davidovic/infohliadka
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
860070a302059c207860f41d4a1b8b21f8c7cec0
infohliadka/lib/api-auth.ts
Lukas Davidovic 860070a302 migrate from SQLite to PostgreSQL with Drizzle ORM 
- Updated all packages to latest versions (React 19, Next.js 14.2.32)
- Replaced sqlite3 with pg and drizzle-orm dependencies
- Created complete PostgreSQL schema with relationships and indexes
- Migrated all API endpoints from SQLite to Drizzle queries
- Added database seeding with sample data
- Updated authentication to use bcrypt instead of pbkdf2
- Configured connection pooling for PostgreSQL
- Updated app version to 1.0.0
- All endpoints tested and working correctly
2025-09-06 12:56:33 +02:00

73 lines
1.8 KiB
TypeScript
Raw Blame History

import crypto from 'crypto'
import { db, schema } from './db/connection'
import { eq, and } from 'drizzle-orm'
export interface ApiKey {
id: number
keyHash: string
name: string
permissions: string[]
rateLimit: number
isActive: boolean
lastUsed?: Date
createdAt: Date
}
export function generateApiKey(): string {
return 'ak_' + crypto.randomBytes(32).toString('hex')
}
export function hashApiKey(key: string): string {
return crypto.createHash('sha256').update(key).digest('hex')
}
export async function validateApiKey(key: string): Promise<ApiKey | null> {
if (!key || !key.startsWith('ak_')) return null
const keyHash = hashApiKey(key)
try {
const apiKeys = await db.select()
.from(schema.apiKeys)
.where(and(
eq(schema.apiKeys.keyHash, keyHash),
eq(schema.apiKeys.isActive, true)
))
.limit(1)
if (apiKeys.length === 0) return null
const apiKey = apiKeys[0]
// Update last_used timestamp
await db.update(schema.apiKeys)
.set({ lastUsed: new Date() })
.where(eq(schema.apiKeys.id, apiKey.id))
return {
id: apiKey.id,
keyHash: apiKey.keyHash,
name: apiKey.name,
permissions: apiKey.permissions ? JSON.parse(apiKey.permissions) : [],
rateLimit: apiKey.rateLimit,
isActive: apiKey.isActive,
lastUsed: apiKey.lastUsed,
createdAt: apiKey.createdAt
}
} catch (error) {
console.error('API key validation error:', error)
return null
}
}
export function hasPermission(apiKey: ApiKey, permission: string): boolean {
return apiKey.permissions.includes('*') || apiKey.permissions.includes(permission)
}
export const ApiPermissions = {
READ_SOURCES: 'sources:read',
WRITE_SOURCES: 'sources:write',
READ_REPORTS: 'reports:read',
WRITE_REPORTS: 'reports:write',
ADMIN: '*'
} as const
Reference in New Issue View Git Blame Copy Permalink