update server endpoints to conform to new names and types

jjnp · jjnp · commit 68c77cfcb5b9 · 2024-06-02T14:28:18.000+02:00
diff --git a/services/src/auth/api-access.ts b/services/src/auth/api-access.ts
@@ -8,12 +8,12 @@ export type SelectableApiKey = Selectable<Apiaccess>
 const apiAccessIdSchema = z.number().brand('api-access')
 export type ApiAccessId = z.infer<typeof apiAccessIdSchema>
 
-const apiKeyKeySchema = z.string().uuid().brand('api-key')
-export type ApiKey = z.infer<typeof apiKeyKeySchema>
+export const apiKeySchema = z.string().uuid().brand('api-key')
+export type ApiKey = z.infer<typeof apiKeySchema>
 
 export const apiAccessSchema = z.object({
   id: apiAccessIdSchema,
-  apikey: apiKeyKeySchema,
+  apikey: apiKeySchema,
   name: z.string(),
   project_id: z.number(),
   created_at: z.date(),
diff --git a/src/routes/(api)/api/[project]/[lang]/translations/+server.ts b/src/routes/(api)/api/[project]/[lang]/translations/+server.ts
@@ -1,6 +1,7 @@
 import { validateRequestBody } from '$lib/server/request-utils'
+import type { ProjectId } from 'services/project/project'
 import { authorize } from '../../../api-utils'
-import { translationPOSTRequestSchema, type ProjectId } from '../../../api.model'
+import { translationPOSTRequestSchema } from '../../../api.model'
 import type { RequestHandler } from './$types'
 
 export const POST: RequestHandler = async ({ params, request }) => {
diff --git a/src/routes/(api)/api/[project]/config/+server.ts b/src/routes/(api)/api/[project]/config/+server.ts
@@ -1,6 +1,7 @@
 import { validateRequestBody } from '$lib/server/request-utils'
+import type { ProjectId } from 'services/project/project'
 import { authorize } from '../../api-utils'
-import { projectConfigPOSTRequestSchema, type ProjectId } from '../../api.model'
+import { projectConfigPOSTRequestSchema } from '../../api.model'
 import type { RequestHandler } from './$types'
 
 export const POST: RequestHandler = async ({ params, request }) => {
diff --git a/src/routes/(api)/api/api-utils.ts b/src/routes/(api)/api/api-utils.ts
@@ -1,13 +1,17 @@
 import { checkApiKeyAccess } from 'services/auth/api-access.service'
-import type { ProjectId } from './api.model'
 import { error } from '@sveltejs/kit'
+import { apiKeySchema } from 'services/auth/api-access'
+import type { ProjectId } from 'services/project/project'
 
-export const authorize = async (req: Request, project: ProjectId) => {
-	const apiKey = req.headers.get('Authorization')
-	if (!apiKey) {
+export const authorize = async (req: Request, projectId: ProjectId) => {
+	if (req.headers.get('Authorization')) {
 		error(401, 'No API key provided in the Authorization header')
 	}
-	const hasAccess = await checkApiKeyAccess(apiKey, project)
+	const parsedApiKey = apiKeySchema.safeParse(req.headers.get('Authorization'))
+	if (parsedApiKey.error) {
+		error(400, 'The provided API key does not conform to the correct schema')
+	}
+	const hasAccess = await checkApiKeyAccess(parsedApiKey.data, projectId)
 	if (!hasAccess) {
 		error(
 			403,
diff --git a/src/routes/(api)/api/api.model.ts b/src/routes/(api)/api/api.model.ts
@@ -6,9 +6,6 @@ export type TranslationKey = z.infer<typeof translationKeySchema>
 const translationValueSchema = z.string().brand('translation-value')
 export type TranslationValue = z.infer<typeof translationValueSchema>
 
-const projectIdSchema = z.number().brand('project-id')
-export type ProjectId = z.infer<typeof projectIdSchema>
-
 const addTranslationCommandSchema = z.object({
 	key: translationKeySchema,
 	value: translationValueSchema
