Skip to content

Commit

Permalink
feat(frontend): check auth before allowing actions to run (#8633)
Browse files Browse the repository at this point in the history
  • Loading branch information
ntindle authored Nov 14, 2024
1 parent 05c7673 commit 52b3148
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ import MarketplaceAPI from "@/lib/marketplace-api";
import ServerSideMarketplaceAPI from "@/lib/marketplace-api/server-client";
import { revalidatePath } from "next/cache";
import * as Sentry from "@sentry/nextjs";
import { checkAuth, createServerClient } from "@/lib/supabase/server";
import { redirect } from "next/navigation";
import { createClient } from "@/lib/supabase/client";

export async function approveAgent(
agentId: string,
Expand All @@ -13,6 +16,8 @@ export async function approveAgent(
"approveAgent",
{},
async () => {
await checkAuth();

const api = new ServerSideMarketplaceAPI();
await api.approveAgentSubmission(agentId, version, comment);
console.debug(`Approving agent ${agentId}`);
Expand All @@ -30,6 +35,7 @@ export async function rejectAgent(
"rejectAgent",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
await api.rejectAgentSubmission(agentId, version, comment);
console.debug(`Rejecting agent ${agentId}`);
Expand All @@ -43,6 +49,7 @@ export async function getReviewableAgents() {
"getReviewableAgents",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
return api.getAgentSubmissions();
},
Expand All @@ -57,6 +64,7 @@ export async function getFeaturedAgents(
"getFeaturedAgents",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
const featured = await api.getFeaturedAgents(page, pageSize);
console.debug(`Getting featured agents ${featured.items.length}`);
Expand All @@ -70,6 +78,7 @@ export async function getFeaturedAgent(agentId: string) {
"getFeaturedAgent",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
const featured = await api.getFeaturedAgent(agentId);
console.debug(`Getting featured agent ${featured.agentId}`);
Expand All @@ -86,6 +95,7 @@ export async function addFeaturedAgent(
"addFeaturedAgent",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
await api.addFeaturedAgent(agentId, categories);
console.debug(`Adding featured agent ${agentId}`);
Expand All @@ -102,6 +112,7 @@ export async function removeFeaturedAgent(
"removeFeaturedAgent",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
await api.removeFeaturedAgent(agentId, categories);
console.debug(`Removing featured agent ${agentId}`);
Expand All @@ -115,6 +126,7 @@ export async function getCategories() {
"getCategories",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
const categories = await api.getCategories();
console.debug(
Expand All @@ -133,6 +145,7 @@ export async function getNotFeaturedAgents(
"getNotFeaturedAgents",
{},
async () => {
await checkAuth();
const api = new ServerSideMarketplaceAPI();
const agents = await api.getNotFeaturedAgents(page, pageSize);
console.debug(`Getting not featured agents ${agents.items.length}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,14 @@

import * as Sentry from "@sentry/nextjs";
import MarketplaceAPI, { AnalyticsEvent } from "@/lib/marketplace-api";
import { checkAuth } from "@/lib/supabase/server";

export async function makeAnalyticsEvent(event: AnalyticsEvent) {
return await Sentry.withServerActionInstrumentation(
"makeAnalyticsEvent",
{},
async () => {
await checkAuth();
const apiUrl = process.env.AGPT_SERVER_API_URL;
const api = new MarketplaceAPI();
await api.makeAnalyticsEvent(event);
Expand Down
13 changes: 13 additions & 0 deletions autogpt_platform/frontend/src/lib/supabase/server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import {
type CookieOptions,
} from "@supabase/ssr";
import { cookies } from "next/headers";
import { redirect } from "next/navigation";

export function createServerClient() {
const cookieStore = cookies();
Expand Down Expand Up @@ -34,3 +35,15 @@ export function createServerClient() {
return null;
}
}

export async function checkAuth() {
const supabase = createServerClient();
if (!supabase) {
console.error("No supabase client");
redirect("/login");
}
const { data, error } = await supabase.auth.getUser();
if (error || !data?.user) {
redirect("/login");
}
}

0 comments on commit 52b3148

Please sign in to comment.