♻️ (builder) Change to features-centric folder structure

apps/builder/src/pages/api/credentials/[credentialsId].ts

@@ -0,0 +1,25 @@
+import { withSentry } from '@sentry/nextjs'
+import prisma from '@/lib/prisma'
+import { NextApiRequest, NextApiResponse } from 'next'
+import { getAuthenticatedUser } from '@/features/auth'
+import { badRequest, methodNotAllowed, notAuthenticated } from 'utils/api'
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
+  const workspaceId = req.query.workspaceId as string | undefined
+  if (!workspaceId) return badRequest(res)
+  if (req.method === 'DELETE') {
+    const credentialsId = req.query.credentialsId as string | undefined
+    const credentials = await prisma.credentials.deleteMany({
+      where: {
+        id: credentialsId,
+        workspace: { id: workspaceId, members: { some: { userId: user.id } } },
+      },
+    })
+    return res.send({ credentials })
+  }
+  return methodNotAllowed(res)
+}
+
+export default withSentry(handler)

apps/builder/src/pages/api/credentials/google-sheets/callback.ts

@@ -0,0 +1,60 @@
+import { NextApiRequest, NextApiResponse } from 'next'
+import { Prisma } from 'db'
+import prisma from '@/lib/prisma'
+import { googleSheetsScopes } from './consent-url'
+import { stringify } from 'querystring'
+import { CredentialsType } from 'models'
+import { badRequest, encrypt, notAuthenticated } from 'utils/api'
+import { oauth2Client } from '@/lib/googleSheets'
+import { withSentry } from '@sentry/nextjs'
+import { getAuthenticatedUser } from '@/features/auth'
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
+  const state = req.query.state as string | undefined
+  if (!state) return badRequest(res)
+  const { redirectUrl, blockId, workspaceId } = JSON.parse(
+    Buffer.from(state, 'base64').toString()
+  )
+  if (req.method === 'GET') {
+    const code = req.query.code as string | undefined
+    if (!workspaceId) return badRequest(res)
+    if (!code)
+      return res.status(400).send({ message: "Bad request, couldn't get code" })
+    const { tokens } = await oauth2Client.getToken(code)
+    if (!tokens?.access_token) {
+      console.error('Error getting oAuth tokens:')
+      throw new Error('ERROR')
+    }
+    oauth2Client.setCredentials(tokens)
+    const { email, scopes } = await oauth2Client.getTokenInfo(
+      tokens.access_token
+    )
+    if (!email)
+      return res
+        .status(400)
+        .send({ message: "Couldn't get email from getTokenInfo" })
+    if (googleSheetsScopes.some((scope) => !scopes.includes(scope)))
+      return res
+        .status(400)
+        .send({ message: "User didn't accepted required scopes" })
+    const { encryptedData, iv } = encrypt(tokens)
+    const credentials = {
+      name: email,
+      type: CredentialsType.GOOGLE_SHEETS,
+      workspaceId,
+      data: encryptedData,
+      iv,
+    } as Prisma.CredentialsUncheckedCreateInput
+    const { id: credentialsId } = await prisma.credentials.create({
+      data: credentials,
+    })
+    const queryParams = stringify({ blockId, credentialsId })
+    res.redirect(
+      `${redirectUrl}?${queryParams}` ?? `${process.env.NEXTAUTH_URL}`
+    )
+  }
+}
+
+export default withSentry(handler)

apps/builder/src/pages/api/credentials/google-sheets/consent-url.ts

@@ -0,0 +1,23 @@
+import { withSentry } from '@sentry/nextjs'
+import { oauth2Client } from '@/lib/googleSheets'
+import { NextApiRequest, NextApiResponse } from 'next'
+
+export const googleSheetsScopes = [
+  'https://www.googleapis.com/auth/userinfo.email',
+  'https://www.googleapis.com/auth/spreadsheets',
+  'https://www.googleapis.com/auth/drive.readonly',
+]
+
+const handler = (req: NextApiRequest, res: NextApiResponse) => {
+  if (req.method === 'GET') {
+    const url = oauth2Client.generateAuthUrl({
+      access_type: 'offline',
+      scope: googleSheetsScopes,
+      prompt: 'consent',
+      state: Buffer.from(JSON.stringify(req.query)).toString('base64'),
+    })
+    res.status(301).redirect(url)
+  }
+}
+
+export default withSentry(handler)