diff --git a/app/composables/usePackageComparison.ts b/app/composables/usePackageComparison.ts index 95ce63e5c..aa03fbae3 100644 --- a/app/composables/usePackageComparison.ts +++ b/app/composables/usePackageComparison.ts @@ -142,7 +142,9 @@ export function usePackageComparison(packageNames: MaybeRefOrGetter) { $fetch( `/api/registry/vulnerabilities/${encodePackageName(name)}`, ).catch(() => null), - $fetch(`/api/social/likes/${name}`).catch(() => null), + $fetch(`/api/social/likes/${encodePackageName(name)}`).catch( + () => null, + ), ]) const versionData = pkgData.versions[latestVersion] const packageSize = versionData?.dist?.unpackedSize diff --git a/server/api/social/likes/[...pkg].get.ts b/server/api/social/likes/[...pkg].get.ts index b0da21675..654d5c612 100644 --- a/server/api/social/likes/[...pkg].get.ts +++ b/server/api/social/likes/[...pkg].get.ts @@ -1,12 +1,33 @@ +import * as v from 'valibot' +import { PackageRouteParamsSchema } from '#shared/schemas/package' + +/** + * GET /api/social/likes/:name + * + * Gets the likes for a npm package on npmx + */ export default eventHandlerWithOAuthSession(async (event, oAuthSession, _) => { - const packageName = getRouterParam(event, 'pkg') - if (!packageName) { + const pkgParamSegments = getRouterParam(event, 'pkg')?.split('/') ?? [] + const { rawPackageName } = parsePackageParams(pkgParamSegments) + + if (!rawPackageName) { throw createError({ status: 400, message: 'package name not provided', }) } - const likesUtil = new PackageLikesUtils() - return await likesUtil.getLikes(packageName, oAuthSession?.did.toString()) + try { + const { packageName } = v.parse(PackageRouteParamsSchema, { + packageName: decodeURIComponent(rawPackageName), + }) + + const likesUtil = new PackageLikesUtils() + return await likesUtil.getLikes(packageName, oAuthSession?.did.toString()) + } catch (error: unknown) { + handleApiError(error, { + statusCode: 502, + message: 'Failed to get likes', + }) + } })