Move the external API into its own router

Auth logic isn't shared between the clients anyway, so co-locating them is confusing since you can't use the same clients to call both. This also makes the codegen clients less verbose.
2023-08-14 16:56:50 -07:00
parent 8552baf632
commit c4cef35717
25 changed files with 291 additions and 235 deletions
--- a/app/@types/nextjs-routes.d.ts
+++ b/app/@types/nextjs-routes.d.ts
@@ -12,12 +12,11 @@ declare module "nextjs-routes" {

  export type Route =
    | StaticRoute<"/account/signin">
-    | DynamicRoute<"/api/[...trpc]", { "trpc": string[] }>
    | DynamicRoute<"/api/auth/[...nextauth]", { "nextauth": string[] }>
    | StaticRoute<"/api/experiments/og-image">
-    | StaticRoute<"/api/openapi">
-    | StaticRoute<"/api/sentry-example-api">
    | DynamicRoute<"/api/trpc/[trpc]", { "trpc": string }>
+    | DynamicRoute<"/api/v1/[...trpc]", { "trpc": string[] }>
+    | StaticRoute<"/api/v1/openapi">
    | StaticRoute<"/dashboard">
    | DynamicRoute<"/data/[id]", { "id": string }>
    | StaticRoute<"/data">
--- a/app/prisma/schema.prisma
+++ b/app/prisma/schema.prisma
@@ -112,17 +112,17 @@ model ScenarioVariantCell {
 model ModelResponse {
    id String @id @default(uuid()) @db.Uuid

-    cacheKey        String
-    requestedAt      DateTime?
-    receivedAt       DateTime?
-    respPayload      Json?
-    cost             Float?
-    inputTokens      Int?
-    outputTokens     Int?
-    statusCode       Int?
-    errorMessage     String?
-    retryTime        DateTime?
-    outdated         Boolean   @default(false)
+    cacheKey     String
+    requestedAt  DateTime?
+    receivedAt   DateTime?
+    respPayload  Json?
+    cost         Float?
+    inputTokens  Int?
+    outputTokens Int?
+    statusCode   Int?
+    errorMessage String?
+    retryTime    DateTime?
+    outdated     Boolean   @default(false)

    createdAt DateTime @default(now())
    updatedAt DateTime @updatedAt
@@ -273,8 +273,8 @@ model LoggedCall {
    projectId String   @db.Uuid
    project   Project? @relation(fields: [projectId], references: [id], onDelete: Cascade)

-    model        String?
-    tags         LoggedCallTag[]
+    model String?
+    tags  LoggedCallTag[]

    createdAt DateTime @default(now())
    updatedAt DateTime @updatedAt
@@ -295,7 +295,7 @@ model LoggedCallModelResponse {
    errorMessage String?

    requestedAt DateTime
-    receivedAt   DateTime
+    receivedAt  DateTime

    // Note: the function to calculate the cacheKey should include the project
    // ID so we don't share cached responses between projects, which could be an
@@ -340,8 +340,8 @@ model ApiKey {
    name   String
    apiKey String @unique

-    projectId String   @db.Uuid
-    project   Project? @relation(fields: [projectId], references: [id], onDelete: Cascade)
+    projectId String  @db.Uuid
+    project   Project @relation(fields: [projectId], references: [id], onDelete: Cascade)

    createdAt DateTime @default(now())
    updatedAt DateTime @updatedAt
--- a/app/src/pages/api/sentry-example-api.js
+++ b/app/src/pages/api/sentry-example-api.js
@@ -1,6 +0,0 @@
-// A faulty API route to test Sentry's error monitoring
-// @ts-expect-error just a test file, don't care about types
-export default function handler(_req, res) {
-  throw new Error("Sentry Example API Route Error");
-  res.status(200).json({ name: "John Doe" });
-}
--- a/app/src/pages/api/v1/[...trpc].ts
+++ b/app/src/pages/api/v1/[...trpc].ts
@@ -1,17 +1,14 @@
 import { type NextApiRequest, type NextApiResponse } from "next";
 import cors from "nextjs-cors";
 import { createOpenApiNextHandler } from "trpc-openapi";
-import { createProcedureCache } from "trpc-openapi/dist/adapters/node-http/procedures";
-import { appRouter } from "~/server/api/root.router";
-import { createTRPCContext } from "~/server/api/trpc";
+import { v1ApiRouter } from "~/server/api/external/v1Api.router";
+import { createOpenApiContext } from "~/server/api/external/openApiTrpc";

 const openApiHandler = createOpenApiNextHandler({
-  router: appRouter,
-  createContext: createTRPCContext,
+  router: v1ApiRouter,
+  createContext: createOpenApiContext,
 });

-const cache = createProcedureCache(appRouter);
-
 const handler = async (req: NextApiRequest, res: NextApiResponse) => {
  // Setup CORS
  await cors(req, res);
--- a/app/src/pages/api/v1/openapi.json.ts
+++ b/app/src/pages/api/v1/openapi.json.ts
@@ -1,12 +1,12 @@
 import { type NextApiRequest, type NextApiResponse } from "next";
 import { generateOpenApiDocument } from "trpc-openapi";
-import { appRouter } from "~/server/api/root.router";
+import { v1ApiRouter } from "~/server/api/external/v1Api.router";

-export const openApiDocument = generateOpenApiDocument(appRouter, {
+export const openApiDocument = generateOpenApiDocument(v1ApiRouter, {
  title: "OpenPipe API",
  description: "The public API for reporting API calls to OpenPipe",
-  version: "0.1.0",
-  baseUrl: "https://app.openpipe.ai/api",
+  version: "0.1.1",
+  baseUrl: "https://app.openpipe.ai/api/v1",
 });
 // Respond with our OpenAPI schema
 const hander = (req: NextApiRequest, res: NextApiResponse) => {
--- a/app/src/server/api/external/openApiTrpc.ts
+++ b/app/src/server/api/external/openApiTrpc.ts
@@ -0,0 +1,95 @@
+import type { ApiKey, Project } from "@prisma/client";
+import { TRPCError, initTRPC } from "@trpc/server";
+import { type CreateNextContextOptions } from "@trpc/server/adapters/next";
+import superjson from "superjson";
+import { type OpenApiMeta } from "trpc-openapi";
+import { ZodError } from "zod";
+import { prisma } from "~/server/db";
+
+type CreateContextOptions = {
+  key:
+    | (ApiKey & {
+        project: Project;
+      })
+    | null;
+};
+
+/**
+ * This helper generates the "internals" for a tRPC context. If you need to use it, you can export
+ * it from here.
+ *
+ * Examples of things you may need it for:
+ * - testing, so we don't have to mock Next.js' req/res
+ * - tRPC's `createSSGHelpers`, where we don't have req/res
+ *
+ * @see https://create.t3.gg/en/usage/trpc#-serverapitrpcts
+ */
+export const createInnerTRPCContext = (opts: CreateContextOptions) => {
+  return {
+    key: opts.key,
+  };
+};
+
+export const createOpenApiContext = async (opts: CreateNextContextOptions) => {
+  const { req, res } = opts;
+
+  const apiKey = req.headers.authorization?.split(" ")[1] as string | null;
+
+  if (!apiKey) {
+    throw new TRPCError({ code: "UNAUTHORIZED" });
+  }
+  const key = await prisma.apiKey.findUnique({
+    where: { apiKey },
+    include: { project: true },
+  });
+  if (!key) {
+    throw new TRPCError({ code: "UNAUTHORIZED" });
+  }
+
+  return createInnerTRPCContext({
+    key,
+  });
+};
+
+export type TRPCContext = Awaited<ReturnType<typeof createOpenApiContext>>;
+
+const t = initTRPC
+  .context<typeof createOpenApiContext>()
+  .meta<OpenApiMeta>()
+  .create({
+    transformer: superjson,
+    errorFormatter({ shape, error }) {
+      return {
+        ...shape,
+        data: {
+          ...shape.data,
+          zodError: error.cause instanceof ZodError ? error.cause.flatten() : null,
+        },
+      };
+    },
+  });
+
+export const createOpenApiRouter = t.router;
+
+export const openApiPublicProc = t.procedure;
+
+/** Reusable middleware that enforces users are logged in before running the procedure. */
+const enforceApiKey = t.middleware(async ({ ctx, next }) => {
+  if (!ctx.key) {
+    throw new TRPCError({ code: "UNAUTHORIZED" });
+  }
+
+  return next({
+    ctx: { key: ctx.key },
+  });
+});
+
+/**
+ * Protected (authenticated) procedure
+ *
+ * If you want a query or mutation to ONLY be accessible to logged in users, use this. It verifies
+ * the session is valid and guarantees `ctx.session.user` is not null.
+ *
+ * @see https://trpc.io/docs/procedures
+ */
+export const openApiProtectedProc = t.procedure.use(enforceApiKey);
--- a/app/src/server/api/routers/externalApi.router.ts
+++ b/app/src/server/api/routers/externalApi.router.ts
@@ -2,9 +2,6 @@ import { type Prisma } from "@prisma/client";
 import { type JsonValue } from "type-fest";
 import { z } from "zod";
 import { v4 as uuidv4 } from "uuid";
-import { TRPCError } from "@trpc/server";
-
-import { createTRPCRouter, publicProcedure } from "~/server/api/trpc";
 import { prisma } from "~/server/db";
 import { hashRequest } from "~/server/utils/hashObject";
 import modelProvider from "~/modelProviders/openai-ChatCompletion";
@@ -12,6 +9,7 @@ import {
  type ChatCompletion,
  type CompletionCreateParams,
 } from "openai/resources/chat/completions";
+import { createOpenApiRouter, openApiProtectedProc } from "./openApiTrpc";

 const reqValidator = z.object({
  model: z.string(),
@@ -28,12 +26,12 @@ const respValidator = z.object({
  ),
 });

-export const externalApiRouter = createTRPCRouter({
-  checkCache: publicProcedure
+export const v1ApiRouter = createOpenApiRouter({
+  checkCache: openApiProtectedProc
    .meta({
      openapi: {
        method: "POST",
-        path: "/v1/check-cache",
+        path: "/check-cache",
        description: "Check if a prompt is cached",
        protect: true,
      },
@@ -56,18 +54,8 @@ export const externalApiRouter = createTRPCRouter({
      }),
    )
    .mutation(async ({ input, ctx }) => {
-      const apiKey = ctx.apiKey;
-      if (!apiKey) {
-        throw new TRPCError({ code: "UNAUTHORIZED" });
-      }
-      const key = await prisma.apiKey.findUnique({
-        where: { apiKey },
-      });
-      if (!key) {
-        throw new TRPCError({ code: "UNAUTHORIZED" });
-      }
      const reqPayload = await reqValidator.spa(input.reqPayload);
-      const cacheKey = hashRequest(key.projectId, reqPayload as JsonValue);
+      const cacheKey = hashRequest(ctx.key.projectId, reqPayload as JsonValue);

      const existingResponse = await prisma.loggedCallModelResponse.findFirst({
        where: { cacheKey },
@@ -79,7 +67,7 @@ export const externalApiRouter = createTRPCRouter({

      await prisma.loggedCall.create({
        data: {
-          projectId: key.projectId,
+          projectId: ctx.key.projectId,
          requestedAt: new Date(input.requestedAt),
          cacheHit: true,
          modelResponseId: existingResponse.id,
@@ -91,11 +79,11 @@ export const externalApiRouter = createTRPCRouter({
      };
    }),

-  report: publicProcedure
+  report: openApiProtectedProc
    .meta({
      openapi: {
        method: "POST",
-        path: "/v1/report",
+        path: "/report",
        description: "Report an API call",
        protect: true,
      },
@@ -119,20 +107,10 @@ export const externalApiRouter = createTRPCRouter({
    .output(z.void())
    .mutation(async ({ input, ctx }) => {
      console.log("GOT TAGS", input.tags);
-      const apiKey = ctx.apiKey;
-      if (!apiKey) {
-        throw new TRPCError({ code: "UNAUTHORIZED" });
-      }
-      const key = await prisma.apiKey.findUnique({
-        where: { apiKey },
-      });
-      if (!key) {
-        throw new TRPCError({ code: "UNAUTHORIZED" });
-      }
      const reqPayload = await reqValidator.spa(input.reqPayload);
      const respPayload = await respValidator.spa(input.respPayload);

-      const requestHash = hashRequest(key.projectId, reqPayload as JsonValue);
+      const requestHash = hashRequest(ctx.key.project.id, reqPayload as JsonValue);

      const newLoggedCallId = uuidv4();
      const newModelResponseId = uuidv4();
@@ -151,7 +129,7 @@ export const externalApiRouter = createTRPCRouter({
        prisma.loggedCall.create({
          data: {
            id: newLoggedCallId,
-            projectId: key.projectId,
+            projectId: ctx.key.project.id,
            requestedAt: new Date(input.requestedAt),
            cacheHit: false,
            model,
--- a/app/src/server/api/root.router.ts
+++ b/app/src/server/api/root.router.ts
@@ -8,7 +8,6 @@ import { evaluationsRouter } from "./routers/evaluations.router";
 import { worldChampsRouter } from "./routers/worldChamps.router";
 import { datasetsRouter } from "./routers/datasets.router";
 import { datasetEntries } from "./routers/datasetEntries.router";
-import { externalApiRouter } from "./routers/externalApi.router";
 import { projectsRouter } from "./routers/projects.router";
 import { dashboardRouter } from "./routers/dashboard.router";
 import { loggedCallsRouter } from "./routers/loggedCalls.router";
@@ -31,7 +30,6 @@ export const appRouter = createTRPCRouter({
  projects: projectsRouter,
  dashboard: dashboardRouter,
  loggedCalls: loggedCallsRouter,
-  externalApi: externalApiRouter,
 });

 // export type definition of API
--- a/app/src/server/api/trpc.ts
+++ b/app/src/server/api/trpc.ts
@@ -27,7 +27,6 @@ import { capturePath } from "~/utils/analytics/serverAnalytics";

 type CreateContextOptions = {
  session: Session | null;
-  apiKey: string | null;
 };

 // eslint-disable-next-line @typescript-eslint/no-empty-function
@@ -46,7 +45,6 @@ const noOp = () => {};
 export const createInnerTRPCContext = (opts: CreateContextOptions) => {
  return {
    session: opts.session,
-    apiKey: opts.apiKey,
    prisma,
    markAccessControlRun: noOp,
  };
@@ -64,11 +62,8 @@ export const createTRPCContext = async (opts: CreateNextContextOptions) => {
  // Get the session from the server using the getServerSession wrapper function
  const session = await getServerAuthSession({ req, res });

-  const apiKey = req.headers.authorization?.split(" ")[1] as string | null;
-
  return createInnerTRPCContext({
    session,
-    apiKey,
  });
 };

--- a/app/src/server/scripts/client-codegen.ts
+++ b/app/src/server/scripts/client-codegen.ts
@@ -1,5 +1,5 @@
 import "dotenv/config";
-import { openApiDocument } from "~/pages/api/openapi.json";
+import { openApiDocument } from "~/pages/api/v1/openapi.json";
 import fs from "fs";
 import path from "path";
 import { execSync } from "child_process";