feat: enable api key injection from within JWT (#1752)

fern-api · Oct 31, 2024 · 8f64b73 · 8f64b73
1 parent 874c2e4
commit 8f64b73
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/api-key-injection.ts b/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/api-key-injection.ts
@@ -1,3 +1,4 @@
+import { safeVerifyFernJWTConfig } from "@/server/auth/FernJWT";
 import { OAuth2Client } from "@/server/auth/OAuth2Client";
 import { getAPIKeyInjectionConfig } from "@/server/auth/getApiKeyInjectionConfig";
 import { withSecureCookie } from "@/server/auth/with-secure-cookie";
@@ -17,6 +18,19 @@ export default async function handler(req: NextRequest): Promise<NextResponse<AP
     const host = getHostEdge(req);
     const edgeConfig = await getAuthEdgeConfig(domain);
 
+    const fern_token = req.cookies.get(COOKIE_FERN_TOKEN)?.value;
+
+    if (fern_token != null) {
+        const fernUser = await safeVerifyFernJWTConfig(fern_token, edgeConfig);
+        if (fernUser?.api_key != null) {
+            return NextResponse.json({
+                enabled: true,
+                authenticated: true,
+                access_token: fernUser.api_key,
+            });
+        }
+    }
+
     // assume that if the edge config is set for webflow, api key injection is always enabled
     if (edgeConfig?.type === "oauth2" && edgeConfig.partner === "webflow") {
         const accessToken = req.cookies.get("access_token")?.value;

diff --git a/packages/ui/fern-docs-auth/src/types.ts b/packages/ui/fern-docs-auth/src/types.ts
@@ -9,6 +9,7 @@ export const FernUserSchema = z.object({
             "The roles of the token (can be a string or an array of strings) which limits what content users can access",
         )
         .optional(),
+    api_key: z.string().optional().describe("For API Playground key injection"),
 });
 
 export type FernUser = z.infer<typeof FernUserSchema>;