robin/Dramlog-Prod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enforce 12-hour limit for active tasting sessions

Browse Source
This commit is contained in:
robin
2025-12-18 12:12:20 +01:00
parent e3af71c584
commit 6e09300bab
5 changed files with 83 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/services/save-tasting.ts
View File

@@ -3,6 +3,7 @@
import { createServerActionClient } from '@supabase/auth-helpers-nextjs';
import { cookies } from 'next/headers';
import { revalidatePath } from 'next/cache';
import { validateSession } from './validate-session';
export async function saveTasting(data: {
bottle_id: string;
@@ -20,6 +21,14 @@ export async function saveTasting(data: {
const { data: { session } } = await supabase.auth.getSession();
if (!session) throw new Error('Nicht autorisiert');
// Validate Session Age (12 hour limit)
if (data.session_id) {
const isValid = await validateSession(data.session_id);
if (!isValid) {
throw new Error('Dieses Tasting Session ist bereits abgelaufen (Limit: 12 Stunden).');
}
}
const { data: tasting, error } = await supabase
.from('tastings')
.insert({

33
src/services/validate-session.ts Normal file
View File

@@ -0,0 +1,33 @@
'use server';
import { createServerActionClient } from '@supabase/auth-helpers-nextjs';
import { cookies } from 'next/headers';
/**
* Validates if a session is still "active" based on its age.
* Returns true if the session is less than 12 hours old.
*/
export async function validateSession(sessionId: string | null): Promise<boolean> {
if (!sessionId) return false;
const supabase = createServerActionClient({ cookies });
try {
const { data: session, error } = await supabase
.from('tasting_sessions')
.select('created_at')
.eq('id', sessionId)
.single();
if (error || !session) return false;
const createdAt = new Date(session.created_at).getTime();
const now = new Date().getTime();
const twelveHoursInMs = 12 * 60 * 60 * 1000;
return (now - createdAt) < twelveHoursInMs;
} catch (err) {
console.error('Session validation error:', err);
return false;
}
}