📝 (api) Add protection to sendMessage api ref to test with auth token

Closes #369

apps/viewer/src/features/chat/api/procedures/sendMessageProcedure.ts

@@ -39,6 +39,7 @@ export const sendMessageProcedure = publicProcedure
       summary: 'Send a message',
       description:
         'To initiate a chat, do not provide a `sessionId` nor a `message`.\n\nContinue the conversation by providing the `sessionId` and the `message` that should answer the previous question.\n\nSet the `isPreview` option to `true` to chat with the non-published version of the typebot.',
+      protect: true,
     },
   })
   .input(sendMessageInputSchema)
@@ -215,7 +216,11 @@ const getTypebot = async (
 ): Promise<StartTypebot> => {
   if (typeof typebot !== 'string') return typebot
   if (isPreview && !userId && env('E2E_TEST') !== 'true')
-    throw new TRPCError({ code: 'NOT_FOUND', message: 'Typebot not found' })
+    throw new TRPCError({
+      code: 'UNAUTHORIZED',
+      message:
+        'You need to authenticate the request to start a bot in preview mode.',
+    })
   const typebotQuery = isPreview
     ? await prisma.typebot.findFirst({
         where: { id: typebot, workspace: { members: { some: { userId } } } },

packages/models/features/chat.ts

@@ -146,7 +146,7 @@ const startParamsSchema = z.object({
     .boolean()
     .optional()
     .describe(
-      "If set to `true`, it will start a Preview session with the unpublished bot and it won't be saved in the Results tab."
+      "If set to `true`, it will start a Preview session with the unpublished bot and it won't be saved in the Results tab. You need to be authenticated for this to work."
     ),
   resultId: z
     .string()