( request: NextRequest, chatId: string )
| 41 | const rateLimiter = new RateLimiter() |
| 42 | |
| 43 | async function validateChatAuth( |
| 44 | request: NextRequest, |
| 45 | chatId: string |
| 46 | ): Promise<{ valid: boolean; ownerId?: string; workspaceId?: string | null }> { |
| 47 | try { |
| 48 | const chatResult = await db |
| 49 | .select({ |
| 50 | id: chat.id, |
| 51 | userId: chat.userId, |
| 52 | isActive: chat.isActive, |
| 53 | authType: chat.authType, |
| 54 | password: chat.password, |
| 55 | workspaceId: workflow.workspaceId, |
| 56 | }) |
| 57 | .from(chat) |
| 58 | .leftJoin(workflow, eq(workflow.id, chat.workflowId)) |
| 59 | .where(eq(chat.id, chatId)) |
| 60 | .limit(1) |
| 61 | |
| 62 | if (chatResult.length === 0 || !chatResult[0].isActive) { |
| 63 | return { valid: false } |
| 64 | } |
| 65 | |
| 66 | const chatData = chatResult[0] |
| 67 | |
| 68 | if (chatData.authType === 'public') { |
| 69 | return { valid: true, ownerId: chatData.userId, workspaceId: chatData.workspaceId } |
| 70 | } |
| 71 | |
| 72 | const cookieName = `chat_auth_${chatId}` |
| 73 | const authCookie = request.cookies.get(cookieName) |
| 74 | if ( |
| 75 | authCookie && |
| 76 | validateAuthToken(authCookie.value, chatId, chatData.authType, chatData.password) |
| 77 | ) { |
| 78 | return { valid: true, ownerId: chatData.userId, workspaceId: chatData.workspaceId } |
| 79 | } |
| 80 | |
| 81 | return { valid: false } |
| 82 | } catch (error) { |
| 83 | logger.error('Error validating chat auth for STT:', error) |
| 84 | return { valid: false } |
| 85 | } |
| 86 | } |
| 87 | |
| 88 | export const POST = withRouteHandler(async (request: NextRequest) => { |
| 89 | try { |
no test coverage detected