Add pre-configured procedures and use them throughout codebase

- Add authedProcedure, superuserProcedure, loginRequestProcedure, orgMemberProcedure in base.ts - Create procedures/me/_base.ts with meRoute = authedProcedure.me - Update all me procedures to use meRoute.X.handler() - Update auth/logout and auth/resend-verification to use authedProcedure - Update all admin procedures to use superuserProcedure - Update all orgs procedures to use authedProcedure This reduces boilerplate and makes middleware usage consistent. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-12 17:57:15 +08:00
parent 25c8bab741
commit 73ef3df01f
32 changed files with 500 additions and 480 deletions
--- a/apps/api-server/src/procedures/admin/auth/complete-login.ts
+++ b/apps/api-server/src/procedures/admin/auth/complete-login.ts
@@ -3,48 +3,49 @@
 */

 import { ORPCError } from "@orpc/server";
-import { os, superuserMiddleware } from "../../base.js";
+import { superuserProcedure } from "../../base.js";

-export const adminAuthCompleteLogin = os.admin.auth.completeLogin
-  .use(superuserMiddleware)
-  .handler(async ({ input, context }) => {
-    const email = input.email.toLowerCase();
+export const adminAuthCompleteLogin =
+  superuserProcedure.admin.auth.completeLogin.handler(
+    async ({ input, context }) => {
+      const email = input.email.toLowerCase();

-    // First check if any login request exists for this email
-    const anyRequest = await context.db
-      .selectFrom("login_requests")
-      .where("email", "=", email)
-      .orderBy("created_at", "desc")
-      .select(["id", "completed_at", "expires_at"])
-      .executeTakeFirst();
+      // First check if any login request exists for this email
+      const anyRequest = await context.db
+        .selectFrom("login_requests")
+        .where("email", "=", email)
+        .orderBy("created_at", "desc")
+        .select(["id", "completed_at", "expires_at"])
+        .executeTakeFirst();

-    if (!anyRequest) {
-      throw new ORPCError("NOT_FOUND", {
-        message: `No login request found for ${email}`,
-      });
-    }
+      if (!anyRequest) {
+        throw new ORPCError("NOT_FOUND", {
+          message: `No login request found for ${email}`,
+        });
+      }

-    // Check if already completed
-    if (anyRequest.completed_at) {
-      throw new ORPCError("BAD_REQUEST", {
-        message: "Login request already completed",
-      });
-    }
+      // Check if already completed
+      if (anyRequest.completed_at) {
+        throw new ORPCError("BAD_REQUEST", {
+          message: "Login request already completed",
+        });
+      }

-    // Check if expired
-    if (new Date(anyRequest.expires_at) < new Date()) {
-      throw new ORPCError("BAD_REQUEST", {
-        message:
-          "Login request expired (15 min limit). Start a new login flow.",
-      });
-    }
+      // Check if expired
+      if (new Date(anyRequest.expires_at) < new Date()) {
+        throw new ORPCError("BAD_REQUEST", {
+          message:
+            "Login request expired (15 min limit). Start a new login flow.",
+        });
+      }

-    // Complete the login request
-    await context.db
-      .updateTable("login_requests")
-      .set({ completed_at: new Date() })
-      .where("id", "=", anyRequest.id)
-      .execute();
+      // Complete the login request
+      await context.db
+        .updateTable("login_requests")
+        .set({ completed_at: new Date() })
+        .where("id", "=", anyRequest.id)
+        .execute();

-    return { success: true };
-  });
+      return { success: true };
+    },
+  );