Files
documenso/packages/lib/universal/extract-request-metadata.ts
ephraimduncan 138d663c25 chore: merge main, resolve biome formatting conflicts
Merge origin/main into feat/external-2fa-codes. Resolve formatting
conflicts caused by biome rollout; preserve both feature streams:
PR's external 2FA token + signing-session 2FA proof additions plus
main's RateLimit/RecipientExpired/signingReminders/date-auto-insert.

In complete-document-with-token.ts, drop the duplicate early
field-fetching block introduced when main moved that logic later
with date auto-insert support; keep the EXTERNAL_TWO_FACTOR_AUTH
check using derivedRecipientActionAuth.
2026-05-12 11:46:11 +00:00

63 lines
1.3 KiB
TypeScript

import { z } from 'zod';
import { getIpAddress } from './get-ip-address';
const ZIpSchema = z.string().ip();
export const ZRequestMetadataSchema = z.object({
ipAddress: ZIpSchema.optional(),
userAgent: z.string().optional(),
});
export type RequestMetadata = z.infer<typeof ZRequestMetadataSchema>;
export type ApiRequestMetadata = {
/**
* The general metadata of the request.
*/
requestMetadata: RequestMetadata;
/**
* The source of the request.
*/
source: 'apiV1' | 'apiV2' | 'app';
/**
* The method of authentication used to access the API.
*
* If the request is not authenticated, the value will be `null`.
*/
auth: 'api' | 'session' | null;
/**
* The user that is performing the action.
*
* If a team API key is used, the user will classified as the team.
*/
auditUser?: {
id: number | null;
email: string | null;
name: string | null;
};
};
export const extractRequestMetadata = (req: Request): RequestMetadata => {
let ip: string | undefined;
try {
ip = getIpAddress(req);
} catch {
// Do nothing.
}
const parsedIp = ZIpSchema.safeParse(ip);
const ipAddress = parsedIp.success ? parsedIp.data : undefined;
const userAgent = req.headers.get('user-agent');
return {
ipAddress,
userAgent: userAgent ?? undefined,
};
};