18 +02:00
parent a4f4e03cba
commit d2fdeccce3
13 changed files with 87 additions and 69 deletions
--- a/src/pages/api/ai/query.ts
+++ b/src/pages/api/ai/query.ts
@@ -278,7 +278,7 @@ Antworte NUR mit validen JSON. Keine zusätzlichen Erklärungen außerhalb des J
 export const POST: APIRoute = async ({ request }) => {
  try {
    // CONSOLIDATED: Replace 20+ lines with single function call (UNCHANGED)
-    const authResult = await withAPIAuth(request);
+    const authResult = await withAPIAuth(request, 'ai');
    if (!authResult.authenticated) {
      return createAuthErrorResponse();
    }
--- a/src/pages/api/auth/status.ts
+++ b/src/pages/api/auth/status.ts
@@ -1,4 +1,4 @@
-// src/pages/api/auth/status.ts (FIXED - Updated imports and consolidated)
+// src/pages/api/auth/status.ts 
 import type { APIRoute } from 'astro';
 import { withAPIAuth } from '../../../utils/auth.js';
 import { apiResponse, handleAPIRequest } from '../../../utils/api.js';
@@ -7,14 +7,16 @@ export const prerender = false;

 export const GET: APIRoute = async ({ request }) => {
  return await handleAPIRequest(async () => {
-    // CONSOLIDATED: Single function call replaces 35+ lines
-    const authResult = await withAPIAuth(request);
+    const contributionAuth = await withAPIAuth(request, 'contributions');
+    const aiAuth = await withAPIAuth(request, 'ai');
    
    return apiResponse.success({
-      authenticated: authResult.authenticated,
-      authRequired: authResult.authRequired,
-      expires: authResult.session?.exp ? new Date(authResult.session.exp * 1000).toISOString() : null
+      authenticated: contributionAuth.authenticated || aiAuth.authenticated,
+      contributionAuthRequired: contributionAuth.authRequired,
+      aiAuthRequired: aiAuth.authRequired,
+      contributionAuthenticated: contributionAuth.authenticated,
+      aiAuthenticated: aiAuth.authenticated,
+      expires: contributionAuth.session?.exp ? new Date(contributionAuth.session.exp * 1000).toISOString() : null
    });
-    
  }, 'Status check failed');
 };
--- a/src/pages/api/contribute/knowledgebase.ts
+++ b/src/pages/api/contribute/knowledgebase.ts
@@ -84,12 +84,12 @@ function validateKnowledgebaseData(data: KnowledgebaseContributionData): { valid
 export const POST: APIRoute = async ({ request }) => {
  return await handleAPIRequest(async () => {
    // Check authentication
-    const authResult = await withAPIAuth(request);
+    const authResult = await withAPIAuth(request, 'contributions');
    if (authResult.authRequired && !authResult.authenticated) {
      return apiError.unauthorized();
    }

-    const userEmail = authResult.session?.email || 'anonymous@example.com';
+    const userEmail = authResult.session?.email || 'anon@anon.anon';

    // Rate limiting
    if (!checkRateLimit(userEmail)) {
--- a/src/pages/api/contribute/tool.ts
+++ b/src/pages/api/contribute/tool.ts
@@ -127,13 +127,13 @@ async function validateToolData(tool: any, action: string): Promise<{ valid: boo
 export const POST: APIRoute = async ({ request }) => {
  return await handleAPIRequest(async () => {
    // Authentication check
-    const authResult = await withAPIAuth(request);
+    const authResult = await withAPIAuth(request, 'contributions');
    if (authResult.authRequired && !authResult.authenticated) {
      return apiError.unauthorized();
    }

    const userId = authResult.session?.userId || 'anonymous';
-    const userEmail = authResult.session?.email || 'anonymous@example.com';
+    const userEmail = authResult.session?.email || 'anon@anon.anon';

    // Rate limiting
    if (!checkRateLimit(userId)) {
--- a/src/pages/api/upload/media.ts
+++ b/src/pages/api/upload/media.ts
@@ -139,23 +139,19 @@ async function uploadToLocal(file: File, userType: string): Promise<UploadResult
  }
 }

-// POST endpoint for file uploads
 export const POST: APIRoute = async ({ request }) => {
  return await handleAPIRequest(async () => {
-    // Authentication check
-    const authResult = await withAPIAuth(request);
+    const authResult = await withAPIAuth(request, 'contributions');
    if (authResult.authRequired && !authResult.authenticated) {
      return apiError.unauthorized();
    }

-    const userEmail = authResult.session?.email || 'anonymous@example.com';
+    const userEmail = authResult.session?.email || 'anon@anon.anon';

-    // Rate limiting
    if (!checkUploadRateLimit(userEmail)) {
      return apiError.rateLimit('Upload rate limit exceeded. Please wait before uploading again.');
    }

-    // Parse multipart form data
    let formData;
    try {
      formData = await request.formData();