diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a12c964..86bcd1c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,5 +1,11 @@ # CONTRIBUTING +Misskey Tools へのコントリビューションにご関心いただき、誠にありがとうございます。 + +このドキュメントでは、本プロジェクトの開発方針をまとめています。IssueやPull Requestの作成前に、必ずご一読ください。 + +なお、開発の進行に応じて、ドキュメントの内容は大きく変わることがあります。 + ## データベース スキーマの編集 * TypeScriptのコーディング規約に一致するように、命名規則を定める @@ -10,4 +16,10 @@ * `//` (/2つ)だと整形時に削除されてしまうため注意 * schema.prisma を編集したら、次のコマンドを実行してSQLファイルを生成する * `prisma migrate dev --name 変更名` - * 変更名は snake_case \ No newline at end of file + * 変更名は snake_case + +## tRPCでのデータ返却時はDTOを渡すこと + +意図しないデータの漏洩を防ぐため、フロントエンドへデータを渡す場合は、必ずDBの実データではなく、DTOへの変換を通してください。 + +また、実データを返すと、tRPCの型定義にPrismaの型が含まれてしまい、フロントエンド側からTypeScriptのエラー TS2742 が発生します。 diff --git a/packages/backend/src/server/api/dto/account.ts b/packages/backend/src/server/api/dto/account.ts new file mode 100644 index 0000000..c237500 --- /dev/null +++ b/packages/backend/src/server/api/dto/account.ts @@ -0,0 +1,17 @@ +import { Account } from '@prisma/client'; +import { z } from 'zod'; + + +export const accountDtoSchema = z.object({ + id: z.string(), + name: z.string(), + isAdmin: z.boolean(), +}).strict(); + +export type AccountDto = z.infer; + +export const toAccountDto = (a: Account): AccountDto => ({ + id: a.id, + name: a.name, + isAdmin: a.isAdmin, +}); diff --git a/packages/backend/src/server/api/dto/meta.ts b/packages/backend/src/server/api/dto/meta.ts new file mode 100644 index 0000000..66ce50d --- /dev/null +++ b/packages/backend/src/server/api/dto/meta.ts @@ -0,0 +1,9 @@ +import { currentTokenVersion } from 'tools-shared/dist/const'; +import { z } from 'zod'; + +export const metaDtoSchema = z.object({ + version: z.string(), + currentTokenVersion: z.literal(currentTokenVersion), +}).strict(); + +export type MetaDto = z.infer; diff --git a/packages/backend/src/server/api/dto/misskey-session.ts b/packages/backend/src/server/api/dto/misskey-session.ts new file mode 100644 index 0000000..d6ae6f1 --- /dev/null +++ b/packages/backend/src/server/api/dto/misskey-session.ts @@ -0,0 +1,16 @@ +import { MisskeySession } from '@prisma/client'; +import { z } from 'zod'; + +export const misskeySessionDtoSchema = z.object({ + id: z.string(), + username: z.string(), + host: z.string(), +}).strict(); + +export type MisskeySessionDto = z.infer; + +export const toMisskeySessionDto = (s: MisskeySession): MisskeySessionDto => ({ + id: s.id, + username: s.username, + host: s.host, +}); diff --git a/packages/backend/src/server/api/procedures/session.ts b/packages/backend/src/server/api/procedures/session.ts index 4fd34eb..ddba310 100644 --- a/packages/backend/src/server/api/procedures/session.ts +++ b/packages/backend/src/server/api/procedures/session.ts @@ -3,13 +3,14 @@ import { TRPCError } from '@trpc/server'; import { middleware, procedure } from '@/server/api/trpc.js'; const hasSession = middleware(({ next, ctx }) => { - if (!ctx.account) { + const { account } = ctx; + if (!account) { throw new TRPCError({ code: 'UNAUTHORIZED' }); } return next({ ctx: { token: ctx.token, - user: ctx.account, + account: account, }, }); }); diff --git a/packages/backend/src/server/api/routers/account.ts b/packages/backend/src/server/api/routers/account.ts index 43945cc..1b5ad44 100644 --- a/packages/backend/src/server/api/routers/account.ts +++ b/packages/backend/src/server/api/routers/account.ts @@ -1,17 +1,31 @@ -import { TRPCError } from '@trpc/server'; + import { z } from 'zod'; +import { accountDtoSchema, toAccountDto } from '../dto/account'; +import { misskeySessionDtoSchema } from '../dto/misskey-session'; + +import { prisma } from '@/libs/prisma'; import { sessionProcedure } from '@/server/api/procedures/session.js'; -import { procedure, router } from '@/server/api/trpc.js'; -import { getAccountByAccessToken } from '@/services/accounts/get-account-by-access-token.js'; +import { router } from '@/server/api/trpc.js'; + export const accountRouter = router({ - get: sessionProcedure.query(({ ctx }) => ctx.user), - getByToken: procedure.input(z.string()).query(async ({ input: token }) => { - const account = await getAccountByAccessToken(token); - if (!account) { - throw new TRPCError({ code: 'NOT_FOUND' }); - } - return account; - }), + getMyself: sessionProcedure + .output(accountDtoSchema) + .query(({ ctx }) => { + return toAccountDto(ctx.account); + }), + getMisskeySessions: sessionProcedure + .output(z.array(misskeySessionDtoSchema)) + .query(async ({ ctx }) => { + const sessions = await prisma.misskeySession.findMany({ + where: { accountId: ctx.account.id }, + select: { + id: true, + username: true, + host: true, + }, + }); + return sessions; + }), }); diff --git a/packages/backend/src/server/api/routers/meta.ts b/packages/backend/src/server/api/routers/meta.ts index 73e172b..99297fd 100644 --- a/packages/backend/src/server/api/routers/meta.ts +++ b/packages/backend/src/server/api/routers/meta.ts @@ -1,12 +1,15 @@ import { currentTokenVersion } from 'tools-shared/dist/const.js'; +import { metaDtoSchema } from '../dto/meta'; + import { meta } from '@/config'; import { procedure, router } from '@/server/api/trpc'; - export const metaRouter = router({ - get: procedure.query(() => ({ - version: meta.version, - currentTokenVersion, - })), + get: procedure + .output(metaDtoSchema) + .query(() => ({ + version: meta.version, + currentTokenVersion, + })), }); diff --git a/packages/backend/src/services/sessions/process-login.ts b/packages/backend/src/services/sessions/process-login.ts index 56999f0..2022fff 100644 --- a/packages/backend/src/services/sessions/process-login.ts +++ b/packages/backend/src/services/sessions/process-login.ts @@ -29,7 +29,7 @@ export const processLogin = async (misskeyUser: MkUser, host: string, misskeyTok }, }, // Note: 少しでもデータ転送量を抑える(Prismaはcreateの後に絶対selectを実行してしまう) - select: {}, + select: { id: true }, }); return accessToken; }