From 140185d29d83e9f129dadce27362171c2d8116c9 Mon Sep 17 00:00:00 2001 From: Recoup Agent Date: Sat, 21 Mar 2026 15:04:55 +0000 Subject: [PATCH] refactor: use validateAuthContext in keys handlers for x-api-key support Replace getAuthenticatedAccountId (Bearer-only) with validateAuthContext in GET/POST/DELETE /api/keys handlers so CLI users authenticating via x-api-key header can manage their API keys. Co-Authored-By: Claude Sonnet 4.6 --- lib/keys/createApiKeyHandler.ts | 12 ++++++------ lib/keys/deleteApiKeyHandler.ts | 12 ++++++------ lib/keys/getApiKeysHandler.ts | 12 ++++++------ 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/lib/keys/createApiKeyHandler.ts b/lib/keys/createApiKeyHandler.ts index 22d6aa48..88fe851b 100644 --- a/lib/keys/createApiKeyHandler.ts +++ b/lib/keys/createApiKeyHandler.ts @@ -1,12 +1,12 @@ import { NextRequest, NextResponse } from "next/server"; import { getCorsHeaders } from "@/lib/networking/getCorsHeaders"; import { validateCreateApiKeyBody } from "@/lib/keys/validateCreateApiKeyBody"; -import { getAuthenticatedAccountId } from "@/lib/auth/getAuthenticatedAccountId"; +import { validateAuthContext } from "@/lib/auth/validateAuthContext"; import { createKey } from "@/lib/keys/createKey"; /** * Handler for creating a new API key for the authenticated account. - * Requires authentication via Bearer token in Authorization header. + * Supports both x-api-key header and Authorization Bearer token. * * Body parameters: * - key_name (required): The name for the API key @@ -16,11 +16,11 @@ import { createKey } from "@/lib/keys/createKey"; */ export async function createApiKeyHandler(request: NextRequest): Promise { try { - const accountIdOrError = await getAuthenticatedAccountId(request); - if (accountIdOrError instanceof NextResponse) { - return accountIdOrError; + const authResult = await validateAuthContext(request); + if (authResult instanceof NextResponse) { + return authResult; } - const accountId = accountIdOrError; + const { accountId } = authResult; const body = await request.json(); diff --git a/lib/keys/deleteApiKeyHandler.ts b/lib/keys/deleteApiKeyHandler.ts index 6a9652fe..a9534422 100644 --- a/lib/keys/deleteApiKeyHandler.ts +++ b/lib/keys/deleteApiKeyHandler.ts @@ -2,12 +2,12 @@ import { NextRequest, NextResponse } from "next/server"; import { getCorsHeaders } from "@/lib/networking/getCorsHeaders"; import { validateDeleteApiKeyBody } from "@/lib/keys/validateDeleteApiKeyBody"; import { deleteApiKey } from "@/lib/supabase/account_api_keys/deleteApiKey"; -import { getAuthenticatedAccountId } from "@/lib/auth/getAuthenticatedAccountId"; +import { validateAuthContext } from "@/lib/auth/validateAuthContext"; import { getApiKeys } from "@/lib/supabase/account_api_keys/getApiKeys"; /** * Handler for deleting an API key. - * Requires authentication via Bearer token in Authorization header. + * Supports both x-api-key header and Authorization Bearer token. * Only allows deleting keys that belong to the authenticated account. * * Body parameters: @@ -18,11 +18,11 @@ import { getApiKeys } from "@/lib/supabase/account_api_keys/getApiKeys"; */ export async function deleteApiKeyHandler(request: NextRequest): Promise { try { - const accountIdOrError = await getAuthenticatedAccountId(request); - if (accountIdOrError instanceof NextResponse) { - return accountIdOrError; + const authResult = await validateAuthContext(request); + if (authResult instanceof NextResponse) { + return authResult; } - const accountId = accountIdOrError; + const { accountId } = authResult; const body = await request.json(); diff --git a/lib/keys/getApiKeysHandler.ts b/lib/keys/getApiKeysHandler.ts index 29251fa9..a87ae3e1 100644 --- a/lib/keys/getApiKeysHandler.ts +++ b/lib/keys/getApiKeysHandler.ts @@ -1,22 +1,22 @@ import { NextRequest, NextResponse } from "next/server"; import { getCorsHeaders } from "@/lib/networking/getCorsHeaders"; import { getApiKeys } from "@/lib/supabase/account_api_keys/getApiKeys"; -import { getAuthenticatedAccountId } from "@/lib/auth/getAuthenticatedAccountId"; +import { validateAuthContext } from "@/lib/auth/validateAuthContext"; /** * Handler for retrieving API keys for the authenticated account. - * Requires authentication via Bearer token in Authorization header. + * Supports both x-api-key header and Authorization Bearer token. * * @param request - The request object. * @returns A NextResponse with the API keys. */ export async function getApiKeysHandler(request: NextRequest): Promise { try { - const accountIdOrError = await getAuthenticatedAccountId(request); - if (accountIdOrError instanceof NextResponse) { - return accountIdOrError; + const authResult = await validateAuthContext(request); + if (authResult instanceof NextResponse) { + return authResult; } - const accountId = accountIdOrError; + const { accountId } = authResult; const { data, error } = await getApiKeys({ accountId });