authenticated endpoints

2025-06-16 13:30:29 +01:00 · 2025-06-16 13:30:29 +01:00 · de4f4f6519
commit de4f4f6519
parent 8126f118be
4 changed files with 32 additions and 0 deletions
--- a/src/lib/backend/convex/user_enabled_models.ts
+++ b/src/lib/backend/convex/user_enabled_models.ts
@ -3,6 +3,7 @@ import { v } from 'convex/values';
 import { providerValidator } from './schema';
 import * as array from '../../utils/array';
 import * as object from '../../utils/object';
+import { internal } from './_generated/api';

 export const get_enabled = query({
 	args: {
@ -42,8 +43,17 @@ export const set = mutation({
 		model_id: v.string(),
 		user_id: v.string(),
 		enabled: v.boolean(),
+		session_token: v.string(),
 	},
 	handler: async (ctx, args) => {
+		const session = await ctx.runQuery(internal.betterAuth.getSession, {
+			sessionToken: args.session_token,
+		});
+
+		if (!session) {
+			throw new Error('Unauthorized');
+		}
+
 		const existing = await ctx.db
 			.query('user_enabled_models')
 			.withIndex('by_model_provider', (q) =>
--- a/src/lib/backend/convex/user_keys.ts
+++ b/src/lib/backend/convex/user_keys.ts
@ -1,5 +1,6 @@
 import { v } from 'convex/values';
 import { Provider } from '../../types';
+import { internal } from './_generated/api';
 import { mutation, query } from './_generated/server';
 import { providerValidator } from './schema';

@ -27,8 +28,17 @@ export const get = query({
 	args: {
 		user_id: v.string(),
 		provider: providerValidator,
+		session_token: v.string(),
 	},
 	handler: async (ctx, args) => {
+		const session = await ctx.runQuery(internal.betterAuth.getSession, {
+			sessionToken: args.session_token,
+		});
+
+		if (!session) {
+			throw new Error('Unauthorized');
+		}
+
 		const key = await ctx.db
 			.query('user_keys')
 			.withIndex('by_provider_user', (q) =>
@ -45,8 +55,17 @@ export const set = mutation({
 		provider: providerValidator,
 		user_id: v.string(),
 		key: v.string(),
+		session_token: v.string(),
 	},
 	handler: async (ctx, args) => {
+		const session = await ctx.runQuery(internal.betterAuth.getSession, {
+			sessionToken: args.session_token,
+		});
+
+		if (!session) {
+			throw new Error('Unauthorized');
+		}
+
 		const existing = await ctx.db
 			.query('user_keys')
 			.withIndex('by_provider_user', (q) =>
--- a/src/routes/account/api-keys/provider-card.svelte
+++ b/src/routes/account/api-keys/provider-card.svelte
@ -23,6 +23,7 @@
 	const keyQuery = useCachedQuery(api.user_keys.get, {
 		user_id: session.current?.user.id ?? '',
 		provider,
+		session_token: session.current?.session.token ?? '',
 	});

 	const client = useConvexClient();
@ -44,6 +45,7 @@
 				provider,
 				user_id: session.current?.user.id ?? '',
 				key: `${key}`,
+				session_token: session.current?.session.token,
 			}),
 			(e) => e
 		);
--- a/src/routes/account/models/model-card.svelte
+++ b/src/routes/account/models/model-card.svelte
@ -46,6 +46,7 @@
 				user_id: session.current.user.id,
 				model_id: model.id,
 				enabled: v,
+				session_token: session.current?.session.token,
 			}),
 			(e) => e
 		);