refactor: simplify elysia auth and flatten youtube response

Author: arpitgupta1214

components/ArtistSetting/StandaloneYoutubeComponent/ChannelInfo.tsx

@@ -6,7 +6,7 @@ import { Youtube } from "lucide-react";
 const ChannelInfo = ({ dense, artistAccountId }: { dense?: boolean; artistAccountId: string }) => {
   const { data, isLoading } = useYoutubeChannel(artistAccountId);
 
-  const channel = data?.channels?.[0];
+  const channel = data?.[0];
 
   return (
       <div className="flex flex-col gap-1 cursor-pointer">

components/YouTube/ChatInputYoutubeButtonPopover/index.tsx

@@ -14,7 +14,7 @@ const ChatInputYoutubeButtonPopover = ({ children, artistAccountId }: { children
   const { data: channelInfo, isLoading: isChannelInfoLoading } = useYoutubeChannel(artistAccountId);
   const isMobile = useIsMobile();
   const [isOpen, setIsOpen] = useState(false);
-  const channel = channelInfo?.channels?.[0];
+  const channel = channelInfo?.[0];
 
   if (youtubeStatus?.status === "invalid" || isLoading || isChannelInfoLoading) {
     return children;

hooks/useYouTubeLoginSuccess.ts

@@ -3,7 +3,6 @@ import { useArtistProvider } from "@/providers/ArtistProvider";
 import { useVercelChatContext } from "@/providers/VercelChatProvider";
 import { generateUUID } from "@/lib/generateUUID";
 import { api } from "@/lib/api/elysia/client";
-import { unwrapResponse } from "@/lib/api/elysia/unwrapResponse";
 import { UIMessage, isToolUIPart, getToolName } from "ai";
 
 /**
@@ -46,34 +45,34 @@ export function useYouTubeLoginSuccess() {
     hasCheckedOAuth.current = true;
 
     if (selectedArtist?.account_id) {
-      api.youtube["channel-info"]
-        .get({
-          query: { artist_account_id: selectedArtist.account_id },
-        })
-        .then((youtubeChannel) => {
-          const data = unwrapResponse(
-            youtubeChannel,
-            "Failed to fetch YouTube channel information",
-          );
+      const checkYouTubeConnection = async () => {
+        try {
+          const youtubeChannel = await api.youtube["channel-info"].get({
+            query: { artist_account_id: selectedArtist.account_id },
+          });
 
-          if (data.success) {
-            const successMessage = {
-              id: generateUUID(),
-              role: "user" as const,
-              parts: [
-                {
-                  type: "text",
-                  text: "Great! I've successfully connected my YouTube account. Please continue with what you were helping me with.",
-                },
-              ],
-            } as UIMessage;
-
-            append(successMessage);
+          if (youtubeChannel.error || !youtubeChannel.data) {
+            throw new Error("Failed to fetch YouTube channel information");
           }
-        })
-        .catch(() => {
+
+          const successMessage = {
+            id: generateUUID(),
+            role: "user" as const,
+            parts: [
+              {
+                type: "text",
+                text: "Great! I've successfully connected my YouTube account. Please continue with what you were helping me with.",
+              },
+            ],
+          } as UIMessage;
+
+          append(successMessage);
+        } catch {
           // Ignore auth/check errors here; normal flow continues.
-        });
+        }
+      };
+
+      void checkYouTubeConnection();
     }
   }, [messages, append, selectedArtist?.account_id]);
 }

hooks/useYoutubeChannel.tsx

@@ -1,6 +1,5 @@
 import { useQuery } from "@tanstack/react-query";
 import { api } from "@/lib/api/elysia/client";
-import { unwrapResponse } from "@/lib/api/elysia/unwrapResponse";
 
 const useYoutubeChannel = (artistAccountId: string) => {
   return useQuery({
@@ -10,10 +9,11 @@ const useYoutubeChannel = (artistAccountId: string) => {
         query: { artist_account_id: artistAccountId },
       });
 
-      return unwrapResponse(
-        response,
-        "Failed to fetch YouTube channel information",
-      );
+      if (response.error || !response.data) {
+        throw new Error("Failed to fetch YouTube channel information");
+      }
+
+      return response.data;
     },
     enabled: !!artistAccountId, // Only run query if artistAccountId is provided
   });

lib/api/elysia/app.ts

@@ -1,6 +1,6 @@
 import { Elysia } from "elysia";
 import { openapi } from "@elysiajs/openapi";
-import { authMacro } from "@/lib/api/elysia/plugins/auth";
+import { authPlugin } from "@/lib/api/elysia/plugins/auth";
 import { elysiaRoutes } from "@/lib/api/elysia/routes";
 
 export const elysiaApi = new Elysia({ prefix: "/api" })
@@ -16,11 +16,6 @@ export const elysiaApi = new Elysia({ prefix: "/api" })
         },
         components: {
           securitySchemes: {
-            bearerAuth: {
-              type: "http",
-              scheme: "bearer",
-              bearerFormat: "JWT",
-            },
             apiKeyAuth: {
               type: "apiKey",
               in: "header",
@@ -31,7 +26,7 @@ export const elysiaApi = new Elysia({ prefix: "/api" })
       },
     }),
   )
-  .use(authMacro)
+  .use(authPlugin)
   .use(elysiaRoutes);
 
 export type ElysiaApi = typeof elysiaApi;

lib/api/elysia/plugins/auth.ts

@@ -1,7 +1,7 @@
-import { createHmac } from "crypto";
 import { PrivyClient } from "@privy-io/node";
 import { Elysia } from "elysia";
-import supabase from "@/lib/supabase/serverClient";
+import getAccountDetailsByEmails from "@/lib/supabase/account_emails/getAccountDetailsByEmails";
+import { getAccountIdFromApiKey } from "@/lib/supabase/account_api_keys/getAccountIdFromApiKey";
 
 const PRIVY_APP_ID = process.env.PRIVY_APP_ID || process.env.NEXT_PUBLIC_PRIVY_APP_ID;
 const PRIVY_PROJECT_SECRET = process.env.PRIVY_PROJECT_SECRET;
@@ -16,127 +16,49 @@ const privyClient =
       })
     : null;
 
-function hashApiKey(rawKey: string): string {
-  if (!PRIVY_PROJECT_SECRET) {
-    throw new Error("Missing PRIVY_PROJECT_SECRET");
-  }
-
-  return createHmac("sha256", PRIVY_PROJECT_SECRET).update(rawKey).digest("hex");
-}
-
-function parseCookies(cookieHeader: string | null): Record<string, string> {
-  if (!cookieHeader) return {};
-
-  return cookieHeader
-    .split(";")
-    .map((part) => part.trim())
-    .filter(Boolean)
-    .reduce<Record<string, string>>((acc, part) => {
-      const separatorIndex = part.indexOf("=");
-      if (separatorIndex <= 0) return acc;
-
-      const key = part.slice(0, separatorIndex).trim();
-      const value = part.slice(separatorIndex + 1).trim();
+export const authPlugin = new Elysia({ name: "auth-plugin" })
+  .derive(async ({ cookie, request }) => {
+    const apiKey = request.headers.get("x-api-key");
+    const privyToken = cookie["privy-token"].value as string;
+    
+    let user: { userId: string; identifier: string } | null = null;
 
+    if (apiKey) {
       try {
-        acc[key] = decodeURIComponent(value);
-      } catch {
-        acc[key] = value;
+        user = {
+          userId: await getAccountIdFromApiKey(apiKey),
+          identifier: apiKey,
+        };
+      } catch (error) {
+        console.error("Elysia auth apiKey validation failed:", error);
       }
-
-      return acc;
-    }, {});
-}
-
-function getPrivyAuthTokenFromRequest(request: Request): string | null {
-  const cookies = parseCookies(request.headers.get("cookie"));
-  return cookies["privy-token"] || null;
-}
-
-async function getAccountIdFromApiKey(apiKey: string): Promise<string | null> {
-  const keyHash = hashApiKey(apiKey);
-
-  const { data, error } = await supabase
-    .from("account_api_keys")
-    .select("account")
-    .eq("key_hash", keyHash)
-    .limit(1)
-    .maybeSingle();
-
-  if (error) {
-    throw new Error(`Failed API key lookup: ${error.message}`);
-  }
-
-  return data?.account ?? null;
-}
-
-function getEmailFromPrivyUser(user: { linked_accounts?: Array<{ type?: string; address?: string }> }) {
-  const emailAccount = user.linked_accounts?.find((account) => account.type === "email");
-  return emailAccount?.address?.toLowerCase() ?? null;
-}
-
-async function getAccountIdFromPrivyAuthToken(authToken: string): Promise<string | null> {
-  if (!privyClient) {
-    throw new Error(
-      "Missing Privy configuration: PRIVY_APP_ID/NEXT_PUBLIC_PRIVY_APP_ID, PRIVY_PROJECT_SECRET, and PRIVY_JWT_VERIFICATION_KEY are required",
-    );
-  }
-
-  const verified = await privyClient.utils().auth().verifyAuthToken(authToken);
-  const user = await privyClient.users()._get(verified.user_id);
-  const email = getEmailFromPrivyUser(user);
-
-  if (!email) {
-    throw new Error("No email found in authenticated Privy user");
-  }
-
-  const { data, error } = await supabase
-    .from("account_emails")
-    .select("account_id")
-    .eq("email", email)
-    .limit(1)
-    .maybeSingle();
-
-  if (error) {
-    throw new Error(`Failed account email lookup: ${error.message}`);
-  }
-
-  return data?.account_id ?? null;
-}
-
-export const authMacro = new Elysia({ name: "auth-macro" }).macro({
-  auth(enabled: boolean) {
-    if (!enabled) return;
-
-    return {
-      async beforeHandle({ request, status }) {
-        const apiKey = request.headers.get("x-api-key");
-
-        try {
-          if (apiKey) {
-            const accountId = await getAccountIdFromApiKey(apiKey);
-            if (!accountId) {
-              return status(401, { error: "Unauthorized" });
-            }
-            return;
-          }
-
-          const privyAuthToken = getPrivyAuthTokenFromRequest(request);
-          if (!privyAuthToken) {
-            return status(401, { error: "Authentication required" });
-          }
-
-          const accountId = await getAccountIdFromPrivyAuthToken(privyAuthToken);
-          if (!accountId) {
-            return status(401, { error: "Unauthorized" });
-          }
-        } catch (error) {
-          return status(401, {
-            error: "Authentication failed",
-            details: error instanceof Error ? error.message : "Unknown authentication error",
-          });
+    } else if (privyToken && privyClient) {
+      try {
+        const verified = await privyClient.utils().auth().verifyAccessToken(privyToken);
+        const privyUser = await privyClient.users()._get(verified.user_id);
+        const email = privyUser.linked_accounts?.find((account) => account.type === "email")?.address;
+        const accountDetails = email ? await getAccountDetailsByEmails([email]) : [];
+        const accountId = accountDetails[0]?.account_id ?? null;
+
+        if (accountId) {
+          user = {
+            userId: accountId,
+            identifier: privyToken,
+          };
         }
-      },
-    };
-  },
-});
+      } catch (error) {
+        console.error("Elysia auth privyToken validation failed:", error);
+      }
+    }
+
+    return { user };
+  })
+  .macro({
+    auth: {
+        beforeHandle({ user, status }) {
+          if (!user) {
+            return status(401, "Authentication required");
+          }
+        },
+    },
+  });

lib/api/elysia/routes/youtube/channelInfo.ts

@@ -2,23 +2,20 @@ import { Elysia, t } from "elysia";
 import { fetchYouTubeChannelInfo } from "@/lib/youtube/channel-fetcher";
 import { validateYouTubeTokens } from "@/lib/youtube/token-validator";
 
-const errorResponseSchema = t.Object({
-  error: t.String(),
-  details: t.Optional(t.String()),
-});
+const errorResponseSchema = t.String();
 
 export const youtubeChannelInfoRoute = new Elysia().get(
   "/channel-info",
   async ({ query, status }) => {
     if (!query.artist_account_id) {
-      return status(400, { error: "Missing artist_account_id parameter" });
+      return status(400, "Missing artist_account_id parameter");
     }
 
     try {
       const tokenValidation = await validateYouTubeTokens(query.artist_account_id);
 
       if (!tokenValidation.success || !tokenValidation.tokens) {
-        return status(403, { error: "YouTube authentication required" });
+        return status(403, "YouTube authentication required");
       }
 
       const channelResult = await fetchYouTubeChannelInfo({
@@ -28,18 +25,17 @@ export const youtubeChannelInfoRoute = new Elysia().get(
       });
 
       if (!channelResult.success) {
-        return status(502, { error: channelResult.error.message });
+        return status(502, channelResult.error.message);
       }
 
-      return {
-        success: true as const,
-        channels: channelResult.channelData,
-      };
+      return channelResult.channelData;
     } catch (e) {
-      return status(500, {
-        error: "Failed to fetch YouTube channel information",
-        details: e instanceof Error ? e.message : "Unknown error",
-      });
+      return status(
+        500,
+        e instanceof Error
+          ? `Failed to fetch YouTube channel information: ${e.message}`
+          : "Failed to fetch YouTube channel information",
+      );
     }
   },
   {
@@ -48,10 +44,7 @@ export const youtubeChannelInfoRoute = new Elysia().get(
       artist_account_id: t.Optional(t.String()),
     }),
     response: {
-      200: t.Object({
-        success: t.Literal(true),
-        channels: t.Array(t.Any()),
-      }),
+      200: t.Array(t.Any()),
       400: errorResponseSchema,
       401: errorResponseSchema,
       403: errorResponseSchema,
@@ -63,7 +56,7 @@ export const youtubeChannelInfoRoute = new Elysia().get(
       description:
         "Returns authenticated YouTube channels for an artist account with validated credentials.",
       tags: ["youtube"],
-      security: [{ bearerAuth: [] }, { apiKeyAuth: [] }],
+      security: [{ apiKeyAuth: [] }],
     },
   },
 );