diff --git a/apps/api/package.json b/apps/api/package.json index cd898376..2f3bbcdd 100644 --- a/apps/api/package.json +++ b/apps/api/package.json @@ -40,7 +40,6 @@ "eventid": "^2.0.1", "exit-hook": "catalog:", "hono": "^4.7.9", - "jsonwebtoken": "^9.0.2", "octokit": "^5.0.2", "p-all": "^5.0.0", "parse-json": "^8.3.0", @@ -52,7 +51,6 @@ "zod-validation-error": "^3.4.1" }, "devDependencies": { - "@types/jsonwebtoken": "^9.0.9", "@types/semver": "^7.7.0", "drizzle-kit": "^0.31.1", "drizzle-orm": "^0.43.1", diff --git a/apps/api/src/api-v1/projects/create-project.ts b/apps/api/src/api-v1/projects/create-project.ts index 902e9635..3e80e3c3 100644 --- a/apps/api/src/api-v1/projects/create-project.ts +++ b/apps/api/src/api-v1/projects/create-project.ts @@ -3,7 +3,6 @@ import { createRoute, type OpenAPIHono } from '@hono/zod-openapi' import type { AuthenticatedEnv } from '@/lib/types' import { db, schema } from '@/db' -import { createProviderToken } from '@/lib/auth/create-provider-token' import { ensureAuthUser } from '@/lib/ensure-auth-user' import { openapiAuthenticatedSecuritySchemas, @@ -62,8 +61,7 @@ export function registerV1ProjectsCreateProject( identifier, teamId: teamMember?.teamId, userId: user.id, - _secret: sha256(), - _providerToken: createProviderToken({ identifier }) + _secret: sha256() }) .returning() assert(project, 500, `Failed to create project "${body.name}"`) diff --git a/apps/api/src/db/schema/project.ts b/apps/api/src/db/schema/project.ts index c4dc7f43..e5ee4603 100644 --- a/apps/api/src/db/schema/project.ts +++ b/apps/api/src/db/schema/project.ts @@ -87,7 +87,7 @@ export const projects = pgTable( _secret: text().notNull(), // Auth token used to access the platform API on behalf of this project - _providerToken: text().notNull(), + // _providerToken: text().notNull(), // TODO: Full-text search // _text: text().default('').notNull(), diff --git a/apps/api/src/lib/auth/create-provider-token.ts b/apps/api/src/lib/auth/create-provider-token.ts deleted file mode 100644 index 170799f4..00000000 --- a/apps/api/src/lib/auth/create-provider-token.ts +++ /dev/null @@ -1,9 +0,0 @@ -import jwt from 'jsonwebtoken' - -import { env } from '@/lib/env' - -export function createProviderToken(project: { identifier: string }) { - // TODO: Possibly in the future store stripe account ID as well and require - // provider tokens to refresh after account changes? - return jwt.sign({ projectIdentifier: project.identifier }, env.JWT_SECRET) -} diff --git a/apps/api/src/lib/middleware/authenticate.ts b/apps/api/src/lib/middleware/authenticate.ts index f8fc6729..b1940088 100644 --- a/apps/api/src/lib/middleware/authenticate.ts +++ b/apps/api/src/lib/middleware/authenticate.ts @@ -1,29 +1,12 @@ import { assert } from '@agentic/platform-core' -// import { auth } from '@/lib/auth' import { createMiddleware } from 'hono/factory' -// import * as jwt from 'hono/jwt' import type { AuthenticatedEnv } from '@/lib/types' import { authClient } from '@/lib/auth/client' import { subjects } from '@/lib/auth/subjects' export const authenticate = createMiddleware( async function authenticateMiddleware(ctx, next) { - // TODO - // const session = await auth.api.getSession({ - // // TODO: investigate this type issue - // headers: ctx.req.raw.headers as any - // }) - // assert(session, 401, 'Unauthorized') - // assert(session.user?.id, 401, 'Unauthorized') - // assert(session.session, 401, 'Unauthorized') - - // ctx.set('userId', session.user.id) - // ctx.set('user', session.user as any) // TODO: resolve AuthUser and RawUser types - // ctx.set('session', session.session) - - // await next() - const credentials = ctx.req.raw.headers.get('Authorization') assert(credentials, 401, 'Unauthorized') @@ -44,22 +27,6 @@ export const authenticate = createMiddleware( assert(userId, 401, 'Unauthorized') ctx.set('userId', userId) - // const payload = await jwt.verify(token, env.JWT_SECRET) - // assert(payload, 401, 'Unauthorized') - // assert(payload.type === 'user', 401, 'Unauthorized') - // assert( - // payload.userId && typeof payload.userId === 'string', - // 401, - // 'Unauthorized' - // ) - // ctx.set('userId', payload.userId) - - // const user = await db.query.users.findFirst({ - // where: eq(schema.users.id, payload.userId) - // }) - // assert(user, 401, 'Unauthorized') - // ctx.set('user', user as any) - await next() } ) diff --git a/packages/cli/src/index.ts b/packages/cli/src/index.ts index 83a63ab9..95b65300 100644 --- a/packages/cli/src/index.ts +++ b/packages/cli/src/index.ts @@ -26,7 +26,7 @@ async function main() { } }) - // Try to initialize the existing auth session if one exists + // Initialize the existing auth session if one exists const authSession = AuthStore.tryGetAuth() if (authSession) { try {