Skip to content

Commit abfe02b

Browse files
committed
fix: preserve request context in team auth fetches
Nuxt server-route docs say request headers and request context are not forwarded by default for server-side fetches, and event.$fetch should be used when that context should follow the internal request. The same server docs recommend passing event to useRuntimeConfig in server routes so runtime environment overrides are resolved against the active request. This keeps the admin/team helpers on request-aware server primitives instead of ambient global fetch/config access. Docs: https://nuxt.com/docs/4.x/directory-structure/server#forwarding-context-headers Docs: https://nuxt.com/docs/4.x/directory-structure/server#runtime-config
1 parent 1cf268e commit abfe02b

4 files changed

Lines changed: 14 additions & 13 deletions

File tree

server/api/admin/mcp-install.get.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
export default defineEventHandler(async (event) => {
22
const { user } = await requireUserSession(event)
33

4-
if (!user?.login || !(await isAuthorizedAdmin(user.login))) {
4+
if (!user?.login || !(await isAuthorizedAdmin(event, user.login))) {
55
throw createError({ statusCode: 403, statusMessage: 'Admin access required' })
66
}
77

server/api/auth/github.get.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
export default defineOAuthGitHubEventHandler({
22
async onSuccess(event, { user }) {
3-
const allowed = await isAuthorizedAdmin(user.login)
3+
const allowed = await isAuthorizedAdmin(event, user.login)
44

55
if (!allowed) {
66
return sendRedirect(event, '/admin/login?error=access-denied')

server/api/v1/teams/index.get.ts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
import type { GitHubTeamMember } from '../../../types/github'
22

3-
export default defineCachedEventHandler(async () => {
3+
export default defineCachedEventHandler(async (event) => {
44
const [core, _ecosystem] = await Promise.all([
5-
$fetch<GitHubTeamMember[]>('/api/v1/teams/core'),
6-
$fetch<GitHubTeamMember[]>('/api/v1/teams/ecosystem')
5+
event.$fetch<GitHubTeamMember[]>('/api/v1/teams/core'),
6+
event.$fetch<GitHubTeamMember[]>('/api/v1/teams/ecosystem')
77
])
88

99
const filteredEcosystem = [] as GitHubTeamMember[]

server/utils/team.ts

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,13 @@
11
import type { GitHubTeamMember } from '../types/github'
2+
import type { H3Event } from 'h3'
23

3-
const getCoreMembers = cachedFunction((): Promise<GitHubTeamMember[]> => $fetch<GitHubTeamMember[]>('/api/v1/teams/core'), {
4+
const getCoreMembers = cachedFunction((event: H3Event): Promise<GitHubTeamMember[]> => event.$fetch<GitHubTeamMember[]>('/api/v1/teams/core'), {
45
maxAge: 60 * 60 * 24 * 7, // 1 week
56
getKey: () => 'core-members'
67
})
78

8-
export async function isCoreTeamMember(login: string): Promise<boolean> {
9-
const coreMembers = await getCoreMembers()
9+
export async function isCoreTeamMember(event: H3Event, login: string): Promise<boolean> {
10+
const coreMembers = await getCoreMembers(event)
1011
if (!coreMembers || !Array.isArray(coreMembers)) {
1112
throw createError({
1213
statusCode: 500,
@@ -16,19 +17,19 @@ export async function isCoreTeamMember(login: string): Promise<boolean> {
1617
return coreMembers.some(member => member.login.toLowerCase() === login)
1718
}
1819

19-
function getExtraAdminLogins(): string[] {
20-
const raw = useRuntimeConfig().adminGithubLogins
20+
function getExtraAdminLogins(event: H3Event): string[] {
21+
const raw = useRuntimeConfig(event).adminGithubLogins
2122
if (!raw) return []
2223
return raw
2324
.split(',')
2425
.map(login => login.trim().toLowerCase())
2526
.filter(Boolean)
2627
}
2728

28-
export async function isAuthorizedAdmin(login: string): Promise<boolean> {
29+
export async function isAuthorizedAdmin(event: H3Event, login: string): Promise<boolean> {
2930
const normalized = login.toLowerCase()
30-
if (getExtraAdminLogins().includes(normalized)) {
31+
if (getExtraAdminLogins(event).includes(normalized)) {
3132
return true
3233
}
33-
return isCoreTeamMember(normalized)
34+
return isCoreTeamMember(event, normalized)
3435
}

0 commit comments

Comments
 (0)