feat: certificate qrcode (#1755)

Adds document access tokens and QR code functionality to enable secure document sharing via URLs. It includes a new document access page that allows viewing and downloading documents through tokenized links.
2025-11-13 16:23:06 +10:00 · 2025-04-28 01:30:09 +00:00
parent 6a41a37bd4
commit bdb0b0ea88
26 changed files with 423 additions and 31 deletions
--- a/packages/lib/server-only/document/create-document-v2.ts
+++ b/packages/lib/server-only/document/create-document-v2.ts
@ -13,7 +13,7 @@ import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
 import { normalizePdf as makeNormalizedPdf } from '@documenso/lib/server-only/pdf/normalize-pdf';
 import { DOCUMENT_AUDIT_LOG_TYPE } from '@documenso/lib/types/document-audit-logs';
 import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
-import { nanoid } from '@documenso/lib/universal/id';
+import { nanoid, prefixedId } from '@documenso/lib/universal/id';
 import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
 import { prisma } from '@documenso/prisma';
 import type { TCreateDocumentV2Request } from '@documenso/trpc/server/document-router/schema';
@ -142,6 +142,7 @@ export const createDocumentV2 = async ({
    const document = await tx.document.create({
      data: {
        title,
+        qrToken: prefixedId('qr'),
        externalId: data.externalId,
        documentDataId,
        userId,
--- a/packages/lib/server-only/document/create-document.ts
+++ b/packages/lib/server-only/document/create-document.ts
@ -13,6 +13,7 @@ import {
  ZWebhookDocumentSchema,
  mapDocumentToWebhookDocumentPayload,
 } from '../../types/webhook-payload';
+import { prefixedId } from '../../universal/id';
 import { getFileServerSide } from '../../universal/upload/get-file.server';
 import { putPdfFileServerSide } from '../../universal/upload/put-file.server';
 import { determineDocumentVisibility } from '../../utils/document-visibility';
@ -115,6 +116,7 @@ export const createDocument = async ({
    const document = await tx.document.create({
      data: {
        title,
+        qrToken: prefixedId('qr'),
        externalId,
        documentDataId,
        userId,
--- a/packages/lib/server-only/document/duplicate-document-by-id.ts
+++ b/packages/lib/server-only/document/duplicate-document-by-id.ts
@ -3,6 +3,7 @@ import { DocumentSource, type Prisma } from '@prisma/client';
 import { prisma } from '@documenso/prisma';

 import { AppError, AppErrorCode } from '../../errors/app-error';
+import { prefixedId } from '../../universal/id';
 import { getDocumentWhereInput } from './get-document-by-id';

 export interface DuplicateDocumentOptions {
@ -56,6 +57,7 @@ export const duplicateDocument = async ({
  const createDocumentArguments: Prisma.DocumentCreateArgs = {
    data: {
      title: document.title,
+      qrToken: prefixedId('qr'),
      user: {
        connect: {
          id: document.userId,
--- a/packages/lib/server-only/document/get-document-by-access-token.ts
+++ b/packages/lib/server-only/document/get-document-by-access-token.ts
@ -0,0 +1,38 @@
+import { prisma } from '@documenso/prisma';
+
+export type GetDocumentByAccessTokenOptions = {
+  token: string;
+};
+
+export const getDocumentByAccessToken = async ({ token }: GetDocumentByAccessTokenOptions) => {
+  if (!token) {
+    throw new Error('Missing token');
+  }
+
+  const result = await prisma.document.findFirstOrThrow({
+    where: {
+      qrToken: token,
+    },
+    select: {
+      id: true,
+      title: true,
+      completedAt: true,
+      documentData: {
+        select: {
+          id: true,
+          type: true,
+          data: true,
+          initialData: true,
+        },
+      },
+      documentMeta: {
+        select: {
+          password: true,
+        },
+      },
+      recipients: true,
+    },
+  });
+
+  return result;
+};