refactor: extract api implementation to package

Extracts the API implementation to a package so we can
potentially reuse it across different applications in the
event that we move off using a Next.js API route.

Additionally tidies up the tokens page and form to be more simplified.

packages/api/index.ts

@@ -0,0 +1 @@
+export {};

packages/api/next.ts

@@ -0,0 +1 @@
+export { createNextRouter } from '@ts-rest/next';

packages/api/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "@documenso/api",
+  "version": "1.0.0",
+  "main": "./index.ts",
+  "types": "./index.ts",
+  "license": "MIT",
+  "scripts": {
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix",
+    "clean": "rimraf node_modules"
+  },
+  "files": [
+    "index.ts",
+    "next.ts",
+    "v1/"
+  ],
+  "dependencies": {
+    "@documenso/lib": "*",
+    "@documenso/prisma": "*",
+    "@ts-rest/core": "^3.30.5",
+    "@ts-rest/next": "^3.30.5",
+    "luxon": "^3.4.0",
+    "superjson": "^1.13.1",
+    "ts-pattern": "^5.0.5",
+    "zod": "^3.22.4"
+  },
+  "devDependencies": {}
+}

packages/api/tsconfig.json

@@ -0,0 +1,8 @@
+{
+  "extends": "@documenso/tsconfig/react-library.json",
+  "include": ["."],
+  "exclude": ["dist", "build", "node_modules"],
+  "compilerOptions": {
+    "strict": true,
+  }
+}

packages/api/v1/contract.ts

@@ -0,0 +1,84 @@
+import { initContract } from '@ts-rest/core';
+
+import {
+  ZSendDocumentForSigningMutationSchema as SendDocumentMutationSchema,
+  ZAuthorizationHeadersSchema,
+  ZCreateDocumentMutationSchema,
+  ZDeleteDocumentMutationSchema,
+  ZGetDocumentsQuerySchema,
+  ZSuccessfulDocumentResponseSchema,
+  ZSuccessfulResponseSchema,
+  ZSuccessfulSigningResponseSchema,
+  ZUnsuccessfulResponseSchema,
+  ZUploadDocumentSuccessfulSchema,
+} from './schema';
+
+const c = initContract();
+
+export const ApiContractV1 = c.router(
+  {
+    getDocuments: {
+      method: 'GET',
+      path: '/documents',
+      query: ZGetDocumentsQuerySchema,
+      responses: {
+        200: ZSuccessfulResponseSchema,
+        401: ZUnsuccessfulResponseSchema,
+        404: ZUnsuccessfulResponseSchema,
+      },
+      summary: 'Get all documents',
+    },
+
+    getDocument: {
+      method: 'GET',
+      path: `/documents/:id`,
+      responses: {
+        200: ZSuccessfulDocumentResponseSchema,
+        401: ZUnsuccessfulResponseSchema,
+        404: ZUnsuccessfulResponseSchema,
+      },
+      summary: 'Get a single document',
+    },
+
+    createDocument: {
+      method: 'POST',
+      path: '/documents',
+      body: ZCreateDocumentMutationSchema,
+      responses: {
+        200: ZUploadDocumentSuccessfulSchema,
+        401: ZUnsuccessfulResponseSchema,
+        404: ZUnsuccessfulResponseSchema,
+      },
+      summary: 'Upload a new document and get a presigned URL',
+    },
+
+    sendDocument: {
+      method: 'PATCH',
+      path: '/documents/:id/send',
+      body: SendDocumentMutationSchema,
+      responses: {
+        200: ZSuccessfulSigningResponseSchema,
+        400: ZUnsuccessfulResponseSchema,
+        401: ZUnsuccessfulResponseSchema,
+        404: ZUnsuccessfulResponseSchema,
+        500: ZUnsuccessfulResponseSchema,
+      },
+      summary: 'Send a document for signing',
+    },
+
+    deleteDocument: {
+      method: 'DELETE',
+      path: `/documents/:id`,
+      body: ZDeleteDocumentMutationSchema,
+      responses: {
+        200: ZSuccessfulDocumentResponseSchema,
+        401: ZUnsuccessfulResponseSchema,
+        404: ZUnsuccessfulResponseSchema,
+      },
+      summary: 'Delete a document',
+    },
+  },
+  {
+    baseHeaders: ZAuthorizationHeadersSchema,
+  },
+);

packages/api/v1/implementation.ts

@@ -0,0 +1,178 @@
+import { createNextRoute } from '@ts-rest/next';
+
+import { upsertDocumentMeta } from '@documenso/lib/server-only/document-meta/upsert-document-meta';
+import { deleteDocument } from '@documenso/lib/server-only/document/delete-document';
+import { findDocuments } from '@documenso/lib/server-only/document/find-documents';
+import { getDocumentById } from '@documenso/lib/server-only/document/get-document-by-id';
+import { sendDocument } from '@documenso/lib/server-only/document/send-document';
+import { setFieldsForDocument } from '@documenso/lib/server-only/field/set-fields-for-document';
+import { setRecipientsForDocument } from '@documenso/lib/server-only/recipient/set-recipients-for-document';
+import { getPresignPostUrl } from '@documenso/lib/universal/upload/server-actions';
+
+import { ApiContractV1 } from './contract';
+import { authenticatedMiddleware } from './middleware/authenticated';
+
+export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
+  getDocuments: authenticatedMiddleware(async (args, user) => {
+    const page = Number(args.query.page) || 1;
+    const perPage = Number(args.query.perPage) || 10;
+
+    const { data: documents, totalPages } = await findDocuments({ page, perPage, userId: user.id });
+
+    return {
+      status: 200,
+      body: {
+        documents,
+        totalPages,
+      },
+    };
+  }),
+
+  getDocument: authenticatedMiddleware(async (args, user) => {
+    const { id: documentId } = args.params;
+
+    try {
+      const document = await getDocumentById({ id: Number(documentId), userId: user.id });
+
+      return {
+        status: 200,
+        body: document,
+      };
+    } catch (err) {
+      return {
+        status: 404,
+        body: {
+          message: 'Document not found',
+        },
+      };
+    }
+  }),
+
+  deleteDocument: authenticatedMiddleware(async (args, user) => {
+    const { id: documentId } = args.params;
+
+    try {
+      const document = await getDocumentById({ id: Number(documentId), userId: user.id });
+
+      const deletedDocument = await deleteDocument({
+        id: Number(documentId),
+        userId: user.id,
+        status: document.status,
+      });
+
+      return {
+        status: 200,
+        body: deletedDocument,
+      };
+    } catch (err) {
+      return {
+        status: 404,
+        body: {
+          message: 'Document not found',
+        },
+      };
+    }
+  }),
+
+  createDocument: authenticatedMiddleware(async (args, _user) => {
+    const { body } = args;
+
+    try {
+      const { url, key } = await getPresignPostUrl(body.fileName, body.contentType);
+
+      return {
+        status: 200,
+        body: {
+          url,
+          key,
+        },
+      };
+    } catch (err) {
+      return {
+        status: 404,
+        body: {
+          message: 'An error has occured while uploading the file',
+        },
+      };
+    }
+  }),
+
+  sendDocument: authenticatedMiddleware(async (args, user) => {
+    const { id } = args.params;
+    const { body } = args;
+
+    const document = await getDocumentById({ id: Number(id), userId: user.id });
+
+    if (!document) {
+      return {
+        status: 404,
+        body: {
+          message: 'Document not found',
+        },
+      };
+    }
+
+    if (document.status === 'PENDING') {
+      return {
+        status: 400,
+        body: {
+          message: 'Document is already waiting for signing',
+        },
+      };
+    }
+
+    try {
+      await setRecipientsForDocument({
+        userId: user.id,
+        documentId: Number(id),
+        recipients: [
+          {
+            email: body.signerEmail,
+            name: body.signerName ?? '',
+          },
+        ],
+      });
+
+      await setFieldsForDocument({
+        documentId: Number(id),
+        userId: user.id,
+        fields: body.fields.map((field) => ({
+          signerEmail: body.signerEmail,
+          type: field.fieldType,
+          pageNumber: field.pageNumber,
+          pageX: field.pageX,
+          pageY: field.pageY,
+          pageWidth: field.pageWidth,
+          pageHeight: field.pageHeight,
+        })),
+      });
+
+      if (body.emailBody || body.emailSubject) {
+        await upsertDocumentMeta({
+          documentId: Number(id),
+          subject: body.emailSubject ?? '',
+          message: body.emailBody ?? '',
+        });
+      }
+
+      await sendDocument({
+        documentId: Number(id),
+        userId: user.id,
+      });
+
+      return {
+        status: 200,
+        body: {
+          message: 'Document sent for signing successfully',
+        },
+      };
+    } catch (err) {
+      return {
+        status: 500,
+        body: {
+          message: 'An error has occured while sending the document for signing',
+        },
+      };
+    }
+  }),
+});

packages/api/v1/middleware/authenticated.ts

@@ -0,0 +1,37 @@
+import type { NextApiRequest } from 'next';
+
+import { getUserByApiToken } from '@documenso/lib/server-only/public-api/get-user-by-token';
+import type { User } from '@documenso/prisma/client';
+
+export const authenticatedMiddleware = <
+  T extends {
+    req: NextApiRequest;
+  },
+  R extends {
+    status: number;
+    body: unknown;
+  },
+>(
+  handler: (args: T, user: User) => Promise<R>,
+) => {
+  return async (args: T) => {
+    try {
+      const { authorization: token } = args.req.headers;
+
+      if (!token) {
+        throw new Error('Token was not provided for authenticated middleware');
+      }
+
+      const user = await getUserByApiToken({ token });
+
+      return await handler(args, user);
+    } catch (_err) {
+      return {
+        status: 401,
+        body: {
+          message: 'Unauthorized',
+        },
+      } as const;
+    }
+  };
+};

packages/api/v1/schema.ts

@@ -0,0 +1,87 @@
+import { z } from 'zod';
+
+import { FieldType } from '@documenso/prisma/client';
+
+export const ZGetDocumentsQuerySchema = z.object({
+  page: z.string().optional(),
+  perPage: z.string().optional(),
+});
+
+export type TGetDocumentsQuerySchema = z.infer<typeof ZGetDocumentsQuerySchema>;
+
+export const ZDeleteDocumentMutationSchema = z.string();
+
+export type TDeleteDocumentMutationSchema = z.infer<typeof ZDeleteDocumentMutationSchema>;
+
+export const ZSuccessfulDocumentResponseSchema = z.object({
+  id: z.number(),
+  userId: z.number(),
+  title: z.string(),
+  status: z.string(),
+  documentDataId: z.string(),
+  createdAt: z.date(),
+  updatedAt: z.date(),
+  completedAt: z.date().nullable(),
+});
+
+export type TSuccessfulDocumentResponseSchema = z.infer<typeof ZSuccessfulDocumentResponseSchema>;
+
+export const ZSendDocumentForSigningMutationSchema = z.object({
+  signerEmail: z.string(),
+  signerName: z.string().optional(),
+  emailSubject: z.string().optional(),
+  emailBody: z.string().optional(),
+  fields: z.array(
+    z.object({
+      fieldType: z.nativeEnum(FieldType),
+      pageNumber: z.number(),
+      pageX: z.number(),
+      pageY: z.number(),
+      pageWidth: z.number(),
+      pageHeight: z.number(),
+    }),
+  ),
+});
+
+export type TSendDocumentForSigningMutationSchema = z.infer<
+  typeof ZSendDocumentForSigningMutationSchema
+>;
+
+export const ZUploadDocumentSuccessfulSchema = z.object({
+  url: z.string(),
+  key: z.string(),
+});
+
+export type TUploadDocumentSuccessfulSchema = z.infer<typeof ZUploadDocumentSuccessfulSchema>;
+
+export const ZCreateDocumentMutationSchema = z.object({
+  fileName: z.string(),
+  contentType: z.string().default('PDF'),
+});
+
+export type TCreateDocumentMutationSchema = z.infer<typeof ZCreateDocumentMutationSchema>;
+
+export const ZSuccessfulResponseSchema = z.object({
+  documents: ZSuccessfulDocumentResponseSchema.array(),
+  totalPages: z.number(),
+});
+
+export type TSuccessfulResponseSchema = z.infer<typeof ZSuccessfulResponseSchema>;
+
+export const ZSuccessfulSigningResponseSchema = z.object({
+  message: z.string(),
+});
+
+export type TSuccessfulSigningResponseSchema = z.infer<typeof ZSuccessfulSigningResponseSchema>;
+
+export const ZUnsuccessfulResponseSchema = z.object({
+  message: z.string(),
+});
+
+export type TUnsuccessfulResponseSchema = z.infer<typeof ZUnsuccessfulResponseSchema>;
+
+export const ZAuthorizationHeadersSchema = z.object({
+  authorization: z.string(),
+});
+
+export type TAuthorizationHeadersSchema = z.infer<typeof ZAuthorizationHeadersSchema>;