feat: wip cli token authentication

2025-06-26 18:27:59 +00:00 · 2024-06-05 22:42:11 -06:00
parent 113df9ae12
commit b9bff95c3d
16 changed files with 2845 additions and 56 deletions
--- a/server/api/routers/application.ts
+++ b/server/api/routers/application.ts
@@ -57,6 +57,7 @@ export const applicationRouter = createTRPCRouter({
 		.input(apiCreateApplication)
 		.mutation(async ({ input, ctx }) => {
 			try {
+				console.log(input);
 				if (ctx.user.rol === "user") {
 					await checkServiceAccess(ctx.user.authId, input.projectId, "create");
 				}
@@ -65,6 +66,8 @@ export const applicationRouter = createTRPCRouter({
 				if (ctx.user.rol === "user") {
 					await addNewService(ctx.user.authId, newApplication.applicationId);
 				}
+
+				return newApplication;
 			} catch (error) {
 				throw new TRPCError({
 					code: "BAD_REQUEST",
--- a/server/api/routers/auth.ts
+++ b/server/api/routers/auth.ts
@@ -26,6 +26,7 @@ import {
 	updateAuthById,
 	verify2FA,
 } from "../services/auth";
+import { TimeSpan } from "lucia";

 export const authRouter = createTRPCRouter({
 	createAdmin: publicProcedure
@@ -138,6 +139,23 @@ export const authRouter = createTRPCRouter({
 			return auth;
 		}),

+	generateToken: protectedProcedure.mutation(async ({ ctx, input }) => {
+		const auth = await findAuthById(ctx.user.authId);
+
+		if (auth.token) {
+			await lucia.invalidateSession(auth.token);
+		}
+		const session = await lucia.createSession(auth?.id || "", {
+			expiresIn: 60 * 60 * 24 * 30,
+		});
+
+		await updateAuthById(auth.id, {
+			token: session.id,
+		});
+
+		return auth;
+	}),
+
 	one: adminProcedure.input(apiFindOneAuth).query(async ({ input }) => {
 		const auth = await findAuthById(input.id);
 		return auth;
@@ -196,4 +214,7 @@ export const authRouter = createTRPCRouter({
 		});
 		return auth;
 	}),
+	verifyToken: protectedProcedure.mutation(async () => {
+		return true;
+	}),
 });
--- a/server/api/routers/project.ts
+++ b/server/api/routers/project.ts
@@ -1,4 +1,8 @@
-import { createTRPCRouter, protectedProcedure } from "@/server/api/trpc";
+import {
+	cliProcedure,
+	createTRPCRouter,
+	protectedProcedure,
+} from "@/server/api/trpc";
 import { db } from "@/server/db";
 import {
 	apiCreateProject,
@@ -44,6 +48,30 @@ export const projectRouter = createTRPCRouter({
 					await addNewProject(ctx.user.authId, project.projectId);
 				}

+				return project;
+			} catch (error) {
+				console.log(error);
+				throw new TRPCError({
+					code: "BAD_REQUEST",
+					message: "Error to create the project",
+					cause: error,
+				});
+			}
+		}),
+
+	createCLI: protectedProcedure
+		.input(apiCreateProject)
+		.mutation(async ({ ctx, input }) => {
+			try {
+				console.log(ctx);
+				if (ctx.user.rol === "user") {
+					await checkProjectAccess(ctx.user.authId, "create");
+				}
+				const project = await createProject(input);
+				if (ctx.user.rol === "user") {
+					await addNewProject(ctx.user.authId, project.projectId);
+				}
+
 				return project;
 			} catch (error) {
 				console.log(error);
--- a/server/api/trpc.ts
+++ b/server/api/trpc.ts
@@ -13,7 +13,7 @@ import { TRPCError, initTRPC } from "@trpc/server";
 import type { CreateNextContextOptions } from "@trpc/server/adapters/next";
 import superjson from "superjson";
 import { ZodError } from "zod";
-import { validateRequest } from "../auth/auth";
+import { validateBearerToken, validateRequest } from "../auth/auth";
 import type { Session, User } from "lucia";

 /**
@@ -59,9 +59,15 @@ const createInnerTRPCContext = (opts: CreateContextOptions) => {
 */
 export const createTRPCContext = async (opts: CreateNextContextOptions) => {
 	const { req, res } = opts;
-	// const sessionId = lucia.readSessionCookie(req.headers.cookie ?? "");
-	const { session, user } = await validateRequest(req, res);
-	user;
+
+	let { session, user } = await validateBearerToken(req);
+
+	if (!session) {
+		const cookieResult = await validateRequest(req, res);
+		session = cookieResult.session;
+		user = cookieResult.user;
+	}
+
 	return createInnerTRPCContext({
 		req,
 		res,
@@ -147,6 +153,20 @@ export const protectedProcedure = t.procedure.use(({ ctx, next }) => {
 	});
 });

+export const cliProcedure = t.procedure.use(({ ctx, next }) => {
+	if (!ctx.session || !ctx.user || ctx.user.rol !== "admin") {
+		throw new TRPCError({ code: "UNAUTHORIZED" });
+	}
+	return next({
+		ctx: {
+			// infers the `session` as non-nullable
+			session: ctx.session,
+			user: ctx.user,
+			// session: { ...ctx.session, user: ctx.user },
+		},
+	});
+});
+
 export const adminProcedure = t.procedure.use(({ ctx, next }) => {
 	if (!ctx.session || !ctx.user || ctx.user.rol !== "admin") {
 		throw new TRPCError({ code: "UNAUTHORIZED" });