makearmy/makearmy-app
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases Packages Wiki Activity Actions

remove unused DIRECTUS_TOKEN_SCHEMA_READ and schema helpers

Browse source
This commit is contained in:
makearmy 2025-09-29 12:53:37 -04:00
parent 3dc4f011d7
commit 8aa484c16c
2 changed files with 1 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.env.local
View file

@ -4,4 +4,3 @@ NEXT_PUBLIC_API_BASE_URL=https://forms.lasereverything.net
# Server-side (used by API routes)
DIRECTUS_URL=https://forms.lasereverything.net
DIRECTUS_TOKEN_ADMIN_REGISTER=l_QqNXKpi--Dt-hHDncHyBX0eiHNYZr7
DIRECTUS_TOKEN_SCHEMA_READ=BCaWlfTkuVIYyEnwBCXujLTIY6lScZbF

35
lib/directus.ts
View file

@ -1,9 +1,8 @@
// lib/directus.ts
// Central Directus helpers used by API routes. (SUBMIT token removed — user bearer only)
// Central Directus helpers used by API routes. (user bearer only)
const BASE = (process.env.DIRECTUS_URL || "").replace(/\/$/, "");
const TOKEN_ADMIN_REGISTER = process.env.DIRECTUS_TOKEN_ADMIN_REGISTER || ""; // server-only
const TOKEN_SCHEMA_READ = process.env.DIRECTUS_TOKEN_SCHEMA_READ || ""; // server-only
const ROLE_MEMBER_ID_ENV = process.env.DIRECTUS_ROLE_MEMBER_ID || "";
const ROLE_MEMBER_NAME_ENV = process.env.DIRECTUS_ROLE_MEMBER_NAME || "Users";
@ -12,8 +11,6 @@ const PROJECTS_COLLECTION = process.env.DIRECTUS_PROJECTS_COLLECTION || "project
if (!BASE) console.warn("[directus] Missing DIRECTUS_URL");
if (!TOKEN_ADMIN_REGISTER)
console.warn("[directus] Missing DIRECTUS_TOKEN_ADMIN_REGISTER (used for registration)");
if (!TOKEN_SCHEMA_READ)
console.warn("[directus] Missing DIRECTUS_TOKEN_SCHEMA_READ (used for schema reads)");
export function bytesFromMB(mb: number) {
return Math.round(mb * 1024 * 1024);
@ -34,8 +31,6 @@ function authHeaders(bearer: string, extra?: HeadersInit): HeadersInit {
return { Accept: "application/json", Authorization: `Bearer ${bearer}`, ...extra };
}
// Read response as text first; parse JSON if present so we never throw
// "Unexpected end of JSON input" for empty/HTML bodies.
async function parseJsonSafe(res: Response) {
const text = await res.text();
let json: any = null;
@ -89,9 +84,6 @@ export async function dxDELETE<T = any>(path: string, bearer: string): Promise<T
}
// ─────────────────────────────────────────────────────────────
// Admin/schema helpers — SERVER ONLY (never expose to client)
// ─────────────────────────────────────────────────────────────
/** Server-only admin fetch (registration flows, etc.) */
export async function directusAdminFetch<T = any>(path: string, init?: RequestInit): Promise<T> {
if (!TOKEN_ADMIN_REGISTER) throw new Error("Missing DIRECTUS_TOKEN_ADMIN_REGISTER");
@ -103,16 +95,6 @@ export async function directusAdminFetch<T = any>(path: string, init?: RequestIn
return (await throwIfNotOk(res)) as T;
}
/** Server-only schema/meta reads (no SUBMIT fallback) */
export async function dxSchemaGET<T = any>(path: string): Promise<T> {
if (!TOKEN_SCHEMA_READ) throw new Error("Missing DIRECTUS_TOKEN_SCHEMA_READ");
const res = await fetch(`${BASE}${path}`, {
headers: { Accept: "application/json", Authorization: `Bearer ${TOKEN_SCHEMA_READ}` },
cache: "no-store",
});
return (await throwIfNotOk(res)) as T;
}
// ─────────────────────────────────────────────────────────────
// Optional folder lookup (server-only if using admin token)
// ─────────────────────────────────────────────────────────────
@ -169,12 +151,6 @@ async function getFolderIdByPath(path: string): Promise<string | undefined> {
// Files & items — user bearer ONLY
// ─────────────────────────────────────────────────────────────
/**
* uploadFile:
* Upload a file as the CURRENT USER (bearer required).
* If you also pass folderNamePath, ensure this is called SERVER-SIDE
* so the admin token used in getFolderIdByPath never reaches the client.
*/
export async function uploadFile(
file: Blob | File,
filename: string,
@ -188,7 +164,6 @@ export async function uploadFile(
let folderId = options?.folderId;
if (!folderId && options?.folderNamePath) {
// SERVER-ONLY: resolve folder by path using admin fetch/cache
try { folderId = await getFolderIdByPath(options.folderNamePath); } catch {}
}
if (folderId) form.set("folder", folderId);
@ -206,7 +181,6 @@ export async function uploadFile(
return { id: String(id) };
}
/** Create a settings item (on behalf of the current user) */
export async function createSettingsItem(
collection: string,
payload: any,
@ -215,7 +189,6 @@ export async function createSettingsItem(
return dxPOST<{ data: { id: string } }>(`/items/${collection}`, bearer, payload);
}
/** Project helpers (bearer required) */
export async function createProjectRow(
payload: any,
bearer: string
@ -238,7 +211,6 @@ export async function patchProject(
export async function resolveMemberRoleId(): Promise<string> {
if (ROLE_MEMBER_ID_ENV) return ROLE_MEMBER_ID_ENV;
// Fallback by role name (e.g., "Users")
const name = ROLE_MEMBER_NAME_ENV;
const q = `/roles?filter[name][_eq]=${encodeURIComponent(name)}&fields=id,name&limit=1`;
const { data } = await directusAdminFetch<{ data: Array<{ id: string }> }>(q);
@ -247,7 +219,6 @@ export async function resolveMemberRoleId(): Promise<string> {
return hit;
}
/** Create a Directus user (username required, email optional). */
export async function createDirectusUser(input: {
username: string;
password: string;
@ -256,7 +227,6 @@ export async function createDirectusUser(input: {
}): Promise<{ id: string }> {
const role = input.roleId || (await resolveMemberRoleId());
// If email is omitted, create a stable placeholder so login can still work.
const email =
input.email && input.email.trim()
? input.email.trim()
@ -277,7 +247,6 @@ export async function createDirectusUser(input: {
return { id: String(res?.data?.id) };
}
/** Find user's email by username (returns null if not found) */
export async function emailForUsername(username: string): Promise<string | null> {
const q = `/users?filter[username][_eq]=${encodeURIComponent(username)}&fields=email&limit=1`;
const { data } = await directusAdminFetch<{ data: Array<{ email?: string }> }>(q);
@ -285,7 +254,6 @@ export async function emailForUsername(username: string): Promise<string | null>
return em ? String(em) : null;
}
/** Proxy Directus /auth/login and return tokens (email required here). */
export async function loginDirectus(email: string, password: string) {
const res = await fetch(`${BASE}/auth/login`, {
method: "POST",
@ -294,6 +262,5 @@ export async function loginDirectus(email: string, password: string) {
cache: "no-store",
});
const json = await throwIfNotOk(res);
// Directus typically returns { data: { access_token, refresh_token, expires } }
return json?.data ?? json;
}