MCPcopy
hub / github.com/learnhouse/learnhouse / onAuthenticate

Function onAuthenticate

apps/collab/src/index.ts:186–236  ·  view source on GitHub ↗
({ token, documentName }: onAuthenticatePayload)

Source from the content-addressed store, hash-verified

184 },
185
186 async onAuthenticate({ token, documentName }: onAuthenticatePayload) {
187 if (!token) {
188 throw new Error('Authentication required')
189 }
190
191 // Verify JWT using same secret + algorithm as backend
192 let payload: any
193 try {
194 payload = jwt.verify(token, SECRET_KEY, { algorithms: ['HS256'] })
195 } catch {
196 throw new Error('Invalid token')
197 }
198
199 const boardUuid = extractBoardUuid(documentName)
200 if (!boardUuid) {
201 throw new Error('Invalid document name')
202 }
203
204 // Verify board membership via backend API (with timeout)
205 let response: Response
206 try {
207 response = await fetchWithTimeout(
208 `${API_URL}/api/v1/boards/${boardUuid}/membership`,
209 {
210 headers: {
211 Authorization: `Bearer ${token}`,
212 },
213 },
214 )
215 } catch (err) {
216 console.error(
217 `[collab] Membership check failed for ${boardUuid}:`,
218 err,
219 )
220 throw new Error('Authentication service unavailable')
221 }
222
223 if (!response.ok) {
224 throw new Error('Not authorized for this board')
225 }
226
227 const membership = await response.json()
228
229 return {
230 user: {
231 id: payload.sub,
232 name: membership.username || 'Unknown',
233 role: membership.role,
234 },
235 }
236 },
237
238 async onConnect({ documentName, instance }: onConnectPayload) {
239 const boardUuid = extractBoardUuid(documentName)

Callers

nothing calls this directly

Calls 5

extractBoardUuidFunction · 0.85
fetchWithTimeoutFunction · 0.85
verifyMethod · 0.80
errorMethod · 0.80
jsonMethod · 0.45

Tested by

no test coverage detected