Merge pull request 'Use alternate API for current user and skip cookie validation' (#24) from skip-cookie-validate into master

Reviewed-on: #24
Reviewed-by: itzaname <itzaname@noreply@itzana.me>

commands/submit.js

@@ -4,7 +4,7 @@ const fs = require('node:fs');
 const noblox = require("noblox.js");
 const axios = require("axios").default;
 const { submissions, commands, cookies } = require("../config/config.js");
-const { getAssetInfo, SubmissionColumnsString, createSubmissionLine, getSubmissionLine, validateMapAsset, getValidationMessage } = require("../common.js");
+const { getAssetInfo, getCurrentUser, SubmissionColumnsString, createSubmissionLine, getSubmissionLine, validateMapAsset, getValidationMessage } = require("../common.js");
 
 async function robloxUserFromDiscord(id) {
     if (isNaN(id)) return undefined;
@@ -48,11 +48,11 @@ async function execute(interaction) {
     }
 
     const id = interaction.options.getInteger("asset_id", true);
-    await noblox.setCookie(cookies[game]);
+    noblox.setCookie(cookies[game], false);
 
     try {
         // Check that the bot owns this model
-        if (!(await noblox.getOwnership(await noblox.getCurrentUser("UserID"), id, "Asset"))) {
+        if (!(await noblox.getOwnership(await getCurrentUser(), id, "Asset"))) {
             const msg = `🚫  The ${game} maptest bot's inventory does not contain this asset (id: \`${id}\`). You must use the /take command first.`;
             await interaction.editReply(msg);
             return;

commands/take.js

@@ -1,7 +1,7 @@
 const { SlashCommandBuilder } = require('@discordjs/builders');
 const noblox = require("noblox.js");
 const { cookies, commands, gamePlaces } = require("../config/config.js");
-const { getAssetInfo, buyModel, validateMapAsset, getValidationMessage } = require("../common.js");
+const { getAssetInfo, buyModel, getCurrentUser, validateMapAsset, getValidationMessage } = require("../common.js");
 
 /**
  * @param {import('discord.js').ChatInputCommandInteraction} interaction
@@ -15,12 +15,12 @@ async function execute(interaction) {
     }
 
     const id = interaction.options.getInteger("asset_id", true);
-    await noblox.setCookie(cookie);
+    noblox.setCookie(cookie, false);
 
     let alreadyOwned;
     try {
         // Check if the bot already owns this asset
-        alreadyOwned = await noblox.getOwnership(await noblox.getCurrentUser("UserID"), id, "Asset");
+        alreadyOwned = await noblox.getOwnership(await getCurrentUser(), id, "Asset");
     } catch (error) {
         if (error.message !== "400 The specified Asset does not exist!") {
             throw error;

common.js

@@ -90,6 +90,24 @@ async function buyModel(modelId) {
     return res.statusCode >= 200 && res.statusCode < 300 && resJson.purchaseTransactionStatus === "PURCHASE_TRANSACTION_STATUS_SUCCESS";
 }
 
+async function getCurrentUser() {
+    const jar = noblox.options.jar;
+    const xcsrf = await noblox.getGeneralToken(jar);
+
+    const res = await noblox.http("https://users.roblox.com/v1/users/authenticated", {
+        method: "GET",
+        resolveWithFullResponse: true,
+        jar: jar,
+        headers: {
+            "X-CSRF-TOKEN": xcsrf,
+            "Content-Type": "application/json"
+        }
+    });
+
+    const resJson = JSON.parse(res.body);
+    return resJson.id;
+}
+
 const SubmissionColumnsString = "map_id,unix_timestamp,user_id,username,display_name,creator\n";
 
 const SubmissionColumn = {
@@ -348,4 +366,4 @@ function getValidationMessage(validation, game, errorOnFail) {
     return msg;
 }
 
-module.exports = { AssetType, getAssetInfo, buyModel, SubmissionColumn, SubmissionColumnsString, getSubmissionLine, createSubmissionLine, validateMapAsset, getValidationMessage, safeCsvFormat };
+module.exports = { AssetType, getAssetInfo, buyModel, getCurrentUser, SubmissionColumn, SubmissionColumnsString, getSubmissionLine, createSubmissionLine, validateMapAsset, getValidationMessage, safeCsvFormat };