Add API authentication
This commit is contained in:
KMKoushik
@@ -1,11 +1,12 @@
|
||||
import { createRoute, z } from "@hono/zod-openapi";
|
||||
import { DomainSchema } from "~/lib/zod/domain-schema";
|
||||
import { PublicAPIApp } from "./hono";
|
||||
import { db } from "../db";
|
||||
import { PublicAPIApp } from "../hono";
|
||||
import { db } from "../../db";
|
||||
import { getTeamFromToken } from "../auth";
|
||||
|
||||
const route = createRoute({
|
||||
method: "get",
|
||||
path: "/domains",
|
||||
path: "/v1/domains",
|
||||
responses: {
|
||||
200: {
|
||||
content: {
|
||||
@@ -20,7 +21,9 @@ const route = createRoute({
|
||||
|
||||
function getDomains(app: PublicAPIApp) {
|
||||
app.openapi(route, async (c) => {
|
||||
const domains = await db.domain.findMany({});
|
||||
const team = await getTeamFromToken(c);
|
||||
|
||||
const domains = await db.domain.findMany({ where: { teamId: team.id } });
|
||||
|
||||
return c.json(domains);
|
||||
});
|
||||
33
apps/web/src/server/public-api/auth.ts
Normal file
33
apps/web/src/server/public-api/auth.ts
Normal file
@@ -0,0 +1,33 @@
|
||||
import { Context } from "hono";
|
||||
import { bearerAuth } from "hono/bearer-auth";
|
||||
import { hashToken } from "../auth";
|
||||
import { db } from "../db";
|
||||
|
||||
export const getTeamFromToken = async (c: Context) => {
|
||||
const authHeader = c.req.header("Authorization");
|
||||
if (!authHeader) {
|
||||
throw new Error("No Authorization header provided");
|
||||
}
|
||||
const token = authHeader.split(" ")[1]; // Assuming the Authorization header is in the format "Bearer <token>"
|
||||
if (!token) {
|
||||
throw new Error("No bearer token provided");
|
||||
}
|
||||
|
||||
const hashedToken = hashToken(token);
|
||||
|
||||
const team = await db.team.findFirst({
|
||||
where: {
|
||||
apiKeys: {
|
||||
some: {
|
||||
tokenHash: hashedToken,
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
|
||||
if (!team) {
|
||||
throw new Error("No team found for this token");
|
||||
}
|
||||
|
||||
return team;
|
||||
};
|
||||
@@ -1,7 +1,27 @@
|
||||
import { OpenAPIHono } from "@hono/zod-openapi";
|
||||
import { swaggerUI } from "@hono/swagger-ui";
|
||||
|
||||
export function getApp() {
|
||||
return new OpenAPIHono().basePath("/api/v1");
|
||||
const app = new OpenAPIHono().basePath("/api");
|
||||
|
||||
// The OpenAPI documentation will be available at /doc
|
||||
app.doc("/v1/doc", (c) => ({
|
||||
openapi: "3.0.0",
|
||||
info: {
|
||||
version: "1.0.0",
|
||||
title: "Unsend API",
|
||||
},
|
||||
servers: [{ url: `${new URL(c.req.url).origin}/api` }],
|
||||
}));
|
||||
|
||||
app.openAPIRegistry.registerComponent("securitySchemes", "Bearer", {
|
||||
type: "http",
|
||||
scheme: "bearer",
|
||||
});
|
||||
|
||||
app.get("/v1/ui", swaggerUI({ url: "/api/v1/doc" }));
|
||||
|
||||
return app;
|
||||
}
|
||||
|
||||
export type PublicAPIApp = ReturnType<typeof getApp>;
|
||||
|
||||
@@ -1,22 +1,8 @@
|
||||
import { swaggerUI } from "@hono/swagger-ui";
|
||||
|
||||
import { getApp } from "./hono";
|
||||
import getDomains from "./get_domains";
|
||||
import getDomains from "./api/get_domains";
|
||||
|
||||
export const app = getApp();
|
||||
|
||||
getDomains(app);
|
||||
|
||||
// The OpenAPI documentation will be available at /doc
|
||||
app.doc("/doc", {
|
||||
openapi: "3.0.0",
|
||||
info: {
|
||||
version: "1.0.0",
|
||||
title: "My API",
|
||||
},
|
||||
servers: [{ url: "/api/v1" }],
|
||||
});
|
||||
|
||||
app.get("/ui", swaggerUI({ url: "/api/v1/doc" }));
|
||||
|
||||
export default app;
|
||||
|
||||
Reference in New Issue
Block a user