add nextjs and migrated api to next api

2023-10-12 23:19:02 +02:00
parent 7d474e8444
commit cef7fc6965
47 changed files with 1466 additions and 1 deletions
--- a/apps/web/src/server/auth.ts
+++ b/apps/web/src/server/auth.ts
@@ -0,0 +1,123 @@
+import { PrismaAdapter } from "@next-auth/prisma-adapter";
+import { NextApiRequest, type GetServerSidePropsContext } from "next";
+import {
+  getServerSession,
+  type DefaultSession,
+  type NextAuthOptions,
+} from "next-auth";
+
+import { db } from "@/server/db";
+import Credentials from "next-auth/providers/credentials";
+import { createError } from "./exceptions";
+import { verifyPassword } from "@/services/hash.service";
+
+/**
+ * Module augmentation for `next-auth` types. Allows us to add custom properties to the `session`
+ * object and keep type safety.
+ *
+ * @see https://next-auth.js.org/getting-started/typescript#module-augmentation
+ */
+declare module "next-auth" {
+  interface Session extends DefaultSession {
+    user: DefaultSession["user"] & {
+      id: string;
+      // ...other properties
+      // role: UserRole;
+    };
+  }
+
+  // interface User {
+  //   // ...other properties
+  //   // role: UserRole;
+  // }
+}
+
+/**
+ * Options for NextAuth.js used to configure adapters, providers, callbacks, etc.
+ *
+ * @see https://next-auth.js.org/configuration/options
+ */
+export const authOptions: NextAuthOptions = {
+  callbacks: {
+    session: ({ session, user, token }) => ({
+      ...session,
+      user: {
+        ...session.user,
+        id: token.sub,
+      },
+    }),
+  },
+  // adapter: PrismaAdapter(db),
+  providers: [
+    Credentials({
+      name: "Credentials",
+      credentials: {
+        email: { label: "Email", type: "text", placeholder: "jsmith" },
+        password: { label: "Password", type: "password" },
+      },
+      async authorize(credentials) {
+        const user = await db.user.findFirst({
+          where: { email: credentials?.email },
+        });
+
+        if (user) {
+          return user;
+        } else {
+          return null;
+        }
+      },
+    }),
+    /**
+     * ...add more providers here.
+     *
+     * Most other providers require a bit more work than the Discord provider. For example, the
+     * GitHub provider requires you to add the `refresh_token_expires_in` field to the Account
+     * model. Refer to the NextAuth.js docs for the provider you want to use. Example:
+     *
+     * @see https://next-auth.js.org/providers/github
+     */
+  ],
+};
+
+/**
+ * Wrapper for `getServerSession` so that you don't need to import the `authOptions` in every file.
+ *
+ * @see https://next-auth.js.org/configuration/nextjs
+ */
+export const getServerAuthSession = (ctx: {
+  req: GetServerSidePropsContext["req"];
+  res: GetServerSidePropsContext["res"];
+}) => {
+  return getServerSession(ctx.req, ctx.res, authOptions);
+};
+
+export async function validateSdkRequest(req: NextApiRequest): Promise<string> {
+  const clientId = req?.headers["mixan-client-id"] as string | undefined
+  const clientSecret = req.headers["mixan-client-secret"] as string | undefined
+  
+  if (!clientId) {
+    throw createError(401, "Misisng client id");
+  }
+
+  if (!clientSecret) {
+    throw createError(401, "Misisng client secret");
+  }
+
+  const client = await db.client.findUnique({
+    where: {
+      id: clientId,
+    },
+  });
+
+  if (!client) {
+    throw createError(401, "Invalid client id");
+  }
+
+  
+
+  if (!(await verifyPassword(clientSecret, client.secret))) {
+    throw createError(401, "Invalid client secret");
+  }
+
+  return client.project_id
+}