npm - @abdssamie/convex-checkpoints - Versions diffs - 0.1.1 → 0.1.7 - Mend

@abdssamie/convex-checkpoints 0.1.1 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +28 -35
package/dist/client/index.d.ts +5 -1
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +23 -2
package/dist/client/index.js.map +1 -1
package/package.json +30 -21
package/src/client/index.ts +32 -2

package/README.md CHANGED Viewed

@@ -29,30 +29,7 @@ export default app;
 ## Usage
-Define your checkpoint registry in app code and expose wrapper functions from
-your own app modules. That keeps auth, permission checks, and business rules
-close to the rest of your application code.
-Expose checkpoint submissions as Convex mutations by default. Mutations are the
-right fit when recording a checkpoint, updating Convex data, reading Convex
-data, or scheduling follow-up work from a handler.
-Use an action only when the submit path needs external, non-transactional work,
-such as calling a third-party API, sending an email directly, using Node APIs,
-or doing longer-running processing. For most integrations, keep the checkpoint
-submission in a mutation and schedule an internal action from the checkpoint
-handler:
-```ts
-checkpoints.on("user.signup", async (ctx, payload) => {
-  await ctx.scheduler.runAfter(0, internal.emails.sendWelcome, {
-    userId: payload.userId,
-  });
-});
-```
-Actions are not database transactions, so design retries and idempotency
-explicitly when external systems are involved.
+There are two steps: define your checkpoint registry with handlers, then expose submit mutations for your app to call.
 ```ts
 // convex/checkpoints.ts
@@ -62,10 +39,11 @@ import { v } from "convex/values";
 import { ConvexCheckpoints } from "@abdssamie/convex-checkpoints";
 export const checkpoints = new ConvexCheckpoints<{
-  "user.signup": { userId: string };
+  "user.signup": { userId: string; email: string };
   "post.created": { userId: string; postId: string; title: string };
 }>(components.convexCheckpoints);
+// Handlers run when a checkpoint is first recorded (deduplicated by idempotencyKey)
 checkpoints.on("user.signup", async (ctx, payload) => {
   await ctx.scheduler.runAfter(30 * 60 * 1000, internal.emails.welcome, {
     userId: payload.userId,
@@ -85,6 +63,7 @@ checkpoints.on("post.created", async (ctx, payload) => {
   }
 });
+// Submit mutations — called from your app code
 export const submitPostCreated = mutation({
   args: {
     userId: v.string(),
@@ -144,34 +123,48 @@ checkpoint ID and skip handler re-execution.
 ## HTTP
-Expose an HTTP route from your app when you need checkpoint ingestion over HTTP:
+Prefer mutation wrappers for app-driven checkpoints. They run inside your app's
+Convex functions, so you can authenticate the user, validate the input, write
+app data, and submit the checkpoint in one place.
+HTTP ingestion is for server-to-server entry points such as webhooks or trusted
+backend jobs. Treat it as a public endpoint: anyone who can reach the URL can
+try to submit a checkpoint unless you verify the request.
 ```ts
 // convex/http.ts
 import { checkpoints } from "./checkpoints.js";
-export default checkpoints.http("/checkpoints");
+export default checkpoints.http("/checkpoints", {
+  token: process.env.CHECKPOINTS_SECRET,
+});
 ```
+Requests must include `Authorization: Bearer <token>`. Keep
+`CHECKPOINTS_SECRET` in server-side environment variables only. If the token
+option is configured but the environment variable is missing or empty, HTTP
+checkpoint submissions are rejected.
 This registers both `POST /checkpoints` and checkpoint-specific routes such as
 `POST /checkpoints/post.created`.
-For checkpoint-specific routes, the request body is used as the checkpoint
-payload:
+For checkpoint-specific routes, the route selects the checkpoint name and the
+request body becomes the payload:
 ```sh
 curl -X POST "$CONVEX_SITE_URL/checkpoints/post.created" \
   -H "Content-Type: application/json" \
+  -H "Authorization: Bearer $CHECKPOINTS_SECRET" \
   -d '{"userId":"user1","postId":"post1"}'
 ```
-`POST /checkpoints` still accepts JSON with `name`, optional `userId`, optional
-`payload`, optional `idempotencyKey`, and optional `reachedAt`.
+For webhook providers, verify the provider's signature in `authorize`. The
+request is cloned before authorization runs, so signature checks can read the
+body without preventing checkpoint parsing afterward.
-TypeScript checks payload types for `checkpoints.on(...)`,
-`checkpoints.trigger(...)`, and `checkpoints.submit(ctx, ...)` inside Convex
-code. Public Convex mutations and HTTP requests still need app-defined runtime
-validators because TypeScript types are not available at runtime.
+Do not put a checkpoint HTTP secret in browser code. If a user action in your
+app should submit a checkpoint, expose a Convex mutation instead and call
+`checkpoints.submit(ctx, ...)` from that mutation.
 ## Tests

package/dist/client/index.d.ts CHANGED Viewed

@@ -11,6 +11,10 @@ type SubmitArgs<TCheckpointRegistry extends CheckpointRegistry, TCheckpoint exte
     name: TCheckpoint;
     payload: TCheckpointRegistry[TCheckpoint];
 };
+type HttpOptions = {
+    token?: string;
+    authorize?: (request: Request) => boolean | Promise<boolean>;
+};
 export declare class ConvexCheckpoints<TCheckpointRegistry extends CheckpointRegistry> extends CheckpointDispatcher<TCheckpointRegistry> {
     private component;
     constructor(component: ComponentApi);
@@ -55,7 +59,7 @@ export declare class ConvexCheckpoints<TCheckpointRegistry extends CheckpointReg
             userId?: string;
         }[]>>;
     };
-    http(path?: string): import("convex/server").HttpRouter;
+    http(path?: string, options?: HttpOptions): import("convex/server").HttpRouter;
     private submitFromArgs;
 }
 export type { CheckpointHandler };

package/dist/client/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sCAAsC,CAAC;AACzE,OAAO,EACL,iBAAiB,IAAI,oBAAoB,EACzC,KAAK,iBAAiB,EACvB,MAAM,sCAAsC,CAAC;AAE9C,KAAK,kBAAkB,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAClD,KAAK,cAAc,CAAC,mBAAmB,SAAS,kBAAkB,IAAI,OAAO,CAC3E,MAAM,mBAAmB,EACzB,MAAM,CACP,CAAC;AAEF,KAAK,cAAc,GAAG;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAOF,KAAK,UAAU,CACb,mBAAmB,SAAS,kBAAkB,EAC9C,WAAW,SAAS,cAAc,CAAC,mBAAmB,CAAC,IACrD,cAAc,GAAG;IACnB,IAAI,EAAE,WAAW,CAAC;IAClB,OAAO,EAAE,mBAAmB,CAAC,WAAW,CAAC,CAAC;CAC3C,CAAC;AAEF,qBAAa,iBAAiB,CAC5B,mBAAmB,SAAS,kBAAkB,CAC9C,SAAQ,oBAAoB,CAAC,mBAAmB,CAAC;IACrC,OAAO,CAAC,SAAS;gBAAT,SAAS,EAAE,YAAY;IAI9B,MAAM,CAAC,WAAW,SAAS,cAAc,CAAC,mBAAmB,CAAC,EACzE,GAAG,EAAE,UAAU,CAAC,iBAAiB,CAAC,mBAAmB,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,EACrE,IAAI,EAAE,UAAU,CAAC,mBAAmB,EAAE,WAAW,CAAC;IAS7C,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAuBH,IAAI,CAAC,IAAI,SAAiB;~~YAwDnB~~,cAAc;CAc7B;AAED,YAAY,EAAE,iBAAiB,EAAE,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sCAAsC,CAAC;AACzE,OAAO,EACL,iBAAiB,IAAI,oBAAoB,EACzC,KAAK,iBAAiB,EACvB,MAAM,sCAAsC,CAAC;AAE9C,KAAK,kBAAkB,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AAClD,KAAK,cAAc,CAAC,mBAAmB,SAAS,kBAAkB,IAAI,OAAO,CAC3E,MAAM,mBAAmB,EACzB,MAAM,CACP,CAAC;AAEF,KAAK,cAAc,GAAG;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAOF,KAAK,UAAU,CACb,mBAAmB,SAAS,kBAAkB,EAC9C,WAAW,SAAS,cAAc,CAAC,mBAAmB,CAAC,IACrD,cAAc,GAAG;IACnB,IAAI,EAAE,WAAW,CAAC;IAClB,OAAO,EAAE,mBAAmB,CAAC,WAAW,CAAC,CAAC;CAC3C,CAAC;AAEF,KAAK,WAAW,GAAG;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC9D,CAAC;AAEF,qBAAa,iBAAiB,CAC5B,mBAAmB,SAAS,kBAAkB,CAC9C,SAAQ,oBAAoB,CAAC,mBAAmB,CAAC;IACrC,OAAO,CAAC,SAAS;gBAAT,SAAS,EAAE,YAAY;IAI9B,MAAM,CAAC,WAAW,SAAS,cAAc,CAAC,mBAAmB,CAAC,EACzE,GAAG,EAAE,UAAU,CAAC,iBAAiB,CAAC,mBAAmB,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,EACrE,IAAI,EAAE,UAAU,CAAC,mBAAmB,EAAE,WAAW,CAAC;IAS7C,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAuBH,IAAI,CAAC,IAAI,SAAiB,EAAE,OAAO,GAAE,WAAgB;YAgE9C,cAAc;CAc7B;AAED,YAAY,EAAE,iBAAiB,EAAE,CAAC"}

package/dist/client/index.js CHANGED Viewed

@@ -36,12 +36,15 @@ export class ConvexCheckpoints extends CheckpointDispatcher {
             }),
         };
     }
-    http(path = "/checkpoints") {
+    http(path = "/checkpoints", options = {}) {
         const http = httpRouter();
         http.route({
             path,
             method: "POST",
             handler: httpActionGeneric(async (ctx, request) => {
+                if (!(await isAuthorized(request, options))) {
+                    return json({ error: "unauthorized" }, 401);
+                }
                 const args = await readSubmitArgsFromBody(request);
                 if (args === null) {
                     return json({ error: "invalid_checkpoint" }, 400);
@@ -60,6 +63,9 @@ export class ConvexCheckpoints extends CheckpointDispatcher {
             pathPrefix,
             method: "POST",
             handler: httpActionGeneric(async (ctx, request) => {
+                if (!(await isAuthorized(request, options))) {
+                    return json({ error: "unauthorized" }, 401);
+                }
                 const checkpointName = readCheckpointNameFromPath(request, pathPrefix);
                 if (checkpointName === null) {
                     return json({ error: "invalid_checkpoint_path" }, 400);
@@ -87,6 +93,21 @@ export class ConvexCheckpoints extends CheckpointDispatcher {
         return result;
     }
 }
+async function isAuthorized(request, options) {
+    if ("token" in options) {
+        if (typeof options.token !== "string" || options.token.length === 0) {
+            return false;
+        }
+        const authorization = request.headers.get("authorization");
+        if (authorization !== `Bearer ${options.token}`) {
+            return false;
+        }
+    }
+    if (options.authorize === undefined) {
+        return true;
+    }
+    return await options.authorize(request.clone());
+}
 async function readSubmitArgsFromBody(request) {
     const checkpoint = await readJsonObject(request);
     if (checkpoint === null || typeof checkpoint.name !== "string") {
@@ -171,7 +192,7 @@ function corsHeaders() {
     return {
         "Access-Control-Allow-Origin": "*",
         "Access-Control-Allow-Methods": "POST, OPTIONS",
-        "Access-Control-Allow-Headers": "Content-Type",
+        "Access-Control-Allow-Headers": "Content-Type, Authorization",
     };
 }
 //# sourceMappingURL=index.js.map

package/dist/client/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAElC,OAAO,EACL,iBAAiB,IAAI,oBAAoB,GAE1C,MAAM,sCAAsC,CAAC;~~AA2B9C~~,MAAM,OAAO,iBAEX,SAAQ,oBAAyC;IAC7B;IAApB,YAAoB,SAAuB;QACzC,KAAK,EAAE,CAAC;QADU,cAAS,GAAT,SAAS,CAAc;IAE3C,CAAC;IAEM,KAAK,CAAC,MAAM,CACjB,GAAqE,EACrE,IAAkD;QAElD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACtE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,MAAM,CAAC,YAAY,CAAC;IAC7B,CAAC;IAEM,GAAG;QACR,OAAO;YACL,UAAU,EAAE,YAAY,CAAC;gBACvB,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;oBAC3B,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACjE,CAAC;aACF,CAAC;YACF,UAAU,EAAE,YAAY,CAAC;gBACvB,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;gBACzD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;oBAC3B,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACjE,CAAC;aACF,CAAC;YACF,UAAU,EAAE,YAAY,CAAC;gBACvB,IAAI,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;gBAC3D,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;oBAC3B,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACjE,CAAC;aACF,CAAC;SACH,CAAC;IACJ,CAAC;IAEM,IAAI,CAAC,IAAI,GAAG,cAAc;~~QAC/B~~,MAAM,IAAI,GAAG,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC,KAAK,CAAC;YACT,IAAI;YACJ,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,iBAAiB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE;gBAChD,MAAM,IAAI,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;gBACnD,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,GAAG,CAAC,CAAC;gBACpD,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAEpD,OAAO,IAAI,CACT,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,EAC9D,GAAG,CACJ,CAAC;YACJ,CAAC,CAAC;SACH,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC;YACT,IAAI;YACJ,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;SACvD,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC;QAC1D,IAAI,CAAC,KAAK,CAAC;YACT,UAAU;YACV,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,iBAAiB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE;gBAChD,MAAM,cAAc,GAAG,0BAA0B,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;gBACvE,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;oBAC5B,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,EAAE,GAAG,CAAC,CAAC;gBACzD,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;gBACnE,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,GAAG,CAAC,CAAC;gBACpD,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAEpD,OAAO,IAAI,CACT,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,EAC9D,GAAG,CACJ,CAAC;YACJ,CAAC,CAAC;SACH,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC;YACT,UAAU;YACV,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;SACvD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,KAAK,CAAC,cAAc,CAC1B,GAAqE,EACrE,IAAuB;QAEvB,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACtE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,CAAC,OAAO,CAChB,GAAG,EACH,IAAI,CAAC,IAA2C,EAChD,IAAI,CAAC,OAAmE,CACzE,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAID,KAAK,UAAU,sBAAsB,CACnC,OAAgB;IAEhB,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IACjD,IAAI,UAAU,KAAK,IAAI,IAAI,OAAO,UAAU,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,cAAc,CAAC,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;AACzE,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,OAAgB,EAChB,IAAY;IAEZ,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IACjD,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,cAAc,CACrB,IAAY,EACZ,UAAmC,EACnC,OAAgB;IAEhB,IACE,UAAU,CAAC,MAAM,KAAK,SAAS;QAC/B,OAAO,UAAU,CAAC,MAAM,KAAK,QAAQ,EACrC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IACE,UAAU,CAAC,cAAc,KAAK,SAAS;QACvC,OAAO,UAAU,CAAC,cAAc,KAAK,QAAQ,EAC7C,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IACE,UAAU,CAAC,SAAS,KAAK,SAAS;QAClC,OAAO,UAAU,CAAC,SAAS,KAAK,QAAQ,EACxC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,IAAI;QACJ,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,OAAO;QACP,cAAc,EAAE,UAAU,CAAC,cAAc;QACzC,SAAS,EAAE,UAAU,CAAC,SAAS;KAChC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,OAAgB;IAEhB,IAAI,IAAa,CAAC;IAClB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAA+B,CAAC;AACzC,CAAC;AAED,SAAS,0BAA0B,CAAC,OAAgB,EAAE,UAAkB;IACtE,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IAC3C,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,qBAAqB,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC5D,IACE,qBAAqB,CAAC,MAAM,KAAK,CAAC;QAClC,qBAAqB,CAAC,QAAQ,CAAC,GAAG,CAAC,EACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,OAAO,kBAAkB,CAAC,qBAAqB,CAAC,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,IAAI,CAAC,IAAa,EAAE,MAAc;IACzC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;QACxC,MAAM;QACN,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,GAAG,WAAW,EAAE;SACjB;KACF,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY;IACnB,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;QACxB,MAAM,EAAE,GAAG;QACX,OAAO,EAAE,WAAW,EAAE;KACvB,CAAC,CAAC;AACL,CAAC;AAED,SAAS,WAAW;IAClB,OAAO;QACL,6BAA6B,EAAE,GAAG;QAClC,8BAA8B,EAAE,eAAe;QAC/C,8BAA8B,EAAE,~~cAAc~~;~~KAC/C~~,CAAC;AACJ,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAElC,OAAO,EACL,iBAAiB,IAAI,oBAAoB,GAE1C,MAAM,sCAAsC,CAAC;AAgC9C,MAAM,OAAO,iBAEX,SAAQ,oBAAyC;IAC7B;IAApB,YAAoB,SAAuB;QACzC,KAAK,EAAE,CAAC;QADU,cAAS,GAAT,SAAS,CAAc;IAE3C,CAAC;IAEM,KAAK,CAAC,MAAM,CACjB,GAAqE,EACrE,IAAkD;QAElD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACtE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,MAAM,CAAC,YAAY,CAAC;IAC7B,CAAC;IAEM,GAAG;QACR,OAAO;YACL,UAAU,EAAE,YAAY,CAAC;gBACvB,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;gBACvC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;oBAC3B,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACjE,CAAC;aACF,CAAC;YACF,UAAU,EAAE,YAAY,CAAC;gBACvB,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;gBACzD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;oBAC3B,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACjE,CAAC;aACF,CAAC;YACF,UAAU,EAAE,YAAY,CAAC;gBACvB,IAAI,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;gBAC3D,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;oBAC3B,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACjE,CAAC;aACF,CAAC;SACH,CAAC;IACJ,CAAC;IAEM,IAAI,CAAC,IAAI,GAAG,cAAc,EAAE,UAAuB,EAAE;QAC1D,MAAM,IAAI,GAAG,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC,KAAK,CAAC;YACT,IAAI;YACJ,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,iBAAiB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE;gBAChD,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,EAAE,CAAC;oBAC5C,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,GAAG,CAAC,CAAC;gBAC9C,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;gBACnD,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,GAAG,CAAC,CAAC;gBACpD,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAEpD,OAAO,IAAI,CACT,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,EAC9D,GAAG,CACJ,CAAC;YACJ,CAAC,CAAC;SACH,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC;YACT,IAAI;YACJ,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;SACvD,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC;QAC1D,IAAI,CAAC,KAAK,CAAC;YACT,UAAU;YACV,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,iBAAiB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE;gBAChD,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,EAAE,CAAC;oBAC5C,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,GAAG,CAAC,CAAC;gBAC9C,CAAC;gBAED,MAAM,cAAc,GAAG,0BAA0B,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;gBACvE,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;oBAC5B,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,EAAE,GAAG,CAAC,CAAC;gBACzD,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;gBACnE,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;oBAClB,OAAO,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,GAAG,CAAC,CAAC;gBACpD,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAEpD,OAAO,IAAI,CACT,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,EAC9D,GAAG,CACJ,CAAC;YACJ,CAAC,CAAC;SACH,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC;YACT,UAAU;YACV,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;SACvD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,KAAK,CAAC,cAAc,CAC1B,GAAqE,EACrE,IAAuB;QAEvB,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACtE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,CAAC,OAAO,CAChB,GAAG,EACH,IAAI,CAAC,IAA2C,EAChD,IAAI,CAAC,OAAmE,CACzE,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAID,KAAK,UAAU,YAAY,CAAC,OAAgB,EAAE,OAAoB;IAChE,IAAI,OAAO,IAAI,OAAO,EAAE,CAAC;QACvB,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpE,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC3D,IAAI,aAAa,KAAK,UAAU,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;YAChD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,MAAM,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;AAClD,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,OAAgB;IAEhB,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IACjD,IAAI,UAAU,KAAK,IAAI,IAAI,OAAO,UAAU,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,cAAc,CAAC,UAAU,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;AACzE,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,OAAgB,EAChB,IAAY;IAEZ,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IACjD,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,cAAc,CACrB,IAAY,EACZ,UAAmC,EACnC,OAAgB;IAEhB,IACE,UAAU,CAAC,MAAM,KAAK,SAAS;QAC/B,OAAO,UAAU,CAAC,MAAM,KAAK,QAAQ,EACrC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IACE,UAAU,CAAC,cAAc,KAAK,SAAS;QACvC,OAAO,UAAU,CAAC,cAAc,KAAK,QAAQ,EAC7C,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IACE,UAAU,CAAC,SAAS,KAAK,SAAS;QAClC,OAAO,UAAU,CAAC,SAAS,KAAK,QAAQ,EACxC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,IAAI;QACJ,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,OAAO;QACP,cAAc,EAAE,UAAU,CAAC,cAAc;QACzC,SAAS,EAAE,UAAU,CAAC,SAAS;KAChC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,OAAgB;IAEhB,IAAI,IAAa,CAAC;IAClB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,IAA+B,CAAC;AACzC,CAAC;AAED,SAAS,0BAA0B,CAAC,OAAgB,EAAE,UAAkB;IACtE,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;IAC3C,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,qBAAqB,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC5D,IACE,qBAAqB,CAAC,MAAM,KAAK,CAAC;QAClC,qBAAqB,CAAC,QAAQ,CAAC,GAAG,CAAC,EACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,OAAO,kBAAkB,CAAC,qBAAqB,CAAC,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,IAAI,CAAC,IAAa,EAAE,MAAc;IACzC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;QACxC,MAAM;QACN,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,GAAG,WAAW,EAAE;SACjB;KACF,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY;IACnB,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;QACxB,MAAM,EAAE,GAAG;QACX,OAAO,EAAE,WAAW,EAAE;KACvB,CAAC,CAAC;AACL,CAAC;AAED,SAAS,WAAW;IAClB,OAAO;QACL,6BAA6B,EAAE,GAAG;QAClC,8BAA8B,EAAE,eAAe;QAC/C,8BAA8B,EAAE,6BAA6B;KAC9D,CAAC;AACJ,CAAC"}

package/package.json CHANGED Viewed

@@ -1,12 +1,15 @@
 {
   "name": "@abdssamie/convex-checkpoints",
   "description": "A Convex component for event-driven user checkpoints.",
-  "repository": "github:abdssamie/convex-checkpoints",
+  "repository": {
+    "type": "git",
+    "url": "git+https://gitlab.com/Abdssamie/convex-checkpoints.git"
+  },
   "homepage": "https://github.com/abdssamie/convex-checkpoints#readme",
   "bugs": {
     "url": "https://github.com/abdssamie/convex-checkpoints/issues"
   },
-  "version": "0.1.1",
+  "version": "0.1.7",
   "license": "Apache-2.0",
   "keywords": [
     "convex",
@@ -15,6 +18,25 @@
     "checkpoints"
   ],
   "type": "module",
+  "scripts": {
+    "dev": "convex dev --start 'npm run dev:build'",
+    "dev:frontend": "cd example && vite",
+    "dev:build": "chokidar 'tsconfig*.json' 'src/**/*.ts' -i '**/*.test.ts' -c 'npm run build:codegen' --initial",
+    "predev": "convex init && npm run build:codegen",
+    "build": "tsc --project ./tsconfig.build.json",
+    "build:codegen": "npx convex codegen --component-dir ./src/component && npm run build",
+    "build:clean": "rm -rf dist *.tsbuildinfo && npm run build:codegen",
+    "typecheck": "tsc --noEmit && tsc -p example && tsc -p example/convex",
+    "lint": "eslint .",
+    "test": "vitest run --typecheck",
+    "test:watch": "vitest --typecheck --clearScreen false",
+    "test:debug": "vitest --inspect-brk --no-file-parallelism",
+    "test:coverage": "vitest run --coverage --coverage.reporter=text",
+    "preversion": "npm ci && npm run build:clean && npm run test && npm run lint && npm run typecheck",
+    "alpha": "npm version prerelease --preid alpha && npm publish --tag alpha && git push --follow-tags",
+    "release": "npm version patch && npm publish && git push --follow-tags",
+    "version": "(npm whoami || npm login) && vim -c 'normal o' -c 'normal o## '$npm_package_version CHANGELOG.md && prettier -w CHANGELOG.md && git add CHANGELOG.md"
+  },
   "files": [
     "dist",
     "src"
@@ -72,23 +94,10 @@
   },
   "types": "./dist/client/index.d.ts",
   "module": "./dist/client/index.js",
-  "scripts": {
-    "dev": "convex dev --start 'npm run dev:build'",
-    "dev:frontend": "cd example && vite",
-    "dev:build": "chokidar 'tsconfig*.json' 'src/**/*.ts' -i '**/*.test.ts' -c 'npm run build:codegen' --initial",
-    "predev": "convex init && npm run build:codegen",
-    "build": "tsc --project ./tsconfig.build.json",
-    "build:codegen": "npx convex codegen --component-dir ./src/component && npm run build",
-    "build:clean": "rm -rf dist *.tsbuildinfo && npm run build:codegen",
-    "typecheck": "tsc --noEmit && tsc -p example && tsc -p example/convex",
-    "lint": "eslint .",
-    "test": "vitest run --typecheck",
-    "test:watch": "vitest --typecheck --clearScreen false",
-    "test:debug": "vitest --inspect-brk --no-file-parallelism",
-    "test:coverage": "vitest run --coverage --coverage.reporter=text",
-    "preversion": "npm ci && npm run build:clean && npm run test && npm run lint && npm run typecheck",
-    "alpha": "npm version prerelease --preid alpha && npm publish --tag alpha && git push --follow-tags",
-    "release": "npm version patch && npm publish && git push --follow-tags",
-    "version": "(npm whoami || npm login) && vim -c 'normal o' -c 'normal o## '$npm_package_version CHANGELOG.md && prettier -w CHANGELOG.md && git add CHANGELOG.md"
+  "pnpm": {
+    "onlyBuiltDependencies": [
+      "esbuild",
+      "@tailwindcss/oxide"
+    ]
   }
-}
+}

package/src/client/index.ts CHANGED Viewed

@@ -31,6 +31,11 @@ type SubmitArgs<
   payload: TCheckpointRegistry[TCheckpoint];
 };
+type HttpOptions = {
+  token?: string;
+  authorize?: (request: Request) => boolean | Promise<boolean>;
+};
 export class ConvexCheckpoints<
   TCheckpointRegistry extends CheckpointRegistry,
 > extends CheckpointDispatcher<TCheckpointRegistry> {
@@ -72,12 +77,16 @@ export class ConvexCheckpoints<
     };
   }
-  public http(path = "/checkpoints") {
+  public http(path = "/checkpoints", options: HttpOptions = {}) {
     const http = httpRouter();
     http.route({
       path,
       method: "POST",
       handler: httpActionGeneric(async (ctx, request) => {
+        if (!(await isAuthorized(request, options))) {
+          return json({ error: "unauthorized" }, 401);
+        }
         const args = await readSubmitArgsFromBody(request);
         if (args === null) {
           return json({ error: "invalid_checkpoint" }, 400);
@@ -102,6 +111,10 @@ export class ConvexCheckpoints<
       pathPrefix,
       method: "POST",
       handler: httpActionGeneric(async (ctx, request) => {
+        if (!(await isAuthorized(request, options))) {
+          return json({ error: "unauthorized" }, 401);
+        }
         const checkpointName = readCheckpointNameFromPath(request, pathPrefix);
         if (checkpointName === null) {
           return json({ error: "invalid_checkpoint_path" }, 400);
@@ -146,6 +159,23 @@ export class ConvexCheckpoints<
 export type { CheckpointHandler };
+async function isAuthorized(request: Request, options: HttpOptions) {
+  if ("token" in options) {
+    if (typeof options.token !== "string" || options.token.length === 0) {
+      return false;
+    }
+    const authorization = request.headers.get("authorization");
+    if (authorization !== `Bearer ${options.token}`) {
+      return false;
+    }
+  }
+  if (options.authorize === undefined) {
+    return true;
+  }
+  return await options.authorize(request.clone());
+}
 async function readSubmitArgsFromBody(
   request: Request,
 ): Promise<UntypedSubmitArgs | null> {
@@ -259,6 +289,6 @@ function corsHeaders() {
   return {
     "Access-Control-Allow-Origin": "*",
     "Access-Control-Allow-Methods": "POST, OPTIONS",
-    "Access-Control-Allow-Headers": "Content-Type",
+    "Access-Control-Allow-Headers": "Content-Type, Authorization",
   };
 }