Security fixes to lib files

2025-07-03 00:02:35 +02:00
parent 81e2e53cc5
commit 6debb8a7ce
11 changed files with 55 additions and 23 deletions
--- a/src/routes/private/api/google/auth/refresh/+server.ts
+++ b/src/routes/private/api/google/auth/refresh/+server.ts
@@ -1,6 +1,6 @@
 import { json } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
-import { authServer } from '$lib/google/index.js';
+import { getOAuthClient } from '$lib/google/server.js';

 export const POST: RequestHandler = async ({ request }) => {
 	try {
@@ -10,7 +10,7 @@ export const POST: RequestHandler = async ({ request }) => {
 			return json({ error: 'Refresh token is required' }, { status: 400 });
 		}

-		const oauth = authServer.getOAuthClient();
+		const oauth = getOAuthClient();
 		oauth.setCredentials({ refresh_token: refreshToken });

 		const { credentials } = await oauth.refreshAccessToken();
--- a/src/routes/private/api/google/auth/userinfo/+server.ts
+++ b/src/routes/private/api/google/auth/userinfo/+server.ts
@@ -1,6 +1,6 @@
 import { json } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
-import { authServer } from '$lib/google/index.js';
+import { getOAuthClient } from '$lib/google/server.js';
 import { google } from 'googleapis';

 export const GET: RequestHandler = async ({ request }) => {
@@ -14,7 +14,7 @@ export const GET: RequestHandler = async ({ request }) => {
 		const accessToken = authHeader.slice(7);
 		
 		// Create OAuth client with the token
-		const oauth = authServer.getOAuthClient();
+		const oauth = getOAuthClient();
 		oauth.setCredentials({ access_token: accessToken });
 		
 		// Call the userinfo endpoint to get user details
--- a/src/routes/private/api/google/sheets/[sheetId]/data/+server.ts
+++ b/src/routes/private/api/google/sheets/[sheetId]/data/+server.ts
@@ -1,6 +1,6 @@
 import { json } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
-import { sheets } from '$lib/google/index.js';
+import { getSpreadsheetData } from '$lib/google/server.js';

 export const GET: RequestHandler = async ({ params, request }) => {
 	try {
@@ -12,7 +12,7 @@ export const GET: RequestHandler = async ({ params, request }) => {
 		}

 		const refreshToken = authHeader.slice(7);
-		const sheetData = await sheets.getSpreadsheetData(refreshToken, sheetId, 'A1:Z10');
+		const sheetData = await getSpreadsheetData(refreshToken, sheetId, 'A1:Z10');

 		return json(sheetData);
 	} catch (error) {
--- a/src/routes/private/api/google/sheets/recent/+server.ts
+++ b/src/routes/private/api/google/sheets/recent/+server.ts
@@ -1,6 +1,6 @@
 import { json } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
-import { sheets } from '$lib/google/index.js';
+import { getRecentSpreadsheets } from '$lib/google/server.js';

 export const GET: RequestHandler = async ({ request }) => {
 	try {
@@ -10,7 +10,7 @@ export const GET: RequestHandler = async ({ request }) => {
 		}

 		const refreshToken = authHeader.slice(7);
-		const spreadsheets = await sheets.getRecentSpreadsheets(refreshToken, 20);
+		const spreadsheets = await getRecentSpreadsheets(refreshToken, 20);

 		return json(spreadsheets);
 	} catch (error) {