feat(web): add protected API endpoint /api/dev/test using requireAuth…#55
Open
Niksinikhilesh045 wants to merge 2 commits intoharshlocham:mainfrom
Open
feat(web): add protected API endpoint /api/dev/test using requireAuth…#55Niksinikhilesh045 wants to merge 2 commits intoharshlocham:mainfrom
Niksinikhilesh045 wants to merge 2 commits intoharshlocham:mainfrom
Conversation
Contributor
|
@Niksinikhilesh045 is attempting to deploy a commit to the harshdeepsinghlocham's projects Team on Vercel. A member of the Team first needs to authorize it. |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds a new protected Next.js App Router endpoint in the web app to exercise the existing auth guard flow, while also introducing a couple of repo/tooling updates that support the web workspace.
Changes:
- Adds
/api/dev/test, a protected GET route that callsrequireAuthUserand returns the authenticated user id. - Updates the web build script to use
cross-envand adds the dependency to the web workspace. - Changes Turbo dev task orchestration and refreshes the root lockfile/workspace package metadata.
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
turbo.json |
Makes dev depend on upstream build tasks across the workspace. |
package-lock.json |
Updates lockfile entries for the new web dependency and workspace package metadata. |
apps/web/package.json |
Switches the web build script to cross-env and adds cross-env as a dev dependency. |
apps/web/app/api/dev/test/route.ts |
Adds the new protected /api/dev/test API route returning { success, userId }. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+4
to
+8
| export async function GET() { | ||
| const guard = await requireAuthUser(); | ||
| if (guard.response) { | ||
| return guard.response; | ||
| } |
Comment on lines
+5
to
+7
| const guard = await requireAuthUser(); | ||
| if (guard.response) { | ||
| return guard.response; |
Comment on lines
+36
to
+38
| "dependsOn": [ | ||
| "^build" | ||
| ], |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add protected API endpoint
/api/dev/testSummary
This PR introduces a protected API route in the web application to validate and demonstrate the existing authentication flow.
What’s added
/api/dev/testrequireAuthUserBehavior
If authenticated:
{ "success": true, "userId": "<authenticated_user_id>" }If not authenticated:
AUTH_ACCESS_TOKEN_MISSING)Purpose
requireAuthUserworks correctly in protected routesTesting
Tested via browser console:
Verified:
Notes