blob: 6a0a8909341cf75f48795441f317f8e57d7bb24e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
import { getServerAuthSession } from "@/server/auth";
import { db } from "@hoarder/db";
import { Context, createCallerFactory } from "@hoarder/trpc";
import { authenticateApiKey } from "@hoarder/trpc/auth";
import { appRouter } from "@hoarder/trpc/routers/_app";
export async function createContextFromRequest(req: Request) {
// TODO: This is a hack until we offer a proper REST API instead of the trpc based one.
// Check if the request has an Authorization token, if it does, assume that API key authentication is requested.
const authorizationHeader = req.headers.get("Authorization");
if (authorizationHeader && authorizationHeader.startsWith("Bearer ")) {
const token = authorizationHeader.split(" ")[1];
try {
const user = await authenticateApiKey(token);
return { user, db };
} catch (e) {
// Fallthrough to cookie-based auth
}
}
return createContext();
}
export const createContext = async (database?: typeof db): Promise<Context> => {
const session = await getServerAuthSession();
return {
user: session?.user ?? null,
db: database ?? db,
};
};
const createCaller = createCallerFactory(appRouter);
export const api = createCaller(createContext);
|
