Files
wehub-resource-sync 3a28426bf4
Lint and Format Check / lint-and-format (push) Failing after 0s
Check Migrations / Check for duplicate migration numbers (push) Failing after 1s
CI Pre-merge Check / CI Pre-merge Check (push) Failing after 2m17s
chore: import upstream snapshot with attribution
2026-07-13 12:23:40 +08:00

71 lines
1.9 KiB
JavaScript

/**
* Demo: Authenticated "whoami" function
*
* - Requires Authorization: Bearer <user_jwt>
* - Uses injected createClient() + edgeFunctionToken to call auth.getCurrentUser()
* - Returns 401 if no valid user
*/
module.exports = async function (request) {
const corsHeaders = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'GET, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type, Authorization',
};
if (request.method === 'OPTIONS') {
return new Response(null, { status: 204, headers: corsHeaders });
}
if (request.method !== 'GET') {
return new Response(JSON.stringify({ error: 'Method not allowed' }), {
status: 405,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
const authHeader = request.headers.get('Authorization') || '';
const userToken = authHeader.startsWith('Bearer ')
? authHeader.slice('Bearer '.length).trim()
: null;
if (!userToken) {
return new Response(JSON.stringify({ error: 'Missing bearer token' }), {
status: 401,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
const client = createClient({
baseUrl: Deno.env.get('INSFORGE_INTERNAL_URL') || 'http://insforge:7130',
edgeFunctionToken: userToken,
});
const { data, error } = await client.auth.getCurrentUser();
if (error || !data?.user?.id) {
return new Response(JSON.stringify({ error: 'Unauthorized' }), {
status: 401,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
});
}
return new Response(
JSON.stringify(
{
user: {
id: data.user.id,
email: data.user.email,
created_at: data.user.created_at,
},
},
null,
2
),
{
status: 200,
headers: { ...corsHeaders, 'Content-Type': 'application/json' },
}
);
};