alexandrump/skills-here-run-place
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add author auth, forking, tags, and stats tracking

Browse Source 
Introduce token-based author authentication (register/verify API),
   skill forking with EditGate protection, tag metadata on skills,
   and download/push stats. Enhanced push scripts with token auth
   and per-skill filtering. Updated UI with stats, tags, and
   author info on skill cards.
This commit is contained in:
Alejandro Martinez
2026-02-12 14:37:40 +01:00
parent 39d8afb251
commit aa477a553b
80 changed files with 3618 additions and 660 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
dist/server/pages/api/skills/_slug_.astro.mjs vendored
View File

@@ -1,4 +1,7 @@
import { d as deleteSkill, g as getSkill, u as updateSkill } from '../../../chunks/skills_COWfD5oy.mjs';
import 'gray-matter';
import { g as getSkill, d as deleteSkill, u as updateSkill } from '../../../chunks/skills_BacVQUiS.mjs';
import { h as hasToken, e as extractBearerToken, v as verifyToken } from '../../../chunks/tokens_CAzj9Aj8.mjs';
import { r as recordPush } from '../../../chunks/stats_CaDi9y9J.mjs';
export { renderers } from '../../../renderers.mjs';
const GET = async ({ params }) => {
@@ -27,36 +30,59 @@ const PUT = async ({ params, request }) => {
});
}
try {
const existing = await getSkill(params.slug);
if (!existing) {
return new Response(JSON.stringify({ error: "Skill not found" }), {
status: 404,
headers: { "Content-Type": "application/json" }
});
}
if (existing["author-email"] && await hasToken(existing["author-email"])) {
const token = extractBearerToken(request);
const valid = await verifyToken(existing["author-email"], token);
if (!valid) {
return new Response(JSON.stringify({ error: `Only ${existing.author || existing["author-email"]} can update this skill. Provide a valid token via Authorization: Bearer header.` }), {
status: 403,
headers: { "Content-Type": "application/json" }
});
}
}
const skill = await updateSkill(params.slug, body.content);
recordPush(params.slug);
return new Response(JSON.stringify(skill), {
headers: { "Content-Type": "application/json" }
});
} catch (err) {
const message = err instanceof Error ? err.message : "Unknown error";
if (message.includes("not found")) {
return new Response(JSON.stringify({ error: message }), {
status: 404,
headers: { "Content-Type": "application/json" }
});
}
return new Response(JSON.stringify({ error: message }), {
status: 500,
headers: { "Content-Type": "application/json" }
});
}
};
const DELETE = async ({ params }) => {
const DELETE = async ({ params, request }) => {
try {
await deleteSkill(params.slug);
return new Response(null, { status: 204 });
} catch (err) {
const message = err instanceof Error ? err.message : "Unknown error";
if (message.includes("not found")) {
return new Response(JSON.stringify({ error: message }), {
const existing = await getSkill(params.slug);
if (!existing) {
return new Response(JSON.stringify({ error: "Skill not found" }), {
status: 404,
headers: { "Content-Type": "application/json" }
});
}
if (existing["author-email"] && await hasToken(existing["author-email"])) {
const token = extractBearerToken(request);
const valid = await verifyToken(existing["author-email"], token);
if (!valid) {
return new Response(JSON.stringify({ error: `Only ${existing.author || existing["author-email"]} can delete this skill. Provide a valid token via Authorization: Bearer header.` }), {
status: 403,
headers: { "Content-Type": "application/json" }
});
}
}
await deleteSkill(params.slug);
return new Response(null, { status: 204 });
} catch (err) {
const message = err instanceof Error ? err.message : "Unknown error";
return new Response(JSON.stringify({ error: message }), {
status: 500,
headers: { "Content-Type": "application/json" }