feat(aih): adds posts api and oauth device flow #367
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds new schema tables for device management: - deviceVerifications: tracks device verification attempts - deviceAccessToken: manages device-specific access tokens This migration enhances security by implementing device-level authentication and verification mechanisms, enabling granular access control per device.
Adds OAuth endpoints for device-based authentication flow: - /oauth/device/code: handles device verification code generation - /oauth/token: enhanced to support device flow grant type - /oauth/userinfo: updated user info endpoint with device context - /oauth/register: modified for device registration process Core package changes: - Added device verification schemas and types - Extended drizzle adapter for device token management Implements OAuth 2.0 device authorization grant (RFC 8628) enabling secure authentication for input-constrained devices.
Transplants the battle-tested posts management API: - /api/posts routes for CRUD operations - posts-query utilities for efficient data fetching - posts versioning system for content management Maintains existing authorization patterns and adds ability-based access control for granular permissions. Ensures backward compatibility while enabling new AI-specific features for content management.
Adds secure file upload capabilities: - /api/uploads/signed-url: generates pre-signed S3 URLs - /api/uploads/new: handles upload initialization - video-uploader utilities for client-side handling Implements direct-to-S3 upload pattern with secure URL signing and filename uniqueness guarantees. Maintains strict access control while enabling chunked uploads for large video files.
Implements video resource management: - CRUD operations for video resources - Dynamic route handling with [videoResourceId] - Integrated with existing permission system Enables programmatic access to video assets while maintaining the same authorization patterns used across the platform. Sets foundation for AI-powered video processing pipeline.
Adds detailed documentation for external API integrations: - OAuth 2.0 device flow authentication - Posts and Video Resource management - S3 upload infrastructure Includes best practices, example TypeScript integration, and endpoint specifications for partners and collaborators.
Implements user-facing OAuth components: - /activate pages for device verification flow - Login page with device activation support - tRPC router for device verification Completes the OAuth device flow implementation with user-facing components and server-side verification logic.
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
1 Skipped Deployment
|
- Migrated video upload form components from egghead - Fixed TypeScript issues in profile and subscription pages - Improved types in discord and progress utilities - Enhanced type safety in uploadthing core - Updated feedback widget action types
Replaces theoretical example with a working Node.js implementation using openid-client. Adds clear step-by-step flow documentation and improves readability for developers.
Changes default visibility from unlisted to public across all content types: - Products - Lessons - Events - Posts - Tutorials - Pages This aligns with our open-by-default content strategy.
vojtaholik
approved these changes
Jan 7, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
flowchart TD subgraph Auth Flow Device[Device/Client] -->|Request Code| OAuthCode[oauth/device/code] OAuthCode -->|User Code| Device User[User Browser] -->|Activate| Verify[activate] Verify -->|Verify| Token[oauth/token] Token -->|Access Token| Device end subgraph Content Management Device -->|Auth Token| Posts[api/posts] Posts -->|CRUD| DB[(Database)] Posts -->|Check| CASL{Abilities} Device -->|Upload| S3URL[uploads/signed-url] S3URL -->|Direct Upload| S3[(S3 Storage)] Posts -->|Associate| S3 end subgraph Video Processing S3 -->|Trigger| Lambda[Lambda] Lambda -->|Process| AI[AI Pipeline] AI -->|Update| Posts endCore
Docs
Fixes