mirror of
https://github.com/formbricks/formbricks.git
synced 2026-01-25 03:09:24 -06:00
c4b4d2a312
* poc: use server session and api key validation on deletion * feat: use server session and api key validation on deletion and creation * feat: packages/lib/apiKey for apiKey services and auth * shubham/auth-for-api-key * fix: caching * feat: handle authorization for action creation, update, delete * feat: use cached method across and wrapper for authzn check * fix: club caching methods and use authzn errors * feat: add caching in canUserAccessApiKey * feat: add caching in canUserAccessAction and use Authzn error * fix: rename action to actionClass wherever needed * fix: use cache getActionClass * fix: make changes * fix: import --------- Co-authored-by: Matthias Nannt <mail@matthiasnannt.com>
22 lines
735 B
TypeScript
22 lines
735 B
TypeScript
import { hasUserEnvironmentAccess } from "../environment/auth";
|
|
import { getApiKey } from "./service";
|
|
import { unstable_cache } from "next/cache";
|
|
|
|
export const canUserAccessApiKey = async (userId: string, apiKeyId: string): Promise<boolean> =>
|
|
await unstable_cache(
|
|
async () => {
|
|
if (!userId) return false;
|
|
|
|
const apiKeyFromServer = await getApiKey(apiKeyId);
|
|
if (!apiKeyFromServer) return false;
|
|
|
|
const hasAccessToEnvironment = await hasUserEnvironmentAccess(userId, apiKeyFromServer.environmentId);
|
|
if (!hasAccessToEnvironment) return false;
|
|
|
|
return true;
|
|
},
|
|
|
|
[`users-${userId}-apiKeys-${apiKeyId}`],
|
|
{ revalidate: 30 * 60, tags: [`apiKeys-${apiKeyId}`] }
|
|
)(); // 30 minutes
|