refactor(api): migrate 38 routes to withAuth + 401 JSON for /api (Phase 1)#16
Merged
Conversation
Completes the withAuth rollout started in the foundation PR. All standard user-authed routes now use withAuth instead of hand-rolling createClient()+getUser()→401, eliminating three stylistic variants of the same boilerplate. Auth-only, mechanical: success/error response payloads are preserved verbatim (no ok()/fail() conversion), as are maxDuration exports, streaming responses, business logic, and status codes. Middleware: unauthenticated /api/* now gets a 401 JSON envelope instead of a 307 redirect to /login (fetch clients can't follow that). Page navigations still redirect; webhook routes and /api/auth stay bypassed. Excluded (still hand-roll auth, intentionally): auth/callback (Supabase login plumbing), integrations/slack/oauth + slack/callback (delicate OAuth redirect flows). Integration webhook routes never used getUser. Minor behavior notes: signals 401 body drops a `success:false` field (401 path only); convergence/snapshots runs auth before its 400 param check (401 now precedes 400 for that edge case). graph GET reads were already public and stay unwrapped (protected by middleware). Updated co-located route tests to pass a Request to wrapped handlers. Verified: tsc 0, lint 0, 560 tests pass.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Completes the
withAuthrollout started in #14. 38 routes migrated from hand-rolledcreateClient()+getUser()→401 boilerplate (three stylistic variants) to the singlewithAuthwrapper. 40 routes total now use it.Auth-only and mechanical — success/error response payloads preserved verbatim (no
ok()/fail()conversion), as aremaxDurationexports, streaming responses, business logic, and status codes. Done via 5 parallel agents on disjoint file sets, then verified centrally.Middleware: unauthenticated
/api/*now returns a 401 JSON envelope instead of a 307 redirect to/login— fetch clients can't follow that redirect and were getting an opaque HTML response. Page navigations still redirect; webhook routes and/api/authstay bypassed.Excluded (intentionally still hand-roll auth)
auth/callback— Supabase login plumbing; wrapping it would break loginintegrations/slack/oauth+slack/callback— delicate OAuth redirect/cookie flows, low consistency valueslack/events,notion/webhook,folk/sync) never usedgetUser(HMAC-verified)Minor behavior notes (reviewed, judged safe)
signals401 body drops asuccess:falsefield — 401 path only; clients treat 401 as auth-fail regardless.convergence/snapshotsnow runs auth before itsgoal_space_id400 check, so an unauthenticated request missing the param gets 401 instead of 400 (401 is the more correct precedence).graph/edgesGET andgraph/nodesGET were already public reads with no auth check — left unwrapped (protected by middleware); wrapping would have added a new 401 path (a behavior change beyond an auth-only transform).Test plan
tsc --noEmit→ 0 errorseslint .→ 0 errorsvitest run→ 560 pass (co-located route tests updated to pass aRequestto wrapped handlers)reflection/run) and param (edges/[id], nestedportfolios/[id]/steps/[step]) migrations by handFinal Phase 1 PR alongside merged #13/#14/#15. Remaining Phase 1 items — generated Supabase types + migrations-dir reorg — are deferred pending the Supabase CLI.