64ce70daa4
- NextAuth v5 with email+password credentials, JWT sessions - Registration, login, email verification, password reset flows - Stripe integration: Free (15/day), Starter ($5/1k/mo), Pro ($20/100k/mo) - API key management (cb_ prefix) with hash-based validation - Dashboard with generations history, settings, billing management - Rate limiting: Redis daily counter (free), DB monthly (paid) - Generate route auth: Bearer API key + session, anonymous allowed - Worker userId propagation for generation history - Pricing section on landing page, auth-aware navbar - Middleware with route protection, CORS for codeboard.vectry.tech - Docker env vars for auth, Stripe, email (smtp.migadu.com)
34 lines
698 B
TypeScript
34 lines
698 B
TypeScript
import { createHash } from "crypto";
|
|
import { prisma } from "@/lib/prisma";
|
|
|
|
export async function validateApiKey(bearerToken: string) {
|
|
const keyHash = createHash("sha256").update(bearerToken).digest("hex");
|
|
|
|
const apiKey = await prisma.apiKey.findFirst({
|
|
where: { keyHash, revoked: false },
|
|
include: {
|
|
user: {
|
|
include: {
|
|
subscription: true,
|
|
},
|
|
},
|
|
},
|
|
});
|
|
|
|
if (!apiKey) return null;
|
|
|
|
prisma.apiKey
|
|
.update({
|
|
where: { id: apiKey.id },
|
|
data: { lastUsedAt: new Date() },
|
|
})
|
|
.catch(() => {});
|
|
|
|
return {
|
|
userId: apiKey.userId,
|
|
user: apiKey.user,
|
|
subscription: apiKey.user.subscription,
|
|
apiKey,
|
|
};
|
|
}
|