refactor: Validate headers and env

Author: tonyxiao

packages/api/context.ts

@@ -1,6 +1,7 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 import { cryptoHash, decrypt } from '@supaglue/core/lib';
 import prisma from '@supaglue/db';
+import { createEnv } from '@t3-oss/env-core';
 import { TRPCError, initTRPC } from '@trpc/server';
 import type { OpenApiMeta } from '@usevenice/trpc-openapi';
 import { z } from 'zod';
@@ -12,20 +13,33 @@ extendZodWithOpenApi(z);
 
 export { z };
 
-export function createContext(opts: {
-  headers: { 'x-api-key': string; 'x-customer-id': string; 'x-provider-name': string };
-}) {
-  return { ...opts, prisma };
+export const env = createEnv({
+  server: {
+    /** Reqruired for prisma */
+    SUPAGLUE_DATABASE_URL: z.string().url(),
+    /* Required for encryption & decryption */
+    SUPAGLUE_API_ENCRYPTION_SECRET: z.string().min(1),
+  },
+  runtimeEnv: process.env,
+});
+
+export function createContext(opts: { headers: unknown }) {
+  const headers = z
+    .object({
+      'x-api-key': z.string().optional(),
+      'x-customer-id': z.string().optional(),
+      'x-provider-name': z.string().optional(),
+    })
+    .parse(opts.headers);
+
+  return { headers, env, prisma };
 }
 
 /**
  * Initialization of tRPC backend
  * Should be done only once per backend!
  */
-export const t = initTRPC
-  .context<{ headers: { 'x-api-key': string; 'x-customer-id': string; 'x-provider-name': string } }>()
-  .meta<OpenApiMeta>()
-  .create();
+export const t = initTRPC.context<ReturnType<typeof createContext>>().meta<OpenApiMeta>().create();
 
 export const authedProcedure = t.procedure.use(async ({ next, ctx }) => {
   if (!ctx.headers['x-api-key']) {
@@ -76,6 +90,3 @@ export const remoteProcedure = authedProcedure.use(async ({ next, ctx }) => {
 
   return next({ ctx: { ...ctx, provider, providerName, customerId } });
 });
-export type RemoteProcedureContext = ReturnType<(typeof remoteProcedure)['query']>['_def']['_ctx_out'];
-
-export type MaybePromise<T> = T | Promise<T>;

packages/api/package.json

@@ -4,6 +4,7 @@
   "dependencies": {
     "@supaglue/core": "workspace:*",
     "@supaglue/db": "workspace:*",
+    "@t3-oss/env-core": "^0.7.1",
     "@trpc/server": "^10.44.1",
     "@usevenice/trpc-openapi": "^1.3.8",
     "trpc-panel": "^1.3.4",

packages/api/providers/apollo.ts

@@ -13,8 +13,8 @@ export const createApolloProvider = z
         get: (id) =>
           apollo.GET('/v1/contacts/{id}', { params: { path: { id } } }).then(({ data: { contact } }) => contact),
       },
-      logCall: (input) => {
-        console.log('Call ID:', input);
+      logCall: async (input) => {
+        console.log('log call input:', input);
         return { id: '1', note: 'test', contact_id: '1' };
       },
     } satisfies EngagementProvider;

packages/api/router.ts

@@ -3,7 +3,7 @@ import { createOpenApiHttpHandler, generateOpenApiDocument } from '@usevenice/tr
 import http from 'http';
 import { renderTrpcPanel } from 'trpc-panel';
 import { z } from 'zod';
-import { t } from './context';
+import { createContext, t } from './context';
 import { engagementRouter } from './routers/engagement';
 
 export const metaRouter = t.router({
@@ -33,7 +33,7 @@ if (require.main === module) {
   createHTTPServer({
     router: appRouter,
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    createContext: ({ req }) => ({ headers: req.headers as any }),
+    createContext: ({ req }) => createContext({ headers: req.headers }),
     middleware(req, res, next) {
       if (req.url === '/_panel') {
         res.end(renderTrpcPanel(appRouter, { url: 'http://localhost:3000' }));
@@ -49,7 +49,7 @@ if (require.main === module) {
       createOpenApiHttpHandler({
         router: appRouter,
         // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        createContext: ({ req }) => ({ headers: req.headers as any }),
+        createContext: ({ req }) => createContext({ headers: req.headers }),
       })
     )
     .listen(3001);

packages/api/routers/engagement.ts

@@ -1,5 +1,4 @@
 import { TRPCError } from '@trpc/server';
-import type { MaybePromise } from '../context';
 import { remoteProcedure, t, z } from '../context';
 
 const schemas = {
@@ -25,9 +24,9 @@ const schemas = {
 
 export interface EngagementProvider {
   contacts: {
-    get: (id: string) => MaybePromise<z.infer<typeof schemas.contact>>;
+    get: (id: string) => Promise<z.infer<typeof schemas.contact>>;
   };
-  logCall: (input: z.infer<typeof schemas.logCallInput>) => MaybePromise<z.infer<typeof schemas.call>>;
+  logCall: (input: z.infer<typeof schemas.logCallInput>) => Promise<z.infer<typeof schemas.call>>;
 }
 
 export const engagementRouter = t.router({

yarn.lock

@@ -6339,6 +6339,7 @@ __metadata:
   dependencies:
     "@supaglue/core": "workspace:*"
     "@supaglue/db": "workspace:*"
+    "@t3-oss/env-core": ^0.7.1
     "@trpc/server": ^10.44.1
     "@usevenice/trpc-openapi": ^1.3.8
     trpc-panel: ^1.3.4
@@ -6879,6 +6880,19 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@t3-oss/env-core@npm:^0.7.1":
+  version: 0.7.1
+  resolution: "@t3-oss/env-core@npm:0.7.1"
+  peerDependencies:
+    typescript: ">=4.7.2"
+    zod: ^3.0.0
+  peerDependenciesMeta:
+    typescript:
+      optional: true
+  checksum: 1a8447f5009931eb24a2e653723acd817585539d882c6c97b1df590df605045dee0e9abb3e6af083ec1492a6c143469947c4e4fef8d6c4a7e64cdf61ee8748d0
+  languageName: node
+  linkType: hard
+
 "@temporalio/activity@npm:1.8.6, @temporalio/activity@npm:^1.8.6":
   version: 1.8.6
   resolution: "@temporalio/activity@npm:1.8.6"