Add create subject endpoints (#36)

cultpodcasts · Aug 7, 2024 · 8935fa0 · 8935fa0
1 parent 39eef0d
commit 8935fa0
Showing 1 changed file with 39 additions and 1 deletion.
diff --git a/src/index.ts b/src/index.ts
@@ -71,7 +71,7 @@ app.use('/*', cors({
 		return getOrigin(origin);
 	},
 	allowHeaders: ['content-type', 'authorization'],
-	allowMethods: ['GET', 'HEAD', 'POST', 'OPTIONS'],
+	allowMethods: ['GET', 'HEAD', 'POST', 'OPTIONS', 'PUT'],
 	maxAge: 86400,
 	credentials: true,
 	exposeHeaders: ['X-Origin']
@@ -641,6 +641,44 @@ app.post("/subject/:id", auth0Middleware, async (c) => {
 	return c.json({ error: "Unauthorised" }, 403);
 });
 
+app.put("/subject", auth0Middleware, async (c) => {
+	const auth0Payload: Auth0JwtPayload = c.var.auth0('payload');
+	c.header("Cache-Control", "max-age=600");
+	c.header("Content-Type", "application/json");
+	c.header("Access-Control-Allow-Origin", getOrigin(c.req.header("Origin")));
+	c.header("Access-Control-Allow-Methods", "POST,GET,OPTIONS");
+
+	if (auth0Payload?.permissions && auth0Payload.permissions.includes('curate')) {
+		const authorisation: string = c.req.header("Authorization")!;
+		const url = `${c.env.secureSubjectEndpoint}`;
+		const data: any = await c.req.json();
+		const body: string = JSON.stringify(data)
+		const resp = await fetch(url, {
+			headers: {
+				'Accept': "*/*",
+				'Authorization': authorisation,
+				"Content-type": "application/json",
+				"Cache-Control": "no-cache",
+				"User-Agent": "cult-podcasts-api",
+				"Host": new URL(c.env.secureSubjectEndpoint).host
+			},
+			method: "PUT",
+			body: body
+		});
+		if (resp.status == 202) {
+			console.log(`Successfully used secure-subject-endpoint.`);
+			return new Response(resp.body, {status:resp.status});
+		} else if (resp.status == 409) {
+			console.log(`Conflict reported on secure-subject-endpoint.`);
+			return new Response(resp.body, {status:resp.status});
+		} else {
+			console.log(`Failed to use secure-subject-endpoint. Response code: '${resp.status}'.`);
+			return c.json({ error: "Error" }, 500);
+		}
+	}
+	return c.json({ error: "Unauthorised" }, 403);
+});
+
 app.get("/discovery-curation", auth0Middleware, async (c) => {
 	const auth0Payload: Auth0JwtPayload = c.var.auth0('payload');
 	c.header("Cache-Control", "max-age=600");