From dc683a98729a6a446ef8170528b3a3178955db80 Mon Sep 17 00:00:00 2001
From: mrjvs <jellevs@gmail.com>
Date: Sun, 29 Oct 2023 17:22:57 +0100
Subject: [PATCH] add GET for users

---
 src/modules/fastify/routes.ts |  2 ++
 src/routes/users/get.ts       | 31 +++++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+)
 create mode 100644 src/routes/users/get.ts

diff --git a/src/modules/fastify/routes.ts b/src/modules/fastify/routes.ts
index 7832d34..832881f 100644
--- a/src/modules/fastify/routes.ts
+++ b/src/modules/fastify/routes.ts
@@ -5,6 +5,7 @@ import { sessionsRouter } from '@/routes/sessions';
 import { userBookmarkRouter } from '@/routes/users/bookmark';
 import { userDeleteRouter } from '@/routes/users/delete';
 import { userEditRouter } from '@/routes/users/edit';
+import { userGetRouter } from '@/routes/users/get';
 import { userProgressRouter } from '@/routes/users/progress';
 import { userSessionsRouter } from '@/routes/users/sessions';
 import { userSettingsRouter } from '@/routes/users/settings';
@@ -21,4 +22,5 @@ export async function setupRoutes(app: FastifyInstance) {
   await app.register(userProgressRouter.register);
   await app.register(userBookmarkRouter.register);
   await app.register(userSettingsRouter.register);
+  await app.register(userGetRouter.register);
 }
diff --git a/src/routes/users/get.ts b/src/routes/users/get.ts
new file mode 100644
index 0000000..c6eaaf6
--- /dev/null
+++ b/src/routes/users/get.ts
@@ -0,0 +1,31 @@
+import { User, formatUser } from '@/db/models/User';
+import { StatusError } from '@/services/error';
+import { handle } from '@/services/handler';
+import { makeRouter } from '@/services/router';
+import { z } from 'zod';
+
+export const userGetRouter = makeRouter((app) => {
+  app.get(
+    '/users/:uid',
+    {
+      schema: {
+        params: z.object({
+          uid: z.string(),
+        }),
+      },
+    },
+    handle(async ({ auth, params, em }) => {
+      await auth.assert();
+      let uid = params.uid;
+      if (uid === '@me') uid = auth.user.id;
+
+      if (auth.user.id !== uid)
+        throw new StatusError('Cannot access users other than yourself', 403);
+
+      const user = await em.findOne(User, { id: uid });
+      if (!user) throw new StatusError('User does not exist', 404);
+
+      return formatUser(user);
+    }),
+  );
+});