Theo's Typesafe CultTTC
Theo's Typesafe Cult3y ago
4 replies
epsilon42

Add token requirement to public TRPC endpoint to add to DB (create-t3-app)

I've created a public TRPC endpoint on the exampleRouter like so:
export const exampleRouter = createTRPCRouter({
    // ... other routes
    create: publicProcedure
      .mutation(async ({ ctx, input }) => {
        // Fetch/scrape data from somewhere
        // ...

        // Add to DB
        const newItem = ctx.prisma.example.create({
          data: {
            someData: "fetched data goes here",
          },
        });
  
        return newItem;
      }),
  });

The above works if I POST to /api/trpc/example.create.

I want to be able to call this from Github Actions (this part seems pretty trivial), but I don't want just anyone to be able to call the route in order to trigger it, so I thought I should add a token:
export const exampleRouter = createTRPCRouter({
    // ... other routes
    create: publicProcedure
      .input(
        z.object({
          token: z.string(), // Token for authentication
        })
      )
      .mutation(async ({ ctx, input }) => {
        if (input.token !== "SECRETSAUCE") { // Use .env variable
          throw new Error("Invalid token");
        }
        // Fetch/scrape data from somewhere
        // ...

        // Add to DB
        const newItem = ctx.prisma.example.create({
          data: {
            someData: "fetched data goes here",
          },
        });
  
        return newItem;
      }),
  });

But I get the following error when trying to POST to the endpoint with the following body:
{
  "token": "SECRETSAUCE"
}

tRPC failed on example.create: [
  {
    "code": "invalid_type",
    "expected": "object",
    "received": "undefined",
    "path": [],
    "message": "Required"
  }
]


(Post continued in comment below)
Was this page helpful?