mirror of
https://github.com/AmruthPillai/Reactive-Resume.git
synced 2026-07-12 22:14:54 +10:00
62f8270b3e
commit b2b0470a1d9267d042ec0ac66523c6635bf5b199
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 13:13:38 2026 +0200
chore: update .gitignore to include .vite-hooks and modify pnpm-lock.yaml for dependencies
commit d28fadb5cd8706c874e616102878b4a394ec84c1
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 13:08:04 2026 +0200
fix: remove timestamp conflict guard
commit c6998d9dbab19d09d3c8054feef1d2e4117555eb
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 12:11:51 2026 +0200
chore(release): v5.1.5
commit f33d168711804880e1f12e88d24290aae16cc258
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 11:58:35 2026 +0200
revert: compose.yml
commit d961e6535811a10c335525fb33a08d03e737278d
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 11:58:08 2026 +0200
refactor(agent): replace 'revert' terminology with 'restore' for clarity, resolves #3086
commit 17f351171be218e33f01c469d95e4164d4c8dc57
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 11:10:41 2026 +0200
refactor(pdf): simplify sidebar section filtering and update summary feature logic
commit d55179b9d76879e3204de185e8b53fadd0a107ed
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 09:53:37 2026 +0200
chore: update pnpm-lock.yaml and turbo.json
commit 7cade6980e1a04352536bd44ef773f338c4ef599
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 09:38:30 2026 +0200
fix(polyfill): add tested polyfill for Map Upsert methods
commit 26d175bb9c53d93225d1e907678445252c13d660
Merge: 1cf33dc6c 5b1297fa2
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 09:23:29 2026 +0200
Merge remote-tracking branch 'origin/main' into feat/explore-hono-orpc-migration
# Conflicts:
# packages/api/src/services/agent-url.ts
# packages/runtime-externals/package.json
commit 1cf33dc6c9d81735730ad656e16dab6501c6d6a1
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Tue May 19 09:22:12 2026 +0200
chore: preserve branch changes before main sync
commit b380a4b00fdbcdd81ff4f8ef72b330fd027ccda5
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Mon May 18 07:50:28 2026 +0200
chore: lot of fixes for monorepo migration
commit 8fcf0ec64e1c29572ebaff494338368bfcf75760
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 13:57:17 2026 +0200
chore: update knip version and refine web app routing with new SEO endpoints
commit 234e68086ff15610a93877354c98e2c020364533
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 12:10:06 2026 +0200
refactor(auth): update OAuth routes to include API prefix and remove unused schema endpoint
commit 91c84b9a8496b0ce21d71cae9f8b2a027638c9ac
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 11:54:29 2026 +0200
chore: update dependencies and enhance PWA metadata in web app
commit 150117d4a5a9dd6cd92c64891aad8cae90f6a7af
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 11:12:35 2026 +0200
docs: revise manifest-only pwa testing scope
commit 6b939a55661aec9dd8122b184e4b60a5c7325fb5
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 11:11:33 2026 +0200
docs: add manifest-only pwa design
commit 1422e1fc96c400948b273210a1067251087d15d4
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 11:05:04 2026 +0200
chore(dev): simplify server proxy config
commit bc2ff5a9f6fda41e6c40333c8f163aa23a6c5e48
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 11:04:50 2026 +0200
docs: add unsafe oauth redirect plan
commit 445359ebe9b96c1515bf1c4c3f73ba8a8448ec12
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 11:04:34 2026 +0200
feat(auth): add unsafe oauth redirect flag
commit 73fffdd24598e56b2793f7657919bc794835892e
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 10:55:02 2026 +0200
docs: design unsafe oauth redirect flag
commit c0066aa19c15fc8a4c8e5179ed49889c117519f4
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 10:22:04 2026 +0200
chore: update translation source paths
commit 9033da082418d252aafd6c2eed72f71f014be3d9
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 10:09:25 2026 +0200
refactor(arch): react spa + hono migration
commit 6f27936c11bda895977dc63ee550c3346d4ce24b
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Fri May 15 01:10:47 2026 +0200
docs: add docker nightly tagging design
commit ecc1fd9a88a0ee1dca2f1977dfc17f74527fe1da
Author: Amruth Pillai <im.amruth@gmail.com>
Date: Thu May 14 20:05:44 2026 +0200
feat: migrate to hono spa server
101 lines
2.9 KiB
TypeScript
101 lines
2.9 KiB
TypeScript
import type { Locale } from "@reactive-resume/utils/locale";
|
|
import type { User } from "better-auth";
|
|
import { ORPCError, os } from "@orpc/server";
|
|
import { eq } from "drizzle-orm";
|
|
import { auth, verifyOAuthToken } from "@reactive-resume/auth/config";
|
|
import { db } from "@reactive-resume/db/client";
|
|
import { user } from "@reactive-resume/db/schema";
|
|
|
|
interface ORPCContext {
|
|
locale: Locale;
|
|
reqHeaders: Headers;
|
|
resHeaders?: Headers;
|
|
}
|
|
|
|
async function getUserFromBearerToken(headers: Headers): Promise<User | null> {
|
|
try {
|
|
const authHeader = headers.get("authorization");
|
|
if (!authHeader?.startsWith("Bearer ")) return null;
|
|
|
|
const payload = await verifyOAuthToken(authHeader.slice(7));
|
|
if (!payload?.sub) return null;
|
|
|
|
const [userResult] = await db.select().from(user).where(eq(user.id, payload.sub)).limit(1);
|
|
return userResult ?? null;
|
|
} catch (error) {
|
|
console.warn("Bearer token verification failed:", error);
|
|
return null;
|
|
}
|
|
}
|
|
|
|
async function getUserFromHeaders(headers: Headers): Promise<User | null> {
|
|
try {
|
|
const result = await auth.api.getSession({ headers });
|
|
if (!result?.user) return null;
|
|
|
|
return result.user;
|
|
} catch (error) {
|
|
console.warn("Session verification failed:", error);
|
|
return null;
|
|
}
|
|
}
|
|
|
|
async function getUserFromApiKey(apiKey: string): Promise<User | null> {
|
|
try {
|
|
const result = await auth.api.verifyApiKey({ body: { key: apiKey } });
|
|
if (!result.key || !result.valid) return null;
|
|
|
|
const [userResult] = await db.select().from(user).where(eq(user.id, result.key.referenceId)).limit(1);
|
|
if (!userResult) return null;
|
|
|
|
return userResult;
|
|
} catch (error) {
|
|
console.warn("API key verification failed:", error);
|
|
return null;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Resolve the authenticated user from the same headers oRPC uses (`x-api-key`,
|
|
* `Authorization: Bearer`, or session cookies). Tries each auth method in
|
|
* priority order and returns the first valid identity. Used directly by
|
|
* oRPC's `publicProcedure` and by callers outside oRPC handlers (e.g. MCP
|
|
* tools) where `context.user` is not in scope.
|
|
*/
|
|
export async function resolveUserFromRequestHeaders(headers: Headers): Promise<User | null> {
|
|
const apiKey = headers.get("x-api-key");
|
|
if (apiKey) {
|
|
const apiKeyUser = await getUserFromApiKey(apiKey);
|
|
if (apiKeyUser) return apiKeyUser;
|
|
} else {
|
|
const bearerUser = await getUserFromBearerToken(headers);
|
|
if (bearerUser) return bearerUser;
|
|
}
|
|
|
|
return getUserFromHeaders(headers);
|
|
}
|
|
|
|
const base = os.$context<ORPCContext>();
|
|
|
|
export const publicProcedure = base.use(async ({ context, next }) => {
|
|
const user = await resolveUserFromRequestHeaders(context.reqHeaders);
|
|
|
|
return next({
|
|
context: {
|
|
...context,
|
|
user,
|
|
},
|
|
});
|
|
});
|
|
|
|
export const protectedProcedure = publicProcedure.use(async ({ context, next }) => {
|
|
if (!context.user) throw new ORPCError("UNAUTHORIZED");
|
|
|
|
return next({
|
|
context: {
|
|
...context,
|
|
user: context.user,
|
|
},
|
|
});
|
|
});
|