feat: add tenant and user management with migrations, handlers, and tests
- Implemented tenant and user management features including: - Tenant creation and management with associated migrations. - User creation and management with associated migrations. - Tenant membership management with associated migrations. - Platform user roles management with associated migrations. - Quota management with associated migrations. - Article and template management with associated migrations. - Added HTTP handlers for templates and workspaces. - Created tests for protected and public routes. - Introduced a script to check tenant scope in SQL queries. - Documented task plan for backend completion and frontend foundation.
This commit is contained in:
@@ -0,0 +1,14 @@
|
||||
{
|
||||
"name": "@geo/http-client",
|
||||
"version": "0.0.0",
|
||||
"private": true,
|
||||
"type": "module",
|
||||
"dependencies": {
|
||||
"@geo/shared-types": "workspace:*",
|
||||
"axios": "^1.14.0"
|
||||
},
|
||||
"exports": {
|
||||
".": "./src/index.ts"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,163 @@
|
||||
import axios, {
|
||||
type AxiosError,
|
||||
type AxiosInstance,
|
||||
type AxiosRequestConfig,
|
||||
type InternalAxiosRequestConfig,
|
||||
} from "axios";
|
||||
|
||||
import type { ApiEnvelope, ApiErrorEnvelope, AuthTokens } from "@geo/shared-types";
|
||||
|
||||
export interface AuthBindings {
|
||||
getAccessToken: () => string | null;
|
||||
getRefreshToken: () => string | null;
|
||||
setTokens: (tokens: AuthTokens) => void;
|
||||
clearTokens: () => void;
|
||||
refresh: (refreshToken: string) => Promise<AuthTokens>;
|
||||
}
|
||||
|
||||
export interface CreateApiClientOptions {
|
||||
baseURL?: string;
|
||||
timeoutMs?: number;
|
||||
auth?: AuthBindings;
|
||||
}
|
||||
|
||||
export class ApiClientError extends Error {
|
||||
status?: number;
|
||||
code: number;
|
||||
detail?: string;
|
||||
requestId?: string;
|
||||
|
||||
constructor(input: {
|
||||
message: string;
|
||||
code?: number;
|
||||
status?: number;
|
||||
detail?: string;
|
||||
requestId?: string;
|
||||
}) {
|
||||
super(input.message);
|
||||
this.name = "ApiClientError";
|
||||
this.code = input.code ?? 50000;
|
||||
this.status = input.status;
|
||||
this.detail = input.detail;
|
||||
this.requestId = input.requestId;
|
||||
}
|
||||
}
|
||||
|
||||
export interface ApiClient {
|
||||
raw: AxiosInstance;
|
||||
get: <T>(url: string, config?: AxiosRequestConfig) => Promise<T>;
|
||||
post: <T, B = unknown>(url: string, body?: B, config?: AxiosRequestConfig) => Promise<T>;
|
||||
put: <T, B = unknown>(url: string, body?: B, config?: AxiosRequestConfig) => Promise<T>;
|
||||
remove: <T>(url: string, config?: AxiosRequestConfig) => Promise<T>;
|
||||
}
|
||||
|
||||
function normalizeError(error: unknown): ApiClientError {
|
||||
if (error instanceof ApiClientError) {
|
||||
return error;
|
||||
}
|
||||
|
||||
if (axios.isAxiosError(error)) {
|
||||
const payload = error.response?.data as Partial<ApiErrorEnvelope> | undefined;
|
||||
return new ApiClientError({
|
||||
message: payload?.message ?? error.message ?? "network_error",
|
||||
code: payload?.code ?? 50000,
|
||||
status: error.response?.status,
|
||||
detail: payload?.detail,
|
||||
requestId: payload?.request_id,
|
||||
});
|
||||
}
|
||||
|
||||
if (error instanceof Error) {
|
||||
return new ApiClientError({ message: error.message });
|
||||
}
|
||||
|
||||
return new ApiClientError({ message: "unknown_error" });
|
||||
}
|
||||
|
||||
function unwrapEnvelope<T>(response: { data: ApiEnvelope<T> }): T {
|
||||
return response.data.data;
|
||||
}
|
||||
|
||||
export function createApiClient(options: CreateApiClientOptions = {}): ApiClient {
|
||||
const client = axios.create({
|
||||
baseURL: options.baseURL ?? "",
|
||||
timeout: options.timeoutMs ?? 15000,
|
||||
withCredentials: false,
|
||||
});
|
||||
|
||||
const auth = options.auth;
|
||||
let refreshPromise: Promise<AuthTokens> | null = null;
|
||||
|
||||
client.interceptors.request.use((config) => {
|
||||
if (!auth) {
|
||||
return config;
|
||||
}
|
||||
|
||||
const accessToken = auth.getAccessToken();
|
||||
if (accessToken) {
|
||||
config.headers = config.headers ?? {};
|
||||
(config.headers as Record<string, string>).Authorization = `Bearer ${accessToken}`;
|
||||
}
|
||||
|
||||
return config;
|
||||
});
|
||||
|
||||
client.interceptors.response.use(
|
||||
(response) => response,
|
||||
async (error: AxiosError<ApiErrorEnvelope>) => {
|
||||
if (auth && error.response?.status === 401 && error.config) {
|
||||
const originalRequest = error.config as InternalAxiosRequestConfig & {
|
||||
_retry?: boolean;
|
||||
};
|
||||
const refreshToken = auth.getRefreshToken();
|
||||
|
||||
if (refreshToken && !originalRequest._retry) {
|
||||
originalRequest._retry = true;
|
||||
|
||||
try {
|
||||
if (!refreshPromise) {
|
||||
refreshPromise = auth
|
||||
.refresh(refreshToken)
|
||||
.then((tokens) => {
|
||||
auth.setTokens(tokens);
|
||||
return tokens;
|
||||
})
|
||||
.finally(() => {
|
||||
refreshPromise = null;
|
||||
});
|
||||
}
|
||||
|
||||
const nextTokens = await refreshPromise;
|
||||
originalRequest.headers = originalRequest.headers ?? {};
|
||||
(originalRequest.headers as Record<string, string>).Authorization =
|
||||
`Bearer ${nextTokens.accessToken}`;
|
||||
return client.request(originalRequest);
|
||||
} catch (refreshError) {
|
||||
auth.clearTokens();
|
||||
throw normalizeError(refreshError);
|
||||
}
|
||||
}
|
||||
|
||||
auth.clearTokens();
|
||||
}
|
||||
|
||||
throw normalizeError(error);
|
||||
},
|
||||
);
|
||||
|
||||
return {
|
||||
raw: client,
|
||||
async get<T>(url: string, config?: AxiosRequestConfig) {
|
||||
return unwrapEnvelope(await client.get<ApiEnvelope<T>>(url, config));
|
||||
},
|
||||
async post<T, B = unknown>(url: string, body?: B, config?: AxiosRequestConfig) {
|
||||
return unwrapEnvelope(await client.post<ApiEnvelope<T>>(url, body, config));
|
||||
},
|
||||
async put<T, B = unknown>(url: string, body?: B, config?: AxiosRequestConfig) {
|
||||
return unwrapEnvelope(await client.put<ApiEnvelope<T>>(url, body, config));
|
||||
},
|
||||
async remove<T>(url: string, config?: AxiosRequestConfig) {
|
||||
return unwrapEnvelope(await client.delete<ApiEnvelope<T>>(url, config));
|
||||
},
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user