Cossale/kepler-chat
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use unverified session token to pass to mutations

Browse source
This commit is contained in:
Aidan Bleser 2025-06-17 13:00:02 -05:00
parent bd3fa47711
commit e4bb379d77
1 changed files with 21 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

51
src/routes/api/generate-message/+server.ts
View file

@ -1,7 +1,6 @@
import { PUBLIC_CONVEX_URL } from '$env/static/public'; import { PUBLIC_CONVEX_URL } from '$env/static/public';
import { api } from '$lib/backend/convex/_generated/api'; import { api } from '$lib/backend/convex/_generated/api';
import type { Doc, Id } from '$lib/backend/convex/_generated/dataModel'; import type { Doc, Id } from '$lib/backend/convex/_generated/dataModel';
import type { SessionObj } from '$lib/backend/convex/betterAuth';
import { Provider } from '$lib/types'; import { Provider } from '$lib/types';
import { error, json, type RequestHandler } from '@sveltejs/kit'; import { error, json, type RequestHandler } from '@sveltejs/kit';
import { ConvexHttpClient } from 'convex/browser'; import { ConvexHttpClient } from 'convex/browser';
@ -11,6 +10,7 @@ import { waitUntil } from '@vercel/functions';
import { z } from 'zod/v4'; import { z } from 'zod/v4';
import type { ChatCompletionSystemMessageParam } from 'openai/resources'; import type { ChatCompletionSystemMessageParam } from 'openai/resources';
import { getSessionCookie } from 'better-auth/cookies';
// Set to true to enable debug logging // Set to true to enable debug logging
const ENABLE_LOGGING = true; const ENABLE_LOGGING = true;
@ -44,13 +44,13 @@ const client = new ConvexHttpClient(PUBLIC_CONVEX_URL);
async function generateConversationTitle({ async function generateConversationTitle({
conversationId, conversationId,
session, sessionToken,
startTime, startTime,
keyResultPromise, keyResultPromise,
userMessage, userMessage,
}: { }: {
conversationId: string; conversationId: string;
session: SessionObj; sessionToken: string;
startTime: number; startTime: number;
keyResultPromise: ResultAsync<string | null, string>; keyResultPromise: ResultAsync<string | null, string>;
userMessage: string; userMessage: string;
@ -73,7 +73,7 @@ async function generateConversationTitle({
// Only generate title if conversation currently has default title // Only generate title if conversation currently has default title
const conversationResult = await ResultAsync.fromPromise( const conversationResult = await ResultAsync.fromPromise(
client.query(api.conversations.get, { client.query(api.conversations.get, {
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to get conversations: ${e}` (e) => `Failed to get conversations: ${e}`
); );
@ -134,7 +134,7 @@ Generate only the title based on what the user is asking for, nothing else:`;
client.mutation(api.conversations.updateTitle, { client.mutation(api.conversations.updateTitle, {
conversation_id: conversationId as Id<'conversations'>, conversation_id: conversationId as Id<'conversations'>,
title: generatedTitle, title: generatedTitle,
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to update conversation title: ${e}` (e) => `Failed to update conversation title: ${e}`
); );
@ -149,14 +149,14 @@ Generate only the title based on what the user is asking for, nothing else:`;
async function generateAIResponse({ async function generateAIResponse({
conversationId, conversationId,
session, sessionToken,
startTime, startTime,
modelResultPromise, modelResultPromise,
keyResultPromise, keyResultPromise,
rulesResultPromise, rulesResultPromise,
}: { }: {
conversationId: string; conversationId: string;
session: SessionObj; sessionToken: string;
startTime: number; startTime: number;
keyResultPromise: ResultAsync<string | null, string>; keyResultPromise: ResultAsync<string | null, string>;
modelResultPromise: ResultAsync<Doc<'user_enabled_models'> | null, string>; modelResultPromise: ResultAsync<Doc<'user_enabled_models'> | null, string>;
@ -170,7 +170,7 @@ async function generateAIResponse({
ResultAsync.fromPromise( ResultAsync.fromPromise(
client.query(api.messages.getAllFromConversation, { client.query(api.messages.getAllFromConversation, {
conversation_id: conversationId as Id<'conversations'>, conversation_id: conversationId as Id<'conversations'>,
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to get messages: ${e}` (e) => `Failed to get messages: ${e}`
), ),
@ -271,7 +271,7 @@ ${attachedRules.map((r) => `- ${r.name}: ${r.rule}`).join('\n')}`,
conversation_id: conversationId, conversation_id: conversationId,
content: '', content: '',
role: 'assistant', role: 'assistant',
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to create assistant message: ${e}` (e) => `Failed to create assistant message: ${e}`
); );
@ -297,7 +297,7 @@ ${attachedRules.map((r) => `- ${r.name}: ${r.rule}`).join('\n')}`,
client.mutation(api.messages.updateContent, { client.mutation(api.messages.updateContent, {
message_id: mid, message_id: mid,
content, content,
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to update message content: ${e}` (e) => `Failed to update message content: ${e}`
); );
@ -319,7 +319,7 @@ ${attachedRules.map((r) => `- ${r.name}: ${r.rule}`).join('\n')}`,
client.mutation(api.conversations.updateGenerating, { client.mutation(api.conversations.updateGenerating, {
conversation_id: conversationId as Id<'conversations'>, conversation_id: conversationId as Id<'conversations'>,
generating: false, generating: false,
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to update generating status: ${e}` (e) => `Failed to update generating status: ${e}`
); );
@ -360,21 +360,12 @@ export const POST: RequestHandler = async ({ request }) => {
log('Schema validation passed', startTime); log('Schema validation passed', startTime);
const sessionResult = await ResultAsync.fromPromise( const cookie = getSessionCookie(request.headers);
client.query(api.betterAuth.publicGetSession, {
session_token: args.session_token,
}),
(e) => `Failed to get session: ${e}`
);
if (sessionResult.isErr()) { const sessionToken = cookie?.split('.')[0] ?? null;
log(`Session query failed: ${sessionResult.error}`, startTime);
return error(401, 'Failed to authenticate');
}
const session = sessionResult.value; if (!sessionToken) {
if (!session) { log(`No session token found`, startTime);
log('No session found - unauthorized', startTime);
return error(401, 'Unauthorized'); return error(401, 'Unauthorized');
} }
@ -382,7 +373,7 @@ export const POST: RequestHandler = async ({ request }) => {
client.query(api.user_enabled_models.get, { client.query(api.user_enabled_models.get, {
provider: Provider.OpenRouter, provider: Provider.OpenRouter,
model_id: args.model_id, model_id: args.model_id,
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to get model: ${e}` (e) => `Failed to get model: ${e}`
); );
@ -390,14 +381,14 @@ export const POST: RequestHandler = async ({ request }) => {
const keyResultPromise = ResultAsync.fromPromise( const keyResultPromise = ResultAsync.fromPromise(
client.query(api.user_keys.get, { client.query(api.user_keys.get, {
provider: Provider.OpenRouter, provider: Provider.OpenRouter,
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to get API key: ${e}` (e) => `Failed to get API key: ${e}`
); );
const rulesResultPromise = ResultAsync.fromPromise( const rulesResultPromise = ResultAsync.fromPromise(
client.query(api.user_rules.all, { client.query(api.user_rules.all, {
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to get rules: ${e}` (e) => `Failed to get rules: ${e}`
); );
@ -410,7 +401,7 @@ export const POST: RequestHandler = async ({ request }) => {
client.mutation(api.conversations.createAndAddMessage, { client.mutation(api.conversations.createAndAddMessage, {
content: args.message, content: args.message,
role: 'user', role: 'user',
session_token: session.token, session_token: sessionToken,
}), }),
(e) => `Failed to create conversation: ${e}` (e) => `Failed to create conversation: ${e}`
); );
@ -427,7 +418,7 @@ export const POST: RequestHandler = async ({ request }) => {
waitUntil( waitUntil(
generateConversationTitle({ generateConversationTitle({
conversationId, conversationId,
session, sessionToken,
startTime, startTime,
keyResultPromise, keyResultPromise,
userMessage: args.message, userMessage: args.message,
@ -460,7 +451,7 @@ export const POST: RequestHandler = async ({ request }) => {
waitUntil( waitUntil(
generateAIResponse({ generateAIResponse({
conversationId, conversationId,
session, sessionToken,
startTime, startTime,
modelResultPromise, modelResultPromise,
keyResultPromise, keyResultPromise,