From d39931c79a635aeed6f4d9b5b8883b983ba4d6cc Mon Sep 17 00:00:00 2001
From: static <kmc7468@naver.com>
Date: Mon, 30 Dec 2024 00:48:21 +0900
Subject: [PATCH] =?UTF-8?q?=EB=B0=B1=EC=97=94=EB=93=9C=EC=97=90=EC=84=9C,?=
 =?UTF-8?q?=20Request=20Body=20=EA=B2=80=EC=A6=9D=20=EC=A0=84=EC=97=90=20?=
 =?UTF-8?q?=EC=9D=B8=EC=A6=9D=EC=9D=84=20=EB=A8=BC=EC=A0=80=20=EA=B1=B0?=
 =?UTF-8?q?=EC=B9=98=EB=8F=84=EB=A1=9D=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/routes/api/client/register/+server.ts      | 12 ++++++------
 src/routes/api/client/verify/+server.ts        | 12 ++++++------
 src/routes/api/mek/register/+server.ts         |  6 +++---
 src/routes/api/mek/register/initial/+server.ts | 13 ++++++-------
 4 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/src/routes/api/client/register/+server.ts b/src/routes/api/client/register/+server.ts
index c4040bf..72f34ce 100644
--- a/src/routes/api/client/register/+server.ts
+++ b/src/routes/api/client/register/+server.ts
@@ -5,19 +5,19 @@ import { registerUserClient } from "$lib/server/services/client";
 import type { RequestHandler } from "./$types";
 
 export const POST: RequestHandler = async ({ request, cookies, getClientAddress }) => {
+  const { userId, clientId } = authenticate(cookies);
+  if (clientId) {
+    error(403, "Forbidden");
+  }
+
   const zodRes = z
     .object({
       pubKey: z.string().base64().nonempty(),
     })
     .safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
-
-  const { userId, clientId } = authenticate(cookies);
-  if (clientId) {
-    error(403, "Forbidden");
-  }
-
   const { pubKey } = zodRes.data;
+
   const challenge = await registerUserClient(userId, getClientAddress(), pubKey.trim());
   return json({ challenge });
 };
diff --git a/src/routes/api/client/verify/+server.ts b/src/routes/api/client/verify/+server.ts
index 8a39dac..65b99b4 100644
--- a/src/routes/api/client/verify/+server.ts
+++ b/src/routes/api/client/verify/+server.ts
@@ -5,19 +5,19 @@ import { verifyUserClient } from "$lib/server/services/client";
 import type { RequestHandler } from "./$types";
 
 export const POST: RequestHandler = async ({ request, cookies, getClientAddress }) => {
+  const { userId, clientId } = authenticate(cookies);
+  if (clientId) {
+    error(403, "Forbidden");
+  }
+
   const zodRes = z
     .object({
       answer: z.string().base64().nonempty(),
     })
     .safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
-
-  const { userId, clientId } = authenticate(cookies);
-  if (clientId) {
-    error(403, "Forbidden");
-  }
-
   const { answer } = zodRes.data;
+
   await verifyUserClient(userId, getClientAddress(), answer.trim());
   return text("Client verified", { headers: { "Content-Type": "text/plain" } });
 };
diff --git a/src/routes/api/mek/register/+server.ts b/src/routes/api/mek/register/+server.ts
index 0fe22e2..4afbacd 100644
--- a/src/routes/api/mek/register/+server.ts
+++ b/src/routes/api/mek/register/+server.ts
@@ -5,6 +5,8 @@ import { registerNewActiveMek } from "$lib/server/services/mek";
 import type { RequestHandler } from "@sveltejs/kit";
 
 export const POST: RequestHandler = async ({ request, cookies }) => {
+  const { userId, clientId } = await authorize(cookies, "activeClient");
+
   const zodRes = z
     .object({
       meks: z.array(
@@ -16,9 +18,8 @@ export const POST: RequestHandler = async ({ request, cookies }) => {
     })
     .safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
-
-  const { userId, clientId } = await authorize(cookies, "activeClient");
   const { meks } = zodRes.data;
+
   await registerNewActiveMek(
     userId,
     clientId,
@@ -27,6 +28,5 @@ export const POST: RequestHandler = async ({ request, cookies }) => {
       encMek: mek.trim(),
     })),
   );
-
   return text("MEK registered", { headers: { "Content-Type": "text/plain" } });
 };
diff --git a/src/routes/api/mek/register/initial/+server.ts b/src/routes/api/mek/register/initial/+server.ts
index 9c44227..a7b4f6b 100644
--- a/src/routes/api/mek/register/initial/+server.ts
+++ b/src/routes/api/mek/register/initial/+server.ts
@@ -5,20 +5,19 @@ import { registerInitialActiveMek } from "$lib/server/services/mek";
 import type { RequestHandler } from "@sveltejs/kit";
 
 export const POST: RequestHandler = async ({ request, cookies }) => {
+  const { userId, clientId } = authenticate(cookies);
+  if (!clientId) {
+    error(403, "Forbidden");
+  }
+
   const zodRes = z
     .object({
       mek: z.string().base64().nonempty(),
     })
     .safeParse(await request.json());
   if (!zodRes.success) error(400, "Invalid request body");
-
-  const { userId, clientId } = authenticate(cookies);
-  if (!clientId) {
-    error(403, "Forbidden");
-  }
-
   const { mek } = zodRes.data;
-  await registerInitialActiveMek(userId, clientId, mek);
 
+  await registerInitialActiveMek(userId, clientId, mek);
   return text("MEK registered", { headers: { "Content-Type": "text/plain" } });
 };