console/packages/web/app/pages/api/auth/[[...path]].ts

import { superTokensNextWrapper } from 'supertokens-node/nextjs';
import { middleware } from 'supertokens-node/framework/express';
import { NextApiRequest, NextApiResponse } from 'next';
import { Request, Response } from 'express';
import supertokens from 'supertokens-node';
import { backendConfig } from '@/config/backend-config';
import NextCors from 'nextjs-cors';
import { env } from '@/env/backend';

supertokens.init(backendConfig());

/**
 * Route for proxying to the underlying SuperTokens backend.
 */
export default async function superTokens(req: NextApiRequest & Request, res: NextApiResponse & Response) {
  // NOTE: We need CORS only if we are querying the APIs from a different origin
  await NextCors(req, res, {
    methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'],
    origin: env.appBaseUrl,
    credentials: true,
    allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()],
  });

  await superTokensNextWrapper(
    async next => {
      await middleware()(req, res, next);
    },
    req,
    res
  );

  if (!res.writableEnded) {
    res.status(404).send('Not found');
  }
}
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> 2022-09-06 07:38:31 +00:00			`import { superTokensNextWrapper } from 'supertokens-node/nextjs';`
			`import { middleware } from 'supertokens-node/framework/express';`
			`import { NextApiRequest, NextApiResponse } from 'next';`
			`import { Request, Response } from 'express';`
			`import supertokens from 'supertokens-node';`
			`import { backendConfig } from '@/config/backend-config';`
			`import NextCors from 'nextjs-cors';`
feat: clean app env (#422) * feat: document environment variables * more env documentation * wip * add noop for backend env * typo * feat: embed environment validation/parsing in built app * fix the sentry integration 😌 * feat: use env * feat: decode the usage service environment * feat: decode the webhooks service environment * feat: disallow process.env * feat: decode the tokens service environment * feat: decode the stripe-billing service environment * feat: decode server service environment * feat: decode schema service environment * feat: decode rate-limit service environment * feat: decode usage-estimator service environment * feat: decode emails service environment * adjust env * remove commented out code * adjust env variable name * use separate env variables * env fixes * more environmental stuff :) * ... * replace POSTGRES_CONNECTION_STRING with specific environment variables * handle optional clickhouse (for now :) * add missing POSTGRES_DB environment variable * make ENVIRONMENT optional * the other matters lol * feat: support delivering mails via SMTP (#412) * feat: optional CDN (#410) * feat: optional CDN * enable CDN in deployment * enable the CDN in integration tests * add sendmail provider * remove unused env variables from the deployment * only show login alert when legacy auth0 migration is enabled * feat: make TOKENS_ENDPOINT mandatory and RATE_LIMIT_ENDPOINT optional for usage service * feat: upgrade supertokens and enable server side email confirmation (#423) * feat: upgrade supertokens and enable server side email confirmation * feat: opt into required email verification * docs: self hosting (#428) * docs: self-hosting quick start * Update packages/web/docs/pages/self-hosting/get-started.mdx Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * feat: optional GitHub and Slack environment variables (#440) * feat: optional github integration environment variables * feat: optional slack integration (#441) * use latest stable supertokens Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> 2022-10-04 12:30:21 +00:00			`import { env } from '@/env/backend';`
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> 2022-09-06 07:38:31 +00:00
			`supertokens.init(backendConfig());`

			`/**`
			`* Route for proxying to the underlying SuperTokens backend.`
			`*/`
			`export default async function superTokens(req: NextApiRequest & Request, res: NextApiResponse & Response) {`
			`// NOTE: We need CORS only if we are querying the APIs from a different origin`
			`await NextCors(req, res, {`
			`methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'],`
feat: clean app env (#422) * feat: document environment variables * more env documentation * wip * add noop for backend env * typo * feat: embed environment validation/parsing in built app * fix the sentry integration 😌 * feat: use env * feat: decode the usage service environment * feat: decode the webhooks service environment * feat: disallow process.env * feat: decode the tokens service environment * feat: decode the stripe-billing service environment * feat: decode server service environment * feat: decode schema service environment * feat: decode rate-limit service environment * feat: decode usage-estimator service environment * feat: decode emails service environment * adjust env * remove commented out code * adjust env variable name * use separate env variables * env fixes * more environmental stuff :) * ... * replace POSTGRES_CONNECTION_STRING with specific environment variables * handle optional clickhouse (for now :) * add missing POSTGRES_DB environment variable * make ENVIRONMENT optional * the other matters lol * feat: support delivering mails via SMTP (#412) * feat: optional CDN (#410) * feat: optional CDN * enable CDN in deployment * enable the CDN in integration tests * add sendmail provider * remove unused env variables from the deployment * only show login alert when legacy auth0 migration is enabled * feat: make TOKENS_ENDPOINT mandatory and RATE_LIMIT_ENDPOINT optional for usage service * feat: upgrade supertokens and enable server side email confirmation (#423) * feat: upgrade supertokens and enable server side email confirmation * feat: opt into required email verification * docs: self hosting (#428) * docs: self-hosting quick start * Update packages/web/docs/pages/self-hosting/get-started.mdx Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * feat: optional GitHub and Slack environment variables (#440) * feat: optional github integration environment variables * feat: optional slack integration (#441) * use latest stable supertokens Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> 2022-10-04 12:30:21 +00:00			`origin: env.appBaseUrl,`
feat: replace auth0 with supertokens (#303) * add supertoken container to docker-compose file * yeah I am sorry this one big commit and I am ashamed of it * use logOut function * feat: show header on 404 page * feat: better handling for organization cookie when not authenticated * wrap it * check session within server side props * add is_admin flag user migration * simplify and annotate the config * fix: handle status codes + fix email/password sign up with import from auth0 * no hardcoded env pls * decode process.env * secure update user id mapping via a key * fix: login form * lol we don't need to hit the API * fix: do graphql api authorization via authorization header instead of cookie * implement isAdmin flag * fix: types :) * skipit * yo we can run this * set env variables * disable because it annoys the hell out of me * use the right host * add not about token length * refactor: decode environment variables * feat: store external user id from guthub/google provider in the database * workaround supertokens omitting null values from the token * re-enable check * i have no time for this shit * add missing env variable * fix: email test; missing domain extension * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> * configure pulumi deployment Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> * fix: env names * fix: link google account to the correct db record * feat: email confirmation emails * ? * bump ts-node * fix types * omit package form the bundle * remove it from dependencies... * add emails apckage to dev deps * resolve eslint issues * remove comments * update dev info + change env variable (no need to expose it on the frontend) * use correct user id lol Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com> Co-authored-by: Dotan Simha <dotansimha@gmail.com> 2022-09-06 07:38:31 +00:00			`credentials: true,`
			`allowedHeaders: ['content-type', ...supertokens.getAllCORSHeaders()],`
			`});`

			`await superTokensNextWrapper(`
			`async next => {`
			`await middleware()(req, res, next);`
			`},`
			`req,`
			`res`
			`);`

			`if (!res.writableEnded) {`
			`res.status(404).send('Not found');`
			`}`
			`}`