✨ feat: Add auth flow (#146)

This adds a simple way to incorporate a centralized authentication flow. The idea is to have the user, API and SSH (for machine authentication) all in one place using `openauthjs` + `SST` We also have a database now :) > We are using InstantDB as it allows us to authenticate a use with just the email. Plus it is super simple simple to use _of course after the initial fumbles trying to design the db and relationships_
2025-12-12 08:45:38 +02:00 · 2025-01-04 00:02:28 +03:00
parent 33895974a7
commit fc5a755408
136 changed files with 3512 additions and 1914 deletions
--- a/infra/api.ts
+++ b/infra/api.ts
@@ -1,22 +1,52 @@
-import { isPermanentStage } from "./stage";
+import { domain } from "./dns";
+import { secret } from "./secrets"

-//TODO: Use this instead of wrangler
-// export const api = new sst.cloudflare.Worker("apiApi", {
-//     url: true,
-//     handler: "packages/api/src/index.ts",
-//     // live: true, 
-// });
+sst.Linkable.wrap(random.RandomString, (resource) => ({
+    properties: {
+        value: resource.result,
+    },
+}));

-if (!isPermanentStage) {
-    new sst.x.DevCommand("apiDev", {
-        dev: {
-            command: "bun run dev",
-            directory: "packages/api",
-            autostart: true,
-        },
-    })
-}
+export const authFingerprintKey = new random.RandomString(
+    "AuthFingerprintKey",
+    {
+        length: 32,
+    },
+);

-// export const outputs = {
-//     api: api.url
-// }
+export const urls = new sst.Linkable("Urls", {
+    properties: {
+      api: "https://api." + domain,
+      auth: "https://auth." + domain,
+    },
+  });
+
+export const kv = new sst.cloudflare.Kv("CloudflareAuthKV")
+
+export const auth = new sst.cloudflare.Worker("Auth", {
+    link: [
+        kv,
+        urls,
+        authFingerprintKey,
+        secret.InstantAdminToken,
+        secret.InstantAppId,
+        secret.LoopsApiKey
+    ],
+    handler: "./packages/functions/src/auth.ts",
+    url: true,
+    domain: "auth." + domain
+});
+
+export const api = new sst.cloudflare.Worker("Api", {
+    link: [
+        urls,
+    ],
+    url: true,
+    handler: "./packages/functions/src/api/index.ts",
+    domain: "api." + domain
+})
+
+export const outputs = {
+    auth: auth.url,
+    api: api.url
+}