Skip to content

Commit 3b2a7ab

Browse files
catrielmullercatrielmuller
committed
refactor: require KiloClawAccess to get chat credentials
1 parent 4884a82 commit 3b2a7ab

File tree

2 files changed

+12
-1
lines changed

2 files changed

+12
-1
lines changed

src/app/api/kiloclaw/chat-credentials/route.ts

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,26 @@
11
import { NextResponse } from 'next/server';
2+
import { TRPCError } from '@trpc/server';
23
import { getUserFromAuth } from '@/lib/user.server';
34
import { KiloClawUserClient } from '@/lib/kiloclaw/kiloclaw-user-client';
45
import { KiloClawApiError } from '@/lib/kiloclaw/kiloclaw-internal-client';
56
import { generateApiToken, TOKEN_EXPIRY } from '@/lib/tokens';
7+
import { requireKiloClawAccess } from '@/lib/kiloclaw/access-gate';
68

79
export async function GET() {
810
const { user, authFailedResponse } = await getUserFromAuth({
911
adminOnly: false,
1012
});
1113
if (authFailedResponse) return authFailedResponse;
1214

15+
try {
16+
await requireKiloClawAccess(user.id);
17+
} catch (err) {
18+
if (err instanceof TRPCError && err.code === 'FORBIDDEN') {
19+
return NextResponse.json({ error: err.message }, { status: 403 });
20+
}
21+
throw err;
22+
}
23+
1324
try {
1425
const token = generateApiToken(user, undefined, {
1526
expiresIn: TOKEN_EXPIRY.fiveMinutes,

src/routers/kiloclaw-router.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -484,7 +484,7 @@ export const kiloclawRouter = createTRPCRouter({
484484
}
485485
}),
486486

487-
getStreamChatCredentials: baseProcedure.query(async ({ ctx }) => {
487+
getStreamChatCredentials: clawAccessProcedure.query(async ({ ctx }) => {
488488
const client = new KiloClawInternalClient();
489489
return client.getStreamChatCredentials(ctx.user.id);
490490
}),

0 commit comments

Comments
 (0)