add better access control

apps/api/src/utils/auth.ts

@@ -1,4 +1,5 @@
 import type { RawRequestDefaultExpression } from 'fastify';
+import jwt from 'jsonwebtoken';
 
 import { verifyPassword } from '@openpanel/common';
 import type { IServiceClient } from '@openpanel/db';
@@ -103,3 +104,23 @@ export async function validateExportRequest(
 
   return client;
 }
+
+export function validateClerkJwt(token?: string) {
+  if (!token) {
+    return null;
+  }
+  try {
+    const decoded = jwt.verify(
+      token,
+      process.env.CLERK_PUBLIC_PEM_KEY!.replace(/\\n/g, '\n')
+    );
+
+    if (typeof decoded === 'object') {
+      return decoded;
+    }
+  } catch (e) {
+    //
+  }
+
+  return null;
+}