From 1b6540488f1c2fd8c7e8c70bfec735d50c4cae8b Mon Sep 17 00:00:00 2001 From: "Yeyang (Justin) Sun" Date: Tue, 27 Feb 2024 17:52:42 +1030 Subject: [PATCH] fix(api/member): check user existence before insert to database (#111) --- src/app/api/member/route.ts | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/app/api/member/route.ts b/src/app/api/member/route.ts index 3ccf4e32..a4c677fd 100644 --- a/src/app/api/member/route.ts +++ b/src/app/api/member/route.ts @@ -1,5 +1,6 @@ import { db } from '@/db'; import { memberTable } from '@/db/schema'; +import { checkUserExists } from '@/server/check-user-exists'; import { currentUser } from '@clerk/nextjs'; import { createInsertSchema } from 'drizzle-zod'; import { z } from 'zod'; @@ -21,6 +22,12 @@ export async function POST(request: Request) { return new Response(JSON.stringify(reqBody.error.format()), { status: 400 }); } + // Avoid duplicate users in database + const userExists = await checkUserExists(user.id); + if (userExists) { + return new Response(null, { status: 403 }); + } + await db.insert(memberTable).values({ clerkId: user.id, email: user.emailAddresses[0].emailAddress,