kleros · alcercu · May 13, 2024 · May 13, 2024 · May 13, 2024
diff --git a/src/app/api/auth/route.ts b/src/app/api/auth/route.ts
@@ -17,7 +17,7 @@ interface ResponseBody {
 
 export const POST = async (request: NextRequest) => {
   const { token, username } = await request.json();
-  const userId = getUserId(token);
+  const userId = await getUserId(token);
 
   if (!userId) {
     return NotAuthenticatedResponse;

diff --git a/src/app/api/claim-reward/route.ts b/src/app/api/claim-reward/route.ts
@@ -7,7 +7,7 @@ import { isGameConcluded } from "@/lib/game.config";
 export const POST = async (request: NextRequest) => {
   const { address } = await request.json();
   const token = request.cookies.get(TOKEN_COOKIE)?.value;
-  const userId = getUserId(token);
+  const userId = await getUserId(token);
 
   if (!userId) {
     return NotAuthenticatedResponse;

diff --git a/src/app/api/connect/route.ts b/src/app/api/connect/route.ts
@@ -24,7 +24,7 @@ const decryptData = async (
 export const POST = async (request: NextRequest) => {
   const { id, question_id, choice } = await request.json();
   const token = request.cookies.get(TOKEN_COOKIE)?.value;
-  const userId = getUserId(token);
+  const userId = await getUserId(token);
 
   if (!userId) {
     return NotAuthenticatedResponse;

diff --git a/src/app/api/question/route.ts b/src/app/api/question/route.ts
@@ -20,7 +20,7 @@ const decryptData = async (
 export const GET = async (request: NextRequest) => {
   const id = new URL(request.url).searchParams.get("id");
   const token = request.cookies.get(TOKEN_COOKIE)?.value;
-  const userId = getUserId(token);
+  const userId = await getUserId(token);
 
   if (!userId) {
     return NotAuthenticatedResponse;

diff --git a/src/app/api/userstats/route.ts b/src/app/api/userstats/route.ts
@@ -4,7 +4,7 @@ import { getUserStats } from "@/lib/supabase/queries";
 
 export const GET = async (request: NextRequest) => {
   const token = request.cookies.get(TOKEN_COOKIE)?.value;
-  const userId = getUserId(token);
+  const userId = await getUserId(token);
 
   if (!userId) {
     return NotAuthenticatedResponse;

diff --git a/src/lib/auth.ts b/src/lib/auth.ts
@@ -1,15 +1,21 @@
 import { NextResponse } from "next/server";
 import jwt, { JwtPayload } from "jsonwebtoken";
 import { UUID } from "crypto";
+import { checkUserExists } from "@/lib/supabase/queries";
 
 const JWT_SECRET_KEY = process.env.SECRET_KEY ?? "";
 export const TOKEN_COOKIE = "token";
 
-export const getUserId: (arg0?: string) => UUID | false = (token) => {
+export const getUserId: (arg0?: string) => Promise<UUID | false> = async (token) => {
   if (typeof(token) === "undefined") return false;
   try {
     const payload = jwt.verify(token, JWT_SECRET_KEY) as JwtPayload;
-    return payload.user_id;
+    const userId = payload.user_id;
+    const userExists = await checkUserExists(userId);
+    if (!userExists) {
+      throw new Error("User not registered yet.")
+    }
+    return userId;
   } catch {
     return false;
   }