feat: activate captcha and fix errors handling

geeksblabla · Oct 1, 2024 · ea11c38 · ea11c38
1 parent 4c34566
commit ea11c38
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 32 deletions.
diff --git a/src/actions/init-session.ts b/src/actions/init-session.ts
@@ -1,10 +1,10 @@
 import { app } from "@/lib/firebase/server";
-import { defineAction } from "astro:actions";
+import { defineAction, ActionError } from "astro:actions";
 import { getAuth } from "firebase-admin/auth";
 import { z } from "astro:schema";
 import { initUserSubmission } from "@/lib/firebase/database";
 import { isCaptchaValid } from "@/lib/captcha";
-
+// Add this import
 export const initSession = defineAction({
   accept: "json",
   input: z.object({
@@ -15,23 +15,28 @@ export const initSession = defineAction({
     const auth = getAuth(app);
     /* Validate inputs */
     if (!captchaToken && import.meta.env.CAPTCHA_ENABLED === "true") {
-      return {
-        error: "Captcha token is required"
-      };
+      throw new ActionError({
+        code: "UNAUTHORIZED",
+        message: "Captcha token is required"
+      });
     }
     if (!idToken) {
-      return {
-        error: "No idToken provided"
-      };
+      throw new ActionError({
+        code: "UNAUTHORIZED",
+        message: "No idToken provided"
+      });
     }
 
     /* Validate captcha */
     if (captchaToken && import.meta.env.CAPTCHA_ENABLED === "true") {
+      console.log("checking captcha ");
+
       const isValid = await isCaptchaValid(captchaToken);
       if (!isValid) {
-        return {
-          error: "Invalid captcha"
-        };
+        throw new ActionError({
+          code: "UNAUTHORIZED",
+          message: "Invalid captcha"
+        });
       }
     }
 
@@ -40,17 +45,19 @@ export const initSession = defineAction({
       const decodedToken = await auth.verifyIdToken(idToken);
       const user = await auth.getUser(decodedToken.uid);
       if (!user) {
-        return {
-          error: "User not found"
-        };
+        throw new ActionError({
+          code: "UNAUTHORIZED",
+          message: "User not found"
+        });
       }
       await initUserSubmission(user);
       console.log("user session created");
     } catch (error) {
       console.error("Error verifying id token:", error);
-      return {
-        error: "Invalid id token"
-      };
+      throw new ActionError({
+        code: "UNAUTHORIZED",
+        message: "Invalid id token"
+      });
     }
 
     try {
@@ -69,9 +76,10 @@ export const initSession = defineAction({
       };
     } catch (error) {
       console.error("Error signing in:", error);
-      return {
-        error: "Error signing in"
-      };
+      throw new ActionError({
+        code: "UNAUTHORIZED",
+        message: "Error signing in"
+      });
     }
   }
 });
diff --git a/src/actions/submit-answers.ts b/src/actions/submit-answers.ts
@@ -1,5 +1,5 @@
 import { app } from "@/lib/firebase/server";
-import { defineAction } from "astro:actions";
+import { defineAction, ActionError } from "astro:actions";
 import { getAuth } from "firebase-admin/auth";
 import { z } from "astro:schema";
 import { saveAnswers } from "@/lib/firebase/database";
@@ -17,28 +17,31 @@ export const submitAnswers = defineAction({
     /* Verify Session */
     const sessionCookie = cookies.get("__session")?.value;
     if (!sessionCookie) {
-      return {
-        error: "No session is active, please initialize a session first"
-      };
+      throw new ActionError({
+        code: "UNAUTHORIZED",
+        message: "No session is active, please initialize a session first"
+      });
     }
     /* Get User */
     try {
       const decodedCookie = await auth.verifySessionCookie(sessionCookie);
       const user = await auth.getUser(decodedCookie.uid);
       if (!user) {
-        return {
-          error:
+        throw new ActionError({
+          code: "UNAUTHORIZED",
+          message:
             "Can't find user from session, please initialize a session first"
-        };
+        });
       }
       /* Save answers to database */
       await saveAnswers(user.uid, answers);
       console.log("answers saved");
     } catch (error) {
       console.error("Error token or saving answers:", error);
-      return {
-        error: "Error token or saving answers"
-      };
+      throw new ActionError({
+        code: "INTERNAL_SERVER_ERROR",
+        message: "Error token or saving answers"
+      });
     }
   }
 });
diff --git a/src/lib/captcha.ts b/src/lib/captcha.ts
@@ -2,8 +2,6 @@ const CLOUDFLARE_CAPTCHA_URL =
   "https://challenges.cloudflare.com/turnstile/v0/siteverify";
 
 export const isCaptchaValid = async (token: string) => {
-  if (import.meta.env.CAPTCHA_ENABLED === "false") return true;
-  if (!import.meta.env.PUBLIC_TURNSTILE_SECRET_KEY) return true;
   try {
     const response = await fetch(CLOUDFLARE_CAPTCHA_URL, {
       method: "POST",