feat(packages/api): add auth router

include auth router for quick access to user session on client and other httpserver auth routes and utilities
cnpem · Dec 13, 2024 · 9b6422e · 9b6422e
1 parent d39431d
commit 9b6422e
Show file tree

Hide file tree

Showing 2 changed files with 62 additions and 0 deletions.
diff --git a/packages/api/src/root.ts b/packages/api/src/root.ts
@@ -1,3 +1,4 @@
+import { authRouter } from "./router/auth";
 import { consoleOutputRouter } from "./router/console-output";
 import { devicesRouter } from "./router/devices";
 import { environmentRouter } from "./router/environment";
@@ -19,6 +20,7 @@ export const appRouter = createTRPCRouter({
   consoleOutput: consoleOutputRouter,
   history: historyRouter,
   runEngine: runEngineRouter,
+  auth: authRouter,
 });
 
 // export type definition of API

diff --git a/packages/api/src/router/auth.ts b/packages/api/src/router/auth.ts
@@ -0,0 +1,60 @@
+import { z } from "zod";
+import { env } from "../../env";
+import { protectedProcedure } from "../trpc";
+import { zodSnakeFetcher } from "../utils";
+
+const principalSchema = z.object({
+  uuid: z.string(),
+  type: z.enum(["user", "service"]),
+  identities: z.array(
+    z.object({
+      provider: z.string(),
+      id: z.string(),
+      latestLogin: z.string().optional().nullable(),
+    }),
+  ),
+  apiKeys: z.array(
+    z.object({
+      firstEight: z.string(),
+      expirationTime: z.string().optional().nullable(),
+      note: z.string().optional().nullable(),
+      scopes: z.array(z.string()),
+      latestActivity: z.string().optional().nullable(),
+    }),
+  ),
+  sessions: z.array(
+    z.object({
+      uuid: z.string(),
+      expirationTime: z.string(),
+      revoked: z.boolean(),
+    }),
+  ),
+  latestActivity: z.string().nullable(),
+  roles: z.array(z.string()).nullable(),
+  scopes: z.array(z.string()).nullable(),
+  apiKeyScopes: z.array(z.string()).nullable(),
+});
+
+export const authRouter = {
+  getSession: protectedProcedure.query(({ ctx }) => {
+    return ctx.session;
+  }),
+  whoAmI: protectedProcedure.query(async ({ ctx }) => {
+    const fetchURL = `${env.BLUESKY_HTTPSERVER_URL}/api/auth/whoami`;
+    const blueskyAccessToken = ctx.session.user.blueskyAccessToken;
+    try {
+      const res = await zodSnakeFetcher(principalSchema, {
+        url: fetchURL,
+        method: "GET",
+        authorization: `Bearer ${blueskyAccessToken}`,
+        body: undefined,
+      });
+      return res;
+    } catch (e) {
+      if (e instanceof Error) {
+        throw new Error(e.message);
+      }
+      throw new Error("Unknown error");
+    }
+  }),
+};