9 replies

Constructing an RPC server with different authentication requirements for endpoints

How can I construct an RPC server that has different auth requirements for some of the endpoints? For example I have

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

where endpoints in api require just an api token, auth should be called with an anon key, and rpc should be called with a valid signed JWT. When building the server I'm not sure which combinators to use to handle this.

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

How do I modify the server behavior for nested RPC schema endpoints to handle this?

Constructing an RPC server with different authentication requirements for endpoints

How can I construct an RPC server that has different auth requirements for some of the endpoints? For example I have

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

export const RPCSchema = RS.make({
    api: RPCApiSchema,
    auth: RPCAuthSchema,
    rpc: RPCAuthenticatedSchema,
})

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

const router = RpcHttp.Router.make(RPCSchema, {
    auth: RpcHttp.Router.make(RPCAuthSchema, {
        ///....handlers
    }),
    api: RpcHttp.Router.make(RPCApiSchema, {
       ///....handlers
    }),
    rpc: RpcHttp.Router.make(RPCAuthenticatedSchema, {
        ///....handlers
    }),
})
const HttpLive = HttpServer.router.empty.pipe(
    HttpServer.router.post("/rpc", RpcHttp.Server.make(router)),
    //this applies JWT verification to _all_ endpoints which isn't what I need
    HttpServer.router.provideServiceEffect(Session, login),
    HttpServer.server.serve(HttpServer.middleware.logger),
    Layer.provide(dbLayer),
    Layer.provide(HttpServer.server.layer({ port: 80 })),
)

How do I modify the server behavior for nested RPC schema endpoints to handle this?

Constructing an RPC server with different authentication requirements for endpoints

Similar Threads

Constructing an RPC server with different authentication requirements for endpoints

Similar Threads

Similar Threads

Similar Threads