61268f870f
- NextAuth v5 credentials auth with registration/login pages - API key CRUD (create, list, revoke) with secure hashing - Stripe checkout, webhooks, and customer portal integration - Rate limiting per subscription tier - All dashboard API endpoints scoped to authenticated user - Prisma schema: User, Account, Session, ApiKey, plus Stripe fields - Auth middleware protecting dashboard and API routes Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-Claude) Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
34 lines
698 B
TypeScript
34 lines
698 B
TypeScript
import { createHash } from "crypto";
|
|
import { prisma } from "@/lib/prisma";
|
|
|
|
export async function validateApiKey(bearerToken: string) {
|
|
const keyHash = createHash("sha256").update(bearerToken).digest("hex");
|
|
|
|
const apiKey = await prisma.apiKey.findFirst({
|
|
where: { keyHash, revoked: false },
|
|
include: {
|
|
user: {
|
|
include: {
|
|
subscription: true,
|
|
},
|
|
},
|
|
},
|
|
});
|
|
|
|
if (!apiKey) return null;
|
|
|
|
prisma.apiKey
|
|
.update({
|
|
where: { id: apiKey.id },
|
|
data: { lastUsedAt: new Date() },
|
|
})
|
|
.catch(() => {});
|
|
|
|
return {
|
|
userId: apiKey.userId,
|
|
user: apiKey.user,
|
|
subscription: apiKey.user.subscription,
|
|
apiKey,
|
|
};
|
|
}
|