packages/lib/server-only/public-api/get-user-by-token.ts

import { prisma } from '@documenso/prisma';

import { hashString } from '../auth/hash';

export const getUserByApiToken = async ({ token }: { token: string }) => {
  const hashedToken = hashString(token);

  const user = await prisma.user.findFirst({
    where: {
      ApiToken: {
        some: {
          token: hashedToken,
        },
      },
    },
    include: {
      ApiToken: true,
    },
  });

  if (!user) {
    throw new Error('Invalid token');
  }

  const retrievedToken = user.ApiToken.find((apiToken) => apiToken.token === hashedToken);

  // This should be impossible but we need to satisfy TypeScript
  if (!retrievedToken) {
    throw new Error('Invalid token');
  }

  if (retrievedToken.expires && retrievedToken.expires < new Date()) {
    throw new Error('Expired token');
  }

  return user;
};
feat: add authorization for api calls 2023-11-30 14:39:31 +02:00			`import { prisma } from '@documenso/prisma';`

chore: implemented feedback 2023-12-21 16:02:02 +02:00			`import { hashString } from '../auth/hash';`

			`export const getUserByApiToken = async ({ token }: { token: string }) => {`
			`const hashedToken = hashString(token);`

chore: implemented feedback + a small refactoring 2023-12-11 14:33:30 +02:00			`const user = await prisma.user.findFirst({`
feat: add authorization for api calls 2023-11-30 14:39:31 +02:00			`where: {`
			`ApiToken: {`
			`some: {`
chore: implemented feedback 2023-12-21 16:02:02 +02:00			`token: hashedToken,`
feat: add authorization for api calls 2023-11-30 14:39:31 +02:00			`},`
			`},`
			`},`
chore: implemented feedback + a small refactoring 2023-12-11 14:33:30 +02:00			`include: {`
			`ApiToken: true,`
			`},`
feat: add authorization for api calls 2023-11-30 14:39:31 +02:00			`});`

chore: implemented feedback + a small refactoring 2023-12-11 14:33:30 +02:00			`if (!user) {`
chore: implemented feedback 2023-12-14 11:05:39 +02:00			`throw new Error('Invalid token');`
chore: implemented feedback + a small refactoring 2023-12-11 14:33:30 +02:00			`}`

feat: create from template 2024-02-20 19:46:18 +11:00			`const retrievedToken = user.ApiToken.find((apiToken) => apiToken.token === hashedToken);`
chore: implemented feedback + a small refactoring 2023-12-11 14:33:30 +02:00
feat: create from template 2024-02-20 19:46:18 +11:00			`// This should be impossible but we need to satisfy TypeScript`
			`if (!retrievedToken) {`
			`throw new Error('Invalid token');`
			`}`

			`if (retrievedToken.expires && retrievedToken.expires < new Date()) {`
chore: implemented feedback 2023-12-14 11:05:39 +02:00			`throw new Error('Expired token');`
chore: implemented feedback + a small refactoring 2023-12-11 14:33:30 +02:00			`}`

feat: add authorization for api calls 2023-11-30 14:39:31 +02:00			`return user;`
			`};`