export async function POST({ request, site, url }: APIContext) {
const contentType = request.headers.get('Content-type')
let bodyAuthToken;
let formBodyObject;
if (contentType === "application/x-www-form-urlencoded") {
let formBody = new URLSearchParams(await request.text())
formBodyObject = paramsToObject(formBody)
bodyAuthToken = formBody.get('access_token')
}
const headerAuthToken = request.headers.get("Authorization")?.replace('Bearer ', '')
// NOTE: rejecting multiple authentication attempts as per RFC 6750
if (headerAuthToken && bodyAuthToken) {
return Error(400, 'invalid request')
}
const authToken = headerAuthToken || bodyAuthToken
if (!authToken) return Error(401)
const res = await fetch('https://tokens.indieauth.com/token', {
method: "GET",
headers: {
'Accept': 'application/json',
'Authorization': 'Bearer ' + authToken
}
})
const indieToken: IndieTokenResponse = await res.json()
if (hasOwnProperty(indieToken, 'me') && indieToken.me === site?.toString()) {
// TODO: Create note here
console.log("hello world")
if (contentType === "application/x-www-form-urlencoded") {
if (!hasOwnProperty(formBodyObject, 'content')) {
return Error(422)
}
const records = await db.insert(Note).values({
content: formBodyObject.content
}).returning()
console.log(records)
return new Response(null, {
statusText: "Created",
status: 201,
headers: {
"Location": "https://yusuf.fyi/notes/" + records[0].published.getTime()
}
})
}
} else {
return Error(401, 'invalid token')
}
}
#Works locally
heavy harness
fluid fieldBOT
Hi @heavy harness. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
From the code you've provided, it seems like you're trying to create an API endpoint in Astro that handles POST requests. This endpoint appears to be dealing with authentication and creating a note if the authentication is successful.
However, without a specific question or problem statement, it's hard to provide a precise answer. If you're having trouble with this code, could you please provide more details about the issue?
In general, here's what your code is doing:
-
It checks the content type of the request. If it's "application/x-www-form-urlencoded", it parses the body to get the 'access_token'.
-
It also checks for an 'Authorization' header and extracts the token from it.
-
If both a header and body token are present, it returns an error (as per RFC 6750).
-
If no token is present at all, it returns a 401 error.
-
If a token is present, it makes a GET request to 'https://tokens.indieauth.com/token' with the token in the 'Authorization' header.
-
If the 'me' property of the response matches the site, it proceeds to create a note. If the content type was "application/x-www-form-urlencoded", it checks for a 'content' property in the body. If it's present, it inserts a new note into the database and returns a 201 status with the location of the new note.
-
If the 'me' property of the response doesn't match the site, it returns a 401 error with 'invalid token'.
If you're having trouble with this code when deploying or running in a different environment (as you mentioned it works locally), make sure your environment variables and database are correctly set up in that environment. Also, ensure that the 'https://tokens.indieauth.com/token' endpoint is accessible and working as expected in that environment.
For more information on creating API endpoints in Astro, you can refer to the Astro documentation (https://docs.astro.build/en/guides/endpoints#static-file-endpoints). For handling form data and inserting into a database, you can refer to the Astro DB guide (https://docs.astro.build/en/guides/astro-db#insert).
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
heavy harness
@fluid field
I sent it this POST request:
POST https://yusuf.fyi/api/micropub HTTP/1.1
Authorization: Bearer <My actual token here>
Content-type: application/x-www-form-urlencoded; charset=utf-8
h=entry&
content=Micropub+test+of+creating+a+basic+h-entry
locally this http request inserts a record in the DB and returns a response of 201, but on the server it doesn't work and return 500
fluid fieldBOT
Let me check the knowledge base for you. One moment! :books:
Based on the information provided, it seems like your POST request is working as expected in your local environment but not on your server, returning a 500 error. This error typically indicates a server-side issue.
Here are a few things you could check:
-
Environment Variables: Ensure that all necessary environment variables (like database connection details) are correctly set up on your server.
-
Database Connection: Check if your server is able to connect to the database. The issue might be due to the server not being able to establish a connection with the database.
-
Server Logs: Check your server logs for any error messages. These can provide more details about what's causing the 500 error.
-
Endpoint Accessibility: Ensure that the endpoint 'https://tokens.indieauth.com/token' is accessible from your server. Network restrictions or firewalls could potentially block this request.
-
Astro Version: Make sure you're running the same version of Astro on your server as you are locally. There could be differences or bugs in different versions that are causing the issue.
-
Server Configuration: There might be differences in how your local environment and server are configured. Check for any discrepancies that might affect how your application runs.
Unfortunately, without more specific error messages or access to your server environment, it's hard to provide a more precise answer. If none of the above suggestions help, please provide more details or error messages if available.