Adapt the auth service to also accept OATs

myftija · myftija · commit 22438303b05c · 2025-08-14T11:16:27.000+02:00
diff --git a/apps/webapp/app/routes/api.v1.projects.$projectRef.$env.ts b/apps/webapp/app/routes/api.v1.projects.$projectRef.$env.ts
@@ -1,11 +1,11 @@
 import { json, type LoaderFunctionArgs } from "@remix-run/server-runtime";
 import { type GetProjectEnvResponse } from "@trigger.dev/core/v3";
-import { type RuntimeEnvironment } from "@trigger.dev/database";
 import { z } from "zod";
-import { prisma } from "~/db.server";
 import { env as processEnv } from "~/env.server";
-import { logger } from "~/services/logger.server";
-import { authenticateApiRequestWithPersonalAccessToken } from "~/services/personalAccessToken.server";
+import {
+  authenticatedEnvironmentForAuthentication,
+  authenticateRequest,
+} from "~/services/apiAuth.server";
 
 const ParamsSchema = z.object({
   projectRef: z.string(),
@@ -15,14 +15,6 @@ const ParamsSchema = z.object({
 type ParamsSchema = z.infer<typeof ParamsSchema>;
 
 export async function loader({ request, params }: LoaderFunctionArgs) {
-  logger.info("projects get env", { url: request.url });
-
-  const authenticationResult = await authenticateApiRequestWithPersonalAccessToken(request);
-
-  if (!authenticationResult) {
-    return json({ error: "Invalid or Missing Access Token" }, { status: 401 });
-  }
-
   const parsedParams = ParamsSchema.safeParse(params);
 
   if (!parsedParams.success) {
@@ -31,117 +23,24 @@ export async function loader({ request, params }: LoaderFunctionArgs) {
 
   const { projectRef, env } = parsedParams.data;
 
-  const project = await prisma.project.findFirst({
-    where: {
-      externalRef: projectRef,
-      organization: {
-        members: {
-          some: {
-            userId: authenticationResult.userId,
-          },
-        },
-      },
-    },
-  });
+  const authenticationResult = await authenticateRequest(request);
 
-  if (!project) {
-    return json({ error: "Project not found" }, { status: 404 });
-  }
-
-  const envResult = await getEnvironmentFromEnv({
-    projectId: project.id,
-    userId: authenticationResult.userId,
-    env,
-  });
-
-  if (!envResult.success) {
-    return json({ error: envResult.error }, { status: 404 });
+  if (!authenticationResult) {
+    return json({ error: "Invalid or Missing API key" }, { status: 401 });
   }
 
-  const runtimeEnv = envResult.environment;
+  const environment = await authenticatedEnvironmentForAuthentication(
+    authenticationResult,
+    projectRef,
+    env
+  );
 
   const result: GetProjectEnvResponse = {
-    apiKey: runtimeEnv.apiKey,
-    name: project.name,
+    apiKey: environment.apiKey,
+    name: environment.project.name,
     apiUrl: processEnv.API_ORIGIN ?? processEnv.APP_ORIGIN,
-    projectId: project.id,
+    projectId: environment.project.id,
   };
 
   return json(result);
 }
-
-async function getEnvironmentFromEnv({
-  projectId,
-  userId,
-  env,
-}: {
-  projectId: string;
-  userId: string;
-  env: ParamsSchema["env"];
-}): Promise<
-  | {
-      success: true;
-      environment: RuntimeEnvironment;
-    }
-  | {
-      success: false;
-      error: string;
-    }
-> {
-  if (env === "dev") {
-    const environment = await prisma.runtimeEnvironment.findFirst({
-      where: {
-        projectId,
-        orgMember: {
-          userId: userId,
-        },
-      },
-    });
-
-    if (!environment) {
-      return {
-        success: false,
-        error: "Dev environment not found",
-      };
-    }
-
-    return {
-      success: true,
-      environment,
-    };
-  }
-
-  let slug: "stg" | "prod" | "preview" = "prod";
-  switch (env) {
-    case "staging":
-      slug = "stg";
-      break;
-    case "prod":
-      slug = "prod";
-      break;
-    case "preview":
-      slug = "preview";
-      break;
-    default:
-      break;
-  }
-
-  const environment = await prisma.runtimeEnvironment.findFirst({
-    where: {
-      projectId,
-      slug,
-    },
-  });
-
-  if (!environment) {
-    return {
-      success: false,
-      error: `${env === "staging" ? "Staging" : "Production"} environment not found`,
-    };
-  }
-
-  return {
-    success: true,
-    environment,
-  };
-}
diff --git a/apps/webapp/app/routes/api.v1.projects.$projectRef.background-workers.$envSlug.$version.ts b/apps/webapp/app/routes/api.v1.projects.$projectRef.background-workers.$envSlug.$version.ts
@@ -2,7 +2,7 @@ import { LoaderFunctionArgs, json } from "@remix-run/server-runtime";
 import { z } from "zod";
 import { prisma } from "~/db.server";
 import {
-  authenticateProjectApiKeyOrPersonalAccessToken,
+  authenticateRequest,
   authenticatedEnvironmentForAuthentication,
 } from "~/services/apiAuth.server";
 import zlib from "node:zlib";
@@ -20,7 +20,7 @@ export async function loader({ params, request }: LoaderFunctionArgs) {
     return json({ error: "Invalid params" }, { status: 400 });
   }
 
-  const authenticationResult = await authenticateProjectApiKeyOrPersonalAccessToken(request);
+  const authenticationResult = await authenticateRequest(request);
 
   if (!authenticationResult) {
     return json({ error: "Invalid or Missing API key" }, { status: 401 });
diff --git a/apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.$name.ts b/apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.$name.ts
@@ -3,7 +3,7 @@ import { UpdateEnvironmentVariableRequestBody } from "@trigger.dev/core/v3";
 import { z } from "zod";
 import { prisma } from "~/db.server";
 import {
-  authenticateProjectApiKeyOrPersonalAccessToken,
+  authenticateRequest,
   authenticatedEnvironmentForAuthentication,
 } from "~/services/apiAuth.server";
 import { EnvironmentVariablesRepository } from "~/v3/environmentVariables/environmentVariablesRepository.server";
@@ -21,7 +21,7 @@ export async function action({ params, request }: ActionFunctionArgs) {
     return json({ error: "Invalid params" }, { status: 400 });
   }
 
-  const authenticationResult = await authenticateProjectApiKeyOrPersonalAccessToken(request);
+  const authenticationResult = await authenticateRequest(request);
 
   if (!authenticationResult) {
     return json({ error: "Invalid or Missing API key" }, { status: 401 });
@@ -97,7 +97,7 @@ export async function loader({ params, request }: LoaderFunctionArgs) {
     return json({ error: "Invalid params" }, { status: 400 });
   }
 
-  const authenticationResult = await authenticateProjectApiKeyOrPersonalAccessToken(request);
+  const authenticationResult = await authenticateRequest(request);
 
   if (!authenticationResult) {
     return json({ error: "Invalid or Missing API key" }, { status: 401 });
diff --git a/apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.import.ts b/apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.import.ts
@@ -3,7 +3,7 @@ import { ImportEnvironmentVariablesRequestBody } from "@trigger.dev/core/v3";
 import { parse } from "dotenv";
 import { z } from "zod";
 import {
-  authenticateProjectApiKeyOrPersonalAccessToken,
+  authenticateRequest,
   authenticatedEnvironmentForAuthentication,
   branchNameFromRequest,
 } from "~/services/apiAuth.server";
@@ -21,7 +21,7 @@ export async function action({ params, request }: ActionFunctionArgs) {
     return json({ error: "Invalid params" }, { status: 400 });
   }
 
-  const authenticationResult = await authenticateProjectApiKeyOrPersonalAccessToken(request);
+  const authenticationResult = await authenticateRequest(request);
 
   if (!authenticationResult) {
     return json({ error: "Invalid or Missing API key" }, { status: 401 });
diff --git a/apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.ts b/apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.ts
@@ -2,7 +2,7 @@ import { ActionFunctionArgs, LoaderFunctionArgs, json } from "@remix-run/server-
 import { CreateEnvironmentVariableRequestBody } from "@trigger.dev/core/v3";
 import { z } from "zod";
 import {
-  authenticateProjectApiKeyOrPersonalAccessToken,
+  authenticateRequest,
   authenticatedEnvironmentForAuthentication,
 } from "~/services/apiAuth.server";
 import { EnvironmentVariablesRepository } from "~/v3/environmentVariables/environmentVariablesRepository.server";
@@ -19,7 +19,7 @@ export async function action({ params, request }: ActionFunctionArgs) {
     return json({ error: "Invalid params" }, { status: 400 });
   }
 
-  const authenticationResult = await authenticateProjectApiKeyOrPersonalAccessToken(request);
+  const authenticationResult = await authenticateRequest(request);
 
   if (!authenticationResult) {
     return json({ error: "Invalid or Missing API key" }, { status: 401 });
@@ -66,7 +66,7 @@ export async function loader({ params, request }: LoaderFunctionArgs) {
     return json({ error: "Invalid params" }, { status: 400 });
   }
 
-  const authenticationResult = await authenticateProjectApiKeyOrPersonalAccessToken(request);
+  const authenticationResult = await authenticateRequest(request);
 
   if (!authenticationResult) {
     return json({ error: "Invalid or Missing API key" }, { status: 401 });
diff --git a/apps/webapp/app/services/apiAuth.server.ts b/apps/webapp/app/services/apiAuth.server.ts
