nhcarrigan/library
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 54 Actions Releases 3 Activity

feat: base64 uploads, reusable forms, Discord roles, and UX improvements #66

Merged
naomi merged 8 commits from fix/base64 into main 2026-02-20 20:32:52 -08:00
Conversation 0 Commits 8 Files Changed 30
+49 -31
4 changed files with 49 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 3668a67a62 - Show all commits
api/src/app/routes/games/index.ts
+38 -24
View File
@@ -41,22 +41,29 @@ const gamesRoutes: FastifyPluginAsync = async (app) => {
); );
// Create game (protected admin route) // Create game (protected admin route)
app.post<{ Body: CreateGameDto; Reply: Game }>( app.post<{ Body: CreateGameDto; Reply: Game | { error: string } }>(
"/", "/",
{ {
preValidation: [app.authenticate, adminGuard], preValidation: [app.authenticate, adminGuard],
preHandler: [app.csrfProtection], preHandler: [app.csrfProtection],
}, },
async (request) => { async (request, reply) => {
const game = await gameService.createGame(request.body); try {
await AuditService.logFromRequest(request, { const game = await gameService.createGame(request.body);
action: AuditAction.entryCreate, await AuditService.logFromRequest(request, {
category: AuditCategory.content, action: AuditAction.entryCreate,
resourceType: "game", category: AuditCategory.content,
resourceId: game.id, resourceType: "game",
details: `Created game: ${game.title}`, resourceId: game.id,
}); details: `Created game: ${game.title}`,
return game; });
return game;
} catch (error) {
if (error instanceof Error) {
return reply.code(400).send({ error: error.message });
}
throw error;
}
} }
); );
@@ -64,26 +71,33 @@ const gamesRoutes: FastifyPluginAsync = async (app) => {
app.put<{ app.put<{
Params: { id: string }; Params: { id: string };
Body: UpdateGameDto; Body: UpdateGameDto;
Reply: Game | null; Reply: Game | null | { error: string };
}>( }>(
"/:id", "/:id",
{ {
preValidation: [app.authenticate, adminGuard], preValidation: [app.authenticate, adminGuard],
preHandler: [app.csrfProtection], preHandler: [app.csrfProtection],
}, },
async (request) => { async (request, reply) => {
const { id } = request.params; try {
const game = await gameService.updateGame(id, request.body); const { id } = request.params;
if (game) { const game = await gameService.updateGame(id, request.body);
await AuditService.logFromRequest(request, { if (game) {
action: AuditAction.entryUpdate, await AuditService.logFromRequest(request, {
category: AuditCategory.content, action: AuditAction.entryUpdate,
resourceType: "game", category: AuditCategory.content,
resourceId: id, resourceType: "game",
details: `Updated game: ${game.title}`, resourceId: id,
}); details: `Updated game: ${game.title}`,
});
}
return game;
} catch (error) {
if (error instanceof Error) {
return reply.code(400).send({ error: error.message });
}
throw error;
} }
return game;
} }
); );
api/src/app/services/game.service.ts
+8 -5
View File
@@ -33,9 +33,6 @@ export class GameService {
if (!validateStringLength(data.notes, MAX_LENGTHS.NOTES)) { if (!validateStringLength(data.notes, MAX_LENGTHS.NOTES)) {
throw new Error(`Notes must be ${MAX_LENGTHS.NOTES} characters or less.`); throw new Error(`Notes must be ${MAX_LENGTHS.NOTES} characters or less.`);
} }
if (!validateStringLength(data.coverImage, MAX_LENGTHS.URL)) {
throw new Error(`Cover image URL must be ${MAX_LENGTHS.URL} characters or less.`);
}
// Validate rating // Validate rating
if (!validateRating(data.rating)) { if (!validateRating(data.rating)) {
@@ -45,8 +42,14 @@ export class GameService {
// Validate cover image URL // Validate cover image URL
if (data.coverImage) { if (data.coverImage) {
if (data.coverImage.startsWith("data:")) { if (data.coverImage.startsWith("data:")) {
const sizeInBytes = data.coverImage.length * 0.75; // Extract just the base64 data (after the comma)
if (sizeInBytes > MAX_LENGTHS.DATA_URL) { const base64Data = data.coverImage.split(",")[1];
if (!base64Data) {
throw new Error("Invalid image data URL format.");
}
// Calculate decoded size: base64 is ~4/3 larger than original, so multiply by 0.75
const decodedSizeInBytes = base64Data.length * 0.75;
if (decodedSizeInBytes > MAX_LENGTHS.DATA_URL) {
throw new Error("Cover image must be under 5MB."); throw new Error("Cover image must be under 5MB.");
} }
if (!validateDataUrl(data.coverImage)) { if (!validateDataUrl(data.coverImage)) {
api/src/app/utils/validation.ts
+2 -1
View File
@@ -6,9 +6,10 @@
/** /**
* Validates that a URL is a proper base64 data string. * Validates that a URL is a proper base64 data string.
* Allows whitespace in the base64 data which may occur during transmission.
*/ */
export function validateDataUrl(url: string): boolean { export function validateDataUrl(url: string): boolean {
return /^data:image\/(jpeg|png|gif|webp|svg\+xml);base64,[A-Za-z0-9+/=]+$/.test(url); return /^data:image\/(jpeg|png|gif|webp|svg\+xml);base64,[A-Za-z0-9+/=\s]+$/.test(url);
} }
/** /**
api/src/main.ts
+1 -1
View File
@@ -40,7 +40,7 @@ process.on('SIGINT', () => {
// Instantiate Fastify with some config // Instantiate Fastify with some config
const server = Fastify({ const server = Fastify({
logger: true, logger: true,
bodyLimit: 1048576, // 1MB max body size bodyLimit: 10485760, // 10MB max body size (to accommodate base64-encoded images)
}); });
// Register your application as a normal plugin. // Register your application as a normal plugin.