api auth and todo

apps/web/pages/api/documents/index.ts

@@ -4,45 +4,26 @@ import { NextApiRequest, NextApiResponse } from "next";
 import { getToken } from "next-auth/jwt";
 import { useSession } from "next-auth/react";
 import { buffer } from "stream/consumers";
+import { getUserFromToken } from "@documenso/lib/server";
 
 async function postHandler(req: NextApiRequest, res: NextApiResponse) {
-  // todo move token validation to import
-  const token = await getToken({ req });
-  const tokenEmail = token?.email?.toString();
-  if (!token) {
-    res.status(401).end();
-  }
+  let user = await getUserFromToken(req, res);
+  if (!user) return;
 
-  let user = await prisma.user.findFirst({
-    where: { email: tokenEmail },
-  });
-
-  if (!user) {
-    res.status(401).end();
-  } else {
-    let newDocument: any;
-    newDocument = await prisma.document
-      .create({
-        data: {
-          userId: user?.id,
-        },
-      })
-      .then(async () => {
-        return res.status(201).end();
-      });
-  }
+  await prisma.document
+    .create({
+      data: {
+        userId: user?.id,
+      },
+    })
+    .then(async () => {
+      return res.status(201).end();
+    });
 }
 
 async function getHandler(req: NextApiRequest, res: NextApiResponse) {
-  const token = await getToken({ req });
-  const tokenEmail = token?.email?.toString();
-  if (!token) {
-    res.status(401).end();
-  }
-
-  let user = await prisma.user.findFirst({
-    where: { email: tokenEmail },
-  });
+  let user = await getUserFromToken(req, res);
+  if (!user) return;
 
   return res
     .status(200)

packages/lib/mail/sendSigningStatusChangedMail.ts

@@ -0,0 +1,2 @@
+// nodemailer
+// sendgrid

packages/lib/server/getUserFromToken.ts

@@ -0,0 +1,30 @@
+import prisma from "@documenso/prisma";
+import { User as PrismaUser } from "@prisma/client";
+import { NextApiRequest, NextApiResponse } from "next";
+import { getToken } from "next-auth/jwt";
+
+export async function getUserFromToken(
+  req: NextApiRequest,
+  res: NextApiResponse
+): Promise<PrismaUser | null> {
+  const token = await getToken({ req });
+  const tokenEmail = token?.email?.toString();
+
+  if (!token) {
+    res.status(401).send("No token found for request.");
+    return null;
+  }
+
+  if (!tokenEmail) {
+    res.status(400).send("No email found in token.");
+    return null;
+  }
+
+  let user = await prisma.user.findFirst({
+    where: { email: tokenEmail },
+  });
+
+  if (user) return user;
+  if (!user) res.status(401).send("No user found for token.");
+  return null;
+}

packages/lib/server/index.ts

@@ -2,3 +2,4 @@ export { defaultHandler } from "./defaultHandler";
 export { defaultResponder } from "./defaultResponder";
 export { HttpError } from "./http-error";
 export { getServerErrorFromUnknown } from "./getServerErrorFromUnknown";
+export { getUserFromToken } from "./getUserFromToken";