39 lines
1.0 KiB
TypeScript
39 lines
1.0 KiB
TypeScript
import { PrismaClient } from '@prisma/client';
|
|
import { useSession } from 'h3';
|
|
|
|
const prisma = new PrismaClient();
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
// 1. Get the session
|
|
const session = await useSession(event, {
|
|
password: process.env.SESSION_PASSWORD || 'your-super-secret-32-character-password',
|
|
});
|
|
|
|
// 2. Check if user is in session
|
|
if (!session.data?.user?.id) {
|
|
throw createError({
|
|
statusCode: 401,
|
|
statusMessage: 'Unauthorized',
|
|
});
|
|
}
|
|
|
|
// 3. Fetch the full user from the database
|
|
const user = await prisma.user.findUnique({
|
|
where: { id: session.data.user.id },
|
|
});
|
|
|
|
if (!user) {
|
|
// This case might happen if the user was deleted but the session still exists.
|
|
// Clear the invalid session.
|
|
await session.clear();
|
|
throw createError({
|
|
statusCode: 401,
|
|
statusMessage: 'Unauthorized',
|
|
});
|
|
}
|
|
|
|
// 4. Return user data
|
|
const { password: _password, ...userWithoutPassword } = user;
|
|
return { user: userWithoutPassword };
|
|
});
|