15 files changed, 552 insertions, 11 deletions

diff --git a/src/api/Server.ts b/src/api/Server.ts
index 447a4802..472ab1d6 100644
--- a/src/api/Server.ts
+++ b/src/api/Server.ts
@@ -25,6 +25,8 @@ import {
 	registerRoutes,
 	Sentry,
 	WebAuthn,
+	ConnectionConfig,
+	ConnectionLoader,
 } from "@spacebar/util";
 import { Request, Response, Router } from "express";
 import { Server, ServerOptions } from "lambert-server";
@@ -72,6 +74,7 @@ export class SpacebarServer extends Server {
 		await Config.init();
 		await initEvent();
 		await Email.init();
+		await ConnectionConfig.init();
 		await initInstance();
 		await Sentry.init(this.app);
 		WebAuthn.init();
@@ -142,6 +145,8 @@ export class SpacebarServer extends Server {
 
 		Sentry.errorHandler(this.app);
 
+		ConnectionLoader.loadConnections();
+
 		if (logRequests)
 			console.log(
 				red(
diff --git a/src/api/middlewares/Authentication.ts b/src/api/middlewares/Authentication.ts
index 09644eee..d0e4d8a0 100644
--- a/src/api/middlewares/Authentication.ts
+++ b/src/api/middlewares/Authentication.ts
@@ -52,6 +52,8 @@ export const NO_AUTHORIZATION_ROUTES = [
 	"/oauth2/callback",
 	// Asset delivery
 	/\/guilds\/\d+\/widget\.(json|png)/,
+	// Connections
+	/\/connections\/\w+\/callback/,
 ];
 
 export const API_PREFIX = /^\/api(\/v\d+)?/;
diff --git a/src/api/routes/channels/#channel_id/messages/#message_id/reactions.ts b/src/api/routes/channels/#channel_id/messages/#message_id/reactions.ts
index eafa70c8..cb66cd64 100644
--- a/src/api/routes/channels/#channel_id/messages/#message_id/reactions.ts
+++ b/src/api/routes/channels/#channel_id/messages/#message_id/reactions.ts
@@ -28,6 +28,7 @@ import {
 	MessageReactionRemoveEmojiEvent,
 	MessageReactionRemoveEvent,
 	PartialEmoji,
+	PublicMemberProjection,
 	PublicUserProjection,
 	User,
 } from "@spacebar/util";
@@ -180,6 +181,7 @@ router.put(
 			if (already_added.user_ids.includes(req.user_id))
 				return res.sendStatus(204); // Do not throw an error ¯\_(ツ)_/¯ as discord also doesn't throw any error
 			already_added.count++;
+			already_added.user_ids.push(req.user_id);
 		} else
 			message.reactions.push({
 				count: 1,
@@ -191,7 +193,12 @@ router.put(
 
 		const member =
 			channel.guild_id &&
-			(await Member.findOneOrFail({ where: { id: req.user_id } }));
+			(
+				await Member.findOneOrFail({
+					where: { id: req.user_id },
+					select: PublicMemberProjection,
+				})
+			).toPublicMember();
 
 		await emitEvent({
 			event: "MESSAGE_REACTION_ADD",
@@ -247,6 +254,11 @@ router.delete(
 		already_added.count--;
 
 		if (already_added.count <= 0) message.reactions.remove(already_added);
+		else
+			already_added.user_ids.splice(
+				already_added.user_ids.indexOf(user_id),
+				1,
+			);
 
 		await message.save();
 
diff --git a/src/api/routes/channels/#channel_id/messages/index.ts b/src/api/routes/channels/#channel_id/messages/index.ts
index c871087a..7f0c9fb5 100644
--- a/src/api/routes/channels/#channel_id/messages/index.ts
+++ b/src/api/routes/channels/#channel_id/messages/index.ts
@@ -73,9 +73,11 @@ export function isTextChannel(type: ChannelType): boolean {
 
 // https://discord.com/developers/docs/resources/channel#create-message
 // get messages
-router.get("/", async (req: Request, res: Response) => {
+router.get("/", route({}), async (req: Request, res: Response) => {
 	const channel_id = req.params.channel_id;
-	const channel = await Channel.findOneOrFail({ where: { id: channel_id } });
+	const channel = await Channel.findOneOrFail({
+		where: { id: channel_id },
+	});
 	if (!channel) throw new HTTPError("Channel not found", 404);
 
 	isTextChannel(channel.type);
diff --git a/src/api/routes/users/@me/connections.ts b/src/api/routes/connections/#connection_name/#connection_id/refresh.ts
index 1d4564da..0d432c2b 100644
--- a/src/api/routes/users/@me/connections.ts
+++ b/src/api/routes/connections/#connection_name/#connection_id/refresh.ts
@@ -16,14 +16,14 @@
 	along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 
-import { Request, Response, Router } from "express";
 import { route } from "@spacebar/api";
+import { Request, Response, Router } from "express";
+const router = Router();
 
-const router: Router = Router();
-
-router.get("/", route({}), async (req: Request, res: Response) => {
-	//TODO
-	res.json([]).status(200);
+router.post("/", route({}), async (req: Request, res: Response) => {
+	// TODO:
+	const { connection_name, connection_id } = req.params;
+	res.sendStatus(204);
 });
 
 export default router;
diff --git a/src/api/routes/connections/#connection_name/authorize.ts b/src/api/routes/connections/#connection_name/authorize.ts
new file mode 100644
index 00000000..b43f46d7
--- /dev/null
+++ b/src/api/routes/connections/#connection_name/authorize.ts
@@ -0,0 +1,52 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { route } from "@spacebar/api";
+import { Request, Response, Router } from "express";
+import { ConnectionStore, FieldErrors } from "../../../../util";
+
+const router = Router();
+
+router.get("/", route({}), async (req: Request, res: Response) => {
+	const { connection_name } = req.params;
+	const connection = ConnectionStore.connections.get(connection_name);
+	if (!connection)
+		throw FieldErrors({
+			provider_id: {
+				code: "BASE_TYPE_CHOICES",
+				message: req.t("common:field.BASE_TYPE_CHOICES", {
+					types: Array.from(ConnectionStore.connections.keys()).join(
+						", ",
+					),
+				}),
+			},
+		});
+
+	if (!connection.settings.enabled)
+		throw FieldErrors({
+			provider_id: {
+				message: "This connection has been disabled server-side.",
+			},
+		});
+
+	res.json({
+		url: await connection.getAuthorizationUrl(req.user_id),
+	});
+});
+
+export default router;
diff --git a/src/api/routes/connections/#connection_name/callback.ts b/src/api/routes/connections/#connection_name/callback.ts
new file mode 100644
index 00000000..bc9ba455
--- /dev/null
+++ b/src/api/routes/connections/#connection_name/callback.ts
@@ -0,0 +1,71 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { route } from "@spacebar/api";
+import {
+	ConnectionCallbackSchema,
+	ConnectionStore,
+	emitEvent,
+	FieldErrors,
+} from "@spacebar/util";
+import { Request, Response, Router } from "express";
+
+const router = Router();
+
+router.post(
+	"/",
+	route({ body: "ConnectionCallbackSchema" }),
+	async (req: Request, res: Response) => {
+		const { connection_name } = req.params;
+		const connection = ConnectionStore.connections.get(connection_name);
+		if (!connection)
+			throw FieldErrors({
+				provider_id: {
+					code: "BASE_TYPE_CHOICES",
+					message: req.t("common:field.BASE_TYPE_CHOICES", {
+						types: Array.from(
+							ConnectionStore.connections.keys(),
+						).join(", "),
+					}),
+				},
+			});
+
+		if (!connection.settings.enabled)
+			throw FieldErrors({
+				provider_id: {
+					message: "This connection has been disabled server-side.",
+				},
+			});
+
+		const body = req.body as ConnectionCallbackSchema;
+		const userId = connection.getUserId(body.state);
+		const connectedAccnt = await connection.handleCallback(body);
+
+		// whether we should emit a connections update event, only used when a connection doesnt already exist
+		if (connectedAccnt)
+			emitEvent({
+				event: "USER_CONNECTIONS_UPDATE",
+				data: { ...connectedAccnt, token_data: undefined },
+				user_id: userId,
+			});
+
+		res.sendStatus(204);
+	},
+);
+
+export default router;
diff --git a/src/api/routes/guilds/#guild_id/roles/#role_id/member-ids.ts b/src/api/routes/guilds/#guild_id/roles/#role_id/member-ids.ts
new file mode 100644
index 00000000..b086193e
--- /dev/null
+++ b/src/api/routes/guilds/#guild_id/roles/#role_id/member-ids.ts
@@ -0,0 +1,42 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { Router, Request, Response } from "express";
+import { Member } from "@spacebar/util";
+import { route } from "@spacebar/api";
+
+const router = Router();
+
+router.get("/", route({}), async (req: Request, res: Response) => {
+	const { guild_id, role_id } = req.params;
+
+	// TODO: Is this route really not paginated?
+	const members = await Member.find({
+		select: ["id"],
+		where: {
+			roles: {
+				id: role_id,
+			},
+			guild_id,
+		},
+	});
+
+	return res.json(members.map((x) => x.id));
+});
+
+export default router;
diff --git a/src/api/routes/guilds/#guild_id/roles/#role_id/members.ts b/src/api/routes/guilds/#guild_id/roles/#role_id/members.ts
new file mode 100644
index 00000000..539cd5d8
--- /dev/null
+++ b/src/api/routes/guilds/#guild_id/roles/#role_id/members.ts
@@ -0,0 +1,62 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { Router, Request, Response } from "express";
+import { DiscordApiErrors, Member, partition } from "@spacebar/util";
+import { route } from "@spacebar/api";
+
+const router = Router();
+
+router.patch(
+	"/",
+	route({ permission: "MANAGE_ROLES" }),
+	async (req: Request, res: Response) => {
+		// Payload is JSON containing a list of member_ids, the new list of members to have the role
+		const { guild_id, role_id } = req.params;
+		const { member_ids } = req.body;
+
+		// don't mess with @everyone
+		if (role_id == guild_id) throw DiscordApiErrors.INVALID_ROLE;
+
+		const members = await Member.find({
+			where: { guild_id },
+			relations: ["roles"],
+		});
+
+		const [add, remove] = partition(
+			members,
+			(member) =>
+				member_ids.includes(member.id) &&
+				!member.roles.map((role) => role.id).includes(role_id),
+		);
+
+		// TODO (erkin): have a bulk add/remove function that adds the roles in a single txn
+		await Promise.all([
+			...add.map((member) =>
+				Member.addRole(member.id, guild_id, role_id),
+			),
+			...remove.map((member) =>
+				Member.removeRole(member.id, guild_id, role_id),
+			),
+		]);
+
+		res.sendStatus(204);
+	},
+);
+
+export default router;
diff --git a/src/api/routes/guilds/#guild_id/roles/member-counts.ts b/src/api/routes/guilds/#guild_id/roles/member-counts.ts
new file mode 100644
index 00000000..88243b42
--- /dev/null
+++ b/src/api/routes/guilds/#guild_id/roles/member-counts.ts
@@ -0,0 +1,39 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { Request, Response, Router } from "express";
+import { Role, Member } from "@spacebar/util";
+import { route } from "@spacebar/api";
+import {} from "typeorm";
+
+const router: Router = Router();
+
+router.get("/", route({}), async (req: Request, res: Response) => {
+	const { guild_id } = req.params;
+	await Member.IsInGuildOrFail(req.user_id, guild_id);
+
+	const role_ids = await Role.find({ where: { guild_id }, select: ["id"] });
+	const counts: { [id: string]: number } = {};
+	for (const { id } of role_ids) {
+		counts[id] = await Member.count({ where: { roles: { id }, guild_id } });
+	}
+
+	return res.json(counts);
+});
+
+export default router;
diff --git a/src/api/routes/policies/instance/domains.ts b/src/api/routes/policies/instance/domains.ts
index fe032b50..696a8510 100644
--- a/src/api/routes/policies/instance/domains.ts
+++ b/src/api/routes/policies/instance/domains.ts
@@ -31,7 +31,7 @@ router.get("/", route({}), async (req: Request, res: Response) => {
 			process.env.GATEWAY ||
 			"ws://localhost:3001",
 		defaultApiVersion: api.defaultVersion ?? 9,
-		apiEndpoint: api.endpointPublic ?? "/api",
+		apiEndpoint: api.endpointPublic ?? "http://localhost:3001/api/",
 	};
 
 	res.json(IdentityForm);
diff --git a/src/api/routes/users/#id/profile.ts b/src/api/routes/users/#id/profile.ts
index 4727e215..2836c563 100644
--- a/src/api/routes/users/#id/profile.ts
+++ b/src/api/routes/users/#id/profile.ts
@@ -133,7 +133,9 @@ router.get(
 			guild_id,
 		};
 		res.json({
-			connected_accounts: user.connected_accounts,
+			connected_accounts: user.connected_accounts.filter(
+				(x) => x.visibility != 0,
+			),
 			premium_guild_since: premium_guild_since, // TODO
 			premium_since: user.premium_since, // TODO
 			mutual_guilds: mutual_guilds, // TODO {id: "", nick: null} when ?with_mutual_guilds=true
diff --git a/src/api/routes/users/@me/connections/#connection_name/#connection_id/access-token.ts b/src/api/routes/users/@me/connections/#connection_name/#connection_id/access-token.ts
new file mode 100644
index 00000000..9031f3c8
--- /dev/null
+++ b/src/api/routes/users/@me/connections/#connection_name/#connection_id/access-token.ts
@@ -0,0 +1,99 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { route } from "@spacebar/api";
+import {
+	ApiError,
+	ConnectedAccount,
+	ConnectionStore,
+	DiscordApiErrors,
+	FieldErrors,
+} from "@spacebar/util";
+import { Request, Response, Router } from "express";
+import RefreshableConnection from "../../../../../../../util/connections/RefreshableConnection";
+const router = Router();
+
+// TODO: this route is only used for spotify, twitch, and youtube. (battlenet seems to be able to PUT, maybe others also)
+
+// spotify is disabled here because it cant be used
+const ALLOWED_CONNECTIONS = ["twitch", "youtube"];
+
+// NOTE: this route has not been extensively tested, as the required connections are not implemented as of writing
+router.get("/", route({}), async (req: Request, res: Response) => {
+	const { connection_name, connection_id } = req.params;
+
+	const connection = ConnectionStore.connections.get(connection_name);
+
+	if (!ALLOWED_CONNECTIONS.includes(connection_name) || !connection)
+		throw FieldErrors({
+			provider_id: {
+				code: "BASE_TYPE_CHOICES",
+				message: req.t("common:field.BASE_TYPE_CHOICES", {
+					types: ALLOWED_CONNECTIONS.join(", "),
+				}),
+			},
+		});
+
+	if (!connection.settings.enabled)
+		throw FieldErrors({
+			provider_id: {
+				message: "This connection has been disabled server-side.",
+			},
+		});
+
+	const connectedAccount = await ConnectedAccount.findOne({
+		where: {
+			type: connection_name,
+			external_id: connection_id,
+			user_id: req.user_id,
+		},
+		select: [
+			"external_id",
+			"type",
+			"name",
+			"verified",
+			"visibility",
+			"show_activity",
+			"revoked",
+			"token_data",
+			"friend_sync",
+			"integrations",
+		],
+	});
+	if (!connectedAccount) throw DiscordApiErrors.UNKNOWN_CONNECTION;
+	if (connectedAccount.revoked) throw DiscordApiErrors.CONNECTION_REVOKED;
+	if (!connectedAccount.token_data)
+		throw new ApiError("No token data", 0, 400);
+
+	let access_token = connectedAccount.token_data.access_token;
+	const { expires_at, expires_in, fetched_at } = connectedAccount.token_data;
+
+	if (
+		(expires_at && expires_at < Date.now()) ||
+		(expires_in && fetched_at + expires_in * 1000 < Date.now())
+	) {
+		if (!(connection instanceof RefreshableConnection))
+			throw new ApiError("Access token expired", 0, 400);
+		const tokenData = await connection.refresh(connectedAccount);
+		access_token = tokenData.access_token;
+	}
+
+	res.json({ access_token });
+});
+
+export default router;
diff --git a/src/api/routes/users/@me/connections/#connection_name/#connection_id/index.ts b/src/api/routes/users/@me/connections/#connection_name/#connection_id/index.ts
new file mode 100644
index 00000000..3a4e5e0a
--- /dev/null
+++ b/src/api/routes/users/@me/connections/#connection_name/#connection_id/index.ts
@@ -0,0 +1,106 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { route } from "@spacebar/api";
+import {
+	ConnectedAccount,
+	ConnectionUpdateSchema,
+	DiscordApiErrors,
+	emitEvent,
+} from "@spacebar/util";
+import { Request, Response, Router } from "express";
+const router = Router();
+
+// TODO: connection update schema
+router.patch(
+	"/",
+	route({ body: "ConnectionUpdateSchema" }),
+	async (req: Request, res: Response) => {
+		const { connection_name, connection_id } = req.params;
+		const body = req.body as ConnectionUpdateSchema;
+
+		const connection = await ConnectedAccount.findOne({
+			where: {
+				user_id: req.user_id,
+				external_id: connection_id,
+				type: connection_name,
+			},
+			select: [
+				"external_id",
+				"type",
+				"name",
+				"verified",
+				"visibility",
+				"show_activity",
+				"revoked",
+				"friend_sync",
+				"integrations",
+			],
+		});
+
+		if (!connection) return DiscordApiErrors.UNKNOWN_CONNECTION;
+		// TODO: do we need to do anything if the connection is revoked?
+
+		if (typeof body.visibility === "boolean")
+			//@ts-expect-error For some reason the client sends this as a boolean, even tho docs say its a number?
+			body.visibility = body.visibility ? 1 : 0;
+		if (typeof body.show_activity === "boolean")
+			//@ts-expect-error For some reason the client sends this as a boolean, even tho docs say its a number?
+			body.show_activity = body.show_activity ? 1 : 0;
+		if (typeof body.metadata_visibility === "boolean")
+			//@ts-expect-error For some reason the client sends this as a boolean, even tho docs say its a number?
+			body.metadata_visibility = body.metadata_visibility ? 1 : 0;
+
+		connection.assign(req.body);
+
+		await ConnectedAccount.update(
+			{
+				user_id: req.user_id,
+				external_id: connection_id,
+				type: connection_name,
+			},
+			connection,
+		);
+		res.json(connection.toJSON());
+	},
+);
+
+router.delete("/", route({}), async (req: Request, res: Response) => {
+	const { connection_name, connection_id } = req.params;
+
+	const account = await ConnectedAccount.findOneOrFail({
+		where: {
+			user_id: req.user_id,
+			external_id: connection_id,
+			type: connection_name,
+		},
+	});
+
+	await Promise.all([
+		ConnectedAccount.remove(account),
+		emitEvent({
+			event: "USER_CONNECTIONS_UPDATE",
+			data: account,
+			user_id: req.user_id,
+		}),
+	]);
+
+	return res.sendStatus(200);
+});
+
+export default router;
diff --git a/src/api/routes/users/@me/connections/index.ts b/src/api/routes/users/@me/connections/index.ts
new file mode 100644
index 00000000..620ce3b5
--- /dev/null
+++ b/src/api/routes/users/@me/connections/index.ts
@@ -0,0 +1,47 @@
+/*
+	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
+	Copyright (C) 2023 Spacebar and Spacebar Contributors
+	
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published
+	by the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+	
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+	
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+import { Request, Response, Router } from "express";
+import { route } from "@spacebar/api";
+import { ConnectedAccount, ConnectedAccountDTO } from "@spacebar/util";
+
+const router: Router = Router();
+
+router.get("/", route({}), async (req: Request, res: Response) => {
+	const connections = await ConnectedAccount.find({
+		where: {
+			user_id: req.user_id,
+		},
+		select: [
+			"external_id",
+			"type",
+			"name",
+			"verified",
+			"visibility",
+			"show_activity",
+			"revoked",
+			"token_data",
+			"friend_sync",
+			"integrations",
+		],
+	});
+
+	res.json(connections.map((x) => new ConnectedAccountDTO(x, true)));
+});
+
+export default router;