makearmy/makearmy-app
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases Packages Wiki Activity Actions

small directus lib patch for auth

Browse source
This commit is contained in:
makearmy 2025-09-26 11:51:03 -04:00
parent 5d2c668bad
commit 01c0d37d03
1 changed files with 154 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

208
lib/directus.ts
View file

@ -1,17 +1,18 @@
// lib/directus.ts
// Central Directus helpers used by API routes. Minimal hard-coding, robust parsing.
// Central Directus helpers used by API routes.
const BASE = process.env.DIRECTUS_URL!;
const TOKEN_SUBMIT =
process.env.DIRECTUS_TOKEN_SUBMIT ??
process.env.DIRECTUS_STATIC_TOKEN ??
process.env.DIRECTUS_TOKEN ??
"";
const TOKEN_SUBMIT = process.env.DIRECTUS_TOKEN_SUBMIT!;
const TOKEN_ADMIN_REGISTER = process.env.DIRECTUS_TOKEN_ADMIN_REGISTER || "";
const ROLE_MEMBER_ID_ENV = process.env.DIRECTUS_ROLE_MEMBER_ID || "";
const ROLE_MEMBER_NAME_ENV = process.env.DIRECTUS_ROLE_MEMBER_NAME || "Users";
const PROJECTS_COLLECTION =
process.env.DIRECTUS_PROJECTS_COLLECTION || "projects";
if (!BASE) console.warn("[directus] Missing DIRECTUS_URL");
if (!TOKEN_SUBMIT) console.warn("[directus] Missing submit token (DIRECTUS_TOKEN_SUBMIT / DIRECTUS_STATIC_TOKEN / DIRECTUS_TOKEN)");
if (!TOKEN_SUBMIT) console.warn("[directus] Missing DIRECTUS_TOKEN_SUBMIT");
if (!TOKEN_ADMIN_REGISTER) console.warn("[directus] Missing DIRECTUS_TOKEN_ADMIN_REGISTER (used for registration)");
export function bytesFromMB(mb: number) {
return Math.round(mb * 1024 * 1024);
@ -30,11 +31,7 @@ async function parseJsonSafe(res: Response) {
return { json, text };
}
/**
* directusFetch:
* - Adds Authorization + Accept headers
* - Parses JSON safely and throws with readable error text on !ok
*/
/** directusFetch with the SUBMIT token (used by options + settings submit) */
export async function directusFetch<T = any>(
path: string,
init?: RequestInit
@ -46,7 +43,30 @@ export async function directusFetch<T = any>(
Authorization: `Bearer ${TOKEN_SUBMIT}`,
...(init?.headers || {}),
},
cache: "no-store",
});
const { json, text } = await parseJsonSafe(res);
if (!res.ok) {
throw new Error(`Directus error ${res.status}: ${text || res.statusText}`);
}
return (json ?? {}) as T;
}
/** Same as above, but uses the ADMIN REGISTER token */
export async function directusAdminFetch<T = any>(
path: string,
init?: RequestInit
): Promise<T> {
if (!TOKEN_ADMIN_REGISTER) {
throw new Error("Missing DIRECTUS_TOKEN_ADMIN_REGISTER");
}
const res = await fetch(`${BASE}${path}`, {
...init,
headers: {
Accept: "application/json",
Authorization: `Bearer ${TOKEN_ADMIN_REGISTER}`,
...(init?.headers || {}),
},
});
const { json, text } = await parseJsonSafe(res);
@ -57,9 +77,10 @@ export async function directusFetch<T = any>(
}
/*
* Folder lookup (by "path" = "<parent>/<child>") with caching.
* Requires READ on directus_folders to fully resolve, but gracefully
* degrades (returns undefined) if forbidden/not found.
* On-the-fly folder lookup by "path" = "<parent>/<child>"
* Caches results in-memory. If lookup is forbidden (403) or not found,
* we return undefined and uploads proceed without a folder.
* Requires READ on directus_folders (id,name,parent.name) to fully work.
* */
type FolderItem = {
@ -75,7 +96,7 @@ let folderListCacheAt = 0;
async function fetchAllFolders(): Promise<FolderItem[] | null> {
try {
const q = `/folders?fields=id,name,parent.id,parent.name&limit=500`;
const res = await directusFetch<{ data: FolderItem[] }>(q);
const res = await directusAdminFetch<{ data: FolderItem[] }>(q);
return res?.data ?? [];
} catch (e: any) {
console.warn("[directus] fetchAllFolders failed:", e?.message || e);
@ -121,8 +142,10 @@ async function getFolderIdByPath(path: string): Promise<string | undefined> {
/**
* uploadFile:
* Uploads a file and (optionally) sets the folder **at create time**
* so we don't need UPDATE permission on directus_files.
* Robustly uploads a file (Blob/File). Accepts optional folder routing:
* - options.folderId: direct UUID if you have it
* - options.folderNamePath: "<parent>/<child>" lookup via /folders
* Also sets filename_download & optional title.
*/
export async function uploadFile(
file: Blob | File,
@ -136,7 +159,11 @@ export async function uploadFile(
let folderId = options?.folderId;
if (!folderId && options?.folderNamePath) {
folderId = await getFolderIdByPath(options.folderNamePath);
try {
folderId = await getFolderIdByPath(options.folderNamePath);
} catch {
// ignore; proceed without a folder
}
}
if (folderId) form.set("folder", folderId);
@ -152,11 +179,14 @@ export async function uploadFile(
const { json, text } = await parseJsonSafe(res);
if (!res.ok) {
throw new Error(
`File upload failed: status=${res.status} ${res.statusText} body=${(text || "").slice(0, 400) || "<empty>"}`
`File upload failed: status=${res.status} ${res.statusText} body=${(text || "").slice(
0,
400
) || "<empty>"}`
);
}
const id = json?.data?.submission_id ?? json?.data?.id ?? json?.submission_id ?? json?.id;
const id = json?.data?.id ?? json?.id;
if (!id) throw new Error("File upload succeeded but no id returned");
return { id: String(id) };
}
@ -165,51 +195,121 @@ export async function uploadFile(
export async function createSettingsItem(
collection: string,
payload: any
): Promise<{ data: any }> {
return directusFetch<{ data: any }>(`/items/${collection}`, {
): Promise<{ data: { id: string } }> {
return directusFetch<{ data: { id: string } }>(`/items/${collection}`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
});
}
/** Project helpers (used by app/api/submit/project/route.ts) */
/**
* Project helpers (used by app/api/submit/project/route.ts)
* Collection can be overridden via DIRECTUS_PROJECTS_COLLECTION
* */
export async function createProjectRow(
payload: any
): Promise<{ data: any }> {
return directusFetch<{ data: any }>(`/items/${PROJECTS_COLLECTION}`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
});
): Promise<{ data: { id: string } }> {
return directusFetch<{ data: { id: string } }>(
`/items/${PROJECTS_COLLECTION}`,
{
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
}
);
}
export async function patchProject(
id: string | number,
payload: any
): Promise<{ data: any }> {
return directusFetch<{ data: any }>(`/items/${PROJECTS_COLLECTION}/${id}`, {
method: "PATCH",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
});
): Promise<{ data: { id: string } }> {
return directusFetch<{ data: { id: string } }>(
`/items/${PROJECTS_COLLECTION}/${id}`,
{
method: "PATCH",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
}
);
}
// One-time diagnostic: log which role this token maps to (safe in prod)
(async () => {
if (!BASE || !TOKEN_SUBMIT) return;
try {
const r = await fetch(`${BASE}/users/me?fields=role.name`, {
headers: { Authorization: `Bearer ${TOKEN_SUBMIT}` },
cache: "no-store",
});
if (r.ok) {
const j = await r.json().catch(() => ({}));
console.log(`[directus] using role: ${j?.data?.role?.name ?? "unknown"}`);
} else {
console.warn(`[directus] whoami failed with ${r.status}`);
}
} catch (e: any) {
console.warn(`[directus] whoami error: ${e?.message ?? e}`);
/*
* Auth helpers (registration / login support)
* */
export async function resolveMemberRoleId(): Promise<string> {
if (ROLE_MEMBER_ID_ENV) return ROLE_MEMBER_ID_ENV;
// Fallback by role name (e.g., "Users")
const name = ROLE_MEMBER_NAME_ENV;
const q = `/roles?filter[name][_eq]=${encodeURIComponent(
name
)}&fields=id,name&limit=1`;
const { data } = await directusAdminFetch<{ data: Array<{ id: string }> }>(q);
const hit = data?.[0]?.id;
if (!hit) throw new Error(`Role not found: ${name}`);
return hit;
}
/** Create a Directus user (username required, email optional). */
export async function createDirectusUser(input: {
username: string;
password: string;
email?: string;
roleId?: string;
}): Promise<{ id: string }> {
const role = input.roleId || (await resolveMemberRoleId());
// If email is omitted, create a stable placeholder so login can still work.
const email =
input.email && input.email.trim()
? input.email.trim()
: `${input.username}@noemail.local`;
const res = await directusAdminFetch<{ data: { id: string } }>(`/users`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
status: "active",
role,
username: input.username,
email,
password: input.password,
}),
});
return { id: String(res?.data?.id) };
}
/** Find user's email by username (returns null if not found) */
export async function emailForUsername(username: string): Promise<string | null> {
const q = `/users?filter[username][_eq]=${encodeURIComponent(
username
)}&fields=email&limit=1`;
const { data } = await directusAdminFetch<{ data: Array<{ email?: string }> }>(
q
);
const em = data?.[0]?.email;
return em ? String(em) : null;
}
/** Proxy Directus /auth/login and return tokens (email required here). */
export async function loginDirectus(email: string, password: string) {
const res = await fetch(`${BASE}/auth/login`, {
method: "POST",
headers: {
Accept: "application/json",
"Content-Type": "application/json",
},
body: JSON.stringify({ email, password }),
});
const { json, text } = await parseJsonSafe(res);
if (!res.ok) {
throw new Error(`Directus error ${res.status}: ${text || res.statusText}`);
}
})();
// Directus typically returns { data: { access_token, refresh_token, expires } }
return json?.data ?? json;
}