From 8aa484c16c9bafa33c530249220bdf4283640f59 Mon Sep 17 00:00:00 2001
From: makearmy <alex@makearmy.io>
Date: Mon, 29 Sep 2025 12:53:37 -0400
Subject: [PATCH] remove unused DIRECTUS_TOKEN_SCHEMA_READ and schema helpers

---
 .env.local      |  1 -
 lib/directus.ts | 35 +----------------------------------
 2 files changed, 1 insertion(+), 35 deletions(-)

diff --git a/.env.local b/.env.local
index 6cddf541..87dd8a40 100644
--- a/.env.local
+++ b/.env.local
@@ -4,4 +4,3 @@ NEXT_PUBLIC_API_BASE_URL=https://forms.lasereverything.net
 # Server-side (used by API routes)
 DIRECTUS_URL=https://forms.lasereverything.net
 DIRECTUS_TOKEN_ADMIN_REGISTER=l_QqNXKpi--Dt-hHDncHyBX0eiHNYZr7
-DIRECTUS_TOKEN_SCHEMA_READ=BCaWlfTkuVIYyEnwBCXujLTIY6lScZbF
diff --git a/lib/directus.ts b/lib/directus.ts
index ec5e7555..963218b7 100644
--- a/lib/directus.ts
+++ b/lib/directus.ts
@@ -1,9 +1,8 @@
 // lib/directus.ts
-// Central Directus helpers used by API routes. (SUBMIT token removed — user bearer only)
+// Central Directus helpers used by API routes. (user bearer only)
 
 const BASE = (process.env.DIRECTUS_URL || "").replace(/\/$/, "");
 const TOKEN_ADMIN_REGISTER = process.env.DIRECTUS_TOKEN_ADMIN_REGISTER || ""; // server-only
-const TOKEN_SCHEMA_READ = process.env.DIRECTUS_TOKEN_SCHEMA_READ || "";       // server-only
 const ROLE_MEMBER_ID_ENV = process.env.DIRECTUS_ROLE_MEMBER_ID || "";
 const ROLE_MEMBER_NAME_ENV = process.env.DIRECTUS_ROLE_MEMBER_NAME || "Users";
 
@@ -12,8 +11,6 @@ const PROJECTS_COLLECTION = process.env.DIRECTUS_PROJECTS_COLLECTION || "project
 if (!BASE) console.warn("[directus] Missing DIRECTUS_URL");
 if (!TOKEN_ADMIN_REGISTER)
   console.warn("[directus] Missing DIRECTUS_TOKEN_ADMIN_REGISTER (used for registration)");
-if (!TOKEN_SCHEMA_READ)
-  console.warn("[directus] Missing DIRECTUS_TOKEN_SCHEMA_READ (used for schema reads)");
 
 export function bytesFromMB(mb: number) {
   return Math.round(mb * 1024 * 1024);
@@ -34,8 +31,6 @@ function authHeaders(bearer: string, extra?: HeadersInit): HeadersInit {
   return { Accept: "application/json", Authorization: `Bearer ${bearer}`, ...extra };
 }
 
-// Read response as text first; parse JSON if present so we never throw
-// "Unexpected end of JSON input" for empty/HTML bodies.
 async function parseJsonSafe(res: Response) {
   const text = await res.text();
   let json: any = null;
@@ -89,9 +84,6 @@ export async function dxDELETE<T = any>(path: string, bearer: string): Promise<T
 }
 
 // ─────────────────────────────────────────────────────────────
-// Admin/schema helpers — SERVER ONLY (never expose to client)
-// ─────────────────────────────────────────────────────────────
-
 /** Server-only admin fetch (registration flows, etc.) */
 export async function directusAdminFetch<T = any>(path: string, init?: RequestInit): Promise<T> {
   if (!TOKEN_ADMIN_REGISTER) throw new Error("Missing DIRECTUS_TOKEN_ADMIN_REGISTER");
@@ -103,16 +95,6 @@ export async function directusAdminFetch<T = any>(path: string, init?: RequestIn
   return (await throwIfNotOk(res)) as T;
 }
 
-/** Server-only schema/meta reads (no SUBMIT fallback) */
-export async function dxSchemaGET<T = any>(path: string): Promise<T> {
-  if (!TOKEN_SCHEMA_READ) throw new Error("Missing DIRECTUS_TOKEN_SCHEMA_READ");
-  const res = await fetch(`${BASE}${path}`, {
-    headers: { Accept: "application/json", Authorization: `Bearer ${TOKEN_SCHEMA_READ}` },
-    cache: "no-store",
-  });
-  return (await throwIfNotOk(res)) as T;
-}
-
 // ─────────────────────────────────────────────────────────────
 // Optional folder lookup (server-only if using admin token)
 // ─────────────────────────────────────────────────────────────
@@ -169,12 +151,6 @@ async function getFolderIdByPath(path: string): Promise<string | undefined> {
 // Files & items — user bearer ONLY
 // ─────────────────────────────────────────────────────────────
 
-/**
- * uploadFile:
- * Upload a file as the CURRENT USER (bearer required).
- * If you also pass folderNamePath, ensure this is called SERVER-SIDE
- * so the admin token used in getFolderIdByPath never reaches the client.
- */
 export async function uploadFile(
   file: Blob | File,
   filename: string,
@@ -188,7 +164,6 @@ export async function uploadFile(
 
   let folderId = options?.folderId;
   if (!folderId && options?.folderNamePath) {
-    // SERVER-ONLY: resolve folder by path using admin fetch/cache
     try { folderId = await getFolderIdByPath(options.folderNamePath); } catch {}
   }
   if (folderId) form.set("folder", folderId);
@@ -206,7 +181,6 @@ export async function uploadFile(
   return { id: String(id) };
 }
 
-/** Create a settings item (on behalf of the current user) */
 export async function createSettingsItem(
   collection: string,
   payload: any,
@@ -215,7 +189,6 @@ export async function createSettingsItem(
   return dxPOST<{ data: { id: string } }>(`/items/${collection}`, bearer, payload);
 }
 
-/** Project helpers (bearer required) */
 export async function createProjectRow(
   payload: any,
   bearer: string
@@ -238,7 +211,6 @@ export async function patchProject(
 export async function resolveMemberRoleId(): Promise<string> {
   if (ROLE_MEMBER_ID_ENV) return ROLE_MEMBER_ID_ENV;
 
-  // Fallback by role name (e.g., "Users")
   const name = ROLE_MEMBER_NAME_ENV;
   const q = `/roles?filter[name][_eq]=${encodeURIComponent(name)}&fields=id,name&limit=1`;
   const { data } = await directusAdminFetch<{ data: Array<{ id: string }> }>(q);
@@ -247,7 +219,6 @@ export async function resolveMemberRoleId(): Promise<string> {
   return hit;
 }
 
-/** Create a Directus user (username required, email optional). */
 export async function createDirectusUser(input: {
   username: string;
   password: string;
@@ -256,7 +227,6 @@ export async function createDirectusUser(input: {
 }): Promise<{ id: string }> {
   const role = input.roleId || (await resolveMemberRoleId());
 
-  // If email is omitted, create a stable placeholder so login can still work.
   const email =
   input.email && input.email.trim()
   ? input.email.trim()
@@ -277,7 +247,6 @@ export async function createDirectusUser(input: {
   return { id: String(res?.data?.id) };
 }
 
-/** Find user's email by username (returns null if not found) */
 export async function emailForUsername(username: string): Promise<string | null> {
   const q = `/users?filter[username][_eq]=${encodeURIComponent(username)}&fields=email&limit=1`;
   const { data } = await directusAdminFetch<{ data: Array<{ email?: string }> }>(q);
@@ -285,7 +254,6 @@ export async function emailForUsername(username: string): Promise<string | null>
   return em ? String(em) : null;
 }
 
-/** Proxy Directus /auth/login and return tokens (email required here). */
 export async function loginDirectus(email: string, password: string) {
   const res = await fetch(`${BASE}/auth/login`, {
     method: "POST",
@@ -294,6 +262,5 @@ export async function loginDirectus(email: string, password: string) {
                           cache: "no-store",
   });
   const json = await throwIfNotOk(res);
-  // Directus typically returns { data: { access_token, refresh_token, expires } }
   return json?.data ?? json;
 }