MCPcopy Index your code
hub / github.com/sourcebot-dev/sourcebot / getVerifiedApiObject

Function getVerifiedApiObject

packages/web/src/middleware/withAuth.ts:236–265  ·  view source on GitHub ↗
(apiKeyString: string)

Source from the content-addressed store, hash-verified

234 * Supports both the current prefix (sbk_) and the legacy prefix (sourcebot-).
235 */
236export const getVerifiedApiObject = async (apiKeyString: string): Promise<ApiKey | undefined> => {
237 let secret: string;
238
239 if (apiKeyString.startsWith(API_KEY_PREFIX)) {
240 secret = apiKeyString.slice(API_KEY_PREFIX.length);
241 if (!secret) {
242 return undefined;
243 }
244 } else if (apiKeyString.startsWith(LEGACY_API_KEY_PREFIX)) {
245 secret = apiKeyString.slice(LEGACY_API_KEY_PREFIX.length);
246 if (!secret) {
247 return undefined;
248 }
249 } else {
250 return undefined;
251 }
252
253 const hash = hashSecret(secret);
254 const apiKey = await __unsafePrisma.apiKey.findUnique({
255 where: {
256 hash,
257 },
258 });
259
260 if (!apiKey) {
261 return undefined;
262 }
263
264 return apiKey;
265}
266
267

Callers 1

getAuthenticatedUserFunction · 0.85

Calls 1

hashSecretFunction · 0.90

Tested by

no test coverage detected