diff --git a/apps/viewer/src/features/chat/api/legacy/sendMessageV1.ts b/apps/viewer/src/features/chat/api/legacy/sendMessageV1.ts index 5da5b169a..d97418796 100644 --- a/apps/viewer/src/features/chat/api/legacy/sendMessageV1.ts +++ b/apps/viewer/src/features/chat/api/legacy/sendMessageV1.ts @@ -90,7 +90,7 @@ export const sendMessageV1 = publicProcedure ? undefined : startParams.typebot, message, - userId: parseUserId(user?.id), + userId: user?.id, } : { type: 'live', @@ -172,13 +172,3 @@ export const sendMessageV1 = publicProcedure } } ) - -const parseUserId = (userId?: string): string => { - if (!userId) - throw new TRPCError({ - code: 'UNAUTHORIZED', - message: 'You need to be authenticated to perform this action', - }) - - return userId -} diff --git a/apps/viewer/src/features/chat/api/legacy/sendMessageV2.ts b/apps/viewer/src/features/chat/api/legacy/sendMessageV2.ts index 6d18c69b0..f39bf948c 100644 --- a/apps/viewer/src/features/chat/api/legacy/sendMessageV2.ts +++ b/apps/viewer/src/features/chat/api/legacy/sendMessageV2.ts @@ -90,7 +90,7 @@ export const sendMessageV2 = publicProcedure ? undefined : startParams.typebot, message, - userId: parseUserId(user?.id), + userId: user?.id, } : { type: 'live', @@ -172,13 +172,3 @@ export const sendMessageV2 = publicProcedure } } ) - -const parseUserId = (userId?: string): string => { - if (!userId) - throw new TRPCError({ - code: 'UNAUTHORIZED', - message: 'You need to be authenticated to perform this action', - }) - - return userId -} diff --git a/apps/viewer/src/features/chat/api/startChatPreview.ts b/apps/viewer/src/features/chat/api/startChatPreview.ts index 43be02c7b..30ad7536f 100644 --- a/apps/viewer/src/features/chat/api/startChatPreview.ts +++ b/apps/viewer/src/features/chat/api/startChatPreview.ts @@ -1,4 +1,3 @@ -import { authenticatedProcedure } from '@/helpers/server/trpc' import { startPreviewChatInputSchema, startPreviewChatResponseSchema, @@ -6,8 +5,9 @@ import { import { startSession } from '@typebot.io/bot-engine/startSession' import { saveStateToDatabase } from '@typebot.io/bot-engine/saveStateToDatabase' import { restartSession } from '@typebot.io/bot-engine/queries/restartSession' +import { publicProcedure } from '@/helpers/server/trpc' -export const startChatPreview = authenticatedProcedure +export const startChatPreview = publicProcedure .meta({ openapi: { method: 'POST', @@ -47,7 +47,7 @@ export const startChatPreview = authenticatedProcedure startFrom, typebotId, typebot: startTypebot, - userId: user.id, + userId: user?.id, }, message, }) diff --git a/apps/viewer/src/features/chat/api/updateTypebotInSession.ts b/apps/viewer/src/features/chat/api/updateTypebotInSession.ts index 47901d7d5..a262950d1 100644 --- a/apps/viewer/src/features/chat/api/updateTypebotInSession.ts +++ b/apps/viewer/src/features/chat/api/updateTypebotInSession.ts @@ -1,3 +1,4 @@ +import { publicProcedure } from '@/helpers/server/trpc' import { TRPCError } from '@trpc/server' import { z } from 'zod' import { getSession } from '@typebot.io/bot-engine/queries/getSession' @@ -8,9 +9,8 @@ import { Variable, } from '@typebot.io/schemas' import prisma from '@typebot.io/lib/prisma' -import { authenticatedProcedure } from '@/helpers/server/trpc' -export const updateTypebotInSession = authenticatedProcedure +export const updateTypebotInSession = publicProcedure .meta({ openapi: { method: 'POST', @@ -28,6 +28,8 @@ export const updateTypebotInSession = authenticatedProcedure ) .output(z.object({ message: z.literal('success') })) .mutation(async ({ input: { sessionId }, ctx: { user } }) => { + if (!user) + throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Unauthorized' }) const session = await getSession(sessionId) if (!session) throw new TRPCError({ code: 'NOT_FOUND', message: 'Session not found' }) diff --git a/apps/viewer/src/helpers/server/trpc.ts b/apps/viewer/src/helpers/server/trpc.ts index 8f61174c2..0dfe8c66f 100644 --- a/apps/viewer/src/helpers/server/trpc.ts +++ b/apps/viewer/src/helpers/server/trpc.ts @@ -1,4 +1,4 @@ -import { TRPCError, initTRPC } from '@trpc/server' +import { initTRPC } from '@trpc/server' import { OpenApiMeta } from 'trpc-openapi' import superjson from 'superjson' import { Context } from './context' @@ -8,23 +8,13 @@ const t = initTRPC.context().meta().create({ transformer: superjson, }) -export const router = t.router - const sentryMiddleware = t.middleware( Sentry.Handlers.trpcMiddleware({ attachRpcInput: true, }) ) -export const publicProcedure = t.procedure.use(sentryMiddleware) - -const isAuthed = t.middleware(({ next, ctx }) => { - if (!ctx.user?.id) { - throw new TRPCError({ - code: 'UNAUTHORIZED', - message: 'You need to be authenticated to perform this action', - }) - } +const injectUser = t.middleware(({ next, ctx }) => { return next({ ctx: { user: ctx.user, @@ -32,6 +22,10 @@ const isAuthed = t.middleware(({ next, ctx }) => { }) }) -export const authenticatedProcedure = t.procedure.use( - sentryMiddleware.unstable_pipe(isAuthed) -) +const finalMiddleware = sentryMiddleware.unstable_pipe(injectUser) + +export const middleware = t.middleware + +export const router = t.router + +export const publicProcedure = t.procedure.use(finalMiddleware) diff --git a/packages/bot-engine/startSession.ts b/packages/bot-engine/startSession.ts index 2e72aa674..b19bc5f4d 100644 --- a/packages/bot-engine/startSession.ts +++ b/packages/bot-engine/startSession.ts @@ -39,7 +39,7 @@ import { VisitedEdge } from '@typebot.io/prisma' type StartParams = | ({ type: 'preview' - userId: string + userId?: string } & StartPreviewChatInput) | ({ type: 'live' @@ -272,6 +272,13 @@ export const startSession = async ({ const getTypebot = async (startParams: StartParams): Promise => { if (startParams.type === 'preview' && startParams.typebot) return startParams.typebot + + if (startParams.type === 'preview' && !startParams.userId) + throw new TRPCError({ + code: 'UNAUTHORIZED', + message: 'You need to be authenticated to perform this action', + }) + const typebotQuery = startParams.type === 'preview' ? await findTypebot({