/api/client/[id]/key Endpoint 삭제 및 프론트엔드와의 Zod 스키마 공유 구현

src/routes/(fullscreen)/auth/login/+page.svelte

@@ -4,7 +4,7 @@
   import { Button, TextButton } from "$lib/components/buttons";
   import { TitleDiv, BottomDiv } from "$lib/components/divs";
   import { TextInput } from "$lib/components/inputs";
-  import { refreshToken } from "$lib/hooks/callAPI";
+  import { refreshToken } from "$lib/hooks/callApi";
   import { clientKeyStore, masterKeyStore } from "$lib/stores";
   import { requestLogin, requestTokenUpgrade, requestMasterKeyDownload } from "./service";
 

src/routes/(fullscreen)/auth/login/service.ts

@@ -1,4 +1,5 @@
 import { exportRSAKeyToBase64 } from "$lib/modules/crypto";
+import type { LoginRequest } from "$lib/server/schemas";
 import { requestTokenUpgrade as requestTokenUpgradeInternal } from "$lib/services/auth";
 import { requestClientRegistration } from "$lib/services/key";
 import type { ClientKeys } from "$lib/stores";
@@ -11,7 +12,7 @@ export const requestLogin = async (email: string, password: string) => {
     headers: {
       "Content-Type": "application/json",
     },
-    body: JSON.stringify({ email, password }),
+    body: JSON.stringify({ email, password } satisfies LoginRequest),
   });
   return res.ok;
 };

src/routes/(fullscreen)/key/export/service.ts

@@ -1,6 +1,7 @@
-import { callAPI } from "$lib/hooks";
+import { callSignedPostApi } from "$lib/hooks";
 import { storeClientKey } from "$lib/indexedDB";
-import { encodeToBase64, signRequest, signMasterKeyWrapped } from "$lib/modules/crypto";
+import { encodeToBase64, signMasterKeyWrapped } from "$lib/modules/crypto";
+import type { InitialMasterKeyRegisterRequest } from "$lib/server/schemas";
 import type { ClientKeys } from "$lib/stores";
 
 export { requestTokenUpgrade } from "$lib/services/auth";
@@ -45,18 +46,13 @@ export const requestInitialMasterKeyRegistration = async (
   masterKeyWrapped: ArrayBuffer,
   signKey: CryptoKey,
 ) => {
-  const res = await callAPI("/api/mek/register/initial", {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json",
+  const res = await callSignedPostApi<InitialMasterKeyRegisterRequest>(
+    "/api/mek/register/initial",
+    {
+      mek: encodeToBase64(masterKeyWrapped),
+      mekSig: await signMasterKeyWrapped(1, masterKeyWrapped, signKey),
     },
-    body: await signRequest(
-      {
-        mek: encodeToBase64(masterKeyWrapped),
-        mekSig: await signMasterKeyWrapped(1, masterKeyWrapped, signKey),
-      },
-      signKey,
-    ),
-  });
+    signKey,
+  );
   return res.ok || res.status === 409;
 };

src/routes/api/auth/login/+server.ts

@@ -1,17 +1,12 @@
 import { error, text } from "@sveltejs/kit";
 import ms from "ms";
-import { z } from "zod";
 import env from "$lib/server/loadenv";
+import { loginRequest } from "$lib/server/schemas/auth";
 import { login } from "$lib/server/services/auth";
 import type { RequestHandler } from "./$types";
 
 export const POST: RequestHandler = async ({ request, cookies }) => {
-  const zodRes = z
-    .object({
-      email: z.string().email().nonempty(),
-      password: z.string().trim().nonempty(),
-    })
-    .safeParse(await request.json());
+  const zodRes = loginRequest.safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
   const { email, password } = zodRes.data;
 

src/routes/api/auth/upgradeToken/+server.ts

@@ -1,5 +1,5 @@
 import { error, json } from "@sveltejs/kit";
-import { z } from "zod";
+import { tokenUpgradeRequest, tokenUpgradeResponse } from "$lib/server/schemas/auth";
 import { createTokenUpgradeChallenge } from "$lib/server/services/auth";
 import type { RequestHandler } from "./$types";
 
@@ -7,12 +7,7 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress
   const token = cookies.get("refreshToken");
   if (!token) error(401, "Refresh token not found");
 
-  const zodRes = z
-    .object({
-      encPubKey: z.string().base64().nonempty(),
-      sigPubKey: z.string().base64().nonempty(),
-    })
-    .safeParse(await request.json());
+  const zodRes = tokenUpgradeRequest.safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
   const { encPubKey, sigPubKey } = zodRes.data;
 
@@ -22,5 +17,5 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress
     encPubKey,
     sigPubKey,
   );
-  return json({ challenge });
+  return json(tokenUpgradeResponse.parse({ challenge }));
 };

src/routes/api/auth/upgradeToken/verify/+server.ts

@@ -1,5 +1,5 @@
 import { error, text } from "@sveltejs/kit";
-import { z } from "zod";
+import { tokenUpgradeVerifyRequest } from "$lib/server/schemas/auth";
 import { upgradeToken } from "$lib/server/services/auth";
 import type { RequestHandler } from "./$types";
 
@@ -7,12 +7,7 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress
   const token = cookies.get("refreshToken");
   if (!token) error(401, "Refresh token not found");
 
-  const zodRes = z
-    .object({
-      answer: z.string().base64().nonempty(),
-      sigAnswer: z.string().base64().nonempty(),
-    })
-    .safeParse(await request.json());
+  const zodRes = tokenUpgradeVerifyRequest.safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
   const { answer, sigAnswer } = zodRes.data;
 

src/routes/api/client/[id]/key/+server.ts

@@ -1,20 +0,0 @@
-import { error, json } from "@sveltejs/kit";
-import { z } from "zod";
-import { authorize } from "$lib/server/modules/auth";
-import { getUserClientEncPubKey } from "$lib/server/services/client";
-import type { RequestHandler } from "./$types";
-
-export const GET: RequestHandler = async ({ cookies, params }) => {
-  const { userId } = await authorize(cookies, "activeClient");
-
-  const zodRes = z
-    .object({
-      id: z.coerce.number().int().positive(),
-    })
-    .safeParse(params);
-  if (!zodRes.success) error(400, "Invalid path parameters");
-  const { id } = zodRes.data;
-
-  const { encPubKey } = await getUserClientEncPubKey(userId, id);
-  return json({ encPubKey });
-};

src/routes/api/client/list/+server.ts

@@ -1,10 +1,11 @@
 import { json } from "@sveltejs/kit";
 import { authenticate } from "$lib/server/modules/auth";
+import { clientListResponse } from "$lib/server/schemas/client";
 import { getUserClientList } from "$lib/server/services/client";
 import type { RequestHandler } from "@sveltejs/kit";
 
 export const GET: RequestHandler = async ({ cookies }) => {
   const { userId } = authenticate(cookies);
   const { userClients } = await getUserClientList(userId);
-  return json({ clients: userClients });
+  return json(clientListResponse.parse({ clients: userClients }));
 };

src/routes/api/client/register/+server.ts

@@ -1,6 +1,6 @@
 import { error, json } from "@sveltejs/kit";
-import { z } from "zod";
 import { authenticate } from "$lib/server/modules/auth";
+import { clientRegisterRequest, clientRegisterResponse } from "$lib/server/schemas/client";
 import { registerUserClient } from "$lib/server/services/client";
 import type { RequestHandler } from "./$types";
 
@@ -10,15 +10,10 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress
     error(403, "Forbidden");
   }
 
-  const zodRes = z
-    .object({
-      encPubKey: z.string().base64().nonempty(),
-      sigPubKey: z.string().base64().nonempty(),
-    })
-    .safeParse(await request.json());
+  const zodRes = clientRegisterRequest.safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
   const { encPubKey, sigPubKey } = zodRes.data;
 
   const { challenge } = await registerUserClient(userId, getClientAddress(), encPubKey, sigPubKey);
-  return json({ challenge });
+  return json(clientRegisterResponse.parse({ challenge }));
 };

src/routes/api/client/register/verify/+server.ts

@@ -1,6 +1,6 @@
 import { error, text } from "@sveltejs/kit";
-import { z } from "zod";
 import { authenticate } from "$lib/server/modules/auth";
+import { clientRegisterVerifyRequest } from "$lib/server/schemas/client";
 import { verifyUserClient } from "$lib/server/services/client";
 import type { RequestHandler } from "./$types";
 
@@ -10,12 +10,7 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress
     error(403, "Forbidden");
   }
 
-  const zodRes = z
-    .object({
-      answer: z.string().base64().nonempty(),
-      sigAnswer: z.string().base64().nonempty(),
-    })
-    .safeParse(await request.json());
+  const zodRes = clientRegisterVerifyRequest.safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
   const { answer, sigAnswer } = zodRes.data;
 

src/routes/api/client/status/+server.ts

@@ -1,5 +1,6 @@
 import { error, json } from "@sveltejs/kit";
 import { authenticate } from "$lib/server/modules/auth";
+import { clientStatusResponse } from "$lib/server/schemas/client";
 import { getUserClientStatus } from "$lib/server/services/client";
 import type { RequestHandler } from "@sveltejs/kit";
 
@@ -10,5 +11,5 @@ export const GET: RequestHandler = async ({ cookies }) => {
   }
 
   const { state, isInitialMekNeeded } = await getUserClientStatus(userId, clientId);
-  return json({ id: clientId, state, isInitialMekNeeded });
+  return json(clientStatusResponse.parse({ id: clientId, state, isInitialMekNeeded }));
 };

src/routes/api/directory/[id]/+server.ts

@@ -1,6 +1,7 @@
 import { error, json } from "@sveltejs/kit";
 import { z } from "zod";
 import { authorize } from "$lib/server/modules/auth";
+import { directroyEntriesResponse } from "$lib/server/schemas/directory";
 import { getDirectroyInformation } from "$lib/server/services/file";
 import type { RequestHandler } from "./$types";
 
@@ -16,16 +17,18 @@ export const GET: RequestHandler = async ({ cookies, params }) => {
   const { id } = zodRes.data;
 
   const { metadata, directories, files } = await getDirectroyInformation(userId, id);
-  return json({
-    metadata: metadata && {
-      createdAt: metadata.createdAt,
-      mekVersion: metadata.mekVersion,
-      dek: metadata.encDek.ciphertext,
-      dekIv: metadata.encDek.iv,
-      name: metadata.encName.ciphertext,
-      nameIv: metadata.encName.iv,
-    },
-    subDirectories: directories,
-    files,
-  });
+  return json(
+    directroyEntriesResponse.parse({
+      metadata: metadata && {
+        createdAt: metadata.createdAt,
+        mekVersion: metadata.mekVersion,
+        dek: metadata.encDek.ciphertext,
+        dekIv: metadata.encDek.iv,
+        name: metadata.encName.ciphertext,
+        nameIv: metadata.encName.iv,
+      },
+      subDirectories: directories,
+      files,
+    }),
+  );
 };

src/routes/api/directory/create/+server.ts

@@ -1,7 +1,7 @@
 import { text } from "@sveltejs/kit";
-import { z } from "zod";
 import { authorize } from "$lib/server/modules/auth";
 import { parseSignedRequest } from "$lib/server/modules/crypto";
+import { directoryCreateRequest } from "$lib/server/schemas/directory";
 import { createDirectory } from "$lib/server/services/file";
 import type { RequestHandler } from "./$types";
 
@@ -10,14 +10,7 @@ export const POST: RequestHandler = async ({ request, cookies }) => {
   const { parentId, mekVersion, dek, dekIv, name, nameIv } = await parseSignedRequest(
     clientId,
     await request.json(),
-    z.object({
-      parentId: z.union([z.enum(["root"]), z.number().int().positive()]),
-      mekVersion: z.number().int().positive(),
-      dek: z.string().base64().nonempty(),
-      dekIv: z.string().base64().nonempty(),
-      name: z.string().base64().nonempty(),
-      nameIv: z.string().base64().nonempty(),
-    }),
+    directoryCreateRequest,
   );
 
   await createDirectory({

src/routes/api/mek/list/+server.ts

@@ -1,10 +1,20 @@
 import { json } from "@sveltejs/kit";
 import { authorize } from "$lib/server/modules/auth";
+import { masterKeyListResponse } from "$lib/server/schemas/mek";
 import { getClientMekList } from "$lib/server/services/mek";
-import type { RequestHandler } from "@sveltejs/kit";
+import type { RequestHandler } from "./$types";
 
 export const GET: RequestHandler = async ({ cookies }) => {
   const { userId, clientId } = await authorize(cookies, "activeClient");
-  const { meks } = await getClientMekList(userId, clientId);
-  return json({ meks });
+  const { encMeks } = await getClientMekList(userId, clientId);
+  return json(
+    masterKeyListResponse.parse({
+      meks: encMeks.map(({ version, state, encMek, encMekSig }) => ({
+        version,
+        state,
+        mek: encMek,
+        mekSig: encMekSig,
+      })),
+    }),
+  );
 };

src/routes/api/mek/register/initial/+server.ts

@@ -1,9 +1,9 @@
 import { error, text } from "@sveltejs/kit";
-import { z } from "zod";
 import { authenticate } from "$lib/server/modules/auth";
 import { parseSignedRequest } from "$lib/server/modules/crypto";
+import { initialMasterKeyRegisterRequest } from "$lib/server/schemas/mek";
 import { registerInitialActiveMek } from "$lib/server/services/mek";
-import type { RequestHandler } from "@sveltejs/kit";
+import type { RequestHandler } from "./$types";
 
 export const POST: RequestHandler = async ({ request, cookies }) => {
   const { userId, clientId } = authenticate(cookies);
@@ -14,10 +14,7 @@ export const POST: RequestHandler = async ({ request, cookies }) => {
   const { mek, mekSig } = await parseSignedRequest(
     clientId,
     await request.json(),
-    z.object({
-      mek: z.string().base64().nonempty(),
-      mekSig: z.string().base64().nonempty(),
-    }),
+    initialMasterKeyRegisterRequest,
   );
 
   await registerInitialActiveMek(userId, clientId, mek, mekSig);