diff --git a/services/api/src/middlewares/withAuthenticated.ts b/services/api/src/middlewares/withAuthenticated.ts index 9e976a1e1..d1419f235 100644 --- a/services/api/src/middlewares/withAuthenticated.ts +++ b/services/api/src/middlewares/withAuthenticated.ts @@ -2,7 +2,7 @@ import { cache } from '@op/cache'; import { getAllowListUser } from '@op/common'; import { TRPCError } from '@trpc/server'; -import { createSBAdminClient } from '../supabase/server'; +import { getCachedAuthUser } from '../supabase/server'; import type { MiddlewareBuilderBase, TContextWithUser } from '../types'; import { verifyAuthentication } from '../utils/verifyAuthentication'; @@ -10,8 +10,7 @@ const withAuthenticated: MiddlewareBuilderBase = async ({ ctx, next, }) => { - const supabase = createSBAdminClient(ctx); - const data = await supabase.auth.getUser(); + const data = await getCachedAuthUser(ctx); const user = verifyAuthentication(data); @@ -45,8 +44,7 @@ const withAuthenticated: MiddlewareBuilderBase = async ({ export const withAuthenticatedAdmin: MiddlewareBuilderBase< TContextWithUser > = async ({ ctx, next }) => { - const supabase = createSBAdminClient(ctx); - const data = await supabase.auth.getUser(); + const data = await getCachedAuthUser(ctx); const user = verifyAuthentication(data, true); diff --git a/services/api/src/middlewares/withAuthenticatedPlatformAdmin.ts b/services/api/src/middlewares/withAuthenticatedPlatformAdmin.ts index af9abeb15..075176714 100644 --- a/services/api/src/middlewares/withAuthenticatedPlatformAdmin.ts +++ b/services/api/src/middlewares/withAuthenticatedPlatformAdmin.ts @@ -1,6 +1,6 @@ import { UnauthorizedError, isUserEmailPlatformAdmin } from '@op/common'; -import { createSBAdminClient } from '../supabase/server'; +import { getCachedAuthUser } from '../supabase/server'; import type { MiddlewareBuilderBase, TContextWithUser } from '../types'; import { verifyAuthentication } from '../utils/verifyAuthentication'; @@ -10,8 +10,7 @@ import { verifyAuthentication } from '../utils/verifyAuthentication'; export const withAuthenticatedPlatformAdmin: MiddlewareBuilderBase< TContextWithUser > = async ({ ctx, next }) => { - const supabase = createSBAdminClient(ctx); - const data = await supabase.auth.getUser(); + const data = await getCachedAuthUser(ctx); const user = verifyAuthentication(data); diff --git a/services/api/src/supabase/server.ts b/services/api/src/supabase/server.ts index bd277f180..3127300b4 100644 --- a/services/api/src/supabase/server.ts +++ b/services/api/src/supabase/server.ts @@ -3,7 +3,7 @@ import { OPURLConfig, cookieOptionsDomain } from '@op/core'; import { logger } from '@op/logging'; import { createServerClient } from '@op/supabase/lib'; -import type { CookieOptions } from '@op/supabase/lib'; +import type { CookieOptions, UserResponse } from '@op/supabase/lib'; import type { Database } from '@op/supabase/types'; import 'server-only'; @@ -11,6 +11,18 @@ import type { TContext } from '../types'; const useUrl = OPURLConfig('APP'); +const authUserCache = new WeakMap>(); + +export function getCachedAuthUser(ctx: TContext): Promise { + let promise = authUserCache.get(ctx); + if (!promise) { + const supabase = createSBAdminClient(ctx); + promise = supabase.auth.getUser(); + authUserCache.set(ctx, promise); + } + return promise; +} + export const createSBAdminClient = (ctx: TContext) => { return createServerClient( process.env.NEXT_PUBLIC_SUPABASE_URL!,