WIP on auth, having problems with it

matt-aitken · matt-aitken · commit 704b0da46767 · 2024-08-29T21:41:19.000+01:00
diff --git a/apps/webapp/app/routes/sync.traces.$traceId.ts b/apps/webapp/app/routes/sync.traces.$traceId.ts
@@ -1,7 +1,20 @@
 import type { LoaderFunctionArgs } from "@remix-run/node";
 import { env } from "~/env.server";
+import { logger } from "~/services/logger.server";
+import { getUserId, requireUserId } from "~/services/session.server";
+import { longPollingFetch } from "~/utils/longPollingFetch";
 
 export async function loader({ params, request }: LoaderFunctionArgs) {
+  const userId = await getUserId(request);
+
+  logger.log(`/sync/traces/${params.traceId}`, { userId });
+
+  if (!userId) {
+    return new Response("authorization header not found", { status: 401 });
+  }
+
+  //todo check the user has access to this trace
+
   const url = new URL(request.url);
   const originUrl = new URL(`${env.ELECTRIC_ORIGIN}/v1/shape/public."TaskEvent"`);
   url.searchParams.forEach((value, key) => {
@@ -10,21 +23,5 @@ export async function loader({ params, request }: LoaderFunctionArgs) {
 
   originUrl.searchParams.set("where", `"traceId"='${params.traceId}'`);
 
-  // When proxying long-polling requests, content-encoding & content-length are added
-  // erroneously (saying the body is gzipped when it's not) so we'll just remove
-  // them to avoid content decoding errors in the browser.
-  //
-  // Similar-ish problem to https://github.com/wintercg/fetch/issues/23
-  let response = await fetch(originUrl.toString());
-  if (response.headers.get(`content-encoding`)) {
-    const headers = new Headers(response.headers);
-    headers.delete(`content-encoding`);
-    headers.delete(`content-length`);
-    response = new Response(response.body, {
-      status: response.status,
-      statusText: response.statusText,
-      headers,
-    });
-  }
-  return response;
+  return longPollingFetch(originUrl.toString());
 }
diff --git a/apps/webapp/app/utils/longPollingFetch.ts b/apps/webapp/app/utils/longPollingFetch.ts
@@ -0,0 +1,19 @@
+// When proxying long-polling requests, content-encoding & content-length are added
+// erroneously (saying the body is gzipped when it's not) so we'll just remove
+// them to avoid content decoding errors in the browser.
+//
+// Similar-ish problem to https://github.com/wintercg/fetch/issues/23
+export async function longPollingFetch(url: string, options?: RequestInit) {
+  let response = await fetch(url, options);
+  if (response.headers.get(`content-encoding`)) {
+    const headers = new Headers(response.headers);
+    headers.delete(`content-encoding`);
+    headers.delete(`content-length`);
+    response = new Response(response.body, {
+      status: response.status,
+      statusText: response.statusText,
+      headers,
+    });
+  }
+  return response;
+}
