feat: add domain-based access control for API keys (#198)

Co-authored-by: Claude <noreply@anthropic.com>
2025-09-10 13:30:37 +02:00
parent dbc6996d9a
commit 0817b0c7a5
17 changed files with 250 additions and 27 deletions
--- a/apps/web/src/server/public-api/auth.ts
+++ b/apps/web/src/server/public-api/auth.ts
@@ -59,5 +59,5 @@ export const getTeamFromToken = async (c: Context) => {
      logger.error({ err }, "Failed to update lastUsed on API key")
    );

-  return { ...team, apiKeyId: apiKey.id };
+  return { ...team, apiKeyId: apiKey.id, apiKey: { domainId: apiKey.domainId } };
 };