Compare commits

...

4 Commits

Author SHA1 Message Date
Mauricio Siu
d0c92d84ef fix: update API key deletion authorization check
- Changed the authorization check for deleting an API key to use referenceId instead of userId, ensuring proper validation against the current user's ID.
2026-03-18 16:33:19 -06:00
Mauricio Siu
72974e00a6 Merge pull request #4028 from Dokploy/4024-api-keys-not-working-and-unbale-to-generate-new-ones-after-upgrade-to-0287
feat: update apikey schema and relationships
2026-03-18 16:29:22 -06:00
Mauricio Siu
d96e2bbeb7 chore: bump version to v0.28.8 in package.json 2026-03-18 16:28:54 -06:00
Mauricio Siu
a45d8ee8f4 feat: update apikey schema and relationships
- Modified the apikey table to drop the user_id column and replace it with reference_id, establishing a foreign key relationship with the user table.
- Added config_id column with a default value to the apikey table.
- Updated related code in the account schema and user service to reflect these changes.
- Enhanced the journal and snapshot files to include the latest schema updates.
2026-03-18 16:26:05 -06:00
10 changed files with 15484 additions and 10 deletions

View File

@@ -0,0 +1,5 @@
ALTER TABLE "apikey" ALTER COLUMN "user_id" DROP NOT NULL;--> statement-breakpoint
ALTER TABLE "apikey" ADD COLUMN "config_id" text DEFAULT 'default' NOT NULL;--> statement-breakpoint
ALTER TABLE "apikey" ADD COLUMN "reference_id" text;--> statement-breakpoint
UPDATE "apikey" SET "reference_id" = "user_id" WHERE "reference_id" IS NULL;--> statement-breakpoint
ALTER TABLE "apikey" ALTER COLUMN "reference_id" SET NOT NULL;

View File

@@ -0,0 +1,4 @@
ALTER TABLE "apikey" DROP CONSTRAINT "apikey_user_id_user_id_fk";
--> statement-breakpoint
ALTER TABLE "apikey" ADD CONSTRAINT "apikey_reference_id_user_id_fk" FOREIGN KEY ("reference_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "apikey" DROP COLUMN "user_id";

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@@ -1051,6 +1051,20 @@
"when": 1773637297592, "when": 1773637297592,
"tag": "0149_rare_radioactive_man", "tag": "0149_rare_radioactive_man",
"breakpoints": true "breakpoints": true
},
{
"idx": 150,
"version": "7",
"when": 1773870095817,
"tag": "0150_nappy_blue_blade",
"breakpoints": true
},
{
"idx": 151,
"version": "7",
"when": 1773872561300,
"tag": "0151_modern_sunfire",
"breakpoints": true
} }
] ]
} }

View File

@@ -1,6 +1,6 @@
{ {
"name": "dokploy", "name": "dokploy",
"version": "v0.28.7", "version": "v0.28.8",
"private": true, "private": true,
"license": "Apache-2.0", "license": "Apache-2.0",
"type": "module", "type": "module",

View File

@@ -465,7 +465,7 @@ export const userRouter = createTRPCRouter({
}); });
} }
if (apiKeyToDelete.userId !== ctx.user.id) { if (apiKeyToDelete.referenceId !== ctx.user.id) {
throw new TRPCError({ throw new TRPCError({
code: "UNAUTHORIZED", code: "UNAUTHORIZED",
message: "You are not authorized to delete this API key", message: "You are not authorized to delete this API key",

View File

@@ -214,7 +214,8 @@ export const apikey = pgTable("apikey", {
start: text("start"), start: text("start"),
prefix: text("prefix"), prefix: text("prefix"),
key: text("key").notNull(), key: text("key").notNull(),
userId: text("user_id") configId: text("config_id").default("default").notNull(),
referenceId: text("reference_id")
.notNull() .notNull()
.references(() => user.id, { onDelete: "cascade" }), .references(() => user.id, { onDelete: "cascade" }),
refillInterval: integer("refill_interval"), refillInterval: integer("refill_interval"),
@@ -236,7 +237,7 @@ export const apikey = pgTable("apikey", {
export const apikeyRelations = relations(apikey, ({ one }) => ({ export const apikeyRelations = relations(apikey, ({ one }) => ({
user: one(user, { user: one(user, {
fields: [apikey.userId], fields: [apikey.referenceId],
references: [user.id], references: [user.id],
}), }),
})); }));

View File

@@ -367,6 +367,7 @@ const { handler, api } = betterAuth({
plugins: [ plugins: [
apiKey({ apiKey({
enableMetadata: true, enableMetadata: true,
references: "user",
}), }),
sso(), sso(),
twoFactor(), twoFactor(),

View File

@@ -432,7 +432,7 @@ export const createApiKey = async (
refillInterval?: number; refillInterval?: number;
}, },
) => { ) => {
const apiKey = await auth.createApiKey({ const result = await auth.createApiKey({
body: { body: {
name: input.name, name: input.name,
expiresIn: input.expiresIn, expiresIn: input.expiresIn,
@@ -450,10 +450,9 @@ export const createApiKey = async (
if (input.metadata) { if (input.metadata) {
await db await db
.update(apikey) .update(apikey)
.set({ .set({ metadata: JSON.stringify(input.metadata) })
metadata: JSON.stringify(input.metadata), .where(eq(apikey.id, result.id));
})
.where(eq(apikey.id, apiKey.id));
} }
return apiKey;
return result;
}; };