ico
/
pingql
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: requireAuth uses onBeforeHandle instead of error() in derive

This commit is contained in:
M1 2026-03-16 15:56:33 +04:00
parent 0918478255
commit 0b69fbfc72
1 changed files with 23 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
apps/web/src/routes/auth.ts
View File

@ -13,28 +13,32 @@ function hashEmail(email: string): string {
} }
export function requireAuth(app: Elysia) { export function requireAuth(app: Elysia) {
return app.derive(async ({ headers, error }) => { return app
const key = headers["authorization"]?.replace("Bearer ", "").trim(); .derive(async ({ headers, set }) => {
if (!key) return error(401, { error: "Missing account key. Use: Authorization: Bearer <key>" }); const key = headers["authorization"]?.replace("Bearer ", "").trim();
if (!key) {
set.status = 401;
return { accountId: null as string | null, keyId: null as string | null };
}
// Check primary account key const [account] = await sql`SELECT id FROM accounts WHERE id = ${key}`;
const [account] = await sql`SELECT id FROM accounts WHERE id = ${key}`; if (account) return { accountId: account.id as string, keyId: null as string | null };
if (account) {
return { accountId: account.id, keyId: null as string | null };
}
// Check sub-key const [apiKey] = await sql`SELECT id, account_id FROM api_keys WHERE id = ${key}`;
const [apiKey] = await sql` if (apiKey) {
SELECT id, account_id FROM api_keys WHERE id = ${key} sql`UPDATE api_keys SET last_used_at = now() WHERE id = ${key}`.catch(() => {});
`; return { accountId: apiKey.account_id as string, keyId: apiKey.id as string };
if (apiKey) { }
// Update last_used_at async (don't await)
sql`UPDATE api_keys SET last_used_at = now() WHERE id = ${key}`.catch(() => {});
return { accountId: apiKey.account_id, keyId: apiKey.id as string };
}
return error(401, { error: "Invalid account key" }); set.status = 401;
}); return { accountId: null as string | null, keyId: null as string | null };
})
.onBeforeHandle(({ accountId, set }) => {
if (!accountId) {
set.status = 401;
return { error: "Invalid or missing account key" };
}
});
} }
export const account = new Elysia({ prefix: "/account" }) export const account = new Elysia({ prefix: "/account" })