Files
llmapikey/lib/supabase/server-client.js
T
tiennm99 02fa52ccf9 feat: scaffold OpenRouter key giveaway site (gated, code-only)
- Next.js 15 App Router (JS+JSDoc): landing, auth-gated dashboard, docs
- GitHub OAuth via Supabase; identity anchored on numeric provider_id
- key provisioning: reserve-then-mint-persist-compensate, one key per account
- api_keys in unexposed llmapikey schema via direct Postgres; RLS deny-all
- live minting gated behind PROVISIONING_ENABLED; Vercel auto-deploy disabled
- unit tests (mask, request-body), RLS deny-all test, reconcile script
2026-06-13 14:18:52 +07:00

52 lines
1.6 KiB
JavaScript

import "server-only";
import { createServerClient } from "@supabase/ssr";
import { cookies } from "next/headers";
/**
* Cookie-based Supabase client (anon key) for reading/refreshing the auth
* session on the server. Use this to know WHO the request is (Phase 3 identity),
* never to touch `api_keys` — that table lives in the unexposed `llmapikey`
* schema and is reached only via the direct Postgres client (lib/db).
*
* In Server Components cookie writes throw; we swallow that — session refresh
* still works in route handlers / server actions where writes are allowed.
*
* @returns {Promise<import('@supabase/supabase-js').SupabaseClient>}
*/
export async function createServerAuthClient() {
const url = requireEnv("NEXT_PUBLIC_SUPABASE_URL");
const anonKey = requireEnv("NEXT_PUBLIC_SUPABASE_ANON_KEY");
const cookieStore = await cookies();
return createServerClient(url, anonKey, {
cookies: {
getAll() {
return cookieStore.getAll();
},
setAll(cookiesToSet) {
try {
for (const { name, value, options } of cookiesToSet) {
cookieStore.set(name, value, options);
}
} catch {
// Called from a Server Component — cookies are read-only here.
// Safe to ignore: middleware/route handlers refresh the session.
}
},
},
});
}
/**
* @param {string} name
* @returns {string}
*/
function requireEnv(name) {
const value = process.env[name];
if (!value) {
throw new Error(`Missing required environment variable: ${name}`);
}
return value;
}