mirror of
https://github.com/documenso/documenso.git
synced 2025-11-17 10:11:35 +10:00
fix: wip
This commit is contained in:
David Nguyen
35
packages/api/hono.ts
Normal file
35
packages/api/hono.ts
Normal file
@ -0,0 +1,35 @@
|
||||
import { fetchRequestHandler } from '@ts-rest/serverless/fetch';
|
||||
import { Hono } from 'hono';
|
||||
|
||||
import { ApiContractV1 } from '@documenso/api/v1/contract';
|
||||
import { ApiContractV1Implementation } from '@documenso/api/v1/implementation';
|
||||
import { OpenAPIV1 } from '@documenso/api/v1/openapi';
|
||||
import { testCredentialsHandler } from '@documenso/lib/server-only/public-api/test-credentials';
|
||||
import { listDocumentsHandler } from '@documenso/lib/server-only/webhooks/zapier/list-documents';
|
||||
import { subscribeHandler } from '@documenso/lib/server-only/webhooks/zapier/subscribe';
|
||||
import { unsubscribeHandler } from '@documenso/lib/server-only/webhooks/zapier/unsubscribe';
|
||||
|
||||
// This is bad, ts-router will be created on each request.
|
||||
// But don't really have a choice here.
|
||||
export const tsRestHonoApp = new Hono();
|
||||
|
||||
tsRestHonoApp
|
||||
.get('/openapi', (c) => c.redirect('https://openapi-v1.documenso.com'))
|
||||
.get('/openapi.json', (c) => c.json(OpenAPIV1))
|
||||
.get('/me', async (c) => testCredentialsHandler(c.req.raw));
|
||||
|
||||
// Zapier. Todo: Check methods. Are these get/post/update requests?
|
||||
// Todo: Is there really no validations?
|
||||
tsRestHonoApp
|
||||
.all('/zapier/list-documents', async (c) => listDocumentsHandler(c.req.raw))
|
||||
.all('/zapier/subscribe', async (c) => subscribeHandler(c.req.raw))
|
||||
.all('/zapier/unsubscribe', async (c) => unsubscribeHandler(c.req.raw));
|
||||
|
||||
tsRestHonoApp.mount('/', async (request) => {
|
||||
return fetchRequestHandler({
|
||||
request,
|
||||
contract: ApiContractV1,
|
||||
router: ApiContractV1Implementation,
|
||||
options: {},
|
||||
});
|
||||
});
|
||||
@ -18,8 +18,8 @@
|
||||
"@documenso/lib": "*",
|
||||
"@documenso/prisma": "*",
|
||||
"@ts-rest/core": "^3.30.5",
|
||||
"@ts-rest/next": "^3.30.5",
|
||||
"@ts-rest/open-api": "^3.33.0",
|
||||
"@ts-rest/serverless": "^3.51.0",
|
||||
"@types/swagger-ui-react": "^4.18.3",
|
||||
"luxon": "^3.4.0",
|
||||
"superjson": "^1.13.1",
|
||||
@ -27,4 +27,4 @@
|
||||
"ts-pattern": "^5.0.5",
|
||||
"zod": "3.24.1"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
import { createNextRoute } from '@ts-rest/next';
|
||||
import { tsr } from '@ts-rest/serverless/fetch';
|
||||
import { match } from 'ts-pattern';
|
||||
|
||||
import { getServerLimits } from '@documenso/ee/server-only/limits/server';
|
||||
@ -42,7 +42,6 @@ import {
|
||||
ZRadioFieldMeta,
|
||||
ZTextFieldMeta,
|
||||
} from '@documenso/lib/types/field-meta';
|
||||
import { extractNextApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
|
||||
import { getFile } from '@documenso/lib/universal/upload/get-file';
|
||||
import { putPdfFile } from '@documenso/lib/universal/upload/put-file';
|
||||
import {
|
||||
@ -62,7 +61,7 @@ import {
|
||||
import { ApiContractV1 } from './contract';
|
||||
import { authenticatedMiddleware } from './middleware/authenticated';
|
||||
|
||||
export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
export const ApiContractV1Implementation = tsr.router(ApiContractV1, {
|
||||
getDocuments: authenticatedMiddleware(async (args, user, team) => {
|
||||
const page = Number(args.query.page) || 1;
|
||||
const perPage = Number(args.query.perPage) || 10;
|
||||
@ -849,7 +848,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
}
|
||||
}),
|
||||
|
||||
updateRecipient: authenticatedMiddleware(async (args, user, team) => {
|
||||
updateRecipient: authenticatedMiddleware(async (args, user, team, { metadata }) => {
|
||||
const { id: documentId, recipientId } = args.params;
|
||||
const { name, email, role, authOptions, signingOrder } = args.body;
|
||||
|
||||
@ -887,7 +886,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
role,
|
||||
signingOrder,
|
||||
actionAuth: authOptions?.actionAuth,
|
||||
requestMetadata: extractNextApiRequestMetadata(args.req),
|
||||
requestMetadata: metadata.requestMetadata,
|
||||
}).catch(() => null);
|
||||
|
||||
if (!updatedRecipient) {
|
||||
@ -909,7 +908,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
};
|
||||
}),
|
||||
|
||||
deleteRecipient: authenticatedMiddleware(async (args, user, team) => {
|
||||
deleteRecipient: authenticatedMiddleware(async (args, user, team, { metadata }) => {
|
||||
const { id: documentId, recipientId } = args.params;
|
||||
|
||||
const document = await getDocumentById({
|
||||
@ -941,7 +940,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
recipientId: Number(recipientId),
|
||||
userId: user.id,
|
||||
teamId: team?.id,
|
||||
requestMetadata: extractNextApiRequestMetadata(args.req),
|
||||
requestMetadata: metadata.requestMetadata,
|
||||
}).catch(() => null);
|
||||
|
||||
if (!deletedRecipient) {
|
||||
@ -963,7 +962,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
};
|
||||
}),
|
||||
|
||||
createField: authenticatedMiddleware(async (args, user, team) => {
|
||||
createField: authenticatedMiddleware(async (args, user, team, { metadata }) => {
|
||||
const { id: documentId } = args.params;
|
||||
const fields = Array.isArray(args.body) ? args.body : [args.body];
|
||||
|
||||
@ -1100,7 +1099,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
fieldRecipientId: recipientId,
|
||||
fieldType: field.type,
|
||||
},
|
||||
requestMetadata: extractNextApiRequestMetadata(args.req),
|
||||
requestMetadata: metadata.requestMetadata,
|
||||
}),
|
||||
});
|
||||
|
||||
@ -1134,7 +1133,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
}
|
||||
}),
|
||||
|
||||
updateField: authenticatedMiddleware(async (args, user, team) => {
|
||||
updateField: authenticatedMiddleware(async (args, user, team, { metadata }) => {
|
||||
const { id: documentId, fieldId } = args.params;
|
||||
const { recipientId, type, pageNumber, pageWidth, pageHeight, pageX, pageY, fieldMeta } =
|
||||
args.body;
|
||||
@ -1198,7 +1197,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
pageY,
|
||||
pageWidth,
|
||||
pageHeight,
|
||||
requestMetadata: extractNextApiRequestMetadata(args.req),
|
||||
requestMetadata: metadata.requestMetadata,
|
||||
fieldMeta: fieldMeta ? ZFieldMetaSchema.parse(fieldMeta) : undefined,
|
||||
});
|
||||
|
||||
@ -1225,7 +1224,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
};
|
||||
}),
|
||||
|
||||
deleteField: authenticatedMiddleware(async (args, user, team) => {
|
||||
deleteField: authenticatedMiddleware(async (args, user, team, { metadata }) => {
|
||||
const { id: documentId, fieldId } = args.params;
|
||||
|
||||
const document = await getDocumentById({
|
||||
@ -1286,7 +1285,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
|
||||
fieldId: Number(fieldId),
|
||||
userId: user.id,
|
||||
teamId: team?.id,
|
||||
requestMetadata: extractNextApiRequestMetadata(args.req),
|
||||
requestMetadata: metadata.requestMetadata,
|
||||
}).catch(() => null);
|
||||
|
||||
if (!deletedField) {
|
||||
|
||||
@ -1,14 +1,22 @@
|
||||
import type { NextApiRequest } from 'next';
|
||||
import type { TsRestRequest } from '@ts-rest/serverless';
|
||||
|
||||
import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
|
||||
import { getApiTokenByToken } from '@documenso/lib/server-only/public-api/get-api-token-by-token';
|
||||
import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
|
||||
import { extractNextApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
|
||||
import { extractRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
|
||||
import type { Team, User } from '@documenso/prisma/client';
|
||||
|
||||
type B = {
|
||||
// appRoute: any;
|
||||
request: TsRestRequest;
|
||||
responseHeaders: Headers;
|
||||
};
|
||||
|
||||
export const authenticatedMiddleware = <
|
||||
T extends {
|
||||
req: NextApiRequest;
|
||||
headers: {
|
||||
authorization: string;
|
||||
};
|
||||
},
|
||||
R extends {
|
||||
status: number;
|
||||
@ -16,15 +24,15 @@ export const authenticatedMiddleware = <
|
||||
},
|
||||
>(
|
||||
handler: (
|
||||
args: T,
|
||||
args: T & { req: TsRestRequest },
|
||||
user: User,
|
||||
team: Team | null | undefined,
|
||||
options: { metadata: ApiRequestMetadata },
|
||||
) => Promise<R>,
|
||||
) => {
|
||||
return async (args: T) => {
|
||||
return async (args: T, { request }: B) => {
|
||||
try {
|
||||
const { authorization } = args.req.headers;
|
||||
const { authorization } = args.headers;
|
||||
|
||||
// Support for both "Authorization: Bearer api_xxx" and "Authorization: api_xxx"
|
||||
const [token] = (authorization || '').split('Bearer ').filter((s) => s.length > 0);
|
||||
@ -44,7 +52,7 @@ export const authenticatedMiddleware = <
|
||||
}
|
||||
|
||||
const metadata: ApiRequestMetadata = {
|
||||
requestMetadata: extractNextApiRequestMetadata(args.req),
|
||||
requestMetadata: extractRequestMetadata(request), // Todo: Test
|
||||
source: 'apiV1',
|
||||
auth: 'api',
|
||||
auditUser: {
|
||||
@ -54,7 +62,15 @@ export const authenticatedMiddleware = <
|
||||
},
|
||||
};
|
||||
|
||||
return await handler(args, apiToken.user, apiToken.team, { metadata });
|
||||
return await handler(
|
||||
{
|
||||
...args,
|
||||
req: request,
|
||||
},
|
||||
apiToken.user,
|
||||
apiToken.team,
|
||||
{ metadata },
|
||||
);
|
||||
} catch (err) {
|
||||
console.log({ err: err });
|
||||
|
||||
|
||||
Reference in New Issue
Block a user