@layer-ai/core 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/middleware/auth.d.ts.map +1 -1
  2. package/dist/middleware/auth.js +11 -12
  3. package/dist/routes/auth.d.ts.map +1 -1
  4. package/dist/routes/auth.js +0 -7
  5. package/package.json +1 -1
package/dist/middleware/auth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK1D,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,UAAU,CAAC,EAAE,MAAM,CAAC;SACrB;KACF;CACF;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CAoFf;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,IAAI,CAWN"}
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK1D,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,UAAU,CAAC,EAAE,MAAM,CAAC;SACrB;KACF;CACF;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CAkFf;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,IAAI,CAWN"}
package/dist/middleware/auth.js CHANGED
@@ -37,13 +37,10 @@ export async function authenticate(req, res, next) {
37
37
  .createHash('sha256')
38
38
  .update(token)
39
39
  .digest('hex');
40
- // First check if it's an API key (starts with layer_)
41
- if (token.startsWith('layer_')) {
42
- const apiKeyRecord = await db.getApiKeyByHash(tokenHash);
43
- if (!apiKeyRecord) {
44
- res.status(401).json({ error: 'unauthorized', message: 'Invalid API key' });
45
- return;
46
- }
40
+ // All tokens start with 'layer_', so we need to check both API keys and session keys
41
+ // First try API keys
42
+ const apiKeyRecord = await db.getApiKeyByHash(tokenHash);
43
+ if (apiKeyRecord) {
47
44
  if (!apiKeyRecord.isActive) {
48
45
  res.status(401).json({
49
46
  error: 'unauthorized',
@@ -61,14 +58,16 @@ export async function authenticate(req, res, next) {
61
58
  next();
62
59
  return;
63
60
  }
64
- // Otherwise, check if it's a session key
61
+ // Not an API key, try session key
65
62
  const sessionKey = await db.getSessionKeyByHash(tokenHash);
66
- if (!sessionKey) {
67
- res.status(401).json({ error: 'unauthorized', message: 'Invalid token' });
63
+ if (sessionKey) {
64
+ req.userId = sessionKey.userId;
65
+ next();
68
66
  return;
69
67
  }
70
- req.userId = sessionKey.userId;
71
- next();
68
+ // Neither API key nor session key
69
+ res.status(401).json({ error: 'unauthorized', message: 'Invalid token' });
70
+ return;
72
71
  }
73
72
  catch (error) {
74
73
  console.error('Authentication error:', error);
package/dist/routes/auth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/routes/auth.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,SAAS,CAAC;AAKpD,QAAA,MAAM,MAAM,EAAE,UAAqB,CAAC;AAoGpC,eAAe,MAAM,CAAC"}
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/routes/auth.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,SAAS,CAAC;AAKpD,QAAA,MAAM,MAAM,EAAE,UAAqB,CAAC;AA4FpC,eAAe,MAAM,CAAC"}
package/dist/routes/auth.js CHANGED
@@ -79,11 +79,4 @@ router.post('/token', async (req, res) => {
79
79
  res.status(500).json({ error: 'internal_error', message: 'Failed to create api key' });
80
80
  }
81
81
  });
82
- // GET /auth/session
83
- // This endpoint is used by NextAuth to check session status
84
- router.get('/session', async (req, res) => {
85
- // For now, return null session (not authenticated via this endpoint)
86
- // NextAuth will handle sessions via its own mechanism
87
- res.json({ user: null });
88
- });
89
82
  export default router;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@layer-ai/core",
3
- "version": "0.1.5",
3
+ "version": "0.1.6",
4
4
  "description": "Core API routes and services for Layer AI",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",