From b3928bac4598ec1f95cf02bfe72430f68303d071 Mon Sep 17 00:00:00 2001 From: Alex Gleason Date: Mon, 14 Oct 2024 14:31:33 -0500 Subject: [PATCH] webpush: replace old subscriptions in transaction --- src/controllers/api/push.ts | 38 +++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/src/controllers/api/push.ts b/src/controllers/api/push.ts index 04f2314c..7234fa10 100644 --- a/src/controllers/api/push.ts +++ b/src/controllers/api/push.ts @@ -42,9 +42,9 @@ export const pushSubscribeController: AppController = async (c) => { return c.json({ error: 'Unauthorized' }, 401); } - const [_, bech32] = match; + const [_, accessToken] = match; - if (!bech32.startsWith('token1')) { + if (!accessToken.startsWith('token1')) { return c.json({ error: 'Unauthorized' }, 401); } @@ -59,18 +59,28 @@ export const pushSubscribeController: AppController = async (c) => { const { subscription, data } = result.data; - const { id } = await kysely - .insertInto('push_subscriptions') - .values({ - pubkey: await signer.getPublicKey(), - token_hash: await getTokenHash(bech32 as `token1${string}`), - endpoint: subscription.endpoint, - p256dh: subscription.keys.p256dh, - auth: subscription.keys.auth, - data, - }) - .returning('id') - .executeTakeFirstOrThrow(); + const pubkey = await signer.getPublicKey(); + const tokenHash = await getTokenHash(accessToken as `token1${string}`); + + const { id } = await kysely.transaction().execute(async (trx) => { + await trx + .deleteFrom('push_subscriptions') + .where('token_hash', '=', tokenHash) + .execute(); + + return trx + .insertInto('push_subscriptions') + .values({ + pubkey, + token_hash: tokenHash, + endpoint: subscription.endpoint, + p256dh: subscription.keys.p256dh, + auth: subscription.keys.auth, + data, + }) + .returning('id') + .executeTakeFirstOrThrow(); + }); return c.json({ id,