[api] #335 API route to retrieve users by ID instead of username

2025-09-25 14:09:03 -04:00 · 2023-02-02 19:20:24 +01:00 · 2023-02-02 19:20:24 +01:00 · 0b3e0131c0
commit 0b3e0131c0
parent 0540c6c9da
2 changed files with 46 additions and 22 deletions
--- a/routes/api.vue
+++ b/routes/api.vue
@ -94,6 +94,7 @@
                    icon: 'id-card',
                    endpoints: {
                        profile_get: ['GET', '/api/profile/get/{username}?version=2', undefined, ['Note that the <code>birthday</code> field will only be available when querying your own account; otherwise only the calucaled <code>age</code> might be available (if the person has filled out their birthday)']],
+                        profile_get_by_id: ['GET', '/api/profile/get-id/{id}?version=2', undefined, ['Note that the <code>birthday</code> field will only be available when querying your own account; otherwise only the calucaled <code>age</code> might be available (if the person has filled out their birthday)']],
                    },
                }, {
                    enabled: this.config.calendar.enabled,
--- a/server/routes/profile.js
+++ b/server/routes/profile.js
@ -237,9 +237,36 @@ const isValidLink = (url) => {

 const router = Router();

-router.get('/profile/get/:username', handleErrorAsync(async (req, res) => {
+const fetchProfilesRoute = async (req, res, user) => {
    const isSelf = req.user && req.user.username === req.params.username;
    const isAdmin = req.isGranted('users');
+
+    if (!user || (user.bannedReason !== null && !isAdmin && !isSelf)) {
+        return res.json({
+            profiles: {},
+        });
+    }
+
+    user.emailHash = md5(user.email);
+    delete user.email;
+    user.avatar = await avatar(req.db, user);
+
+    user.bannedTerms = user.bannedTerms ? user.bannedTerms.split(',') : [];
+
+    let profiles = await fetchProfiles(req.db, user.username, isSelf);
+    if (req.query.version !== '2') {
+        for (let [locale, profile] of Object.entries(profiles)) {
+            profiles[locale] = downgradeToV1(profile);
+        }
+    }
+
+    return res.json({
+        ...user,
+        profiles,
+    });
+}
+
+router.get('/profile/get/:username', handleErrorAsync(async (req, res) => {
    const user = await req.db.get(SQL`
        SELECT
            users.id,
@ -254,29 +281,25 @@ router.get('/profile/get/:username', handleErrorAsync(async (req, res) => {
        WHERE users.usernameNorm = ${normalise(req.params.username)}
    `);

-    if (!user || (user.bannedReason !== null && !isAdmin && !isSelf)) {
-        return res.json({
-            profiles: {},
-        });
-    }
+    return await fetchProfilesRoute(req, res, user);
+}));

-    user.emailHash = md5(user.email);
-    delete user.email;
-    user.avatar = await avatar(req.db, user);
+router.get('/profile/get-id/:id', handleErrorAsync(async (req, res) => {
+    const user = await req.db.get(SQL`
+        SELECT
+            users.id,
+            users.username,
+            users.email,
+            users.avatarSource,
+            users.bannedReason,
+            users.bannedTerms,
+            users.bannedBy,
+            users.roles != '' AS team
+        FROM users
+        WHERE users.id = ${req.params.id}
+    `);

-    user.bannedTerms = user.bannedTerms ? user.bannedTerms.split(',') : [];
-
-    let profiles = await fetchProfiles(req.db, req.params.username, isSelf);
-    if (req.query.version !== '2') {
-        for (let [locale, profile] of Object.entries(profiles)) {
-            profiles[locale] = downgradeToV1(profile);
-        }
-    }
-
-    return res.json({
-        ...user,
-        profiles,
-    });
+    return await fetchProfilesRoute(req, res, user);
 }));

 router.get('/profile/versions/:username', handleErrorAsync(async (req, res) => {