@daveyplate/supabase-swr-entities
Version:
An entity management library for Supabase and SWR
59 lines (58 loc) • 2.21 kB
JavaScript
import { createAdminClient } from '../supabase/service-role';
export const METHOD_MAP = {
GET: "select",
PATCH: "update",
POST: "upsert",
DELETE: "delete",
HEAD: '',
OPTIONS: '',
PUT: 'update'
};
export async function authorizeUser(supabase, headers) {
var _a;
const supabaseAdmin = createAdminClient();
// Check for Bearer access token
const authToken = (_a = headers === null || headers === void 0 ? void 0 : headers.authorization) === null || _a === void 0 ? void 0 : _a.split('Bearer ')[1];
// Check api_keys for a user entry
if (authToken === null || authToken === void 0 ? void 0 : authToken.startsWith('sk-')) {
const { data, error } = await supabaseAdmin
.from('api_keys')
.select('user_id')
.eq('api_key', authToken)
.single();
if (error) {
console.error(error);
return { error };
}
return { user: { id: data.user_id } };
}
const { data: { user }, error } = await supabase.auth.getUser();
if (error) {
console.error(error);
return { error };
}
return { user: user };
}
export async function authorizeParams(supabase, method, headers, params, entitySchema, admin = false) {
var _a, _b, _c;
const { user, error } = await authorizeUser(supabase, headers);
if (error || !user)
return { error };
// TODO setup admin claim
if (admin && !((_b = (_a = user.app_metadata) === null || _a === void 0 ? void 0 : _a.roles) === null || _b === void 0 ? void 0 : _b.includes('admin'))) {
return { error: new Error("Unauthorized") };
}
// Add authColumns to params if not admin
if (!admin) {
const authColumns = ((_c = entitySchema.authColumns) === null || _c === void 0 ? void 0 : _c[METHOD_MAP[method]]) || [entitySchema.authColumn];
if (!authColumns.length)
return { error: new Error("No authColumns found") };
if (authColumns.length == 1) {
params[authColumns[0]] = user.id;
}
else {
params.or = authColumns.map((column) => column + ".eq." + user.id).join(',');
}
}
return { user };
}