7 replies

Trying to lock a API route behind authentication, having problems authenticating from my web app

So I've read over the SapphireJS documentation on how to lock my bot's API routes behind authentication using an authenticated() decorator like so:

import { createFunctionPrecondition } from '@sapphire/decorators';
import { HttpCodes, ApiResponse, ApiRequest } from '@sapphire/plugin-api';

export const authenticated = () =>
    createFunctionPrecondition(
        (request: ApiRequest) => Boolean(request.auth?.token),
        (_request: ApiRequest, response: ApiResponse) => response.error(HttpCodes.Unauthorized)
    );

import { createFunctionPrecondition } from '@sapphire/decorators';
import { HttpCodes, ApiResponse, ApiRequest } from '@sapphire/plugin-api';

export const authenticated = () =>
    createFunctionPrecondition(
        (request: ApiRequest) => Boolean(request.auth?.token),
        (_request: ApiRequest, response: ApiResponse) => response.error(HttpCodes.Unauthorized)
    );

However I'm now trying to send an API request to this route and I'm not quite sure how to authorize it. My web app uses NextJS and uses Next-Auth to authenticate using Discord's OAuth2. I thought I might be able to send a request like so:

        const settingsResponse = await fetch(`${process.env.DISCORD_BOT_URL}/api/guilds/${guildId}/config`, {
            method: 'GET',
            headers: {
                'Content-Type': 'application/json'
            },
            // Send the token in the auth property as expected by the decorator (I thought?)
            credentials: 'include',
            // @ts-ignore - Adding auth property to fetch options
            auth: {
                token: session.accessToken
            }
        });

        const settingsResponse = await fetch(`${process.env.DISCORD_BOT_URL}/api/guilds/${guildId}/config`, {
            method: 'GET',
            headers: {
                'Content-Type': 'application/json'
            },
            // Send the token in the auth property as expected by the decorator (I thought?)
            credentials: 'include',
            // @ts-ignore - Adding auth property to fetch options
            auth: {
                token: session.accessToken
            }
        });

But I can't seem to figure out how to properly authenticate with my bot using this method and I'm continuing to get unauthorized responses. Any advice?

Trying to lock a API route behind authentication, having problems authenticating from my web app

So I've read over the SapphireJS documentation on how to lock my bot's API routes behind authentication using an authenticated() decorator like so:

import { createFunctionPrecondition } from '@sapphire/decorators';
import { HttpCodes, ApiResponse, ApiRequest } from '@sapphire/plugin-api';

export const authenticated = () =>
    createFunctionPrecondition(
        (request: ApiRequest) => Boolean(request.auth?.token),
        (_request: ApiRequest, response: ApiResponse) => response.error(HttpCodes.Unauthorized)
    );

import { createFunctionPrecondition } from '@sapphire/decorators';
import { HttpCodes, ApiResponse, ApiRequest } from '@sapphire/plugin-api';

export const authenticated = () =>
    createFunctionPrecondition(
        (request: ApiRequest) => Boolean(request.auth?.token),
        (_request: ApiRequest, response: ApiResponse) => response.error(HttpCodes.Unauthorized)
    );

        const settingsResponse = await fetch(`${process.env.DISCORD_BOT_URL}/api/guilds/${guildId}/config`, {
            method: 'GET',
            headers: {
                'Content-Type': 'application/json'
            },
            // Send the token in the auth property as expected by the decorator (I thought?)
            credentials: 'include',
            // @ts-ignore - Adding auth property to fetch options
            auth: {
                token: session.accessToken
            }
        });

        const settingsResponse = await fetch(`${process.env.DISCORD_BOT_URL}/api/guilds/${guildId}/config`, {
            method: 'GET',
            headers: {
                'Content-Type': 'application/json'
            },
            // Send the token in the auth property as expected by the decorator (I thought?)
            credentials: 'include',
            // @ts-ignore - Adding auth property to fetch options
            auth: {
                token: session.accessToken
            }
        });

But I can't seem to figure out how to properly authenticate with my bot using this method and I'm continuing to get unauthorized responses. Any advice?

Trying to lock a API route behind authentication, having problems authenticating from my web app

Similar Threads

Trying to lock a API route behind authentication, having problems authenticating from my web app

Similar Threads

Similar Threads

Similar Threads