feat: add supportsv2

2025-09-10 20:03:57 -07:00 · 2025-09-10 20:03:57 -07:00 · e961407993
commit e961407993
parent ae583ffaff
3 changed files with 52 additions and 11 deletions
--- a/prisma/migrations/20250911030241_add_version2_field/migration.sql
+++ b/prisma/migrations/20250911030241_add_version2_field/migration.sql
@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "TerminalAuthRequest" ADD COLUMN     "supportsV2" BOOLEAN NOT NULL DEFAULT false;
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@ -49,6 +49,7 @@ model Account {
 model TerminalAuthRequest {
    id                String   @id @default(cuid())
    publicKey         String   @unique
+    supportsV2        Boolean  @default(false)
    response          String?
    responseAccountId String?
    responseAccount   Account? @relation(fields: [responseAccountId], references: [id])
--- a/sources/app/api/routes/authRoutes.ts
+++ b/sources/app/api/routes/authRoutes.ts
@ -42,6 +42,7 @@ export function authRoutes(app: Fastify) {
        schema: {
            body: z.object({
                publicKey: z.string(),
+                supportsV2: z.boolean().nullish()
            }),
            response: {
                200: z.union([z.object({
@ -70,7 +71,7 @@ export function authRoutes(app: Fastify) {
        const answer = await db.terminalAuthRequest.upsert({
            where: { publicKey: publicKeyHex },
            update: {},
-            create: { publicKey: publicKeyHex }
+            create: { publicKey: publicKeyHex, supportsV2: request.body.supportsV2 ?? false }
        });

        if (answer.response && answer.responseAccountId) {
@ -85,6 +86,43 @@ export function authRoutes(app: Fastify) {
        return reply.send({ state: 'requested' });
    });

+    // Get auth request status
+    app.get('/v1/auth/request/status', {
+        schema: {
+            querystring: z.object({
+                publicKey: z.string(),
+            }),
+            response: {
+                200: z.object({
+                    status: z.enum(['not_found', 'pending', 'authorized']),
+                    supportsV2: z.boolean()
+                })
+            }
+        }
+    }, async (request, reply) => {
+        const tweetnacl = (await import("tweetnacl")).default;
+        const publicKey = privacyKit.decodeBase64(request.query.publicKey);
+        const isValid = tweetnacl.box.publicKeyLength === publicKey.length;
+        if (!isValid) {
+            return reply.send({ status: 'not_found', supportsV2: false });
+        }
+
+        const publicKeyHex = privacyKit.encodeHex(publicKey);
+        const authRequest = await db.terminalAuthRequest.findUnique({
+            where: { publicKey: publicKeyHex }
+        });
+
+        if (!authRequest) {
+            return reply.send({ status: 'not_found', supportsV2: false });
+        }
+
+        if (authRequest.response && authRequest.responseAccountId) {
+            return reply.send({ status: 'authorized', supportsV2: false });
+        }
+
+        return reply.send({ status: 'pending', supportsV2: authRequest.supportsV2 });
+    });
+
    // Approve auth request
    app.post('/v1/auth/response', {
        preHandler: app.authenticate,