mirror of
https://github.com/get-drexa/drive.git
synced 2025-12-01 14:01:40 +00:00
kenneth
94d6a22ab2
- Replace Err.Code with ErrorCode throughout convex model files - Update error() function calls to use new signature - Remove unused Err namespace imports Co-authored-by: Ona <no-reply@ona.com>
110 lines
2.8 KiB
TypeScript
110 lines
2.8 KiB
TypeScript
import type { DataModel } from "@fileone/convex/dataModel"
|
|
import type { MutationCtx, QueryCtx } from "@fileone/convex/server"
|
|
import { mutation, query } from "@fileone/convex/server"
|
|
import type {
|
|
DocumentByName,
|
|
TableNamesInDataModel,
|
|
UserIdentity,
|
|
} from "convex/server"
|
|
import { type GenericId, v } from "convex/values"
|
|
import {
|
|
customCtx,
|
|
customMutation,
|
|
customQuery,
|
|
} from "convex-helpers/server/customFunctions"
|
|
import * as ApiKey from "./model/apikey"
|
|
import { type AuthUser, userIdentityOrThrow, userOrThrow } from "./model/user"
|
|
import { ErrorCode, error } from "./shared/error"
|
|
|
|
export type AuthenticatedQueryCtx = QueryCtx & {
|
|
user: AuthUser
|
|
identity: UserIdentity
|
|
}
|
|
|
|
export type AuthenticatedMutationCtx = MutationCtx & {
|
|
user: AuthUser
|
|
identity: UserIdentity
|
|
}
|
|
|
|
export type ApiKeyAuthenticatedQueryCtx = QueryCtx & {
|
|
__branded: "ApiKeyAuthenticatedQueryCtx"
|
|
}
|
|
|
|
/**
|
|
* Custom query that automatically provides authenticated user context
|
|
* Throws an error if the user is not authenticated
|
|
*/
|
|
export const authenticatedQuery = customQuery(
|
|
query,
|
|
customCtx(async (ctx: QueryCtx) => {
|
|
const user = await userOrThrow(ctx)
|
|
const identity = await userIdentityOrThrow(ctx)
|
|
return { user, identity }
|
|
}),
|
|
)
|
|
|
|
/**
|
|
* Custom mutation that automatically provides authenticated user context
|
|
* Throws an error if the user is not authenticated
|
|
*/
|
|
export const authenticatedMutation = customMutation(
|
|
mutation,
|
|
customCtx(async (ctx: MutationCtx) => {
|
|
const user = await userOrThrow(ctx)
|
|
const identity = await userIdentityOrThrow(ctx)
|
|
return { user, identity }
|
|
}),
|
|
)
|
|
|
|
/**
|
|
* Custom query that requires api key authentication for a query.
|
|
*/
|
|
export const apiKeyAuthenticatedQuery = customQuery(query, {
|
|
args: {
|
|
apiKey: v.string(),
|
|
},
|
|
input: async (ctx, args) => {
|
|
if (!(await ApiKey.verifyApiKey(ctx, args.apiKey))) {
|
|
error({
|
|
code: ErrorCode.Unauthenticated,
|
|
message: "Invalid API key",
|
|
})
|
|
}
|
|
return { ctx: ctx as ApiKeyAuthenticatedQueryCtx, args }
|
|
},
|
|
})
|
|
|
|
/**
|
|
* Custom mutation that requires api key authentication for a mutation.
|
|
*/
|
|
export const apiKeyAuthenticatedMutation = customMutation(mutation, {
|
|
args: {
|
|
apiKey: v.string(),
|
|
},
|
|
input: async (ctx, args) => {
|
|
if (!(await ApiKey.verifyApiKey(ctx, args.apiKey))) {
|
|
error({
|
|
code: ErrorCode.Unauthenticated,
|
|
message: "Invalid API key",
|
|
})
|
|
}
|
|
return { ctx, args }
|
|
},
|
|
})
|
|
|
|
/**
|
|
* Gets a document by its id and checks if the user is authorized to access it
|
|
*
|
|
* @returns The document associated with the id or null if the document is not found.
|
|
*/
|
|
export async function authorizedGet<T extends TableNamesInDataModel<DataModel>>(
|
|
ctx: AuthenticatedQueryCtx | AuthenticatedMutationCtx,
|
|
id: GenericId<T>,
|
|
): Promise<DocumentByName<DataModel, T> | null> {
|
|
const item = await ctx.db.get(id)
|
|
if (item && item.userId !== ctx.user._id) {
|
|
return null
|
|
}
|
|
return item
|
|
}
|