Merge pull request #1 from Zenfulcode/api-client-integration

Api client integration

Author: gustaavik

.github/workflows/release.yml

@@ -0,0 +1,57 @@
+name: Build and Publish Docker Image
+
+on:
+  release:
+    types: [published]
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GHCR_TOKEN }}
+
+      - name: Convert repository name to lowercase
+        run: |
+          echo "IMAGE_NAME_LOWER=${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
+
+      - name: xtract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LOWER }}
+          tags: |
+            type=ref,event=tag
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          platforms: linux/amd64,linux/arm64

Dockerfile.dev

@@ -108,29 +108,6 @@ services:
     networks:
       - commercify-network
 
-  # Development service (optional)
-  commercify-dev:
-    build:
-      context: .
-      dockerfile: Dockerfile.dev
-    ports:
-      - '5173:5173'
-    volumes:
-      - .:/app
-      - /app/node_modules
-    environment:
-      - NODE_ENV=development
-      - ORIGIN=http://localhost:5173
-      - API_BASE_URL_DEV=http://commercify-api:6091/api
-      - API_BASE_URL_PROD=http://commercify-api:6091/api
-    depends_on:
-      - commercify-api
-    command: bun run dev --host
-    profiles:
-      - dev
-    networks:
-      - commercify-network
-
 volumes:
   postgres_data:
 

bun.lock

@@ -17,8 +17,8 @@
 		"@internationalized/date": "^3.8.2",
 		"@lucide/svelte": "^0.515.0",
 		"@sveltejs/adapter-auto": "^6.0.1",
-		"@sveltejs/adapter-node": "^5.2.12",
-		"@sveltejs/kit": "^2.22.2",
+		"@sveltejs/adapter-node": "^5.2.13",
+		"@sveltejs/kit": "^2.22.5",
 		"@sveltejs/vite-plugin-svelte": "^5.1.0",
 		"@tailwindcss/typography": "^0.5.16",
 		"@tailwindcss/vite": "^4.1.11",
@@ -28,7 +28,7 @@
 		"mode-watcher": "^1.1.0",
 		"prettier": "^3.6.2",
 		"prettier-plugin-svelte": "^3.4.0",
-		"svelte": "^5.35.2",
+		"svelte": "^5.35.5",
 		"svelte-check": "^4.2.2",
 		"svelte-sonner": "^1.0.5",
 		"sveltekit-superforms": "^2.27.1",
@@ -40,6 +40,7 @@
 		"vite": "^6.3.5"
 	},
 	"dependencies": {
+		"commercify-api-client": "^1.2.11",
 		"lucide-svelte": "^0.515.0",
 		"zod": "3.25.67"
 	}

docker-compose.yml

@@ -7,12 +7,12 @@ declare global {
 	namespace App {
 		// interface Error {}
 		interface Locals {
-			commercify: CommercifyClient;
+			commercify: CachedCommercifyApiClient;
 			user?: {
 				email?: string;
 				name?: string;
 				role: 'admin';
-				accessToken: string;
+				// accessToken: string;
 			};
 		}
 		// interface PageData {}

package.json

@@ -1,89 +1,51 @@
 import type { Handle } from '@sveltejs/kit';
-import { createCommercifyClient } from '$lib/server/api';
 import { sequence } from '@sveltejs/kit/hooks';
-import { env } from '$env/dynamic/private';
 import { redirect } from '@sveltejs/kit';
+import { CachedCommercifyApiClient, createApiClient } from '$lib/server/commercify/api';
 
 const handleAuth: Handle = async ({ event, resolve }) => {
 	// Check if the route requires admin authentication
 	if (event.url.pathname.startsWith('/admin')) {
-		const accessToken = event.cookies.get('access_token');
+		const { commercify } = event.locals;
 
-		// If no access token, redirect to login immediately
-		if (!accessToken) {
+		if (!commercify.client.authToken) {
+			console.log('No auth token found, redirecting to login');
+			// Redirect to login if no auth token is present
 			throw redirect(303, '/login');
 		}
 
-		// Create commercify client to validate the token
-		const cookieString = event.cookies
-			.getAll()
-			.map((cookie) => `${cookie.name}=${cookie.value}`)
-			.join('; ');
-
-		const commercifyClient = createCommercifyClient(cookieString);
-
-		// Validate the access token by calling getUser()
-		const userResponse = await commercifyClient.getUser();
-
-		if (!userResponse.success || !userResponse.data) {
-			console.log('Access token validation failed:', userResponse.error);
-
-			// Clear all auth-related cookies since token is invalid
-			event.cookies.delete('access_token', { path: '/' });
+		try {
+			const userResponse = await commercify.auth.getUser();
+
+			// Add validated user info to locals for use in admin pages
+			event.locals.user = {
+				email: userResponse.email,
+				name: `${userResponse.firstName} ${userResponse.lastName}`,
+				role: userResponse.role as 'admin'
+			};
+		} catch (error) {
+			event.cookies.delete('auth_token', { path: '/' });
 			event.cookies.delete('user_role', { path: '/' });
-
-			throw redirect(303, '/login');
 		}
 
 		// Verify user has admin role (from validated user data)
-		if (userResponse.data.role !== 'admin') {
-			console.log('User does not have admin role:', userResponse.data.role);
+		if (event.locals.user?.role !== 'admin') {
+			console.log('User does not have admin role:', event.locals.user!.role);
 			throw redirect(303, '/login');
 		}
-
-		// Add validated user info to locals for use in admin pages
-		event.locals.user = {
-			email: userResponse.data.email,
-			name: `${userResponse.data.firstName} ${userResponse.data.lastName}`,
-			role: userResponse.data.role as 'admin',
-			accessToken
-		};
 	}
 
 	return resolve(event);
 };
 
 const handleCommercify: Handle = async ({ event, resolve }) => {
-	// Create commercify client with forwarded cookies and store in locals
-	const cookieString = event.cookies
-		.getAll()
-		.map((cookie) => `${cookie.name}=${cookie.value}`)
-		.join('; ');
-
-	event.locals.commercify = createCommercifyClient(cookieString);
-
-	// For shop routes, ensure we have a checkout session and set the cookie
-	if (event.url.pathname.startsWith('/shop')) {
-		try {
-			const checkoutResponse = await event.locals.commercify.getOrCreateCheckout('DKK');
+	// Get the auth token from a secure, httpOnly cookie
+	const authToken = event.cookies.get('auth_token');
 
-			if (checkoutResponse.success && checkoutResponse.data?.id) {
-				// Set the checkout session cookie
-				event.cookies.set('checkout_session_id', checkoutResponse.data.id, {
-					path: '/',
-					// httpOnly: true,
-					secure: env.NODE_ENV === 'production', // Set to true in production
-					// sameSite: 'lax',
-					maxAge: 86400 * 7 // 7 days
-				});
-			}
-		} catch (error) {
-			console.error('Error setting up checkout session in hooks:', error);
-			// Don't fail the request, just log the error
-		}
-	}
+	// Create an API client instance and attach it to the event object
+	event.locals.commercify = createApiClient(event, authToken) as CachedCommercifyApiClient;
 
 	return resolve(event);
 };
 
-export const handle: Handle = sequence(handleAuth, handleCommercify);
+export const handle: Handle = sequence(handleCommercify, handleAuth);