()
| 62 | }; |
| 63 | |
| 64 | export const getAuthContext = async (): Promise<OptionalAuthContext | ServiceError> => { |
| 65 | const authResult = await getAuthenticatedUser(); |
| 66 | |
| 67 | const org = await __unsafePrisma.org.findUnique({ |
| 68 | where: { |
| 69 | id: SINGLE_TENANT_ORG_ID, |
| 70 | } |
| 71 | }); |
| 72 | |
| 73 | if (!org) { |
| 74 | return notFound("Organization not found"); |
| 75 | } |
| 76 | |
| 77 | const user = authResult?.user; |
| 78 | |
| 79 | const membership = user ? await __unsafePrisma.userToOrg.findUnique({ |
| 80 | where: { |
| 81 | orgId_userId: { |
| 82 | orgId: org.id, |
| 83 | userId: user.id, |
| 84 | }, |
| 85 | }, |
| 86 | }) : null; |
| 87 | |
| 88 | const role = membership?.role; |
| 89 | |
| 90 | if ( |
| 91 | env.DISABLE_API_KEY_USAGE_FOR_NON_OWNER_USERS === 'true' && |
| 92 | authResult?.source === 'api_key' && |
| 93 | role !== OrgRole.OWNER |
| 94 | ) { |
| 95 | return { |
| 96 | statusCode: StatusCodes.FORBIDDEN, |
| 97 | errorCode: ErrorCode.API_KEY_USAGE_DISABLED, |
| 98 | message: "API key usage is disabled for non-admin users.", |
| 99 | } satisfies ServiceError; |
| 100 | } |
| 101 | |
| 102 | const prisma = __unsafePrisma.$extends(await userScopedPrismaClientExtension(user)) as PrismaClient; |
| 103 | |
| 104 | if (user) { |
| 105 | updateUserLastActiveAt(user); |
| 106 | } |
| 107 | |
| 108 | if (user && role) { |
| 109 | return { user, org, role, prisma }; |
| 110 | } |
| 111 | return { user, org, prisma }; |
| 112 | }; |
| 113 | |
| 114 | const updateUserLastActiveAt = (user: UserWithAccounts) => { |
| 115 | const now = Date.now(); |
no test coverage detected