refactor(word-editor): word submit handling

[babblebey]

This Pull Request refactors the word editor submit handling logic introduced in #32 and #39 - specifically the handleSubmitWord handler; This logic requires some side operations that trades off security for the purpose of just running at all. This changes transfers the operation performed by the handler to a new api route where they can be perform securely.

Changes Made

• Implemented the /api/dictionary route with a POST handler - this route take all the extracted logic from handleSubmitWord handler and does the following as side operation to perform the required operation
  • Retrieve the user accessToken from the HTTP cookie
  • Verifies the validity of this accessToken using the octokit instance of our OAuth App (finally a good use for the app 😁)
  • Retrieve the title, content, action and metadata value from the requests formData
  • Instantiates the userOctokit using the accessToken retrieved from cookies (obviously it's perceived as valid at this point)
  • Gets the jargons.dev app octokit instance as well
  • Then runs the old handleSubmitWord handler logic with all these available resource
• Deleted handleSubmitWord handler extracting all of it logic to the /api/dictionary route
• Deleted the doOctokitAuth action - it used to facilitate getting accessToken required in the handleSubmitWord handler, now we no longer need it

• Replaced integration of handleSubmitWord with /api/dictionary API route in the word-editor Island doing the following to fulfil that

  • Added 2 new form fields of input type hidden
  • action - field to carry the current word-editor action which is either new or edit
  • metadata - a field that is only render when action is edit, it carries stringified object of required data for an already existing word that an edit is going to be performed on.

  • Implemented a base handler function local to the Editor component which integrates the /api/dictionary route

    async function handleSubmit(e) {
    $isWordSubmitLoading.set(true);
    const formData = new FormData(e.target);
    const response = await fetch("/api/dictionary", {
        method: "POST",
        body: formData,
    });
    response.status === 200 && router.push("/editor");
    }

  • Removed all instance of octokitAuth and submitHandler props - they used to be for the removed handler

Screencast

https://github.com/babblebey/jargons.dev/assets/25631971/e69c14ba-a480-4001-89af-6798821be323

📖

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
jargons-dev	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 21, 2024 4:56pm