9 replies

Constructing an RPC server with different authentication requirements for endpoints

How can I construct an RPC server that has different auth requirements for some of the endpoints? For example I have

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

where endpoints in api require just an api token, auth should be called with an anon key, and rpc should be called with a valid signed JWT. When building the server I'm not sure which combinators to use to handle this.

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

How do I modify the server behavior for nested RPC schema endpoints to handle this?

Constructing an RPC server with different authentication requirements for endpoints

Similar Threads

Similar Threads

Similar Threads