scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in fix/get-booking-as-user (pull request #1366)

Browse Source 
Fix: Use session.token.access_token if session exists in booking confirmation, else use serviceToken

* Fix: Added service token to safeProtectedProcedure

* fix: use of safeProtectedServiceProcedure


Approved-by: Michael Zetterberg
This commit is contained in:
Pontus Dreij
2025-02-18 11:42:18 +00:00
parent 9ca7330d74
commit 90fee1b0c4
3 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
server/routers/booking/query.ts
View File

@@ -3,7 +3,11 @@ import { metrics } from "@opentelemetry/api"
import * as api from "@/lib/api" import * as api from "@/lib/api"
import { dt } from "@/lib/dt" import { dt } from "@/lib/dt"
import { badRequestError, serverErrorByStatus } from "@/server/errors/trpc" import { badRequestError, serverErrorByStatus } from "@/server/errors/trpc"
import { router, serviceProcedure } from "@/server/trpc" import {
router,
safeProtectedServiceProcedure,
serviceProcedure,
} from "@/server/trpc"
import { getHotel } from "../hotels/query" import { getHotel } from "../hotels/query"
import { bookingConfirmationInput, getBookingStatusInput } from "./input" import { bookingConfirmationInput, getBookingStatusInput } from "./input"
@@ -30,16 +34,18 @@ const getBookingStatusFailCounter = meter.createCounter(
) )
export const bookingQueryRouter = router({ export const bookingQueryRouter = router({
confirmation: serviceProcedure confirmation: safeProtectedServiceProcedure
.input(bookingConfirmationInput) .input(bookingConfirmationInput)
.query(async function ({ ctx, input: { confirmationNumber } }) { .query(async function ({ ctx, input: { confirmationNumber } }) {
getBookingConfirmationCounter.add(1, { confirmationNumber }) getBookingConfirmationCounter.add(1, { confirmationNumber })
const token = ctx.session?.token.access_token ?? ctx.serviceToken
const apiResponse = await api.get( const apiResponse = await api.get(
api.endpoints.v1.Booking.booking(confirmationNumber), api.endpoints.v1.Booking.booking(confirmationNumber),
{ {
headers: { headers: {
Authorization: `Bearer ${ctx.serviceToken}`, Authorization: `Bearer ${token}`,
}, },
} }
) )

2
server/routers/hotels/output.ts
View File

@@ -365,7 +365,7 @@ export const ancillaryPackagesSchema = z
id: item.id, id: item.id,
title: item.title, title: item.title,
description: item.descriptions.html, description: item.descriptions.html,
imageUrl: item.images[0].imageSizes.small, imageUrl: item.images[0]?.imageSizes.small,
price: { price: {
total: parseInt(item.variants.ancillary.price.totalPrice), total: parseInt(item.variants.ancillary.price.totalPrice),
currency: item.variants.ancillary.price.currency, currency: item.variants.ancillary.price.currency,

1
server/trpc.ts
View File

@@ -117,7 +117,6 @@ export const protectedProcedure = baseProcedure.use(async function (opts) {
export const safeProtectedProcedure = baseProcedure.use(async function (opts) { export const safeProtectedProcedure = baseProcedure.use(async function (opts) {
const authRequired = opts.meta?.authRequired ?? true const authRequired = opts.meta?.authRequired ?? true
let session: Session | null = await opts.ctx.auth() let session: Session | null = await opts.ctx.auth()
if (!authRequired && env.NODE_ENV === "development") { if (!authRequired && env.NODE_ENV === "development") {
console.info( console.info(