From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server-vie001.gnuweeb.org X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_DBL_BLOCKED_OPENDNS, URIBL_ZEN_BLOCKED_OPENDNS autolearn=ham autolearn_force=no version=3.4.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org; s=default; t=1741702308; bh=7mtzRQhT/uTYscMkKWqt/4hFAPOlnQ4ofg3I0K3sYRY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Transfer-Encoding:Message-ID:Date:From: Reply-To:Subject:To:Cc:In-Reply-To:References:Resent-Date: Resent-From:Resent-To:Resent-Cc:User-Agent:Content-Type: Content-Transfer-Encoding; b=ANdU7A3nsZN1vAVq3B8pSVGzEBpn+LkGaBZtQ/A34opsj9+zrmDJ2nyT2qEjA7Ypr S5ir1mdxsiBPXYjrX8Pz3yMrLX/+/YpOabnYHWtuHVNRPxJFxfSDs4mQxgfgVXPtKg a0hk6QXjl9GJfLnThW5nQbY+HH9Sqr9Xd4CXyNAjVl14VlcfibT/x/UEGGjg6lP9Aw dASHkD+MDgxoU0UPJ2YB/LjtYZ16NerlehTaq5wh2J+n34L4hoElOEuhfpFJ18mfqL 9orxYciYfnw98Z1AigBLWFn3dePATiL3jdyB5vTPr7QzOikYkJTSWjdCEMcxq4CbQp sZyiNrYYDmeVg== Received: from kanazawa.. (unknown [36.84.53.160]) by server-vie001.gnuweeb.org (Postfix) with ESMTPSA id 645EB20B499E; Tue, 11 Mar 2025 14:11:47 +0000 (UTC) From: Muhammad Rizki To: Ammar Faizi Cc: Muhammad Rizki , Alviro Iskandar Setiawan , GNU/Weeb Mailing List Subject: [PATCH v1 2/2] chore(profile): refetch user data on profile Date: Tue, 11 Mar 2025 21:11:29 +0700 Message-ID: <20250311141130.15924-3-kiizuha@gnuweeb.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250311141130.15924-1-kiizuha@gnuweeb.org> References: <20250311141130.15924-1-kiizuha@gnuweeb.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: This commit will refetch user data to get the latest user data on `/settings/profile` page. This method is to prevent users manipulating any credentials on the localStorage, with refetching new data, it will be replaced every time users navigating or reloading the /settings/profile page. Signed-off-by: Muhammad Rizki --- .../(protected)/settings/profile/+page.ts | 34 ++++++++++++++----- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/src/routes/(protected)/settings/profile/+page.ts b/src/routes/(protected)/settings/profile/+page.ts index c3f9bd3..65afa6f 100644 --- a/src/routes/(protected)/settings/profile/+page.ts +++ b/src/routes/(protected)/settings/profile/+page.ts @@ -3,19 +3,37 @@ import { zod } from "sveltekit-superforms/adapters"; import { superValidate } from "sveltekit-superforms"; import { profileSchema } from "$lib/schemas/profile-schema"; import { useAuth } from "$lib/hooks/auth.svelte"; +import * as typing from "$typings" +import http from "$lib/hooks/http.svelte"; +import { redirect } from "@sveltejs/kit"; export const load: PageLoad = async () => { const auth = useAuth(); - auth.refresh(); - const data = { - username: auth.user?.username, - full_name: auth.user?.full_name, - ext_email: auth.user?.ext_email, - gender: auth.user?.gender, - socials: auth.user?.socials + const { status, data } = await http<{ user_info: typing.User }>({ + params: { action: "get_user_info" } + }); + + if (status !== 200) { + localStorage.setItem("gwm_invalid_creds", String(1)); + auth.clear(); + return redirect(307, "/"); + } + + auth.save({ + token: data.res?.renew_token?.token, + token_exp_at: data.res?.renew_token?.token_exp_at, + user_info: data.res?.user_info + }); + + const initialData = { + username: data.res?.user_info?.username, + full_name: data.res?.user_info?.full_name, + ext_email: data.res?.user_info?.ext_email, + gender: data.res?.user_info?.gender, + socials: data.res?.user_info?.socials }; - const form = await superValidate(data, zod(profileSchema)); + const form = await superValidate(initialData, zod(profileSchema)); return { form }; }; -- Muhammad Rizki