From 8750c2ed8227c449785486a25daf609acdc129df Mon Sep 17 00:00:00 2001
From: Martin Dimitrov <martin3dimitrov@gmail.com>
Date: Sat, 7 Jun 2025 16:30:14 -0700
Subject: [PATCH] update notify route

---
 .../src/functions/api/door/notify.ts          | 54 +++++++++----------
 1 file changed, 24 insertions(+), 30 deletions(-)

diff --git a/packages/doorman-api/src/functions/api/door/notify.ts b/packages/doorman-api/src/functions/api/door/notify.ts
index 2f6dceb..aae7aec 100644
--- a/packages/doorman-api/src/functions/api/door/notify.ts
+++ b/packages/doorman-api/src/functions/api/door/notify.ts
@@ -4,49 +4,46 @@ import { jsonMsgSuffix, sendMessageToUser } from "../../../utils/discord";
 import { getMetricFromRegistry, withMetrics } from "../../../common/DoormanHandler";
 import { NotifyMetrics, registerMetrics } from "../../../metrics/NotifyMetrics";
 import { Counter, Summary } from "prom-client";
+import { z } from "zod";
+import zu from "zod_utilz";
+import { setResponseJson } from "../../../utils/responseUtils";
+import { UserAgentHeader } from "../../../utils/blockUserAgent";
 
+export const NotifyRequestSchema = z.object({
+  key: z.string(),
 
-export interface NotifyRequest extends ServerlessEventObject {
-  door: string;
+  // these must be arrays
+  discordUser: zu.stringToJSON().refine(arg => arg instanceof Array),
+  msg: zu.stringToJSON().refine(arg => arg instanceof Array),
+  json: zu.stringToJSON().refine(arg => arg instanceof Array)
+});
 
-  key: string;
+export type NotifyRequest = z.infer<typeof NotifyRequestSchema>;
 
-  // these are arrays in the request
-  discordUser: string;
-  msg: string;
-  json: string;
-}
+export interface NotifyRequestTwilio extends ServerlessEventObject<NotifyRequest, UserAgentHeader> { }
 
-export const handler: ServerlessFunctionSignature<TwilioContext, NotifyRequest> = withMetrics('notify', async (context, event, callback, metricsRegistry) => {
+export const handler: ServerlessFunctionSignature<TwilioContext, NotifyRequestTwilio> = withMetrics('notify', async (context, event, callback, metricsRegistry) => {
   const response = new Twilio.Response();
 
   registerMetrics(metricsRegistry);
+
+  const req = NotifyRequestSchema.parse(event);
   
-
   // secure notify endpoint
-  if (event.key !== context.NOTIFY_SECRET_KEY) {
+  if (req.key !== context.NOTIFY_SECRET_KEY) {
     getMetricFromRegistry<Counter>(metricsRegistry, NotifyMetrics.UNAUTHENTICATED_CALL).inc(1);
-    response
-      .setStatusCode(401)
-      .appendHeader('Content-Type', 'application/json')
-      .setBody({ err: "Unauthenticated call", event });
-
+    setResponseJson(response, 401, {
+      err: "Unauthenticated call", event
+    });
     return callback(null, response);
   }
 
-  let users: string[];
-  let msgs: string[];
-  let jsons: string[];
+  let users: string[] = req.discordUser as string[];
+  let msgs: string[] = req.msg as string[];
+  let jsons: string[] = req.json as string[];
   let promises = [];
 
   try {
-    users = JSON.parse(event.discordUser);
-    console.log(users);
-    msgs = JSON.parse(event.msg);
-    console.log("before parsing", event.json);
-    jsons = JSON.parse(event.json);
-    console.log("after parsing", event.json);
-
     const recordNotifyLatency = getMetricFromRegistry<Summary>(metricsRegistry, NotifyMetrics.DISCORD_LATENCY)
         .startTimer();
 
@@ -66,10 +63,7 @@ export const handler: ServerlessFunctionSignature<TwilioContext, NotifyRequest>
     );
   } catch (e) {
     console.error(e);
-    response
-      .setStatusCode(500)
-      .appendHeader('Content-Type', 'application/json')
-      .setBody({ err: e, event });
+    setResponseJson(response, 500, { err: e, event });
     return callback(null, response);
   }