diff --git a/backend/src/index.ts b/backend/src/index.ts index 2c2b71c..abd612b 100644 --- a/backend/src/index.ts +++ b/backend/src/index.ts @@ -3,7 +3,6 @@ import { cors } from '@elysiajs/cors' import { config } from './config' import projects from './routes/projects' import news from './routes/news' -import items from './routes/items' import authRoutes from './routes/auth' import user from './routes/user' import shop from './routes/shop' @@ -16,7 +15,6 @@ const api = new Elysia() .use(authRoutes) .use(projects) .use(news) - .use(items) .use(user) .use(shop) .use(leaderboard) diff --git a/backend/src/lib/scraps.ts b/backend/src/lib/scraps.ts index 4a13e76..501ec7f 100644 --- a/backend/src/lib/scraps.ts +++ b/backend/src/lib/scraps.ts @@ -61,6 +61,12 @@ export async function getUserScrapsBalance(userId: number, txOrDb: DbOrTx = db): } export async function canAfford(userId: number, cost: number, txOrDb: DbOrTx = db): Promise { + if (cost < 0) return false + if (!Number.isFinite(cost)) return false + const { balance } = await getUserScrapsBalance(userId, txOrDb) + + if (!Number.isFinite(balance)) return false + return balance >= cost } diff --git a/backend/src/routes/admin.ts b/backend/src/routes/admin.ts index f43d3eb..4066542 100644 --- a/backend/src/routes/admin.ts +++ b/backend/src/routes/admin.ts @@ -560,8 +560,8 @@ admin.post('/shop/items', async ({ headers, body, status }) => { return status(400, { error: 'Invalid price' }) } - if (baseProbability !== undefined && (typeof baseProbability !== 'number' || baseProbability < 0 || baseProbability > 100)) { - return status(400, { error: 'baseProbability must be between 0 and 100' }) + if (baseProbability !== undefined && (typeof baseProbability !== 'number' || !Number.isInteger(baseProbability) || baseProbability < 0 || baseProbability > 100)) { + return status(400, { error: 'baseProbability must be an integer between 0 and 100' }) } try { @@ -607,8 +607,8 @@ admin.put('/shop/items/:id', async ({ params, headers, body, status }) => { boostAmount?: number } - if (baseProbability !== undefined && (typeof baseProbability !== 'number' || baseProbability < 0 || baseProbability > 100)) { - return status(400, { error: 'baseProbability must be between 0 and 100' }) + if (baseProbability !== undefined && (typeof baseProbability !== 'number' || !Number.isInteger(baseProbability) || baseProbability < 0 || baseProbability > 100)) { + return status(400, { error: 'baseProbability must be an integer between 0 and 100' }) } const updateData: Record = { updatedAt: new Date() } diff --git a/backend/src/routes/items.ts b/backend/src/routes/items.ts deleted file mode 100644 index 6d6fb29..0000000 --- a/backend/src/routes/items.ts +++ /dev/null @@ -1,82 +0,0 @@ -import { Elysia } from "elysia" - -const items = new Elysia({ - prefix: "/items" -}) - -// GET /items - Get all shop items -items.get("/", async () => { - // TODO: Fetch items from database - // const shopItems = await db.select().from(itemsTable) - // return shopItems - - // Dummy data for now - return [ - { - id: 1, - name: "esp32", - description: "a tiny microcontroller", - image: "/hero.png", - chance: 15, - category: "hardware" - }, - { - id: 2, - name: "arduino nano", - description: "compact arduino board", - image: "/hero.png", - chance: 10, - category: "hardware" - }, - { - id: 3, - name: "breadboard", - description: "for prototyping", - image: "/hero.png", - chance: 20, - category: "hardware" - }, - { - id: 4, - name: "resistor pack", - description: "assorted resistors", - image: "/hero.png", - chance: 25, - category: "hardware" - }, - { - id: 5, - name: "vermont fudge", - description: "delicious!", - image: "/hero.png", - chance: 5, - category: "food" - }, - { - id: 6, - name: "rare sticker", - description: "limited edition", - image: "/hero.png", - chance: 8, - category: "sticker" - }, - { - id: 7, - name: "postcard", - description: "from hq", - image: "/hero.png", - chance: 12, - category: "misc" - }, - { - id: 8, - name: "sensor kit", - description: "various sensors", - image: "/hero.png", - chance: 5, - category: "hardware" - } - ] -}) - -export default items