mark/master-ai
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): enable requireWorkspacePrincipal on projects GET route to support desktop API keys

Browse Source
This commit is contained in:
mawkone
2026-05-29 17:06:23 -07:00
parent 573ad989ca
commit b263f6d392
1 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
vibn-frontend/app/api/projects/route.ts
View File

@@ -1,15 +1,22 @@
import { NextResponse } from 'next/server';
import { authSession } from "@/lib/auth/session-server";
import { query } from '@/lib/db-postgres';
import { requireWorkspacePrincipal } from "@/lib/auth/workspace-auth";
import { query, queryOne } from '@/lib/db-postgres';
export async function GET() {
export async function GET(request: Request) {
try {
const session = await authSession();
if (!session?.user?.email) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
// 1. Authenticate the Workspace API key or Browser Session
const principal = await requireWorkspacePrincipal(request);
if (principal instanceof NextResponse) return principal;
const email = session.user.email;
// 2. Fetch user email from principal.userId
const userRow = await queryOne<{ data: any }>(
`SELECT data FROM fs_users WHERE id = $1 LIMIT 1`,
[principal.userId]
);
const email = userRow?.data?.email;
if (!email) {
return NextResponse.json({ error: 'User email not found' }, { status: 404 });
}
// Fetch projects joined on user email
const projects = await query<any>(`